[PPT] - The VALS Team Verification, Validation of Algorithms, Languages and PowerPoint Presentation

SLIDE 1

The VALS Team

Verification, Validation of Algorithms, Languages and Systems

Resp.: Burkhart Wolff Co-resp.: Claude Marché November 27-28, 2013

27-28 Nov 2013 Comité d’Evaluation du LRI 1 / 68

SLIDE 2

VALS: The Group for Formal Methods

VALS

New research team, created July 2013 Joining ForTesSE and Toccata

◮ Toccata: formal specification and computer-assisted proof in

the development of software that requires a high assurance

◮ ForTesSE: formal testing, in particular model-based testing

using combinations of Test and Proof

27-28 Nov 2013 Comité d’Evaluation du LRI 2 / 68

SLIDE 3

VALS: team members

Inria (1DR,3CR)

S. Boldo
A. Charguéraud
C. Marché
G. Melquiond

CNRS (2CR)

E. Contejean J.-C. Filliâtre
Univ. Paris-Sud (5PR,5MCF)
V. Benzaken
S. Conchon

M.-C. Gaudel

D. Longuet

K.Nguyen

A. Paskevich
C. Paulin
F. Voisin
B. Wolff
F. Zaïdi

4+7=11 doctoral students 1+4=5 post-docs

27-28 Nov 2013 Comité d’Evaluation du LRI 3 / 68

SLIDE 4

VALS: Toccata

The Toccata Team

http://toccata.lri.fr

27-28 Nov 2013 Comité d’Evaluation du LRI 4 / 68

SLIDE 5

Toccata: Main Research Themes

Proof technology:

◮ Mathematical specifications ◮ Deductive program

verification

◮ Formal Semantics

Main Challenge

Make Deductive verification usable in practice Both theory and practice:

◮ Development of several tools ◮ significant number of users

27-28 Nov 2013 Comité d’Evaluation du LRI 5 / 68

SLIDE 6

Structure and Evolution (2008-2013)

◮ Common team with Inria Saclay ◮ until 2011: team ProVal, leader: C. Paulin ◮ since 2012: team Toccata, leader: C. Marché

Evolution:

◮ March 2010: M. Pouzet, mutation to Paris 6 & ENS

◮ Theme Synchronous Programming disappears

◮ Sep 2010: V. Benzaken, moved from the BD team

◮ New theme Data-Centric Languages

◮ 2 CR Inria and 2 MCF recruited in the period ◮ 13 PhD thesis, 3 HDR defended

27-28 Nov 2013 Comité d’Evaluation du LRI 6 / 68

SLIDE 7

The backbone of Toccata

Balance between theory and practice

All activities are related, in particular through tool development Two major federating tools:

◮ Why3: generic environment for deductive program verification

◮ A logical framework connected to many theorem provers ◮ A dedicated programming language WhyML ◮ Contract-based formal specifications

◮ Alt-Ergo: a theorem prover based on Satisfiability Modulo

Theory (SMT) approach

◮ Original combination approach CC(X) ◮ Support for theories needed for verification (quantifiers, type

polymorphism, (non-)linear integral and rational arithmetic)

27-28 Nov 2013 Comité d’Evaluation du LRI 7 / 68

SLIDE 8

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

27-28 Nov 2013 Comité d’Evaluation du LRI 8 / 68

SLIDE 9

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

Automatic provers

CVC3, Simplify, SPASS, Vampire veriT, Yices, Z3, etc.

Interactive provers

PVS, etc. Coq

Alt-Ergo

Gappa

27-28 Nov 2013 Comité d’Evaluation du LRI 9 / 68

SLIDE 10

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

Automatic provers

CVC3, Simplify, SPASS, Vampire veriT, Yices, Z3, etc.

Interactive provers

PVS, etc. Coq

Alt-Ergo

Gappa Java programs

Krakatoa

27-28 Nov 2013 Comité d’Evaluation du LRI 10 / 68

SLIDE 11

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

Automatic provers

CVC3, Simplify, SPASS, Vampire veriT, Yices, Z3, etc.

Interactive provers

PVS, etc. Coq

Alt-Ergo

Gappa Java programs

Krakatoa

C programs

Frama-C

27-28 Nov 2013 Comité d’Evaluation du LRI 11 / 68

SLIDE 12

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

Automatic provers

CVC3, Simplify, SPASS, Vampire veriT, Yices, Z3, etc.

Interactive provers

PVS, etc. Coq

Alt-Ergo

Gappa Java programs

Krakatoa

C programs

Frama-C

Ada programs

Spark2014

27-28 Nov 2013 Comité d’Evaluation du LRI 12 / 68

SLIDE 13

The backbone of Toccata

Why3: a language and a tool for deductive verification

Why3 Alt-Ergo

Automatic provers

CVC3, Simplify, SPASS, Vampire veriT, Yices, Z3, etc.

Interactive provers

PVS, etc. Coq

Alt-Ergo

Gappa Java programs

Krakatoa

C programs

Frama-C

Ada programs

Spark2014

EasyCrypt CAOVerif

27-28 Nov 2013 Comité d’Evaluation du LRI 13 / 68

SLIDE 14

Example: NASA case study (Frama-C)

#define E 0x1p-45 /*@ requires @ sx == \exact(sx) && sy == \exact(sy) && @ vx == \exact(vx) && vy == \exact(vy) && @ \abs(sx) <= 100.0 && \abs(sy) <= 100.0 && @ \abs(vx) <= 1.0 && \abs(vy) <= 1.0; @ ensures @ \result != 0 ==> @ \result == l_sign(\exact(sx)*\exact(vx)+\exact(sy)*\exact(vy)) @ * l_sign(\exact(sx)*\exact(vy)-\exact(sy)*\exact(vx)); @*/ int eps_line(double sx, double sy,double vx, double vy){ int s1,s2; s1=sign(sx*vx+sy*vy, E); s2=sign(sx*vy-sy*vx, E); return s1*s2; }

27-28 Nov 2013 Comité d’Evaluation du LRI 14 / 68

SLIDE 15

Example: NASA case study (Frama-C)

27-28 Nov 2013 Comité d’Evaluation du LRI 15 / 68

SLIDE 16

Why3: elements of impact

◮ Major results:

◮ The design of the programming language

[ESOP 2013]

◮ The multi-prover architecture

[CADE 2013]

◮ Used by other academic tools

◮ Cryptography (EasyCrypt, IMDEA, Spain)

◮ Use in industrial-scale verification environments:

◮ Frama-C: CEA-List (Airbus France, NASA, etc.) ◮ Spark2014: AdaCore (Astrium, etc.)

◮ Use in teaching ◮ http://why3.lri.fr, Why3 Club (mailing list)

27-28 Nov 2013 Comité d’Evaluation du LRI 16 / 68

C programs

Frama-C

Ada programs

Spark2014 CAVEAT Spark2005 Cubicle Atelier B Bware

27-28 Nov 2013 Comité d’Evaluation du LRI 22 / 68

SLIDE 23

Alt-Ergo: elements of impact

◮ Major results:

◮ theory of associativity-commutativity

[TACAS 2011] (best EATCS paper award)

◮ Original approach for arithmetic

[IJCAR 2012]

◮ Application to model-checking (Cubicle)

[CAV 2012]

◮ Use in industrial-scale verification environments:

◮ via Why3 in Frama-C and Spark2014 ◮ via CAVEAT qualified by Airbus France for A350 development ◮ shipped with Spark2005 since 2011

◮ Since 2013: Maintenance by OcamlPro start-up ◮ http://alt-ergo.lri.fr

27-28 Nov 2013 Comité d’Evaluation du LRI 23 / 68

SLIDE 24

Around the backbone

Verified Numerical Programs

◮ Formal models in Coq (Flocq library)

[IEEE Symp. Comp. Arith. 2011]

◮ Semantics of floating-point computation in Why3

[IJCAR 2010]

◮ Specialized prover Gappa ◮ Significant case studies

◮ Certified resolution of a differential equation

[ICALP 2009, JAR 2013]

27-28 Nov 2013 Comité d’Evaluation du LRI 24 / 68

SLIDE 25

Around the backbone (2)

Verification of tools

◮ Verified provers: 1 PhD thesis,

[PLPV 2014]

◮ Verified VC generators: 1 PhD thesis,

[VSTTE 2012]

◮ Other on-going projects

Data-Centric Languages

◮ Semantics of NoSQL languages

[POPL 2013]

◮ Typed XML transformations

[POPL 2014]

◮ On-going formal models in Coq ◮ On-going verified code using Why3 ◮ Programming Language CDuce, www.cduce.org

27-28 Nov 2013 Comité d’Evaluation du LRI 25 / 68

SLIDE 26

Positioning

Our strongest competitor: Microsoft Research

◮ only us and them master all the verification chain

Boogie Why3 VC generator Dafny, Fstar WhyML VCC Frama-C Z3 Alt-Ergo Our originalities:

◮ Multi-prover approach

◮ Combination of Automatic and Interactive Theorem Proving

◮ Support for Numerical Programs ◮ Open source distribution

◮ easier to reach industrial users 27-28 Nov 2013 Comité d’Evaluation du LRI 26 / 68

SLIDE 27

Scientific Production

Quantitative summary:

◮ International major journal articles:

17

◮ Other journal articles:

5

◮ International major conf. articles:

47

◮ Other conf. articles:

51

◮ Books and book chapters:

8

27-28 Nov 2013 Comité d’Evaluation du LRI 27 / 68

SLIDE 28

Other elements of impact

International:

◮ C. Paulin, docteur honoris causa University Göteborg, Sweden,

2011

◮ J.-C. Filliâtre, member of IFIP Working Group 1.9/2.15

(Verified Software) since 2011 Event Organization:

◮ International Conference “Formal Verification of

Object-Oriented Software”, Paris, 28-30 june 2010

◮ Verification Competition joint with VSTTE 2012

Local: Strong implication in

◮ Digiteo research cluster ◮ Labex DigiCosme (C. Paulin, head of the Labex) ◮ Idex Univ. Paris Saclay, including future master program

27-28 Nov 2013 Comité d’Evaluation du LRI 28 / 68

SLIDE 29

Socio-economic interactions

Industrial interactions:

◮ Industrial Contract, Airbus France: qualification of Alt-Ergo ◮ FUI Hi-Lite project, leading to future Spark2014 ◮ Several CIFRE theses

Dassault Aviation, Gemalto, France Telecom, AdaCore

Software licensing and distribution:

◮ Tools Why, Frama-C, Alt-Ergo, CiME, Cubicle, Gappa, Reactive ML,

Lucid synchrone, CDuce, bibtex2html, Ocamlgraph, Mlpost

◮ Coq libraries: Coccinelle, ALEA, Flocq, Coq.Interval, Coquelicot ◮ http://toccata.lri.fr/tools.en.html ◮ All under open source licence ◮ Many of them included in major Linux distributions ◮ 3 deposits at Agence de Protection des Programmes

27-28 Nov 2013 Comité d’Evaluation du LRI 29 / 68

SLIDE 30

Socio-economic interactions (2)

Science Outreach:

◮ Castor Informatique contest (lycées et collèges, A.

Charguéraud, S. Boldo) (hot news: 180,000 participants in nov. 2013)

◮ Several popularization articles and actions (S. Boldo)

◮ “Interstices” site 27-28 Nov 2013 Comité d’Evaluation du LRI 30 / 68

SLIDE 31

Training

Training, Teaching at Master and Doctoral levels:

◮ Lectures at ENS Paris and Ecole Polytechnique ◮ Organization of DigiCosme Spring School 2013, “Program

Analysis and Verification”

◮ Lectures at Master Parisien de Recherche en Informatique ◮ Lectures at several schools for young researchers

(EJCP 2012 and 2013, Laser 2011, FoVeOOS Winter School 2011, EJCIM 2012, APSSFM 2009 and 2013)

27-28 Nov 2013 Comité d’Evaluation du LRI 31 / 68

SLIDE 32

VALS: ForTesSE

The ForTesSE Team

http://fortesse.lri.fr

27-28 Nov 2013 Comité d’Evaluation du LRI 32 / 68

SLIDE 33

ForTesSE: Research Themes

Model-based Testing:

◮ formal specs,

formal semantics

◮ generated tests and

test-drivers

◮ ... for program and

system verification Good balance between theory and applications:

◮ several tools ◮ used in SE projects

27-28 Nov 2013 Comité d’Evaluation du LRI 33 / 68

SLIDE 34

ForTesSE: Group Evolution

Permanent staff in figures:

◮ June 2013: 5 university faculty members

1 PR, 3 MC, 1 PR émérite, 2 postdocs, 5 PhDs. [January 2008 : 1 PR, 4 MC, 1 PR émérite, 1 postdoc, 2 PhDs]

◮ New: Dr. Delphine Longuet (MC 2009) ◮ Leave: Sandrine Gouraud (already in August 2008)

Pascal Poizat (Prof -> LIP6, 2012)

◮ Temporary Members: J. Oudinet, L. Bentakouk, M. Krieger

(doctorate)

◮ 4 Phds, 2 HDR defended

group stable

27-28 Nov 2013 Comité d’Evaluation du LRI 34 / 68

SLIDE 35

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

27-28 Nov 2013 Comité d’Evaluation du LRI 35 / 68

SLIDE 36

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

generated test-drivers

ther automatic provers

27-28 Nov 2013 Comité d’Evaluation du LRI 36 / 68

SLIDE 37

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle Coq

27-28 Nov 2013 Comité d’Evaluation du LRI 37 / 68

SLIDE 38

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

generated test-drivers

ther automatic provers

Firewall Specs

HOL-TestGen-fw

27-28 Nov 2013 Comité d’Evaluation du LRI 38 / 68

SLIDE 39

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

generated test-drivers

ther automatic provers

Circus Specs

Cirta

27-28 Nov 2013 Comité d’Evaluation du LRI 39 / 68

SLIDE 40

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

generated test-drivers

ther automatic provers

UML/OCL Specs

Featherweight OCL 14

27-28 Nov 2013 Comité d’Evaluation du LRI 40 / 68

SLIDE 41

Proof Techn. & Logic Representations

HOL-TestGen: an interactive environment for test-generation

HOL-TestGen Isabelle

generated test-drivers

ther automatic provers

Coq

Firewall Specs

HOL-TestGen-fw

Circus Specs

Cirta

UML/OCL Specs

Featherweight OCL 14

27-28 Nov 2013 Comité d’Evaluation du LRI 41 / 68

SLIDE 42

Proof Techn. & Logic Representations

IDE for entire Testplans:

◮ powerful specs in HOL ◮ test-specifications ◮ Formal Test-Theorem

Development

◮ Testselection configurable ◮ Tester-Generation

configurable

◮ highly generic but

extendible

◮ proven correct ◮ used in major SE projects

27-28 Nov 2013 Comité d’Evaluation du LRI 42 / 68

SLIDE 43

Proof Techn. & Logic Representations

An Example for an Extension, a special- ized tool and workflow for Firewalls:

◮ Framework for

Security Policies UPF

◮ test-specifications:

Local FW policies or subnetwork behavior

◮ Normalization

Theorem improves Test-generation

◮ Specific Test-driver

setups

◮ used for BT

27-28 Nov 2013 Comité d’Evaluation du LRI 43 / 68

SLIDE 44

Proof Techn. & Logic Representations

27-28 Nov 2013 Comité d’Evaluation du LRI 44 / 68

SLIDE 45

HOL-TestGen: Elements of impact

◮ Major publications: [FAOC 2013],[JAR10] ◮ Basis for specialized "plugins" for Testing:

◮ Security: HOL-TestGen-fw [SACMAT 11,ICST 10, ICTAC 13] ◮ Behavior: Cirta [VSTTE 12,ICFEM 13, ICST 12] ◮ Embedded: a) Hardware [TAP 13] ◮ Embedded: b) SysML [OCL 12, OCL 13]

◮ Used in industrial & academic projects:

◮ MBT-SEC: BT, ETH Zürich (1Phd) ◮ Collaboration with York [ACTA 11] ◮ IRT System X, Project FSF (1Phd) ◮ Prover parallelization: ANR Paral-ITP [MKM 13, ITP 13]

◮ Used in teaching ◮ Distrib: http://www.brucker.ch/projects/hol-testgen/,

APP:IDDN.FR.001.220032.000.S.A.2011.

27-28 Nov 2013 Comité d’Evaluation du LRI 45 / 68

SLIDE 46

Positioning

Our strongest competitor: Microsoft Research SpecExplorer HOL-TestGen Quickcheck inside HOL-TestGen Z3 inside HOL-TestGen nitpick — STG HOL-TestGen/Cirta Alloy Tool HOL-TestGen/FW-OCL Our originalities:

◮ Integrated Approach: IDE for formal testplans

◮ Prover IDE ◮ Control/Hinting over Solving via ITP (flex. for large models) ◮ Generic Framework

(flex. for different specs)

◮ Support for various codegenerators ◮ Open source distribution

27-28 Nov 2013 Comité d’Evaluation du LRI 46 / 68

SLIDE 47

Random-based Model Exploration

Rukia: a library for exploration of very large transition systems Large Graph

Rukia

27-28 Nov 2013 Comité d’Evaluation du LRI 47 / 68

SLIDE 48

Random-based Model Exploration

Rukia: a library for exploration of very large transition systems Large Graph

Rukia

LTL

conc. program

Monte Carlo MC

[FASE 11]

27-28 Nov 2013 Comité d’Evaluation du LRI 48 / 68

SLIDE 49

Random-based Model Exploration

Rukia: a library for exploration of very large transition systems Large Graph

Rukia

C programs

Frama-C

Auguste++

27-28 Nov 2013 Comité d’Evaluation du LRI 49 / 68

SLIDE 50

Random-based Model Exploration

Rukia: a library for exploration of very large transition systems Large Graph

Rukia

LTL

conc. program

Monte Carlo MC

[FASE 11]

C programs

Frama-C

Auguste++

27-28 Nov 2013 Comité d’Evaluation du LRI 50 / 68

SLIDE 51

Rukia: Elements of impact

◮ Major result:

Denise, Gaudel, Gouraud, Lassaigne, Oudinet, Peyronnet: Coverage-biased random exploration of large models and application to testing. [STTT 12].

◮ Major Publications: [TCS 13, FASE 11] ◮ Collaborations with LRI groups BioInfo, Algo

as well as group "Logique Mathematique" Paris 7.

◮ 1 Phd ◮ Distribution RUKIA:

APP:IDDN.FR.001.350014.000.S.C.2009.000.00000, http://rukia.lri.fr/

27-28 Nov 2013 Comité d’Evaluation du LRI 51 / 68

SLIDE 52

Behavioral models for testing, adaption, and composition

◮ Service Composition and Testing

◮ Major result: An end-to-end Web services testing framework ◮ Major publications: [ICWS 10, TAP09, ECOWS 08] ◮ SWST tool (swst.lri.fr, [Testcom/fates 09]) ◮ 1 Project (ANR WebMOV), 2 Phd ◮ Context-Aware Personal Information Integration ◮ collaboration with the IASI team ◮ ANR PIMI, 1 Phd

◮ Model-checking & Testing of Distributed Systems

◮ Major result : Online testing of services choreographies ◮ Major publications [ISSRE 13, ICSOC 12, HASE 12,SAC 12] ◮ 2 Phd, SBBC tool : Description: [ICSOC12]

◮ Testing & Model-Checking of Protocols

◮ Major results : Supple protocol and the parameterized model

checker Cubicle (cubicle.lri.fr)

◮ Major publications [CAV 12, ACM CSUR 11, MSWIM 10] ◮ Collaboration with the Toccata team on Cubicle ◮ 1 PhD 27-28 Nov 2013 Comité d’Evaluation du LRI 52 / 68

SLIDE 53

Scientific Production

Quantitative and qualitative summary:

◮ International major journal articles:

11

◮ Other journal articles:

2

◮ International major conf. articles:

23

◮ Other conf. articles:

31

◮ Books and book chapters:

6 Per Full-Time Researcher Man Year:

◮ Revues: 1.3

Books/chapters: 0.6

◮ Major conf: 2.3

Minor conf: 3.1

27-28 Nov 2013 Comité d’Evaluation du LRI 53 / 68

SLIDE 54

Scientific Excellence

1. Chairs of 7 international events:

◮ ICTAC 2010, ICST 2010, TAP 2011, ICTSS 2011, MKM 2012,

UTP 2012, Dagstuhl Seminar www.dagstuhl.de/13021.

2. Foreign visitors : 5 (long stays)

◮ Ana Cavalcanti (York), Jim Woodcock (York), Petra Malik

(Wellington), Manuel Nunez(Madrid), Eliane Martins (Campinas, BR.)

3. Co-directed PhDs :

ETH Zürich, Univ. Sao Paulo, ENS Cachan

4. 79 (!) Int. Programme Committees,

7 Steering Committees, 3 Editorial Board Memberships

5. M-C. Gaudel: Doctor Honoris Causa of the Univ. of York,

27-28 Nov 2013 Comité d’Evaluation du LRI 54 / 68

SLIDE 55

Public and industrial funded Projects

◮ 6 funded projects, collaborations, chaires etc.

Collaboration IRT System X, Project FSF, EU Euromills, International Joint Project MoBasT, BT Project MBT-SEC(finished), Chaire PSud Project HOL-TestGen-XT(finished), CIFRE All4Tech(finished)

◮ 6 funded ANR Projects

ANR Paral-ITP,ANR PIMI, ANR RobustWeb (finished), ANR WebMov (finished),ANR Verap (finished),ANR JCJC PERSO (2007-2010) (finished)

◮ Volume (for partners in LRI): 1m EURO

27-28 Nov 2013 Comité d’Evaluation du LRI 55 / 68

SLIDE 56

Socio-economic interactions

◮ Strong implication in Digiteo (M.-C. Gaudel) ◮ Strong implication in Univ. Paris-Sud

(Licence, Licence Pro, PolyTech, Master)

◮ Summer schools:

Summer SCHOOL TAROT (Bath 2008, St Petersburg 2011); Participation in DigiCosme Spring School (Orsay 2013)

◮ Implication in Fêtes des Sciences, etc. ◮ Tutorials on Isabelle

(Cambridge, Orsay, Paris, Orsay, Orléans, Edinburgh)

◮ Tutorials on HOL/TestGen (NII Tokyu, Euro-Mils Paris)

27-28 Nov 2013 Comité d’Evaluation du LRI 56 / 68

SLIDE 57

Perspectives of the VALS Team

The VALS Team

http://vals.lri.fr

27-28 Nov 2013 Comité d’Evaluation du LRI 57 / 68

SLIDE 58

Rationale of the VALS Fusion

Test and proof, originally perceived as adversaries, have a lot in common:

◮ as formal methods (FM), they have both their roots in logic

and discrete mathematics,

◮ shared interest in formal semantics for programming and

specification languages, in modeling-approaches for programs and systems,

◮ shared interest in constraint-solving technologies and theorem

provers. This mutual interest is reflected by recent collaborations between Toccata and ForTesSE (the Cubicle project).

27-28 Nov 2013 Comité d’Evaluation du LRI 58 / 68

SLIDE 59

General Objectives

We identified the following general trends in the scientific community that corresponds to our potential in the new VALS team:

VALS

◮ making verification easier to use and more wide-spread, ◮ advancing the prover technology: e.g. by non-linear arithmetic

and parallel prover design,

◮ combining test and proof, e.g. by invariant-generation, verified

ptimized test-generations, etc.,

◮ gaining experience in non-standard application domains, for

example hybrid and concurrent systems, and

◮ combining proofs and probability.

27-28 Nov 2013 Comité d’Evaluation du LRI 59 / 68

SLIDE 60

Scientific Challenges for VALS

We identified the following general trends in the scientific community that corresponds to our potential:

1. Non-linear arithmetic.
2. Parallelism and verification.
3. Combination of dynamic and static analysis.
4. Verified languages, systems and tools.
5. Probabilities and Verification

27-28 Nov 2013 Comité d’Evaluation du LRI 60 / 68

SLIDE 61

Scientific Programme & Structure

A tentative organization of our workforces in "Activities"

1. Automated and Interactive Deduction,
2. Formalization of Languages,
3. Verified Computer Arithmetic,
4. Data-Centric Languages and Systems,
5. Formal Model-based Testing, and
6. Deductive Program Verification.

27-28 Nov 2013 Comité d’Evaluation du LRI 61 / 68

SLIDE 62

The Role of Application

Formal Methods Expertise needs Domain Knowledge !!!

1. Collaborations with industrial partners:

◮ precious source of concrete challenges ◮ real case studies ◮ key for transfer of methods and tools into industry ◮ funding

2. Collaborations with academic partners:

◮ knowhow transfer for scientific challenges ◮ tool dissemination (alt-ergo, why3, Isabelle) 27-28 Nov 2013 Comité d’Evaluation du LRI 62 / 68

SLIDE 63

Positioning in the context

◮ Plateau de Saclay strengthens our position:

Other groups will need our expertise and technology

◮ Formal software engineering methods:

we are in the right context with Inria Saclay, CEA, LSV, ... ParisTech....

◮ Sustained implication in

Digiteo, Labex DigiCosme, IRT SystemX, ...

◮ Strengthen our role in the future master programme MIFOSA ◮ Strengthen contacts to our scientific competitors:

Microsoft Research, ETH Zürich, Imperial College London, Intel, NASA, SRI

◮ Engagement in the national context:

GDR "Génie de la Programmation et du Logiciel" and "Informatique Mathématique"

27-28 Nov 2013 Comité d’Evaluation du LRI 63 / 68

SLIDE 64

◮ With our network of academic and industrial partners, ◮ ... well embedded in the context of the future Paris-Saclay ◮ ... with our publications and widely recognized tools ...

... we believe that VALS is one of the strongest academic research groups in Europe in the field of formal software engineering methods.

27-28 Nov 2013 Comité d’Evaluation du LRI 68 / 68