Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Students and Grants
  • Activities
    • Birds-of-a-Feather Sessions
    • Poster Session and Happy Hour
  • Program
    • At a Glance
    • Technical Sessions
  • Sponsorship
  • Participate
    • Instructions for Participants
    • Call for Papers
    • Call for Posters
  • About
    • Organizers
    • Help Promote
    • Questions
    • Past Symposia
  • Home
  • Attend
  • Activities
  • Program
  • Sponsorship
  • Participate
  • About

sponsors

Silver Sponsor
Silver Sponsor
Silver Sponsor
Silver Sponsor
Bronze Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Industry Partner

help promote

NSDI '16 button

Get more
Help Promote graphics!

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » BUZZ: Testing Context-Dependent Policies in Stateful Networks
Tweet

connect with us

BUZZ: Testing Context-Dependent Policies in Stateful Networks

Authors: 

Seyed K. Fayaz, Tianlong Yu, Yoshiaki Tobioka, Sagar Chaki, and Vyas Sekar, Carnegie Mellon University

Abstract: 

Checking whether a network correctly implements intended policies is challenging even for basic reachability policies (Can X talk to Y?) in simple stateless networks with L2/L3 devices. In practice, operators implement more complex context-dependent policies by composing stateful network functions; e.g., if the IDS flags X for sending too many failed connections, then subsequent packets from X must be sent to a deep-packet inspection device. Unfortunately, existing approaches in network verification have fundamental expressiveness and scalability challenges in handling such scenarios. To bridge this gap, we present BUZZ, a practical model-based testing framework. BUZZ’s design makes two key contributions: (1) Expressive and scalable models of the data plane, using a novel high-level traffic unit abstraction and by modeling complex network functions as an ensemble of finite-state machines; and (2) A scalable application of symbolic execution to tackle state-space explosion. We show that BUZZ generates test cases for a network with hundreds of network functions within two minutes (five orders of magnitude faster than alternative designs). We also show that BUZZ uncovers a range of both new and known policy violations in SDN/NFV systems.

Seyed K. Fayaz, Carnegie Mellon University

Tianlong Yu, Carnegie Mellon University

Yoshiaki Tobioka, Carnegie Mellon University

Sagar Chaki, Carnegie Mellon University

Vyas Sekar, Carnegie Mellon University

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {194936,
author = {Seyed K. Fayaz and Tianlong Yu and Yoshiaki Tobioka and Sagar Chaki and Vyas Sekar},
title = {{BUZZ}: Testing {Context-Dependent} Policies in Stateful Networks},
booktitle = {13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16)},
year = {2016},
isbn = {978-1-931971-29-4},
address = {Santa Clara, CA},
pages = {275--289},
url = {https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/fayaz},
publisher = {USENIX Association},
month = mar,
}
Download
Fayaz PDF
View the slides

Presentation Audio

MP3 Download

Download Audio

  • Log in or    Register to post comments

Silver Sponsors

Bronze Sponsors

Media Sponsors & Industry Partners

Open Access Publishing Partner

© USENIX

  • Privacy Policy
  • Contact Us