TY - GEN
T1 - Towards Verified Self-Driving Infrastructure
AU - Liu, Bingzhe
AU - Kheradmand, Ali
AU - Caesar, Matthew
AU - Godfrey, P. Brighten
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/11/4
Y1 - 2020/11/4
N2 - Modern "self-driving'' service infrastructures consist of a diverse collection of distributed control components providing a broad spectrum of application- and network-centric functions. The complex and non-deterministic nature of these interactions leads to failures, ranging from subtle gray failures to catastrophic service outages, that are difficult to anticipate and repair. Our goal is to call attention to the need for formal understanding of dynamic service infrastructure control. We provide an overview of several incidents reported by large service providers as well as issues in a popular orchestration system, identifying key characteristics of the systems and their failures. We then propose a verification approach in which we treat abstract models of control components and the environment as parametric transition systems and leverage symbolic model checking to verify safety and liveness properties, or propose safe configuration parameters. Our preliminary experiments show that our approach is effective in analyzing complex failure scenarios with acceptable performance overhead.
AB - Modern "self-driving'' service infrastructures consist of a diverse collection of distributed control components providing a broad spectrum of application- and network-centric functions. The complex and non-deterministic nature of these interactions leads to failures, ranging from subtle gray failures to catastrophic service outages, that are difficult to anticipate and repair. Our goal is to call attention to the need for formal understanding of dynamic service infrastructure control. We provide an overview of several incidents reported by large service providers as well as issues in a popular orchestration system, identifying key characteristics of the systems and their failures. We then propose a verification approach in which we treat abstract models of control components and the environment as parametric transition systems and leverage symbolic model checking to verify safety and liveness properties, or propose safe configuration parameters. Our preliminary experiments show that our approach is effective in analyzing complex failure scenarios with acceptable performance overhead.
KW - parameter synthesis
KW - self-driving infrastructure
KW - service infrastructure control
KW - symbolic model checking
KW - verification
UR - http://www.scopus.com/inward/record.url?scp=85097073959&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85097073959&partnerID=8YFLogxK
U2 - 10.1145/3422604.3425949
DO - 10.1145/3422604.3425949
M3 - Conference contribution
AN - SCOPUS:85097073959
T3 - HotNets 2020 - Proceedings of the 19th ACM Workshop on Hot Topics in Networks
SP - 96
EP - 102
BT - HotNets 2020 - Proceedings of the 19th ACM Workshop on Hot Topics in Networks
PB - Association for Computing Machinery
T2 - 19th ACM Workshop on Hot Topics in Networks, HotNets 2020
Y2 - 4 November 2020 through 6 November 2020
ER -