Combining over and under-approximations for low-level code analysis

Computer science and software Cyber security : hardware and sofware Engineering sciences Technological challenges 

Abstract

Because program analysis is an undecidable problem, static analyzes fall into 2 categories:
- Sound analyses, which calculate an over-approximation of all the program's behaviors, and make it possible to verify the absence of errors.
- Complete analyses, which calculate an under-approximation of the possible behaviors of the program, and allow errors to be found.

The aim of the thesis is to study this combination of techniques for the verification of low-level programs, in particular binary executables, by targeting in particular the analyzes of memories and control flow, which are the capital information for understanding the possible behaviors of a binary executable.

[POPL'23]: SSA Translation is an Abstract Interpretation, M. Lemerre (Distinguished paper award)
[VMCAI'22]: Lightweight Shape Analysis Based on Physical Types, O. Nicole, M. Lemerre, X. Rival
[RTAS'21]: No Crash, No Exploit: Automated Verification of Embedded Kernels, O. Nicole, M. Lemerre, S. Bardin, X. Rival (best paper award)
[LPAR'18] Arrays Made Simpler: An Efficient, Scalable and Thorough Preprocessing B. Farinier, S. Bardin, R. David, M. Lemerre

Laboratory

Département Ingénierie Logiciels et Systèmes (LIST)

LSL (DILS)

Laboratoire pour la Sûreté du Logiciel

Paris-Saclay

Back

Share this thesis topic

Practicle information

Pre-requisite:

Master informatique ou Ecole d'ingenieu. Bagage en vérification/analyse statique,programmation en OCaml, connaissance du C ou assembleur, sont des avantages.

University - graduate school:

Sciences et Technologies de l’Information et de la Communication (STIC)

Paris-Saclay

Starting date:

01-10-2024

Place:

Saclay

Contact Person

Matthieu

LEMERRE

CEA

DRT/DILS//LSL

Tel : 01 69 08 26 28

Email : matthieu.lemerre@cea.fr

Thesis supervisor

Matthieu

LEMERRE

CEA

DRT/DILS//LSL