The complex nature of SDN coupled with the huge number of services they provide; makes the system as a whole prone to some malicious attacks. An attack such as Link Fabrication Attack (LFA) is becoming more and more common with a high degree of sophistication. Different techniques exist which examine the occurrence of LFA in SDN. To ensure that SDN does not suffer from the same attack from the same origin, we have to consider in general the entire system liability, service information, dependencies, and switch as well as host vulnerabilities. However, due to the complex nature and scalability property of SDN, determining the origin of the LFA is not a straight forward. Although other solutions have been proposed to address this problem in traditional networks, a formal method to security in SDN is lacking. In this paper, we discuss a formal method for SDN using Higher-Order Logic (HOL) and as a case study used to examine the LFA in SDN.