- Presentation
- HAL publications
- Activity reports
CELTIQUE Research team
Software certification with semantic analysis
- Leader : Thomas Jensen
- Type : Project team
- Research center(s) : Rennes
- Field : Algorithmics, Programming, Software and Architecture
- Theme : Programs, Verification and Proofs
- Ecole normale supérieure de Cachan, Université Rennes 1, CNRS, Institut de recherche en informatique et systèmes aléatoires (IRISA) (UMR6074)
Team presentation
The goal of the Celtique project is to improve the security and reliability of software through software certificates that attest to the well-behavedness of a given software. The semantic analyses extract approximate but correct descriptions of software behaviour from which a proof of security can be constructed. The analyses of relevance include numerical data flow analysis, control flow analysis for higher-order languages, alias and points-to analysis for heap structure manipulation and data race freedom of multi-threaded code. Existing software certification procedures make extensive use of systematic test case generation. Semantic analysis can serve to improve these testing techniques by providing precise software models from which test suites for given test coverage criteria can be manufactured. Moreover, an emerging trend in mobile code security is to equip mobile code with proofs of well-behavedness that can then be checked by the code receiver before installation and execution. A prominent example of such proof-carrying code is the stack maps for Java byte code verification. We propose to push this technique much further by designing certifying analyses for Java byte code that can produce compact certificates of a variety of properties. Furthermore, we will develop efficient and verifiable checkers for these certificates, relying on proof assistants like Coq to develop provably correct checkers. We target two application domains: Java software for mobile devices (in particular mobile telephones) and embedded C programs.Research themes
Program analysis by abstract ianterpretation Interactipon between static analysis and decision procedures Extracting software certifications from static analysis Formal proof of programs and certification of semantic analysis toolsInternational and industrial relations
Participation to the European project MOBIUS on mobile code security Coordinator of several ANR projects (RAVAJ, CAVERN, DECERT) concerned with the static analysis and testing of software Participation in an industrial project paid by the National Defense Agency aiming at building a security-enhanced Java virtual machineKeywords: Semantics Static analysis Test Software certification
Research teams of the same theme :
- ABSTRACTION - Abstract Interpretation and Static Analysis
- ATEAMS - Analysis and Transformation based on rEliAble tool coMpositionS
- CARTE - Theoretical adverse computations, and safety
- CASSIS - Combination of approaches to the security of infinite states systems
- COMETE - Concurrency, Mobility and Transactions
- CONTRAINTES - Constraint programming
- DEDUCTEAM - Deduction modulo, interopérabilité et démonstration automatique
- FORMES - Formal Methods for Embedded Systems
- GALLIUM - Programming languages, types, compilation and proofs
- MARELLE - Mathematical, Reasoning and Software
- MEXICO - Modeling and Exploitation of Interaction and Concurrency
- MOSCOVA - Mobililty, security, concurrence, verification and analysis
- PAREO - Formal islands: foundations and applications
- PARSIFAL - Proof search and reasoning with logic specifications
- PI.R2 - Design, study and implementation of languages for proofs and programs
- PROSECCO - Programming securely with cryptography
- SECSI - Security of information systems
- TASC - Theory, Algorithms and Systems for Constraints
- TOCCATA - Certified Programs, Certified Tools, Certified Floating-Point Computations
- TYPICAL - Types, Logic and computing
- VERIDIS - Modeling and Verification of Distributed Algorithms and Systems
Contact
Team leader
Thomas Jensen
(See all teams)
Tel.: +33 2 99 84 74 78
Secretariat
Tel.: +33 2 99 84 25 77
Find out more
Genealogy
This team follows
Inria
Inria.fr
Inria Channel

See also