General information
Organisation
The French Alternative Energies and Atomic Energy Commission (CEA) is a key player in research, development and innovation in four main areas :
• defence and security,
• nuclear energy (fission and fusion),
• technological research for industry,
• fundamental research in the physical sciences and life sciences.
Drawing on its widely acknowledged expertise, and thanks to its 16000 technicians, engineers, researchers and staff, the CEA actively participates in collaborative projects with a large number of academic and industrial partners.
The CEA is established in ten centers spread throughout France
Reference
SL-DRT-25-0583
Direction
DRT
Thesis topic details
Category
Technological challenges
Thesis topics
Combining over and underapproximation of memory abstractions for low-level code analysis
Contract
Thèse
Job description
Rice's theorem stating that no method can automatically tell whether a property of a program is true or not has led to the separation of verification tools into two groups: sound tools operating by over-approximation, such as abstract interpretation, are able to automatically prove that certain properties are true, but are sometimes unable to conclude and produce alarms; conversely, complete tools operating by under-approximation, such as symbolic execution, are able to produce counter-examples, but are unable to demonstrate whether a property is true.
*The general aim of the thesis is to study the combination of sound and complete methods of programanalysis, and in particular static analysis by abstract interpretation and the generation of underapproximated formulae by symbolic execution*.
We are particularly interested in the combination of over- and sub-approximating abstractions, especially for memory. The priority applications envisaged concern the analysis of code at the binary level, as achieved by the combination of the BINSEC and CODEX analysis platforms, so as to automatically discover new security vulnerabilities, or prove their absence.
University / doctoral school
Sciences Mathématiques de Paris Centre (ED386)
Sorbonne Université
Thesis topic location
Site
Saclay
Requester
Position start date
01/10/2025
Person to be contacted by the applicant
LEMERRE Matthieu 
matthieu.lemerre@cea.fr
CEA
DRT/DILS//LSL
CEA - Centre de Saclay BP 94
F91191 Gif sur Yvette CEDEX
01 69 08 26 28
Tutor / Responsible thesis director
RIVAL Xavier rival@di.ens.fr
INRIA
INRIA/Ens ULM
DI - Ecole Normale Supérieure
45, rue d’Ulm
75230 Paris Cedex 05 - France
+33 1 44 32 21 50
En savoir plus
