Klint
Automated verification of network function binaries
- Presentation
- C4DT work
- Technical
- Research papers
Klint allows for fast and automated formal verification of network functions (NF), such as a router or a NAT. It works directly on binaries, without the need of special data structures.
It can ensure that a given NF, be it proprietary or not, respects a formal specification. It allows decoupling between NF-providers and network operators, and let the latter validate it before deploying it.
The network functions can be written in any compiled language, as long as it exposes two functions conforming to Klint: a setup method taking care of initialisation, and another method handling a packet, asserting on the transmitted packet.
Klint provides some well-known NF specification to get you started writing your own, and a way to compile with DPDK.
- Explore the fundamental challenges posed to security and safety by large-scale systems consisting of many threads, many nodes, and millions of lines of code written by many programmers
- Seek solutions that solve real-world problems by overcoming theoretical worst-case limitations
- Build open-source prototypes that enable evaluation of these solutions with real-world workloads
- Operate at the intersection of operating systems, distributed systems, programming languages, formal methods, and computer architecture
This page was last edited on 2024-03-08.
This page was last edited on 2024-03-08.