A Formal Approach for Automatic Detection and Correction of SDN Switch Misconfigurations

Software-defined networking (SDN) is a network architecture that enables the network to be centrally controlled using software. The network administrators can reprogram the network using SDN without changing hardware devices to provide new solutions for controlling network traffic. However, SDN has its drawbacks in security, scalability, and elasticity. The security validation of SDN configurations is an important issue that should be addressed. Therefore, there is a need for automated methods to analyze, investigate and fix switch configurations faults. The objective of our work is to propose: (1) a new formal approach to discover security challenges using Flow entries Decision Diagram (FeDD) analysis, to identify loop freedom, access violation, blackholes, and controller misconfiguration; (2) an optimal and fine-grained resolution mechanisms to correct these misconfigurations in different topologies: (3) a tool that implements the proposed techniques and effectively helps administrators in detecting and resolving switch misconfigurations.