Section: Software

The Why platform

Participants : Claude Marché [contact] , François Bobot, Jean-Christophe Filliâtre, Guillaume Melquiond, Andrei Paskevich.

Keywords: Deductive verification, Java programming language, Java modeling language, Java Card, ANSI C programming language.

Criteria for Software Self-Assessment (self-evaluation following the guidelines (http://www.inria.fr/content/download/11783/409665/version/4/file/SoftwareCriteria-V2-CE.pdf ) of the Software Working Group of Inria Evaluation Committee( http://www.inria.fr/institut/organisation/instances/commission-d-evaluation )): A-3, SO-4, SM-3, EM-2, SDL-5-down, OC-4.

The Why platform is a set of tools for deductive verification of Java and C source code. In both cases, the requirements are specified as annotations in the source, in a special style of comments. For Java (and Java Card), these specifications are given in JML and are interpreted by the Krakatoa tool. Analysis of C code must be done using the external Frama-C environment, and its Jessie plugin which is distributed in Why.

The platform is distributed as open source, under GPL license, at http://why.lri.fr/ . The internal VC generator and the translators to external provers are no longer under active development, as superseded by the Why3system described below.

The Krakatoa and Jessie front-ends are still maintained, although using now by default the Why3 VC generator. These front-ends are described in a specific web page http://krakatoa.lri.fr/ . They are used for teaching (University of Evry, Ecole Polytechnique, etc.), used by several research groups in the world, e.g at Fraunhofer Institute in Berlin  [86] , at Universidade do Minho in Portugal  [49] , at Moscow State University, Russia (http://journal.ub.tu-berlin.de/eceasst/article/view/255 ).