Charting the Security Landscape of Programmable Dataplanes

Abstract: Emerging programmable dataplanes will revamp communication networks, allowing programmers to reconfigure and tailor switches towards their need, in a protocol-independent manner. While the community has articulated well the benefits of such network architectures in terms of flexibility and performance, little is known today about the security implications. We in this position paper argue that the programmable dataplanes in general and P4 in particular introduce an uncharted security landscape. In particular, we find that while some existing security studies on traditional OpenFlow-based networks still apply, P4 comes with several specific components and aspects which change the attack surface and introduce new challenges. We highlight several examples and provide a first systematic security analysis.