VESTA
Financiado
VErified STAtic analysis platform
Computer software pervades our life but far too much of it contains programming errors (bugs). Software is more and more complex and such errors are unavoidable if programmers are not accompanied with some tools that help auditing...
Computer software pervades our life but far too much of it contains programming errors (bugs). Software is more and more complex and such errors are unavoidable if programmers are not accompanied with some tools that help auditing software codes. Static analysis is an increasingly popular technique that aims at automatically compute properties of software. These properties then help finding bugs, or proving absence of them. Industrial static analysers are flourishing. Facebook, Google, Microsoft develop their own static analysis tools to help maintaining their huge code base. Critical software industry (aircraft, railways, nuclear, etc.) has embraced the use of advanced static analysis tool as Astrée to companion and sometimes, ligthen their traditional software validation campaigns based on meticulous testing and reviews. Unfortunately, designing advanced static analyses like Astrée requires a very rare expertise in Abstract Interpretation, a foundational landmark in the research area, and implementing these ideas efficiently and correctly is specially tricky.
The VESTA project will propose guidance and tool-support to the designers of static analysis, in order to build advanced but reliable static analysis tools. We focus on analyzing low-level softwares written in C, leveraging on the CompCert verified compiler. This compiler toolchain is fully verified in the Coq proof assistant.
Verasco is a verified static analyser that I have architected. It analyses C programs and follows many of the advanced abstract interpretation technique developped for Astrée, but it is formally verified. The outcome of the VESTA project will be a platform that help designing other verified advanced abstract interpreters like Verasco, without starting from a white page. We will apply this technique to develop security analyses for C programs. The platform will be open-source and will help the adoption of abstract interpretation techniques.
ver más
Duración del proyecto: 67 meses
Fecha Inicio: 2018-01-26
Fecha Fin: 2023-08-31
Fecha Fin: 2023-08-31
Línea de financiación: concedida
El organismo H2020 notifico la concesión del proyecto el día 2023-08-31
Línea de financiación objetivo
El proyecto se financió a través de la siguiente ayuda:
ERC-2017-COG:
ERC Consolidator Grant
Cerrada
hace 7 años
Presupuesto
El presupuesto total del proyecto asciende a
2M€
Líder del proyecto
ECOLE NORMALE SUPERIEURE DE RENNES
No se ha especificado una descripción o un objeto social para esta compañía.
Perfil tecnológico
TRL
4-5
Perfil tecnológico
TRL
4-5
263.00K€ |
Participante