Overall Objectives
Scientific Foundations
Application Domains
New Results
Other Grants and Activities

Section: Other Grants and Activities

National Actions

ANR SeSur Project AVOTÉ

Participants : Mathilde Arnaud, Sergiu Bursuc, Vincent Cheval, Ştefan Ciobâcă, Hubert Comon-Lundh, Stéphanie Delaune, Steve Kremer, Antoine Mercier.

The AVOTÉ project ( ) was submitted and accepted in the framework of the 2007 SeSur program (“Sécurité et Sûreté Informatique”) of the GIP ANR (Agence Nationale de la Recherche). The project started early 2008. The partners are the INRIA project-team CASSIS (leader), SECSI, Verimag and until September 2009 France Télécom R&D.

Electronic voting promises the possibility of a convenient, efficient and secure facility for recording and tallying votes. However, the convenience of electronic elections comes with a risk of large-scale fraud and their security has seriously been questioned. In this project we propose to use formal methods to analyze electronic voting protocols. More precisely, we structure the project around four work-packages.

ARA SSIA Formacrypt

Participants : Hubert Comon-Lundh, Stéphanie Delaune, Jean Goubault-Larrecq, Steve Kremer.

The Formacrypt project ( ) submitted and accepted in the framework of the 2005 ARA SSIA ("Sécurité, Systèmes embarqués et Intelligence Ambiante") of the GIP ANR (Agence Nationale de la Recherche) started 2006. The partners are Ecole Normale Supérieure de Paris (leader), SECSI, and INRIA project-team CASSIS (Nancy).

Most efforts in cryptographic protocol verification use either the computational approach, in which messages are bitstrings, or the formal approach, in which messages are terms. The computational approach is more realistic but more difficult to automate. The goal of the Formacrypt project is to bridge the gap between these two approaches.

Several works have already begun linking these approaches, but they all have limitations. They generally put too strong security requirements on these primitives, and they do not allow one to compute the probability of an attack explicitly. The Formacrypt project offers three approaches in order to overcome these limitations.

REDPILL project

Participants : Jean Goubault-Larrecq, Hedi Benzina.

The REDPILL project is a DIGITEO project, started september 2009. The partners are SECSI and Bertin Technologies. The goal of the project is the detection of malware on virtualized platforms.

System@tic Project PFC

Participants : Jean Goubault-Larrecq, Hedi Benzina.

The PFC project (for: “PlateForme de Confiance”) is one of the projects of the System@tic Paris Region French cluster in complex systems design and management, see . This cluster involves industrial groups, SMEs and academic partners around Paris. This project is funded by the French ministry of industry (FCE).

The goal of the project is the design and validation of secure and safe embedded applications, particularly aimed at upper administration, police and customs forces. Within this project, SECSI is particularly collaborating with Bertin Technologies on effective intrusion prevention in hypervisor-based computer systems using ORCHIDS. Hedi Benzina has joined the project in November 2008 as a temporary engineer.

Hedi Benzina has started a PhD thesis in October 2009, under the direction of Jean Goubault-Larrecq, and is funded by the Digiteo DIM project “RedPill: Malware Detection on Virtualized Architectures”, 2009-2012.


Participant : Jean Goubault-Larrecq.

Jean Goubault-Larrecq made a critical evaluation of the Spidware security solution, based on Jeremy Briffaut's PIGA interposition tool, on account of Advitech Partners. Spidware is a startup company founded by researchers at ENSI Bourges and LIFO. Jean Goubault-Larrecq wrote a detailed, confidential report on the technical strengths and weaknesses of this product.


Participants : Jean Goubault-Larrecq, Philippe Chaput.

Jean Goubault-Larrecq is scientific coordinator of the ANR programme blanc project CPP (confiance, preuves, probabilités, 2009-2012). See the Wiki . The academic partners are INRIA Saclay (Comète, Parsifal, Maxplus); LSV, ENS Cachan (including SECSI); LSS and SSE, Supélec; and CEA.

From the standpoint of SECSI, this project leverages the results obtained during the ARC ProNoBiS (2006-2007) and before on semantic models of mixed non-deterministic and probabilistic choice, and applies them to the design of static analyzers for floating-point programs, specifically airplane engine controllers. (The need comes from Dassault Aviation, and Hispano-Suiza plane engines—now Safran. They are both associated partners to the project.)

The whole project revolves around the automated evaluation of uncertainty, whether probabilistic or non-deterministic. This uncertainty arises because static analyzers must inherently work on approximate values, but also because the environmental values (pressure, temperature, speed) are known only up to some precision, or fluctuate around some central value; and finally because of round-off errors in floating-point computations.


Logo Inria