**SaTC: CORE: Medium: SPIPS: Security and Privacy in Programmable Switches** **NSF Award [ #2152831 ](https://www.nsf.gov/awardsearch/showAward?AWD_ID=2152831)** # Synopsis Networking hardware has undergone dramatic changes in recent years. Traditionally, network switches leveraged a fixed set of rules describing packet-forwarding behavior, tailored to a small number of standard and widely-used protocols. Today's state-of-the-art switches can run custom programs, enabling new applications. Rather than being baked into the hardware, this behavior can be changed and updated on-the-fly---networks are becoming increasingly programmable. At the same time, programmable networks pose new challenges for security and privacy. When switches were largely limited to static behavior, switch behavior was designed and implemented by hardware vendors. As devices become programmable, network programmers will produce networking software more frequently and in greater quantity. These programs can be highly intricate, potentially leading to more security vulnerabilities and privacy violations. This project has two main technical goals: (1) Evaluate security and privacy threats to programmable networks before they become widespread, and (2) Design actionable mechanisms for detecting, mitigating, and defending against such threats. The project consists of three main research thrusts. The first thrust focuses on implementing secure and privacy-preserving algorithms, including constructions from cryptography and differential privacy, on programmable switches. The second thrust will develop static analyses and dynamic enforcement mechanisms to guarantee information-flow properties for a single programmable switch. Finally, the third thrust considers security and privacy issues in distributed applications, which are implemented across multiple programmable switches. # Personnel * [Loris D'Antoni](https://pages.cs.wisc.edu/~loris/), University of Wisconsin (Co-PI) * [Aditya Akella](https://www.cs.utexas.edu/~akella/), UT Austin (Co-PI) * [Justin Hsu](https://justinh.su), Cornell University (PI) # Collaborators * [Karuna Grewal](https://aakp10.github.io/), Cornell University (PhD student) * Wiley Corning, University of Wisconsin (PhD student) # Publications and preprints * Karuna Grewal, Loris D’Antoni, and Justin Hsu. P4BID: Information Flow Control in P4. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), San Diego, California. 2022. * Jiarong Xing, Yiming Qiu, Kuo-Feng Hsu, Hongyi Liu, Matty Kadosh, Alan Lo, Aditya Akella, Thomas Anderson, Arvind Krishnamurthy, T. S. Eugene Ng, Ang Chen. A Vision for Runtime Programmable Networks. HotNets. 2021. * Tao Ji, Brent Stephens and Aditya Akella. Yama: Performance Isolation for Blackbox Offloads. In submission. * Jiaxin Lin, Brent Stephens and Aditya Akella. Ringleader: Efficiently Offloading Intra-Server Orchestration to Programmable NICs. In submission. # Code * P4BID prototype compiler: # Education * Invited course: Reasoning about Probabilistic Programs ([OPLSS 2021](https://www.cs.uoregon.edu/research/summerschool/summer21/index.php)) [[slides](https://justinh.su/files/slides/oplss21.pdf)] [[recordings](https://www.cs.uoregon.edu/research/summerschool/summer21/topics.php)] # Outreach * Programming Languages Mentoring Workshop@POPL 2021 (Organizer) [[site](https://popl21.sigplan.org/home/PLMW-2021)] [[blog](https://blog.sigplan.org/2021/05/11/programming-languages-mentoring-workshop-ten-years-later/)] * Programming Languages Mentoring Workshop 2021- (Steering Committee)