Controllers for software-defined networks (SDNs) are centralised software components that enable advanced network functionalities, such as dynamic traffic engineering and network virtualisation. However, these functionalities increase the complexity of SDN controllers, making thorough testing crucial. SDN controllers are stateful, interacting with multiple network devices through sequences of control messages. Identifying stateful failures in an SDN controller is challenging due to the infinite possible sequences of control messages, which result in an unbounded number of stateful interactions between the controller and network devices. In this article, we propose SeqFuzzSDN, a learning-guided fuzzing method for testing stateful SDN controllers. SeqFuzzSDN aims to (1) efficiently explore the state space of the SDN controller under test, (2) generate effective and diverse tests (i.e., control message sequences) to uncover failures, and (3) infer accurate failure-inducing models that characterise the message sequences leading to failures. In addition, we compare SeqFuzzSDN with three extensions of state-of-the-art (SOTA) methods for fuzzing SDNs. Our findings show that, compared to the extended SOTA methods, SeqFuzzSDN (1) generates more diverse message sequences that lead to failures within the same time budget, and (2) produces more accurate failure-inducing models, significantly outperforming the other extended SOTA methods in terms of sensitivity.

翻译：软件定义网络（SDN）控制器是实现高级网络功能（如动态流量工程与网络虚拟化）的核心软件组件。然而，这些功能增加了SDN控制器的复杂性，使得全面测试至关重要。SDN控制器具有状态性，通过控制消息序列与多个网络设备交互。由于控制消息序列存在无限可能性，导致控制器与网络设备间的状态化交互数量无界，识别SDN控制器中的状态化故障极具挑战。本文提出SeqFuzzSDN——一种面向状态化SDN控制器测试的学习引导模糊测试方法。SeqFuzzSDN致力于实现三个目标：(1) 高效探索被测SDN控制器的状态空间，(2) 生成有效且多样化的测试用例（即控制消息序列）以发现故障，(3) 推断精确的故障诱发模型，用以刻画导致故障的消息序列特征。此外，我们将SeqFuzzSDN与三种最先进SDN模糊测试方法的扩展版本进行比较。实验结果表明：在相同时间预算下，相较于扩展的最先进方法，SeqFuzzSDN (1) 能生成更多样化的故障诱发消息序列，(2) 可构建更精确的故障诱发模型，在灵敏度指标上显著优于其他扩展的最先进方法。