Cyrille Comar

Learn More
The Sun Javan' technology provides a powerful, portable framework for developing Internet applications. GNAT is a complete Ada 95 compiler that is freely available and runs on a wide range of platforms. There is a natural mapping from Ada 95 to the Java Virtual Machine (JVM), and so it is attractive to consider targeting the GNAT compiler to the JVM to gain(More)
The amount and impact of software-dependence in critical systems impinging on daily life is increasing rapidly. In many of these systems, inadequate software and systems engineering can lead to economic disaster, injuries or death. Society generally does not recognize the potential of losses from deficiencies of systems due to software until after some(More)
This paper presents COUVERTURE, an open coverage analysis framework for safety-critical software development. COUVERTURE offers non-intrusive source and object coverage analysis on unmodified user code, using instrumentation of a virtual execution platform based on QEMU, a flexible and efficient open-source CPU emulator. COUVERTURE focuses primarily on the(More)
One key step in the development of safety-critical applications is the assessment of the quality of the verification strategy. In practice, structural coverage is the methodology used to ascertain the testing campaign well satisfy a given quality criteria. In this paper, we describe the possible strategies to measure structural coverage in a DO-178B(More)
This paper presents formal results derived from the COUVERTURE project, whose goal was to develop tools to support structural coverage analysis of unin-strumented safety-critical software. After briefly introducing the project context and explaining the need for formal foundations, we focus on the relationships between machine branch coverage and the(More)
1. Abstract. This paper discusses the implementation model for supporting Ada 95 controlled npes in the GNAT compiler [I]. After reviewing the semantics of controlled types, we outline the associated implementation problems and describe their solution in GNAT. The design addresses the management of controlled operations on various entities, including(More)
Formal modular verification of software is based on assume-guarantee reasoning, where each software module is shown to provide some guarantees under certain assumptions and an overall argument linking results for individual modules justifies the correctness of the approach. However, formal verification is almost never applied to the entire code, posing a(More)
Many computer applications today involve modules written in different programming languages , and integrating these modules together is a delicate operation. This first requires the availability of formalisms to let programmers denote " foreign " entities like objects and subprograms as well as their associated types. Then, proper translation of what(More)