Section: Application Domains

Application Domains

Keywords: embedded software, smartcards, avionics, telecommunication, transportation systems

The application domains we target involve safety-critical software, that is where a high level guarantee of soundness of functional execution of the software is wanted. The domains of application include

  • Transportation: aeronautics, railroad, space flight, automotive

  • Communications: mobile phones, smart phones, Web applications

  • Financial applications, banking

  • Medicine: diagnostic devices, computer-assisted surgery

  • Databases with confidentiality requirements (e.g. health records, electronic voting)

Currently our industrial collaborations mainly belong the first of these domains: transportation. These include, in the context of the ANR U3CAT project (Airbus France,Toulouse; Dassault Aviation, Saint-Cloud; Sagem Défense et Sécurité):

  • proof of C programs via Frama-C/Jessie/Why ;

  • proof of floating-point programs ;

  • use of the Alt-Ergo prover via CAVEAT tool (CEA) or Frama-C/WP.

In the context of the FUI project Hi-Lite, the Adacore (Paris) uses Why3 and Alt-Ergo as back-endd to GnatProve, an environment for verification of Ada programs. This is applied in the domain of aerospace (Thales).

In the context of a new ANR project BWare, we investigate the use of Why3 and Alt-Ergo as an alternative back-end for checking proof obligation generated by Atelier B, whose main applications are railroad-related software (http://www.methode-b.com/documentation_b/ClearSy-Industrial_Use_of_B.pdf , collaboration with Mitsubishi Electric R&D Centre Europe, Rennes; ClearSy, Aix-en-Provence)

Apart from the domain of transportation, the Cubicle model checker modulo theoriesbased on the Alt-Ergo SMT prover (collaboration with Intel Strategic Cad Labs, Hillsboro, OR, USA) can be applied to verification of concurrent programs and protocols (http://cubicle.lri.fr/ ).