Guillaume Brat

Learn More
The majority of work carried out in the formal methods community throughout the last three decades has (for good reasons) been devoted to special languages designed to make it easier to experiment with mechanized formal methods such as theorem provers, proof checkers and model checkers. In this paper we will attempt to give convincing arguments for why we(More)
1 Motivation Model checking is seldom applied to implementation programs. Furthermore, when it is applied, the usual approach is to extract relevant portions of the code, create a model of its behavior in a diierent notation, and then check the latter. This approach has the drawback that it requires expertise in the use of the model checking tools and hence(More)
In this paper we describe the design and implementation of a static array-bound checker for a family of embedded programs: the flight control software of recent Mars missions. These codes are large (up to 280 KLOC), pointer intensive, heavily multithreaded and written in an object-oriented style, which makes their analysis very challenging. We designed a(More)
This paper describes an analysis approach based on a of static and dynamic techniques to ?nd run-time errors in Java code. It uses symbolic execution to ?nd constraints under which an error (<i>e.g.</i> a null pointer dereference, array out of bounds access, or assertion violation) may occur and then solves these constraints to ?nd test inputs that may(More)
This paper describes technology developed for the Amphion/NAV synthesis system. Building on previous work in Amphion/NAIF, this system synthesizes graduate-level textbook examples of single-mode geometric state estimation software. Amphion/NAV includes explanation technology for mapping the internal representations of a proof (generated through deductive(More)
ion is typically a very important technique required for the success of model checking, since it combats the state-explosion problem inherent to the analysis of complex software systems. We therefore provided a framework in which the participants could add abstractions in a non-intrusive fashion to the code. Besides the infrastructure for adding(More)