Charting the Security Landscape of Programmable Dataplanes
This is an incremental study that identifies security risks for network architects and programmers in emerging programmable dataplane technologies.
The paper addresses the security implications of programmable dataplanes, particularly P4, finding that they introduce new attack surfaces and challenges beyond traditional OpenFlow-based networks, and provides a first systematic security analysis.
Emerging programmable dataplanes will revamp communication networks, allowing programmers to reconfigure and tailor switches towards their need, in a protocol-independent manner. While the community has articulated well the benefits of such network architectures in terms of flexibility and performance, little is known today about the security implications. We in this position paper argue that the programmable dataplanes in general and P4 in particular introduce an uncharted security landscape. In particular, we find that while some existing security studies on traditional OpenFlow-based networks still apply, P4 comes with several specific components and aspects which change the attack surface and introduce new challenges. We highlight several examples and provide a first systematic security analysis.