This site is dedicated to everything Software-Defined Network (SDN) security. It aims to provide practical analysis of state-of-the-art industry and academic SDN security research. It also functions as a tutorial and documentation platform for sdnpwn, an SDN penetration testing toolkit.


What is SDN?

The Open Networking Foundation defines SDN as “The physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices”. What this means is that the decision making which would traditionally be performed by a router or a switch (i.e. forwarding decisions), is moved to a central device known as a controller. Routers and switches become generic forwarding devices (also known simply as ‘switches’). These forwarding devices, or switches, communicate with the controller at the Southbound Interface (SBI) in order to receive instructions on how to forward network traffic. Applications may communicate with the controller at the Northbound Interface (NBI) to receive network statistics or influence traffic forwarding decisions.