2025Activity reportProject-Team​​SPADES

3.1 Design and‌ Programming Models

Work on‌​‌ this theme aims to​​ develop models, languages and​​​‌ tools to support a‌ “correct-by-construction” approach to the‌​‌ development of embedded systems.​​

On the programming side,​​​‌ we focus on the‌ definition of domain specific‌​‌ programming models and languages​​ supporting static analyses for​​​‌ the computation of precise‌ resource bounds for program‌​‌ executions. We propose dataflow​​ models supporting dynamicity while​​​‌ enjoying effective analyses. In‌ particular, we study parametric‌​‌ extensions and dynamic reconfigurations​​ where properties such as​​​‌ liveness and boundedness remain‌ statically analyzable. We also‌​‌ study the memory consumption​​ of dataflow graphs. We​​​‌ study new techniques to‌ find optimal sequential schedules‌​‌ (optimal in the sense​​ that their memory peak​​​‌ is minimal) of task‌ graphs and SDF graphs.‌​‌ We use these techniques​​ to find parallel schedules​​​‌ that satisfy memory constraints,‌ possibly the strongest ones.‌​‌

On the design side,​​ we focus on the​​​‌ definition of component-based models‌ for software architectures combining‌​‌ distribution, dynamicity, real-time and​​ fault-tolerant aspects. Component-based construction​​​‌ has long been advocated‌ as a key approach‌​‌ to the “correct-by-construction” design​​ of complex embedded systems​​​‌ 40. Witness component-based‌ toolsets such as Ptolemy‌​‌  33, BIP 29​​, or the modular​​​‌ architecture frameworks used, for‌ instance, in the automotive‌​‌ industry (AUTOSAR) 27.​​ For building large, complex​​​‌ systems, a key feature‌ of component-based construction is‌​‌ the ability to associate​​ with components a set​​​‌ of contracts, which‌ can be understood as‌​‌ rich behavioral types that​​ can be composed and​​​‌ verified to guarantee a‌ component assemblage will meet‌​‌ desired properties.

Formal models​​ for component-based design are​​​‌ an active area of‌ research. However, we are‌​‌ still missing a comprehensive​​​‌ formal model and its​ associated behavioral theory able​‌ to deal at the​​ same time with different​​​‌ forms of composition, dynamic​ component structures, and quantitative​‌ constraints (such as timing,​​ fault-tolerance, or energy consumption).​​​‌

We plan to develop​ our component theory by​‌ progressing on two fronts:​​ a semantical framework and​​​‌ domain-specific programming models. The​ work on the semantical​‌ framework should, in the​​ longer term, provide abstract​​​‌ mathematical models for the​ more operational and linguistic​‌ analysis afforded by component​​ calculi. Our work on​​​‌ component theory will find​ its application in the​‌ development of a -based​​ toolchain for the certified​​​‌ design and construction of​ dependable embedded systems, which​‌ constitutes our first main​​ objective for this axis.​​​‌

3.2 Certified Real-Time Programming​

Programming real-time systems (​‌i.e., systems whose​​ correct behavior depends on​​​‌ meeting timing constraints) requires​ appropriate languages (as exemplified​‌ by the family of​​ synchronous languages 30),​​​‌ but also the support​ of efficient scheduling policies,​‌ execution time and schedulability​​ analyses to guarantee real-time​​​‌ constraints (e.g.,​ deadlines) while making the​‌ most effective use of​​ available (processing, memory, or​​​‌ networking) resources. Schedulability analysis​ involves analyzing the worst-case​‌ behavior of real-time tasks​​ under a given scheduling​​​‌ algorithm and is crucial​ to guarantee that time​‌ constraints are met in​​ any possible execution of​​​‌ the system. Reactive programming​ and real-time scheduling and​‌ schedulability for multiprocessor systems​​ are old subjects, but​​​‌ they are nowhere as​ mature as their uniprocessor​‌ counterparts, and still feature​​ a number of open​​​‌ research questions 28,​ 32, in particular​‌ in relation with mixed​​ criticality systems. The main​​​‌ goal in this theme​ is to address several​‌ of these open questions.​​

We focus on two​​​‌ issues: multicriteria scheduling on​ multiprocessors, and schedulability analysis​‌ for real-time multiprocessor systems.​​ Beyond real-time aspects, multiprocessor​​​‌ environments, and multicore ones​ in particular, are subject​‌ to several constraints in​​ conjunction, typically involving​​​‌ real-time, reliability and energy-efficiency​ constraints, making the scheduling​‌ problem more complex for​​ both the offline and​​​‌ the online cases. Schedulability​ analysis for multiprocessor systems,​‌ in particular for systems​​ with mixed criticality tasks,​​​‌ is still very much​ an open research area.​‌

Distributed reactive programming is​​ rightly singled out as​​​‌ a major open issue​ in the recent, but​‌ heavily biased (it essentially​​ ignores recent research in​​​‌ synchronous and dataflow programming),​ survey by Bainomugisha et​‌ al. 28. For​​ our part, we focus​​​‌ on devising synchronous programming​ languages for distributed systems​‌ and precision-timed architectures.

3.3​​ Causality and Reversibility

Managing​​​‌ faults is a clear​ and present necessity in​‌ networked embedded systems. At​​ the hardware level, modern​​​‌ multicore architectures are manufactured​ using inherently unreliable technologies​‌ 31, 38.​​ The evolution of embedded​​​‌ systems towards increasingly distributed​ architectures highlighted in the​‌ introductory section means that​​ dealing with partial failures,​​​‌ as in Web-based distributed​ systems, becomes an important​‌ issue.

In this axis​​ we intend to address​​​‌ the question of how​ to cope with faults​‌ and failures in embedded​​ systems? We will tackle​​ this question by exploiting​​​‌ reversible programming models and‌ by developing techniques for‌​‌ fault ascription and explanation​​ in component-based systems.

A​​​‌ common theme in this‌ axis is the use‌​‌ and exploitation of causality​​ information. Causality, i.e.,​​​‌ the logical dependence of‌ an effect on a‌​‌ cause, has long been​​ studied in disciplines such​​​‌ as philosophy 45,‌ natural sciences, law 46‌​‌, and statistics 47​​, but it has​​​‌ only recently emerged as‌ an important focus of‌​‌ research in computer science.​​ The analysis of logical​​​‌ causality has applications in‌ many areas of computer‌​‌ science. For instance, tracking​​ and analyzing logical causality​​​‌ between events in the‌ execution of a concurrent‌​‌ system is required to​​ ensure reversibility 43,​​​‌ to allow the diagnosis‌ of faults in a‌​‌ complex concurrent system 39​​, or to enforce​​​‌ accountability 42, that‌ is, designing systems in‌​‌ such a way that​​ it can be determined​​​‌ without ambiguity whether a‌ required safety or security‌​‌ property has been violated,​​ and why. More generally,​​​‌ the goal of fault-tolerance‌ can be understood as‌​‌ being to prevent certain​​ causal chains from occurring​​​‌ by designing systems such‌ that each causal chain‌​‌ either has its premises​​ outside of the fault​​​‌ model (e.g.,‌ by introducing redundancy 35‌​‌), or is broken​​ (e.g., by​​​‌ limiting fault propagation 52‌).

4.1 Industrial Applications

Our​​ applications are in the​​​‌ embedded system area, typically:‌ transportation, energy production, robotics,‌​‌ telecommunications, the Internet of​​ things (IoT), systems on​​​‌ chip (SoC). In some‌ areas, safety is critical,‌​‌ and motivates the investment​​ in formal methods and​​​‌ techniques for design. But‌ even in less critical‌​‌ contexts, like telecommunications and​​ multimedia, these techniques can​​​‌ be beneficial in improving‌ the efficiency and the‌​‌ quality of designs, as​​ well as the cost​​​‌ of the programming and‌ the validation processes.

Industrial‌​‌ acceptance of formal techniques,​​ as well as their​​​‌ deployment, goes necessarily through‌ their usability by specialists‌​‌ of the application domain,​​ rather than of the​​​‌ formal techniques themselves. Hence,‌ we are looking to‌​‌ propose domain-specific (but generic)​​ realistic models, validated through​​​‌ experience (e.g.,‌ control tasks systems), based‌​‌ on formal techniques with​​ a high degree of​​​‌ automation (e.g.,‌ synchronous models), and tailored‌​‌ for concrete functionalities (​​e.g., code generation).​​​‌

4.2 Current Industrial Cooperations‌

Regarding applications and case‌​‌ studies with industrial end-users​​ of our techniques, we​​​‌ cooperate with Orange Labs‌ on software architecture for‌​‌ cloud services.

We are​​ closely involved in Certisen,​​​‌ a startup project supported‌ by ISS (Inria Startup‌​‌ Studio). The project focuses​​ on Time-Sensitive Networking (TSN),​​​‌ which is the next‌ generation of communication networks‌​‌ in critical sectors such​​ as automotive, aerospace, and​​​‌ industrial systems. Certisen objective‌ is to prove the‌​‌ correctness of TSN key​​ properties (latency, priority, memory).​​​‌ A concrete tool, automatically‌ extracted from Rocq/Coq proofs,‌​‌ will enable TSN configurations​​ to be formally certified.​​​‌ This project is lead‌ by Xiaojie Guo, a‌​‌ former PhD student of​​​‌ Spades. Pascal Fradet​ participates to Certisen as​‌ a technical adviser and​​ by working on the​​​‌ formal specifications of TSN​ and Rocq proofs.

5.1 Footprint of research​​​‌ activities

With the help​ of the GES 1point5​‌ tool we have estimated​​ the direct carbon footprint​​​‌ of our research activities​ in 2025. Our estimation​‌ is based on data​​ gathered in a non-automated​​​‌ manner, as no tool​ automating the data extraction​‌ is available yet.

Professional​​ travels, including the coming​​​‌ of jury members, amount​ to a total of​‌ 725 kg CO${}_{\mathrm{2}}$e. Commute travels sum​​​‌ up to an estimated​ 1,5 t CO${}_{\mathrm{2‌}}$e. We have purchased​​ one computer, amounting for​​​‌ 192 kg CO${}_{\mathrm{2}}$e. We roughly estimate​‌ our share of INRIA​​ services and building usage​​​‌ to 6 t CO​${}_2$e.

Based on​‌ the above estimations, our​​ carbon footprint totals 8,4​​​‌ t CO${}_2$e​ for the team, or​‌ an average of 765​​ kg CO${}_2$e​​​‌ per team member.

5.2​ Impact of research results​‌

Our research on certification​​ and fault-tolerance aims at​​​‌ making embedded systems safer.​ Certified systems tend also​‌ to be simpler, less​​ depending on updates and​​​‌ therefore less prone to​ obsolescence. A potential major​‌ application of causality analysis​​ is to help establish​​​‌ liability for accidents caused​ by software errors.

On​‌ the other hand, our​​ research may contribute to​​​‌ make more acceptable or​ even to promote many​‌ problematic systems such as​​ IoT, drones, avionics, autonomous​​​‌ vehicles, ... with a​ potential negative environmental impact.​‌

Sophie Quinton and Éric​​ Tannier (from the BEAGLE​​​‌ team in Lyon), with​ the help of many​‌ colleagues, including some in​​ the SPADES team, have​​​‌ set up a series​ of one-day workshops called​‌ “Ateliers SEnS”​​ (for Sciences-Environnements-Sociétés), which offer​​​‌ a venue for members​ of the research community​‌ (in particular, but not​​ limited to, researchers) to​​​‌ reflect on the social​ and environmental implications of​‌ their research. More than​​ 50 Ateliers SEnS have​​​‌ taken place so far,​ all across France and​‌ beyond INRIA and the​​ computer science field. Participants​​​‌ to a workshop can​ replicate it, and quite​‌ a few have already​​ done so. Sophie Quinton​​​‌ has facilitated 2 Ateliers​ SEnS in 2025.

Research​‌ into the connection between​​ ICT (Information and Communication​​​‌ Technologies) and the environmental​ crisis has started in​‌ 2020 within the SPADES​​ team, see Section 7.4​​​‌.

6.1 Latest software developments​​

7.1 Dataflow models​​ of computation

Participants: Pascal​​​‌ Fradet, Alain Girault‌.

7.2 Real-time scheduling

Participants:​​ Alain Girault.

7.3‌ Causality and reversibility

Participants:‌​‌ Gregor Goessler, Jean-Bernard​​ Stefani, Aurélie Kong​​​‌ Win Chang, Alexander‌ Obeid Guzmán.

7.4​ Transversal activity: ICT and​‌ the Anthropocene

Participants: Martin​​ Bodin, Baptiste De​​​‌ Goër De Herve,​ Pascal Fradet, Alain​‌ Girault, Gregor Goessler​​, Antoine Hardy,​​​‌ Xavier Nicollin, Sophie​ Quinton, Jean-Bernard Stefani​‌.

Digital technologies are​​ often presented as a​​​‌ powerful ally in the​ fight against climate change​‌ (see e.g., the discourse​​ around the “convergence of​​​‌ the digital and the​ ecological transitions”), so we​‌ started research in this​​ axis by investigating the​​​‌ potential of ICT for​ supporting the ecological transition.​‌ More generally, we are​​ interested in the role​​​‌ played by ICT in​ the Anthropocene as well​‌ as new approaches to​​ their design. This raises​​​‌ many complex challenges: For​ example, how do local​‌ measures meant to reduce​​ the environmental impact of​​​‌ ICT relate (or not)​ to global effects? What​‌ can we learn from,​​ and what are the​​​‌ limits of, current quantitative​ approaches for environmental impact​‌ assessment and their use​​ for public debate and​​​‌ policy making? Which criteria​ could/should we take into​‌ account to design more​​ responsible computer systems (other​​​‌ than efficiency, which is​ already well covered and​‌ subject to huge rebound​​ effects in the case​​​‌ of digital technologies)? These​ questions require a systemic​‌ approach, and at least​​ some basic knowledge of​​​‌ the state of the​ art in many scientific​‌ disciplines, in particular in​​ STS (Science and Technology​​​‌ Studies).

Following recent work​ on these topics in​‌ the SPADES team (e.g.,​​ the PhD of Aina​​​‌ Rasoldier defended in 2024​  50, 51,​‌ the internship of Ludmila​​ Courtillat--Piazza in 2022 and​​​‌ the ongoing AEx SIA​ project in which we​‌ study how computer science​​ should evolve to take​​​‌ into account the global​ changes brought about by​‌ the Anthropocene), two members​​ of the SPADES team,​​​‌ namely Sophie Quinton and​ Jean-Bernard Stefani, have joined​‌ forces with other colleagues​​ from Grenoble to launch​​​‌ a new Inria team​ named ADN for “Anthropocène​‌ et Décroissance du Numérique”​​ (Anthropocene, Degrowth and ICT).​​​‌

Work in the SIA​ project has progressed through​‌ the PhD thesis of​​ Baptiste de Goër, which​​​‌ focuses on how ICT​ related sustainability issues are​‌ and could be taught​​ in computer science classes.​​​‌ One major contribution was​ the study of how​‌ researchers problematize their work​​ in the ICT4S conference​​​‌ community, and how nonepistemic​ values are involved 23​‌. Another contribution is​​ still in progress and​​​‌ relates to how CS​ high school teachers approach​‌ the environmental impacts of​​ ICT in class and​​​‌ how to help them​ teach this complex question​‌ (initial results will be​​ presented at the Didapro​​​‌ 2026 conference). In addition,​ in his postdoctoral work,​‌ Antoine Hardy has studied​​ from a sociological perspective​​ how the CS research​​​‌ community is coping with‌ the ecological catastrophe. This‌​‌ work will be presented​​ at the Archipel conference​​​‌ in 2026.

A second‌ line of research on‌​‌ this topic relates to​​ society's dependence on ICT,​​​‌ and focuses on the‌ relation between the resilience‌​‌ of ICT infrastructures and​​ the resilience of our​​​‌ societies in a future‌ more and more constrained‌​‌ by the destabilization of​​ planetary boundaries and its​​​‌ consequences on our social‌ organisations. There has been‌​‌ so far no research​​ on the potential consequences​​​‌ on the network performance‌ of possible long term‌​‌ and continuous disruptions such​​ as semiconductor shortages, for​​​‌ example due to shortages‌ of raw material or‌​‌ environmental policy constraints. In​​ a workshop paper,​​​‌ we study the resilience‌ of mobile networks in‌​‌ the face of hardware​​ aging and approach mobile​​​‌ network resilience using the‌ stochastic geometry framework, proposing‌​‌ a network model including​​ multiple dependent techno-bands (TB)​​​‌ and deriving approximate closed-form‌ expressions for new resilience‌​‌ metrics. Numerical experiments show​​ the influence of parameters​​​‌ such as load, base‌ station density and the‌​‌ number of TB on​​ network resilience. Another workshop​​​‌ paper presents how we‌ intend to articulate a‌​‌ sociological survey with this​​ CS modeling work.

A​​​‌ part of the ADN‌ research proposal is centered‌​‌ on the notion of​​ convivial technology initially proposed​​​‌ by the philosopher Ivan‌ Illich in his book‌​‌ Tools for conviviality.​​ We have argued in​​​‌ a paper entitled Conviviality‌ for digital degrowth,‌​‌ to appear in the​​ journal Philosophia Scientiae (as​​​‌ a follow up of‌  49), the relevance‌​‌ of conviviality for designing​​ digital systems that are​​​‌ congruent with, and conducive‌ to a degrowth society,‌​‌ and highlighted different research​​ directions towards designing for​​​‌ conviviality and rethinking digital‌ infrastructures and workflow systems.‌​‌

7.5 Tooling up the​​ teaching of proofs

Participants:​​​‌ Martin Bodin, Alain‌ Girault.

Proof is‌​‌ a key concept in​​ early licence degree in​​​‌ mathematics. It is known‌ to be difficult to‌​‌ teach, due to its​​ level of abstraction, but​​​‌ also due to the‌ various roles it is‌​‌ meant to fulfill: it​​ serves first to certify​​​‌ the mathematical statements themselves,‌ but it also has‌​‌ a communication role and​​ it intervenes within the​​​‌ research process (exploring the‌ consequences of hypotheses, coming‌​‌ up with conjectures, etc.).​​ Each of these roles​​​‌ requires different skills, and‌ the licence's year comes‌​‌ with an increase of​​ the required formalism. This​​​‌ makes it difficult but‌ key to teach at‌​‌ this level.

The Spades​​ team has long been​​​‌ working with the Rocq‌ proof assistant, which provides‌​‌ a strong logical base​​ for understanding proofs. It​​​‌ was thus natural for‌ us to try to‌​‌ tool up licence's mathematical​​ classes with Rocq.​​​‌ Mathematical classes have long‌ been tooled up with‌​‌ computer software (like computer​​ algebra systems or programming​​​‌ languages) to help providing‌ intuitions or building conjectures.‌​‌ We want here to​​ test whether a proof​​​‌ assistant can help teaching‌ proof writing. This is‌​‌ the goal of the​​​‌ LiberAbaci project within Inria​ (which includes various other​‌ project-teams).

Within this project​​ in Spades, we​​​‌ approached the IREMI institute,​ which brings together researchers​‌ and teachers to do​​ research on mathematical teaching.​​​‌ We are also working​ with Julien Puydt, teacher​‌ in the Pupilles de​​ l'Air high school.

We​​​‌ focus in reducing the​ entry cost of Rocq​‌. Indeed, this software​​ has originally been designed​​​‌ by and for experts,​ and not for math​‌ students. We thus explore​​ several aspects in which​​​‌ it can be improved​ to more closely match​‌ the practice in math​​ courses:

• We experiment with​​​‌ its interface to incorporate​ graphical components.
• We aim​‌ to ease the user​​ interaction when writing proofs.​​​‌
• We explore new ways​ in which mathematical notations​‌ can be defined.
• We​​ seek for mechanisms to​​​‌ support a library of​ courses that scales and​‌ meet the need of​​ teachers.

The use of​​​‌ graphical (and more generally​ non-textual) support within proofs​‌ in math courses is​​ frequent, yet totally absent​​​‌ from Rocq. We​ thus sketched a new​‌ interface for the software​​ that enables to incorporate​​​‌ such non-textual elements, and​ to be able to​‌ interact with them within​​ a proof. The goal​​​‌ here is to be​ as close as possible​‌ to the current practice​​ of teachers and students​​​‌ to reduce the entry​ cost of using the​‌ software. Our goal is​​ not for the student​​​‌ to be able to​ use a proof assistant,​‌ but to help them​​ produce better pen-and-paper proofs:​​​‌ the use of the​ proof assistant is here​‌ to guide them and​​ help them understand what​​​‌ it expected and where.​ We are working on​‌ this subject with Emmanuel​​ Beffara (LIG,​​​‌ team MeTAH) and Rémi​ Molinier (Institut Fourier). We​‌ are hoping to get​​ an in-class experiment in​​​‌ 2026.

Proof assistants are​ heavily based on tactics,​‌ which are programs that​​ can write parts of​​​‌ a proof: most of​ the user interaction with​‌ these tools are based​​ on these tactics. We​​​‌ asked about 50 students​ at an early master's​‌ degree to solve a​​ math problem and took​​​‌ their draft with their​ raw arguments. These students​‌ were chosen as they​​ already had the abilities​​​‌ that we want to​ teach at the licence's​‌ level. They were also​​ chosen by their relative​​​‌ diversity. We studied the​ arguments they used within​‌ their draft and categorised​​ them on whether they​​​‌ were textual or not,​ on what the role​‌ each argument had in​​ the overall proof they​​​‌ were (implicitly) building. We​ are designing tactics that​‌ follow as close as​​ possible the students's arguments,​​​‌ and that could potentially​ guide them through the​‌ proof.

Math heavily relies​​ on notations, that are​​​‌ frequently overloaded. For instance​ the $\times$ symbol is​‌ both used as number​​ multiplication, matrix multiplication, and​​​‌ cartesian product, although these​ operations are quite different.​‌ There already exists numerous​​ mechanisms in Rocq to​​​‌ define notations and infer​ which instance of an​‌ overloaded symbol was meant​​ to be used at​​ a given point. We​​​‌ find these mechanisms incredible‌ and they can be‌​‌ very useful in development.​​ However, we fear that​​​‌ their error messages are‌ difficult to understand by‌​‌ a non-expert: these systems​​ tend to internally produce​​​‌ complex candidates that weren't‌ always expected by the‌​‌ user, and their error​​ messages tend to mention​​​‌ unfullfilled constraints for these‌ complex candidates. We are‌​‌ thus working on much​​ simpler mechanisms for notations​​​‌ that we expect to‌ be closer to teachers's‌​‌ intuition. Such systems will​​ be much less powerful​​​‌ than the state of‌ the art, but we‌​‌ expect them to be​​ more aligned with teaching.​​​‌ We are working in‌ collaboration with Julien Puydt‌​‌ (Pupilles de l'Air) and​​ Arthur Charguéraud (Inria, Camus​​​‌ team).

Still with the‌ help of Julien Puydt,‌​‌ we are looking for​​ mechanisms to build library​​​‌ content that could scale.‌ Building libraries is known‌​‌ to be an intensive​​ task, and current mathematical​​​‌ libraries in Rocq are‌ from time to time‌​‌ subject to large-scale refactoring.​​ This is due to​​​‌ their structure from the‌ ground-up: each mathematical notion‌​‌ is built on smaller​​ ones, and each change​​​‌ in an inner structure‌ can impact all the‌​‌ ones on top of​​ it. We fear that​​​‌ this library structure isn't‌ the perfect fit for‌​‌ teachers. First, teachers usually​​ lack the time to​​​‌ maintain content up to‌ date with external changes.‌​‌ Second, this library structure​​ doesn't follow the natural​​​‌ order of a course:‌ monoids are taught after‌​‌ groups, but monolithic libraries​​ tend to define groups​​​‌ with the help of‌ monoids, in the reverse‌​‌ order. We are thus​​ currently assessing what features​​​‌ teachers would need to‌ design a mathematical library‌​‌ for teaching. Once identified,​​ we plan to implement​​​‌ these features, or to‌ relate them with existing‌​‌ features.

8.1 Bilateral contracts with‌​‌ industry

• Inria and Orange​​ Labs have established in​​​‌ 2015 a joint virtual‌ research laboratory, called I/O‌​‌ Lab. We have​​ been heavily involved in​​​‌ the creation of the‌ laboratory and are actively‌​‌ involved in its operation​​ (Jean-Bernard Stefani was one​​​‌ of the two co-directors‌ of the lab, till‌​‌ Feb. 2020). I/O Lab​​ focuses on the network​​​‌ virtualization and cloudification. As‌ part of the work‌​‌ of I/O Lab,​​ we have cooperated with​​​‌ Orange Lab, as part‌ of a cooperative research‌​‌ contract funded by Orange,​​ on the verification of​​​‌ system configurations in cloud‌ computing environments and software-defined‌​‌ networks.

9.1 National initiatives​​​‌

10.1​​ Promoting scientific activities

10.2 Teaching‌​‌ - Supervision - Juries​​ - Educational and pedagogical​​​‌ outreach

10.3 Popularization

11.1 Major​​​‌ publications

• 1 articleA.​Athena Abdi, A.​‌Alain Girault and H.​​Hamid Zarandi. ERPOT:​​​‌ A Quad-Criteria Scheduling Heuristic​ to Optimize Execution Time,​‌ Reliability, Power Consumption and​​ Temperature in Multicores.​​​‌IEEE Transactions on Parallel​ and Distributed Systems30​‌10October 2019,​​ 2193-2210HALDOI
• 2​​​‌ articleS.S. Andalam​, P. S.Partha​‌ S. Roop, A.​​A. Girault and C.​​​‌C. Traulsen. A​ Predictable Framework for Safety-Critical​‌ Embedded Systems.TC​​637The complete​​​‌ PRET-C reference.July 2014​, 1600--1612
• 3 article​‌A.Adnan Bouakaz,​​ P.Pascal Fradet and​​​‌ A.Alain Girault.​ A Survey of Parametric​‌ Dataflow Models of Computation​​.ACM Trans. Design​​​‌ Autom. Electr. Syst.22​22017, 38:1--38:25​‌DOI
• 4 articleS.​​ D.Simplice Djoko Djoko​​​‌, R.Rémi Douence​ and P.Pascal Fradet​‌. Aspects preserving properties​​.Science of Computer​​​‌ Programming7732012​, 393-422
• 5 article​‌P.Pascal Fradet,​​ A.Alain Girault and​​​‌ A.Alexandre Honorat.​ Graph Transformations for Memory​‌ Peak Minimization by Scheduling​​.ACM Transactions on​​​‌ Embedded Computing Systems (TECS)​2024, 1-36In​‌ press. HAL
• 6 article​​P.Pascal Fradet,​​​‌ A.Alain Girault,​ R.Ruby Krishnaswamy,​‌ X.Xavier Nicollin and​​ A.Arash Shafiei.​​​‌ RDF: A Reconfigurable Dataflow​ Model of Computation.​‌ACM Transactions on Embedded​​ Computing Systems (TECS)December​​​‌ 2022HALDOI
• 7​ inproceedingsP.Pascal Fradet​‌, X.Xiaojie Guo​​, J.-F.Jean-François Monin​​​‌ and S.Sophie Quinton​. CertiCAN: A Tool​‌ for the Coq Certification​​ of CAN Analysis Results​​​‌.RTAS 2019 -​ 25th IEEE Real-Time and​‌ Embedded Technology and Applications​​ SymposiumMontreal, CanadaIEEE​​​‌April 2019, 1-10​HALDOI
• 8 article​‌P.Pascal Fradet,​​ X.Xiaojie Guo and​​​‌ S.Sophie Quinton.​ CertiCAN : Certifying CAN​‌ Analyses and Their Results​​.Real-Time Systems59​​​‌2March 2023,​ 160-198HALDOI
• 9​‌ inproceedingsG.Goran Frehse​​, A.Arne Hamann​​​‌, S.Sophie Quinton​ and M.Matthias Wöhrle​‌. Formal Analysis of​​ Timing Effects on Closed-loop​​ Properties of Control Software​​​‌.35th IEEE Real-Time‌ Systems Symposium 2014 (RTSS)‌​‌Rome, ItalyDecember 2014​​HAL
• 10 articleA.​​​‌Antoine Girard, G.‌Gregor Gössler and S.‌​‌Sebti Mouelhi. Safety​​ Controller Synthesis for Incrementally​​​‌ Stable Switched Systems Using‌ Multiscale Symbolic Models.‌​‌IEEE Transactions on Automatic​​ Control6162016​​​‌, 1537-1549HALDOI‌
• 11 articleG.Gregor‌​‌ Gössler and D.Daniel​​ Le Métayer. A​​​‌ general framework for blaming‌ in component-based systems.‌​‌Science of Computer Programming​​113, Part 32015​​​‌HALDOI
• 12 article‌G.Gregor Gössler and‌​‌ J.-B.Jean-Bernard Stefani.​​ Causality analysis and fault​​​‌ ascription in component-based systems‌.Theoretical Computer Science‌​‌8372020, 158-180​​HALDOI
• 13 article​​​‌I.Ivan Lanese,‌ C. A.Claudio Antares‌​‌ Mezzina and J.-B.Jean-Bernard​​ Stefani. Reversibility in​​​‌ the higher-order $$-calculus.‌Theoretical Computer Science625‌​‌2016, 25-84HAL​​DOI
• 14 inproceedingsS.​​​‌Sophie Quinton, M.‌Matthias Hanke and R.‌​‌Rolf Ernst. Formal​​ analysis of sporadic overload​​​‌ in real-time systems.‌2012 Design, Automation &‌​‌ Test in Europe Conference​​ & Exhibition, DATE 2012,​​​‌ Dresden, Germany, March, 2012‌2012, 515--520URL:‌​‌ http://dx.doi.org/10.1109/DATE.2012.6176523DOI
• 15 inproceedings​​ A.Aina Rasoldier,​​​‌ J.Jacques Combaz,‌ A.Alain Girault,‌​‌ K.Kevin Marquet and​​ S.Sophie Quinton.​​​‌ How realistic are claims‌ about the benefits of‌​‌ using digital technologies for​​ GHG emissions mitigation? LIMITS​​​‌ 2022 - Eighth Workshop‌ on Computing within Limits‌​‌ Virtual, France June 2022​​ HAL
• 16 inproceedingsP.​​​‌Pierre Roux, S.‌Sophie Quinton and M.‌​‌Marc Boyer. A​​ Formal Link Between Response​​​‌ Time Analysis and Network‌ Calculus.ECRTS 2022‌​‌ - 34th Euromicro Conference​​ on Real-Time SystemsModene,​​​‌ ItalyJuly 2022HAL‌DOI

11.2 Publications of‌​‌ the year

11.3 Cited​ publications

• 27 miscAutomotive​‌ Open System Architecture.​​2003, URL: http://www.autosar.org​​​‌back to text
• 28​ articleE.E. Bainomugisha​‌, A.A.L. Carreton​​, T. V.T.​​​‌ Van Cutsem, S.​S. Mostinckx and W.​‌ D.W. De Meuter​​. A Survey on​​​‌ Reactive Programming.ACM​ Computing Surveys454​‌2013back to text​​back to text
• 29​​​‌ articleA.A. Basu​, S.S. Bensalem​‌, M.M. Bozga​​, J.J. Combaz​​​‌, M.M. Jaber​, T.-H.T.-H. Nguyen​‌ and J.J. Sifakis​​. Rigorous Component-Based System​​​‌ Design Using the BIP​ Framework.IEEE Software​‌2832011back​​ to text
• 30 article​​​‌A.Albert Benveniste,​ P.Paul Caspi,​‌ S. A.Stephen A.​​ Edwards, N.Nicolas​​​‌ Halbwachs, P. L.​Paul Le Guernic and​‌ R.Robert de Simone​​. The synchronous languages​​​‌ 12 years later.​Proceedings of the IEEE​‌9112003back​​ to text
• 31 article​​​‌S.S. Borkar.​ Designing Reliable Systems from​‌ Unreliable Components: The Challenges​​ of Transistor Variability and​​​‌ Degradation.IEEE Micro​2562005back​‌ to text
• 32 article​​R.Rob Davis and​​​‌ A.Alan Burns.​ A Survey of Hard​‌ Real-Time Scheduling for Multiprocessor​​ Systems.ACM Computing​​ Surveys4342011​​​‌back to text
• 33‌ articleJ.J. Eker‌​‌, J. W.J.​​ W. Janneck, E.​​​‌ A.E. A. Lee‌, J.J. Liu‌​‌, X.X. Liu​​, J.J. Ludvig​​​‌, S.S. Neuendorffer‌, S.S. Sachs‌​‌ and Y.Y. Xiong​​. Taming heterogeneity -​​​‌ the Ptolemy approach.‌Proceedings of the IEEE‌​‌9112003back​​ to text
• 34 inproceedings​​​‌P.Pascal Fradet,‌ A.Alain Girault and‌​‌ A.Alexandre Honorat.​​ Sequential Scheduling of Dataflow​​​‌ Graphs for Memory Peak‌ Minimization.Proceedings of‌​‌ the 24th ACM SIGPLAN/SIGBED​​ International Conference on Languages,​​​‌ Compilers, and Tools for‌ Embedded Systems (LCTES '23)‌​‌Orlando (FL), United States​​ACMJune 2023,​​​‌ 76-86HALDOIback‌ to textback to‌​‌ text
• 35 articleF.​​ C.F. C. Gärtner​​​‌. Fundamentals of Fault-Tolerant‌ Distributed Computing in Asynchronous‌​‌ Environments.ACM Computing​​ Surveys3111999​​​‌back to text
• 36‌ articleB.Bruno Gaujal‌​‌, A.Alain Girault​​ and S.Stéphan Plassart​​​‌. An MDP-Based Solution‌ for the Energy Minimization‌​‌ of Non-Clairvoyant Hard Real-Time​​ Systems.Real-Time Systems​​​‌December 2024, 47‌HALDOIback to‌​‌ text
• 37 articleB.​​Bruno Gaujal, A.​​​‌Alain Girault and S.‌Stéphan Plassart. Dynamic‌​‌ Speed Scaling Minimizing Expected​​ Energy Consumption for Real-Time​​​‌ Tasks.Journal of‌ SchedulingJuly 2020,‌​‌ 1-25HALDOIback​​ to text
• 38 inproceedings​​​‌D.D. Gizopoulos,‌ M.M. Psarakis,‌​‌ S. V.S. V.​​ Adve, P.P.​​​‌ Ramachandran, S. K.‌S. K. S. Hari‌​‌, D.D. Sorin​​, A.A. Meixner​​​‌, A.A. Biswas‌ and X.X. Vera‌​‌. Architectures for Online​​ Error Detection and Recovery​​​‌ in Multicore Processors.‌Design Automation and Test‌​‌ in Europe (DATE)2011​​back to text
• 39​​​‌ incollectionS.S. Haar‌ and E.E. Fabre‌​‌. Diagnosis with Petri​​ Net Unfoldings.Control​​​‌ of Discrete-Event Systems433‌Lecture Notes in Control‌​‌ and Information SciencesSpringer​​2013, 15back​​​‌ to text
• 40 inproceedings‌T.T.A. Henzinger and‌​‌ J.J. Sifakis.​​ The Embedded Systems Design​​​‌ Challenge.Formal Methods‌ 20064085Lecture Notes‌​‌ in Computer ScienceSpringer​​2006back to text​​​‌
• 41 inproceedingsA.Aurélie‌ Kong Win Chang,‌​‌ J.Jerome Feret and​​ G.Gregor Gössler.​​​‌ A Semantics of Core‌ Erlang with Handling of‌​‌ Signals.Erlang 2023​​ - 22nd ACM SIGPLAN​​​‌ International Workshop on Erlang‌Seattle WA, United States‌​‌ACMSeptember 2023,​​ 31-38HALDOIback​​​‌ to text
• 42 inproceedings‌R.R. Küsters,‌​‌ T.T. Truderung and​​ A.A. Vogt.​​​‌ Accountability: definition and relationship‌ to verifiability.ACM‌​‌ Conference on Computer and​​ Communications Security2010,​​​‌ 526-535back to text‌
• 43 inproceedingsI.I.‌​‌ Lanese, C. A.​​C. A. Mezzina and​​​‌ J.-B.J.-B. Stefani.‌ Reversing Higher-Order Pi.‌​‌21th International Conference on​​ Concurrency Theory (CONCUR)6269​​​‌Lecture Notes in Computer‌ ScienceSpringer2010back‌​‌ to text
• 44 phdthesis​​​‌T.Thomas Mari.​ Causal explanations for reactive​‌ real-time systems.Université​​ Grenoble - AlpesNovember​​​‌ 2023HALback to​ text
• 45 incollectionP.​‌P. Menzies. Counterfactual​​ Theories of Causation.​​​‌Stanford Encyclopedia of Philosophy​Stanford University2009,​‌ URL: http://plato.stanford.edu/entries/causation-counterfactualback to​​ text
• 46 bookM.​​​‌M.S. Moore. Causation​ and Responsibility.Oxford​‌1999back to text​​
• 47 articleJ.J.​​​‌ Pearl. Causal inference​ in statistics: An overview​‌.Statistics Surveys3​​2009, 96-146back​​​‌ to text
• 48 phdthesis​S.Stephan Plassart.​‌ Online optimization in dynamic​​ real-time systems.Université​​​‌ Grenoble Alpes [2020-....]June​ 2020HALback to​‌ text
• 49 inproceedingsS.​​Sophie Quinton and J.-B.​​​‌Jean-Bernard Stefani. Taking​ conviviality seriously (extended abstract)​‌.2024 - 1st​​ conference on Undone Science​​​‌ in Computer ScienceNantes,​ FranceFebruary 2024,​‌ 1-4HALback to​​ text
• 50 phdthesisA.​​​‌Aina Rasoldier. Comment​ évaluer le potentiel d'une​‌ solution numérique face à​​ l'urgence écologique ? Application​​​‌ aux plateformes de covoiturage​ régulier à l'échelle locale​‌.Université Grenoble Alpes​​ [2020-....]February 2024HAL​​​‌back to text
• 51​ inproceedingsA.Aina Rasoldier​‌, A.Alain Girault​​, S.Sophie Quinton​​​‌, J.Jacques Combaz​ and K.Kevin Marquet​‌. Assessing the Potential​​ of Carpooling for Reducing​​​‌ Vehicle Kilometers Traveled.​International Conference on Information​‌ and Communications Technology for​​ Sustainability, ICT4S'23Rennes, France​​​‌IEEEJune 2023,​ 120--131HALDOIback​‌ to text
• 52 techreport​​J.J. Rushby.​​​‌ Partitioning for Safety and​ Security: Requirements, Mechanisms, and​‌ Assurance.CR-1999-209347NASA​​ Langley Research Center1999​​​‌back to text
• 53​ miscA. J.ARTEMIS​‌ Joint Undertaking. ARTEMIS​​ Strategic Research Agenda.​​​‌2011back to text​
• 54 inproceedingsF.F.​‌ Yao, A.A.​​ Demers and S.S.​​​‌ Shenker. A scheduling​ model for reduced CPU​‌ energy.Proceedings of​​ lEEE Annual Foundations of​​​‌ Computer Science1995,​ 374--382back to text​‌