Experimental Security Analysis of Controller Software in SDNs: A Review

Abstract: The software defined networking paradigm relies on the programmability of the network to automatically perform management and reconfiguration tasks. The result of adopting this programmability feature is twofold: first by designing new solutions and, second, by concurrently making room for the exploitation of new security threats. As a malfunction in the controller software may lead to a collapse of the network, assessing the security of solutions before their deployment, is a major concern in SDNs. In light of this, we have conducted a comprehensive review of the literature on the experimental security analysis of the control plane in SDNs, with an emphasis on vulnerabilities of the controller software. Additionally, we have introduced a taxonomy of the techniques found in the literature with regard to the experimental security analysis of SDN controller software. Furthermore, a comparative study has been carried out of existing experimental approaches considering the security requirements defined by the Open Network Foundation (ONF). As a result, we highlighted that there is a need for a standardization of the methodologies employed for automated security analysis, that can meet the appropriate requirements, and support the development of reliable and secure software for SDNs.