Abstract
Cloud Contracts capture architectural requirements in data-centers. They can be expressed as logical constraints over configurations. Contract violation is indicative of miss-configuration that may only be noticed when networks are attacked or correctly configured devices go off-line. In the context of Microsoft Azure’s data-center we develop contracts for (1) network access restrictions, (2) forwarding tables, and (3) BGP policies. They are checked using the SecGuru tool that continuously monitors configurations in Azure. SecGuru is based on the Satisfiability Modulo Theories solver Z3, and uses logical formulas over bit-vectors to model network configurations. SecGuru is an instance of applying technologies, so far developed for program analysis, towards networks. We claim that Network Verification is an important and exciting new opportunity for formal methods and modern theorem proving technologies. Networking is currently undergoing a revolution thanks to the advent of highly programmable commodity devices for network control, the build out of large scale cloud data-centers and a paradigm shift from network infrastructure as embedded systems into software controlled and defined networking. Tools, programming languages, foundations, and methodologies from software engineering disciplines have a grand opportunity to fuel this transformation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ball, T., Bjørner, N., Gember, A., Itzhaky, S., Karbyshev, A., Sagiv, M., Schapira, M., Valadarsky, A.: VeriCon: towards verifying controller programs in software-defined networks. In: O’Boyle, M.F.P., Pingali, K. (eds.) PLDI, p. 31. ACM (2014)
Barrett, C.W., Sebastiani, R., Seshia, S.A., Tinelli, C.: Satisfiability Modulo Theories. In: Biere, A., Heule, M., van Maaren, H., Walsh, T. (eds.) Handbook of Satisfiability. Frontiers in Artificial Intelligence and Applications, vol. 185, pp. 825–885. IOS Press (2009)
Bjørner, N., Jayaraman, K.: Network Verification: Calculus and Solvers. In: SDN and FSI: The Next Generation Networking Infrastructure (2014)
Brucker, A.D., Brügger, L., Wolff, B.: hol-TestGen/fw. In: Liu, Z., Woodcock, J., Zhu, H. (eds.) ICTAC 2013. LNCS, vol. 8049, pp. 112–121. Springer, Heidelberg (2013)
de Moura, L., Bjørner, N.: Satisfiability Modulo Theories: Introduction & Applications. Comm. ACM (2011)
de Moura, L., Bjørner, N.S.: Z3: An Efficient SMT Solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)
Greenberg, A.G., Hamilton, J.R., Jain, N., Kandula, S., Kim, C., Lahiri, P., Maltz, D.A., Patel, P., Sengupta, S.: VL2: a scalable and flexible data center network. Commun. ACM 54(3), 95–104 (2011)
Jayaraman, K., Bjørner, N., Outhred, G., Kaufman, C.: Automated analysis and debugging of network connectivity policies. Technical Report MSR-TR-2014-102, Microsoft Research (July 2014)
Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: NSDI (2012)
Khurshid, A., Zhou, W., Caesar, M., Brighten Godfrey, P.: Veriflow: Verifying Network-wide Invariants in Real Time. SIGCOMM Comput. Commun. Rev., 467–472 (September 2012)
Lopes, N., Bjørner, N., Godefroid, P., Jayaraman, K., Varghese, G.: Dna pairing: Using differential network analysis to find reachability bugs. Technical Report MSR-TR-2014-58, Microsoft Research (April 2014)
Mai, H., Khurshid, A., Agarwal, R., Caesar, M., Godfrey, P.B., King, S.T.: Debugging the Data Plane with Anteater. In: Proceedings of the ACM SIGCOMM 2011 Conference, SIGCOMM 2011. ACM, New York (2011)
Majumdar, R., Tetali, S.D., Wang, Z.: Kuai: A model checker for software-defined networks. In: FMCAD (2014)
Nelson, T., Barratt, C., Dougherty, D.J., Fisler, K., Krishnamurthi, S.: The Margrave tool for firewall analysis. In: LISA, pp. 1–8. USENIX Association, Berkeley (2010)
Roy, S., Kot, L., Foster, N., Gehrke, J., Hojjat, H., Koch, C.: Writes that fall in the forest and make no sound: Semantics-based adaptive data consistency. CoRR, abs/1403.2307 (2014)
Sethi, D., Narayana, S., Malik, S.: Abstractions for model checking SDN controllers. In: Formal Methods in Computer-Aided Design, FMCAD 2013, Portland, OR, USA, October 20-23, pp. 145–148. IEEE (2013)
Yang, H., Lam, S.S.: Real-time verification of network properties using atomic predicates. In: 2013 21st IEEE International Conference on Network Protocols, ICNP 2013, Göttingen, Germany, October 7-10, pp. 1–11. IEEE (2013)
Zhang, S., Malik, S.: SAT Based Verification of Network Data Planes. In: Van Hung, D., Ogawa, M. (eds.) ATVA 2013. LNCS, vol. 8172, pp. 496–505. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bjørner, N., Jayaraman, K. (2015). Checking Cloud Contracts in Microsoft Azure. In: Natarajan, R., Barua, G., Patra, M.R. (eds) Distributed Computing and Internet Technology. ICDCIT 2015. Lecture Notes in Computer Science, vol 8956. Springer, Cham. https://doi.org/10.1007/978-3-319-14977-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-14977-6_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14976-9
Online ISBN: 978-3-319-14977-6
eBook Packages: Computer ScienceComputer Science (R0)