Resilience Support in Software-Defined Networking: A Survey Anderson Santos da Silva a,* , Paul Smith b , Andreas Mauthe c , Alberto Schaeffer-Filho a a Institute of Informatics, Federal University of Rio Grande do Sul, Brazil b Safety and Security Department, AIT Austrian Institute of Technology, Austria c School of Computing and Communications, Lancaster University, United Kingdom Abstract Software-Defined Networking (SDN) is an architecture for computer networking that provides a clear separation between network control functions and forwarding operations. The abstractions supported by this architecture are intended to simplify the implementation of several tasks that are critical to network operation, such as routing and network management. Computer networks have an increasingly important societal role, requiring them to be resilient to a range of challenges. Previously, research into network resilience has focused on the mitigation of several types of challenges, such as natural disasters and attacks. Capitalising on its benefits, including increased programmability and a clearer separation of concerns, significant attention has recently focused on the development of resilience mech- anisms that use software-defined networking approaches. In this article, we present a survey that provides a structured overview of the resilience support that currently exists in this important area. We categorize the most recent research on this topic with respect to a number of resilience disciplines. Additionally, we discuss the lessons learned from this investigation, highlight the main challenges faced by SDNs moving forward, and outline the research trends in terms of solutions to mitigate these challenges. Keywords: Software-defined networking; network resilience; OpenFlow; network challenges. 1. Introduction Computer networks are important for businesses and to support the operation of societally critical infrastruc- tures, such as future (smart) electrical grids and gov- ernment services. The growth in number and variety of end-to-end services that networks must support has led to a great deal of heterogeneity in the way net- works are implemented, resulting in (i) complex pro- tocols to handle the communication between network devices [1], (ii) difficult deployment of network policies by network administrators [2] and (iii) limited routing scalability [3, 4, 5]. Additionally, challenges to normal network operation, such as malicious attacks and pro- hibitive communication delay, demonstrate that com- puter networks have long-standing resilience require- ments [6]. Resilience is the ability of the network to maintain an acceptable level of service when confronted with * Corresponding author. Email addresses: assilva@inf.ufrgs.br (Anderson Santos da Silva), paul.smith@ait.ac.at (Paul Smith), a.mauthe@lancaster.ac.uk (Andreas Mauthe), alberto@inf.ufrgs.br (Alberto Schaeffer-Filho) operational challenges [7]. A challenge is an atypical event that hinders the expected normal network opera- tion [6, 8]. In order to deal with a wide range of chal- lenges, network resilience encompasses six major dis- ciplines: security, survivability (including fault toler- ance), performability, traffic tolerance, disruption toler- ance and dependability [7]. When a network challenge arises, mitigation mechanisms should be activated, ide- ally without human intervention, to rapidly protect a network and the services it supports. However, the broad range of potential challenges that could befall a network requires sophisticated network (resilience) management systems that can detect and mitigate their effects [8]. Existing management systems have limita- tions, including a lack of flexibility with respect to chal- lenge identification and mitigation, which has encour- aged research that considers this problem in the context of new network architectures [9]. In both the research and industry communities, Software-Defined Networking (SDN) [10] has recently gained significant attention. The main characteristic of the SDN architecture is that it decouples the implemen- tation of network control logic from forwarding oper- Preprint submitted to Computer Networks May 7, 2015