Professional Documents
Culture Documents
A Software Engineering Perspective On SDN PDF
A Software Engineering Perspective On SDN PDF
A Software Engineering Perspective On SDN PDF
1255
I. I NTRODUCTION
1553-877X 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
1256
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
1257
Fig. 2. The necessary steps to the Client 1 communicate with the Client 2 when
the switch does not have rules that can manage this communication.
rules, which are generally defined by a developer or administrator through the controllers northbound API [17], [18].
The hypothetical scenario depicted in Fig. 2 helps to understand the controllers responsibility and how it inserts a new
rule into a switch. In this Figure, client 1 (computer C1) wishes
to establish a communication with client 2 (computer C2).
Thus, C1 sends a packet with destination to C2 (step 1). The
packet arrives at switch (S), which at the time has no forwarding
rule for this packet (i.e., it does not have a matching rule in its
flow table) (step 2). After the arrival, switch S generates a new
flow request to the controller (step 3). If switch S has memory
space available to buffer these packets, it sends a buffer ID that
will be used by the controller to define the forwarding rule [16].
Otherwise, switch S sends the full packet to the controller. The
controller responds with a new packet that inserts a new rule at
switch S (step 4), enabling switch S to forward the first packet
to C2 (step 5). Then, switch S will now be able to send all packets from C1 to C2 with no need for additional communication
with the controller. It is noteworthy that currently all communication switch-controller-switch is likely to be performed by the
OpenFlow protocol.
The possible responses from the SDN controller to switches
are defined by algorithms as applications, software modules, or
policies. These ones may run in the SDN controller or interact
with it through external applications or services in the application layer. An important aspect of the SDN architecture, given
any administrative domain, is its capacity to have more than one
controller handling several switches. This is a desired feature
when network reliability and availability comes into play [17]
[18]. Conversely, based on the OpenFlow specification [16], a
switch is capable of connecting to multiple controllers.
1258
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
1259
1260
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
1261
Fig. 7. The northbound and policy layer where the SDN programming languages fit into the SDN architecture.
B. Nettle
Focused on the network control, Nettle [62] is a domainspecific language, embedded in Haskell2 . It allows programming of OpenFlow networks in a declarative mode and it is also
based on FRP principles [62].
As compared to the NOX controller, we observe that either
NOX [41] or Nettle [62] provide a framework to make easier the development of applications by hiding low-level details
from the user, supporting an event-based programming model,
and allowing a fine-grained control of switches behaviors. The
main difference is how Nettle offers a specific programming
language to develop SDN applications.
The noticeable difference in Nettle [62] (as compared to
NOX [41] and its FML [61]) is the more declarative approach to
event-based programming through manipulating series of messages rather than handling individual messages. Furthermore,
with the help of its declarative feature, Nettle offers a way easier
to developers to code time-sensitive and time-varying behaviors
in SDN applications.
C. Procera
Procera [52] is presented as a combination between a
controller architecture and high-level network control language. The language that composes Procera allows operators
to express policies that are dynamic and relative to external
events such as intrusion detection, Quality of Service (QoS),
or specific time events [52]. Its principles are based on FRP,
including a collection of domain-specific temporal operators.
It makes easier for the programmers to define the values of
time-varying sets and dictionaries relative to event histories.
Furthermore, Procera implements flow constraint functions,
enabling a lower-level network controller to constrain behavior.
Fig. 7 depicts the policy layer where Procera lies (as well as
other approaches present in this survey). This layer is the main
focus of the Procera approach [52], providing resources for
network administrators to define rules of an SDN environment.
The policy layer acts as a supervisor of the network, responding to signals from relevant events from the network, users, and
devices. Procera allows network operators to describe how an
OpenFlow controller should react to such events [52]. At this
point, we can define Procera as a policy language.
Procera [52] has four key features:
2 Haskell is a functional programming language for general purpose. Site:
http://www.haskell.org
1262
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
I. Nlog
Part of the Network Virtualization Platform (NVP), Nlog
[66] is a declarative language to compute forwarding state,
separating the logic specification from the controller that implements such logic. As in FML [61], Nlog has the design of
declarations based on DATALOGi queries; it does not support
recursive declarations or negations. Besides, it also has an integrated component to manage the declarations and the tuples of
data provided by the controller in runtime. This component is
written in C++ and is a sequential program. Therefore, each
declaration can use one tuple at a time.
J. Flowlog
Flowlog [67] resembles Structured Query Language (SQL)
in its design. It provides a unified abstraction for control-plane
and data-plane, and has limited expressivity in order to facilitate
the reasoning about correctness and rules proactively installed
into switches.
Flowlog has been used to discover bugs in SDN applications, while also producing efficient and minimal network rules.
These characteristics refer to i) its design, which follows a
logic programming paradigm, and ii) the support for program
verification, which is realized on Alloy [71]. This SDN programming language has different characteristics and features to
develop SDN applications, such as model checking, dynamic
verification on the code, and middleboxes with state monitoring.
Moreover, Flowlog extends Frenetics design with proactive
compilation for stateless NetCore policies.
K. Merlin
Merlin is declarative language created to address problems related to bandwidth and packet-processing functions.
According to [34], it has high-level components for i) classifying packets; ii) controlling forwarding packets; iii) specifying
packet-processing functions; and iv) defining bandwidth properties. Merlin goes beyond the features of existing languages
like Frenetic [10] and Pyretic [64]. The advantages of Merlin
are related to its constructs (e.g., statements, logical predicates,
and packet-processing functions), mainly due to the support of
regular expressions for defining forwarding paths.
1263
L. Kinetic
Kinetic is a DSL that provides abstractions for automating
changes in network policy in response to dynamic network
conditions [35]. In addition, it makes possible to verify if
such changes will satisfy network operators requirements and
how it should react to changing network conditions. Such
a verification makes Kinetic different from several previous
languages.
Regarding its architecture, Kinetic is embedded in Pyretic
[64] and uses its underlying structure to handle network events
(e.g., incoming packets). An application created with Kinetic
is similar to a Finite State Machine, it can change its state
according to an external event (e.g., incoming flows, updates,
and requests). On the other hand, the characteristics of Kinetic
are very close to that of Flowlog [67], as both focus on creating
correct applications. However, Kinetic has a more automated
verification and it was evaluated in realistic scenarios.
V. L ESSONS L EARNED FROM THE SDN P ROGRAMMING
L ANGUAGES
In order to analyze the particularities of current SDN programming languages, we have summarized the aspects of
each of them, highlighting the set of their important features,
namely scope, paradigm, main objectives, and current limitations. Some languages could not be investigated in details since
its code is not publicly available (e.g., Procera [52], NetCore
[63], FatTire [40]). But overall this issue did not affect the
analysis.
Table I presents such summary and has the following structure: the scope feature has the analysis of the main network
features that may be involved by the corresponding programming language. The paradigm feature lists the approaches
currently used to design SDN programming languages. The features objective and year describe the languages goal and the
year which the programming language was released, respectively. Feature limitations presents our view on the weaknesses
of each language, at the time of writing this paper.
Despite the slightly different objectives, all the programming
languages analyzed have in common the assertion about how
complex is to develop SDN applications without the proper
level of abstraction. Although there are some limitations, those
languages and their designs demonstrate a clear direction about
the future of SDN applications and the problems involving
events, policies, and conflicts in a SDN environment. It is worth
emphasizing that many of these languages are still work in
progress.
A. What SDN Programming Language to Use? When? How?
It would be unfair to point out only one SDN programming
language that is recommended for implementing SDN applications. The truth is that each language focuses on a certain
aspect of SDN paradigm and serves to create different types of
applications. However, according to our view - based on the corresponding papers and specification of each SDN programming
language - it is important to observe some key characteristics
for a proper a choice.
1264
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
TABLE I
S UMMARY OF SDN P ROGRAMMING L ANGUAGES AND I TS A SPECTS
network in the controller. Most of these programming languages (e.g., Pyretic [64], FML [61]) provide abstractions
and features that make the specification and management of
policies, network features, and network behavior much easier when compared to defining OpenFlow rules by hand, for
instance.
Third, SDN programming languages have the SDN controller as the underlying element in the SDN architecture (cf.
Fig. 7). The programming languages discussed in this paper
show that each of them is intrinsically related to the controller and the compiler that translates high-level methods into
OpenFlow rules. Therefore, the common way to use such languages is writing the SDN applications in the corresponding
syntax. The related compiler performs translation and underlying controller applies the resulting rules into forwarding devices
and their flow tables.
Last but not least, not all SDN programming languages
have features for verifying and validating applications. Some
languages have limited focus to address problems of a specific category. These aspects should be taken into account
when choosing a language to create applications for an SDN
environment.
1265
TABLE II
P ROS AND C ONS OF P ROGRAMMING L ANGUAGES PARADIGMS FOR
C REATING SDN A PPLICATIONS
1266
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
TABLE III
M APPING OF SDN P ROGRAMMING L ANGUAGES TO SDN A PPLICATIONS AND T HEIR U SE C ASES
The feasibility of each of the above identified programming language as an application and use case enabler: FULLY
FEASIBLE ( ) the language has all features to deploy the application; PARTIALLY FEASIBLE () the language needs another tool or complement to implement the application; and NOT FEASIBLE () the language is
not recommended to implement the related application.
Fault Tolerance: An interesting use case involves network resilience scenarios. For instance, in the case of a link
failure, the network should be able to choose a backup path
dynamically.
Deep Packet Inspection: It is a network application which
examines packets payload looking for patterns, such as from
well-known applications and services, viruses, attacks, and the
like. In SDN, the controller executes some algorithm to perform
DPI. SDN languages as Frenetic [10] and NetCore [63] have
features to implement DPI applications.
Cloud Orchestrator: The Cloud Orchestration use case needs
a software orchestrator in order to manage the network and
the virtual machines. All SDN languages partially enable the
implementation of such a software, because they only provide
methods to implement a network application, which in this case
may create the network orchestrator. The orchestrator of virtual
machine needs to be developed with third parties programming
languages or obtained from vendors.
Policy Specification: The most basic feature of an SDN application and environment is the specification of policies. All the
analyzed SDN programming languages enable the implementation of policies in several ways, as well as applications to define
the network behavior through policies. However, they differ in
the way of writing and implementing these policies in practice.
Network Monitor: Foster et al. [16] argue that querying network state is one of the fundamental elements in programming
SDNs. A Network Monitor application in SDN can observe and
request several types of information (e.g., packet counter state
in a switch). All languages analyzed allow the implementation
of applications that monitor network states.
Correctness: The verification and validation of network
applications are desired features [34], [35]. SDN programming languages might offer constructs that help developers to
avoid network misbehavior (i.e., verification), and to build correct applications (i.e., validation), according to the specified
requirements.
1267
TABLE IV
C OMPARING AN E XAMPLE OF I NTEGRITY I SSUES IN P ROGRAMMING
SDN A PPLICATIONS
The first table row is an algorithm based on Pyretic language which causes a
deadlock in the network. The second table row, in contrast, presents a metamodel which does not allow the relation between the controller with itself in
specifying SDN applications (i.e., the entity named Controller can relate, in this
example, with the ControllerSwitchLink entity, which in its turn is related only
with the SdnSwitch entity). On the other hand, the first table row exhibits that
relationship between a controller and itself has no constraints. This relationship
enables constructions like the one shown, which may generate a misbehaviour.
1268
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
fast-failover OpenFlow mechanisms directly due to the increment of complexity in failure-handling control, which might
make code more complex.
In order to handle failures in SDN programming, the language needs to support an abstraction of the OpenFlow forwarding table called a group table. Group table consists of
group entries. The ability for a flow entry to point a group
enables OpenFlow to represent more methods of forwarding
[16]. It enables multiple conditional rules in OpenFlow. One of
the group table types is the fast failover (FF). The fast failover
determine that if a flow entry belongs to this group type, the first
action bucket (an ordered list of actions) will be performed.
FatTire [40] abstracts the construction of a fast failover group
table, generating the entries in such group table automatically.
This approach avoids the error-prone development made by
programmers when interacting with fast failover group table
directly [40].
From the Software Engineering perspective, the development
of fault-tolerant applications must be based on languages that
define dependable features or build rules created from formal
methods. For instance, a language that provides modular development may enable an SDN application to run as redundant
modules in replicated controllers, thus improving the recovering time of a network failure. However, synchronizing such
modules is not a trivial task [33].
How to avoid conflicting rules? This is a challenge investigated by some research studies (e.g., PANE [80], Pyretic
[64]). Avoiding conflicts means that a policy rule X does not
invalidate a policy rule Y, and vice-versa, simultaneously, so
that at least one policy rule should be correctly applied. In
[61], Hinrichs et al. proposed two conflict resolution mechanisms, which we consider a valuable path to effective SDN
programming, i.e. one has its features at the level of keywords,
identifying the conflicting policies. The other mechanism is
a schema that defines priority to each keyword (e.g. the keyword deny has precedence over the keyword allow). A similar
approach can be also found in [80]. One possible approach to
address conflicts in policies could be based on a DSML. In such
an approach, invalid policies that result in conflicts could not
be created due to the constraints contained in an underlying
metamodel.
How can one realize automated tests? In order to identify
inconsistences or unexpected states in an SDN application,
Canini et al. [81] and Vissichio et al. [82] propose approaches
to realize tests in SDN applications. End-host applications and
switches affect the program running on the controller. In [81]
Canini et al. address this challenge by generating flows with
several possible events occurring in parallel. It also enables the
programmer to verify generic correctness properties (e.g., forwarding loops or black holes) and code validation (i.e., global
system state determined by code fragments). On the other hand,
in [82] Vissichio et al. use Test-Driven Development (TDD) to
perform tests on SDN applications.
How to abstract the complexity in SDN development efficiently? The low level of abstraction used by OpenFlow and its
releases makes it hard to program applications and to define a
desired behavior into the network. The studies analyzed suggest
that a decomposition of the controller, through one relationship
analysts. There is no standard architecture, and SDN applications have been handcrafted written from SDN languages
proposals. Research efforts should establish processes and tools
(e.g., frameworks) for achieving a higher-level of abstraction in developing SDN applications. For instance, researches
could investigate solutions based on DSL and DSML to avoid
the development of unsafe applications. Composing such languages with well-formed algorithms and methods seems to be
a way to define a process or create a tool for developing SDN
applications.
Design Patterns for SDN applications. The software development process has problems that occur repeatedly in different
situations through code written by developers. In order to avoid
such repeated and known errors, design patterns [83] provides a
set of solutions from the Software Engineering perspective that
can be used in many different situations. Since SDN applications are also software, the definition of design patterns in the
scope of SDN can help developers in avoiding improper builds
while writing SDN applications.
Test-Driven Development for SDN. Currently, the tests of
SDN applications and environments can use a network simulator (e.g., Mininet [84]) and an SDN controller which manages the emulated network. However, performing tests in such
environment based on manual deployments is error-prone.
Unfortunately, to date, network operators have no alternatives
than manually verify the network behavior when running experimental applications. This scenario drives the investigation of
Test-Driven Development (TDD) applied to SDN applications
development. Vissichio et al. [82] published the first approach
to apply TDD to SDN.
Increase the level of abstraction in SDN applications development. The need for a network operator to understand programming languages (SDN specific or not) in defining the
network behavior through SDN applications is a drawback.
Even in the interaction of a network operator or developer with
an SDN controller through an API, there is a need for understand the programming methods and algorithms. SDN does not
limit its level of abstraction in interaction with controllers or in
developing SDN applications. The enabling of higher abstraction levels, in interacting with controllers or developing SDN
applications, seems to be a valuable approach for facilitating the
utilization of SDN paradigm and its components. We suggest
the use of DSML as an important direction in SDN applications development or in the interaction with SDN controllers.
As previously described (cf. section III. C), a DSML has a concrete syntax (e.g., graphical representation), an abstract syntax
(e.g., metamodel), and it enables code generation. Thus, when
well-specified, a DSML can help network operators in defining
the network behavior without the need to understand low-level
algorithms [85].
Match applications development for the control-plane with
algorithms in the data-plane. One of the limitations involving the most SDN languages presented in this paper is the
dependency between programming languages, controllers, and
protocols (e.g., OpenFlow). A timely research field that is being
explored deals with the alignment between programming of
control and data planes [73]. It means enabling the applications created for control plane (i.e., SDN controllers) to be
1269
1270
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016
R EFERENCES
[1] J. S. Turner and D. E. Taylor, Diversifying the internet, in Proc. IEEE
Global Telecommun. Conf. (GLOBECOM 05), Dec. 2, 2005, pp. 760
765.
[2] N. McKeown et al., OpenFlow: Enabling innovation in campus networks, ACM SIGCOMM Comput. Commun. Rev., vol. 38, no. 2,
pp. 6974, Apr. 2008.
[3] N. Kim and J. Kim, Building NetOpen networking services over open
flow-based programmable networks, in Proc. Int. Conf. Inf. Netw.
(ICOIN11), Jan. 2011, pp. 525529.
[4] Cisco, OpFlex: An open source approach, 2014, http://www.cisco.
com/c/en/us/solutions/collateral/data-center-virtualization/applicationcentric-infrastructure/white-paper-c11-731304.html
[5] H. Song, Protocol-oblivious forwarding: Unleash the power of SDN
through a future-proof forwarding plane, in Proc. 2nd ACM SIGCOMM
Workshop Hot Topics Softw. Defined Netw. (HotSDN13), 2013,
pp. 127132.
[6] A. Doria et al., Forwarding and control element separation, RFC 5810
(Proposed Standard), Mar. 2010.
[7] A. T. Campbell, I. Katzela, K. Miki, and J. Vicente, Open signaling for
ATM, internet and mobile networks (OPENSIG98), ACM SIGCOMM
Comput. Commun. Rev., vol. 29, no. 1, pp. 97108, 1999.
[8] D. L. Tennenhouse, J. M. Smith, W. D. Sincoskie, D. J. Wetherall, and
G. J. Minden, A survey of active network research, IEEE Commun.
Mag., vol. 35, no. 1, pp. 8086, Jan. 1997.
[9] M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. McKeown, and
S. Shenker, Ethane: Taking control of the enterprise, ACM SIGCOMM
Comput. Commun. Rev., vol. 37, no. 4, pp. 112, 2007.
[10] N. Foster et al., Frenetic: A network programming language, in
Proc. 16th ACM SIGPLAN Int. Conf. Funct. (ICFP), Sep. 2011,
pp. 279291.
[11] D. Kreutz, F. M. V. Ramos, P. Verissimo, C. E. Rothenberg,
S. Azodolmolky, and S. Uhlig, Software-defined networking: A comprehensive survey, Proc. IEEE, vol. 103, no. 1, pp. 1476, Jan. 2015.
[12] M. Jarschel, T. Zinner, T. Hossfeld, P. Tran-Gia, and W. Kellerer,
Interfaces, attributes, and use cases: A compass for SDN, IEEE
Commun. Mag., vol. 52, no. 6, pp. 210217, Jun. 2014.
[13] N. Feamster, J. Rexford, and E. Zegura, The road to SDN, QueueLarge-Scale Implement., vol. 11, no. 12, p. 20, 2013.
[14] A. Lara, A. Kolasani, and B. Ramamurthy, Network innovation using
OpenFlow: A survey, IEEE Commun. Surv. Tuts., vol. 16, no. 1, pp. 493
512, Feb. 2014.
[15] S. Raza and D. Lenrow, North Bound Interface Working
Group (NBI-WG) Charter. Open Networking Foundation, 2013,
https://www.opennetworking.org/images/stories/downloads/workinggroups/charter-nbi.pdf.
[16] Open Networking Foundation. (2013, Oct. 14) OpenFlow Switch
Specification 1.4.0 [Online]. Available: https://www.opennetworking.org/
images/stories/downloads/sdn-resources/onf-specifications/openflow/
openflow-spec-v1.4.0.pdf, accessed on Apr. 20, 2014.
[17] S. Fernandes, E. Tavares, M. Santos, V. Lira, and P. Maciel,
Dependability assessment of virtualized networks, in Proc. IEEE Int.
Conf. Commun. (ICC), Jun. 1015, 2012, pp. 27112716.
[18] F. Longo, S. Distefano, D. Bruneo, and M. Scarpa, Dependability
modeling of Software Defined Networking, Comput. Netw., vol. 83,
pp. 280296, Jun. 2015.
[19] A. Lara, A. Kolasani, and B. Ramamurthy, Network innovation using
OpenFlow: A survey, IEEE Commun. Surv. Tuts., vol. 16, no. 1, pp. 493
512, First Quart. 2013.
[20] A. Autenrieth, J.-P. Elbers, P. Kaczmarek, and P. Kostecki, Cloud orchestration with SDN/OpenFlow in carrier transport networks, in Proc. 15th
Int. Conf. Transparent Opt. Netw. (ICTON), Jun. 2327, 2013, pp. 14.
[46] D. M. Jones, Forms of language specification examples from commonly used computer languages, ISO/IEC JTC1/SC22/OWG/N0121,
Feb. 2008.
[47] M. Satpathy, R. Harrison, C. Snook, and M. Butler, A comparative study
of formal and informal specifications through an industrial case study,
in Proc IEEE/IFIP Workshop Formal Specif.Comput. Based Syst., 2001,
pp. 318321.
[48] E. C. R. Hehner, Specifications, programs, and total correctness, J. Sci.
Comput. Programm., vol. 34, no. 3, pp. 191205, Jul. 1999.
[49] A. Guha, M. Reitblatt, and N. Foster, Formal foundations for software
defined networks, in Proc. Open Netw. Summit (ONS) Res. Track, 2013.
[50] M. Fowler, Domain-Specific Languages. Reading, MA, USA: AddisonWesley, 2010.
[51] M. Strembeck and U. Zdun, An approach for the systematic development of domain-specific languages, J. Softw. Pract. Exp., vol. 39, no. 15,
pp. 12531292, Oct. 2009.
[52] A. Voellmy, H. Kim, and N. Feamster, Procera: A language for highlevel reactive network control, in Proc. 1st Workshop Hot Topics Softw.
Defined Netw. (HotSDN12), 2012, pp. 4348.
[53] D. C. Schmidt, Model-driven engineering, IEEE Comput., vol. 39,
no. 2, pp. 2531, Feb. 2006.
[54] A. Bariic, M. Goulo, and B. Barroca, Quality in use of domain specific
languages: A case study, in Proc. 3rd ACM SIGPLAN Workshop Eval.
Usability Programm. Lang. Tools (PLATEAU11), 2011, pp. 6572.
[55] A. Van Deursen, P. Klint, and J. Visser, Domain-specific languages: An
annotated bibliography, in Sigplan Notices, vol. 35.6, 2000, pp. 2636.
[56] A. F. Case, Computer-aided software engineering (CASE): Technology
for improving software development productivity, ACM SIGMIS
Database, vol. 17 no. 1, pp. 3543, 1985.
[57] D. Frankel, Model Driven Architecture: Applying MDA to Enterprise
Computing. Hoboken, NJ, USA: Wiley, 2002.
[58] T. Stahl, M. Voelter, and K. Czarnecki, Model-Driven Software
Development: Technology, Engineering, Management. Hoboken, NJ,
USA: Wiley, 2006.
[59] R. C. Gronback, Eclipse Modeling Project: A Domain-Specific Language
(DSL) Toolkit. Reading, MA, USA: Addison-Wesley, 2009.
[60] T. zgr, Comparison of microsoft DSL tools and eclipse modeling
frameworks for domain-specific modeling in the context of the model
driven development, M.S. thesis, School of Engineering, Blekinge Inst.
Technology, Ronneby, Sweden, 2007, p. 56.
[61] T. L. Hinrichs, N. S. Gude, M. Casado, J. C. Mitchell, and S. Shenker,
Practical declarative network management, in Proc. ACM Workshop
Res. Enterp. Netw. (WREN09), Aug. 21, 2009, pp. 110.
[62] A. Voellmy, A. Agarwal, and P. Hudak, Nettle: Functional reactive programming for OpenFlow networks, in Proc. Pract. Aspects Declarative
Lang. (PADL), Jul. 2011, pp. 235249.
[63] C. Monsanto, N. Foster, R. Harrison, and D. Walker, A compiler
and run-time system for network programming languages, in Proc.
Principles Programm. Lang. (POPL), Jan. 2527, 2012.
[64] C. Monsanto, J. Reich, N. Foster, J. Rexford, and D. Walker, Composing
software-defined networks, in Proc. 10th USENIX Symp. Netw. Syst.
Des. Implement. (NSDI), 2013, pp. 114.
[65] N. P. Katta, J. Rexford, and D. Walker, Logic programming for softwaredefined networks, in Proc. ACM SIGPLAN Workshop Cross-Model
Lang. Des. Implement., 2012.
[66] T. Koponen et al., Network virtualization in multi-tenant datacenters, in
Proc. 11th USENIX Symp. Netw. Syst. Des. Implement. (NSDI 14), Apr.
2014, pp. 203216.
[67] T. Nelson, A. D. Ferguson, M. J. Scheer, and S. Krishnamurthi, Tierless
programming and reasoning for software-defined networks, in Proc.
11th USENIX Symp. Netw. Syst. Des. Implement., Apr. 24, 2014.
[68] N. Foster et al., Languages for software-defined networks, IEEE
Commun. Mag., Feb. 2013.
[69] T. Koponen et al., Onix: A distributed control platform for largescale production networks, in Proc. USENIX Symp. Oper. Syst. Des.
Implement. (OSDI), Oct. 2010, pp. 351364.
[70] POX [Online]. Available: http://www.noxrepo.org/pox/about-pox/
[71] D. Jackson, Alloy: A lightweight object modelling notation, ACM
Trans. Softw. Eng. Methodol., Apr. 2002, pp. 256290.
[72] S. S. Huan, T. J. Green, and B. T. Loo, Datalog and emerging applications: An interactive tutorial, in Proc. ACM SIGMOD Int. Conf. Manage.
Data (SIGMOD11), 2011, pp. 12131216.
[73] P. Bosshart et al., P4: Programming protocol-independent packet processors, SIGCOMM Comput. Commun., Jul. 2014, pp. 8795.
[74] A. Sivaraman, C. Kim, R. Krishnamoorthy, A. Dixit, and M. Budiu,
DC.p4: Programming the forwarding plane of a data-center switch, in
Proc. 1st ACM SIGCOMM Symp. Softw. Defined Netw. Res., 2015.
1271
1272
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 18, NO. 2, SECOND QUARTER 2016