Team celtique

Overall Objectives
Scientific Foundations
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: Other Grants and Activities

National Initiatives

ANR DECERT project

Participants : Frédéric Besson, Thomas Jensen, David Pichardie, Pierre-Emmanuel Cornilleau, Florent Kirchner.

The DECERT project (2009–2011) is funded by the call Domaines Emergents 2008, a program of the Agence Nationale de la Recherche.

The objective of the DECERT project is to design an architecture for cooperating decision procedures, with a particular emphasis on fragments of arithmetic, including bounded and unbounded arithmetic over the integers and the reals, and on their combination with other theories for data structures such as lists, arrays or sets. To ensure trust in the architecture, the decision procedures will either be proved correct inside a proof assistant or produce proof witnesses allowing external checkers to verify the validity of their answers.

This is a joint project with Systeral, CEA List and INRIA teams Mosel, Cassis, Marelle, Proval and Celtique (coordinator).


Participants : Benoît Boyer, Thomas Genet, Thomas Jensen.

The RAVAJ ANR ( ) started on january 2007, for 3 years. RAVAJ means “Rewriting and Approximation for the Verification of Java Applications”. Thomas Genet is the coordinator of this project that concerns partners from LORIA (Nancy), LIFC (Besançon) and IRISA (Rennes). The goal of this project is to propose a general purpose verification technique based based on approximations and reachability analysis over term rewriting systems. To tackle this goal, the tree automata completion method has to be refined in two different ways. First, though the Timbuk tool is efficient enough to verify cryptographic protocols, it is not the case for more complex software systems. In that direction, we aim at using some results obtained in rewriting  [72] to bring the efficiency of our tool closer to what has been obtained in the model-checking domain. Second, automation of approximation has to be enhanced. At present, the approximation automaton construction is guided by a set of approximation rules very close to the tree automata formalism and given by the user of the tool. On the one hand, we plan to replace approximation rules, which are difficult to define by a human, by approximation equations which are more natural. Approximation equations define equivalence classes of terms equal modulo the approximation as in  [70] [88] [60] . On the other hand, we will automatically generate approximation equations from the property to be proved, using  [46] [47] , and also provide an automatic approximation refinement methodology adapted to the equational approximation framework.


Participants : Thomas Jensen, David Pichardie.

The ParSec project (2007–2010) intends to study concurrent programming techniques for new computing architectures like multicore processors or multiprocessor machines, focusing on the security issues that arise in multi-threaded systems. In this project the CELTIQUE team focuses on static analysis of multi-threaded Java programs and specially on data race checkers. The other members of the project are INRIA Sophia-Antipolis, INRIA Rocquencourt and PPS (Université Paris 7).

The JAVASEC project

Participants : Thomas Jensen, David Pichardie.

The Java programming language has been put forward as a language with strong security and several aspects of the language are definite improvements over languages such as C and C++. However, the security architecture is complex and it is not straightforward for a Java developer to identify the security risks that a particular piece of code may imply. The French National Information Security Agency (Agence Nationale de la Sécurité de Systèmes Informatiques (ANSSI)) commissioned the JAVASEC project with the double aim of providing secure programming guidelines to Java developers and to build a security-enhanced Java virtual machine whose security can be evaluated and certified according to industrial standards and that can serve as a secure platform for executing Java applications. The results have been an in-depth analysis of Java, its security architecture, its language features relevant to security and the pertinence of formal methods for enhancing the security of Java applications. This analysis has lead to a “Secure Java development guide”, that provides a series of guidelines for what to do an not to do when developing security-critical applications in Java. As a complement to the guidelines, we have identified a series of program properties that can be verified by static analysis of Java byte code in order to improve further the security checks offered by the Java byte code verifier.

The project is conducted in collaboration with two Rennes located SMEs: Silicom and Amossys.

The ANR U3CAT project

Participants : Sandrine Blazy, Matthieu Carlier, Arnaud Gotlieb, David Pichardie.

The ANR U3CAT project (2009–2012) is built upon the results of the RNTL CAT project, which delivered the Frama-C platform for the analysis of C programs and the ACSL assertion language. The ANR U3CAT project focuses on providing a unified interface that would allow to perform several analyses on a same code and to study how these analyses can cooperate in order to prove properties that culd not have been established by one single technique. The other members of the project are the CEA LIST laboratory (project leader), Proval (Inria Futurs), Gallium (Inria Paris-Rocquencourt), Cedric (CNAM), Atos Origin, CS, Dassault-Aviation, Sagem Defense and Airbus Industries.


Participants : Arnaud Gotlieb, Florence Charreteur.

The CAVERN project (Constraints and Abstractions for program VERificatioN) aims to enhance the potential of Constraint Programming for the automated verification of imperative programs. The classic approach consists in building a constraint system representating the objective to meet.

Constraint solving is currently delegated to "generic" constraint propagation based solvers developed for other applications (combinatorial optimization, planning, etc.). The originality of the project lies in the design of abstraction-based constraint solver dedicated to the automated testing of imperative programs. In Static Analysis, the last few years have seen the development of powerful techniques over various abstract domains (polyhedra, congruence, octagons, etc.) and this project aims to explore results obtained in this area to develop constraint solvers with improved deductive capabilities. The main scientific outcome of the project will be a profound understanding of the benefit of using abstraction techniques in constraint solvers for the automated testing of imperative programs.

The CAVERN project includes four partners involved in the development of constraint-based testing tools:

In addition, the project will include a foreign associate partner: Andy King from the University of Kent.

Concretely, the CAVERN project partners will study the integration of selected abstractions in their own constraint libraries, as currently used in their testing tools, in order to improve the treatment of loops, memory accesses (references and dynamic structures) and floating-point computations. Dealing efficiently with these constructs will allow us to scale-up constraint-based testing techniques for imperative programs. This should open the way to more automated testing processes which will facilitate software dependability assessment.

The CAVERN project will last until december 2011.


Logo Inria