Lien iCal public : https://calendar.google.com/calendar/ical/proval%40lri.fr/public/basic.ics
Seminars
Agenda
Séminaires antérieurs
Active learning for sound negotiations
Speaker: Anca Muscholl, LaBRI
Tuesday 18 January 2022, 11:00, (online)
Abstract: We present an active learning algorithm for sound deterministic negotiations. Sound deterministic negotiations are graph-based models of distributed systems, a kind of Petri nets or Zielonka automata with additional structure. We show that sound deterministic negotiations can be minimised. Our learning algorithm has similar complexity to Angluin’s L* algorithm, in particular, the number of queries is polynomial in the size of the negotiation, and not in the number of configurations.
Joint work with Igor Walukiewicz. Extended abstract: here
Formal methods at Thales Research & Technology
Speakers: Delphine Longuet, Nikolai Kosmatov and Romain Soulat from THALES Research & Technology
Tuesday 11 January 2022, 11:00, (online)
Abstract: Formal methods adoption in Thales teams is often led by developments and experiments at the research center. Over the years, we worked on a wide variety of formal methods techniques and benchmarked a lot of tools from the academia and industry. In this talk, we present three particular past or ongoing projects:
- the model checking of a real-time distributed algorithm
- the ongoing development of an automated test generation tool suite for Ada
- the formal verification of a JavaCard virtual machine with Frama-C.
Through those three projects, we present an illustrative selection of the job done at the research center by our team in the last few years.
E-voting protocols - how to analyse the security of these (real-world) systems?
Speaker: Alexandre Debant, Inria
Tuesday 04 January 2022, 11:00, (online)
Abstract: For many years, e-voting protocols have been designed and formal methods (computational or symbolic) have been developed to prove the main properties that such systems must satisfy, e.g. vote secrecy and verifiability. Based on these security proofs, e-voting systems are now used (or ready to be) in our daily life for association elections, company elections, or even political elections (e.g. in Switzerland, Estonia, Australia…).
In this talk I will first introduce the topic of e-voting and how symbolic models can be used to provide security proofs. Then, I will discuss the accuracy of the models in comparison to the real-world constraints that arise when these protocols are deployed in practice. To this aim, I will present new attacks we discovered. Finally, I will talk about some properties (e.g. cast-as-intended, accountability) which are at the limit of the state-of-the-art in symbolic analysis and what we are doing to overcome these limitations.
Formalizing Spreads and Packings of the Smallest Projective Space PG(3,2) using the Coq Proof Assistant
Speaker: Nicolas Magaud, IGG, Université de Strasbourg.
Thursday 14 April 2022, 11:00, (room 1Z61 ENS Paris-Saclay and online)
Abstract: We formally implement the smallest three-dimensional projective space PG(3,2) in the Coq proof assistant. This projective space features 15 points and 35 lines, related by an incidence relation. We define points and lines as two plain datatypes (one with 15 constructors for points, and one with 35 constructors for lines) and the incidence relation as a boolean function, instead of using the well-known coordinate-based approach relying on GF(2)^4. We prove that this implementation actually verifies all the usual properties of three-dimensional projective spaces. We then use an oracle to compute some characteristic subsets of objects of PG(3,2), namely spreads and packings. We formally verify that these computed objects exactly correspond to the spreads and packings of PG(3,2). For spreads, this means identifying 56 specific sets of 5 lines among 360 360 (= 15 x 14 x 13 x 12 x 11) possible ones. We then classify them, showing that the 56 spreads of PG(3,2) are all isomorphic whereas the 240 packings of PG(3,2) can be classified into two distinct classes of 120 elements. Proving these results requires partially automating the generation of some large specification files as well as some even larger proof scripts. Overall, this work can be viewed as an example of a large-scale combination of interactive and automated specifications and proofs. It is also a first step towards formalizing projective spaces of higher dimension, e.g. PG(4,2), or larger order, e.g. PG(3,3).
Avoiding deadlocks in lock-sharing systems
Speaker: Corto Mascle, LaBRI.
Tuesday 12 April 2022, 11:00, (room 1Z71 ENS Paris-Saclay and online)
Abstract: We consider the distributed control problem for systems with locks. We introduce a model in which some processes running in parallel cannot communicate directly, but may acquire or release some shared locks. The goal is to find local controllers so that the global system does not deadlock. With no restriction this problem is undecidable, but in this talk we will focus on systems in which each process can access at most two locks. The problem then becomes complete for the second level of the polynomial hierarchy, and even in PTIME under some additional assumptions. The dining philosophers problem satisfies these assumptions.
The relational semantics, and beyond
Speaker: Giulio Manzonetto, LIPN.
Tuesday 19 April 2022, 10:00, (room 1Z71 ENS Paris-Saclay and online)
Abstract: Since the pioneering work by Barendregt, Dezani-Ciancaglini and Coppo, some models of lambda-calculus are based on filters and can be presented as intersection type systems. The interpretation of a program in these models is just the set of its types, which is a filter. Filter models can be used to capture operational properties of programs like normalization, head normalization, or solvability, but establishing these results often requires impredicative techniques like Girard's reducibility candidates. In this talk we present a more recent class of models, called relational models and arising from a simple quantitative semantics of linear logic (LL). We show that these models can be presented as intersection type systems where the intersection operator is however non-idempotent. Due to the resource sensitive nature of LL , we are able to capture operational properties bypassing impredicative techniques. Starting for the type of a program, it is indeed possible to extract an upper bound to the amount of steps needed to reach its value. We will see that generalizing this semantics from the Boolean semiring to continuous semi-ring allows to compare programs not only with respect to "what they can do", but also "in how many steps" or "in how many different ways" (for non-deterministic PCF) or even "with what probability" (for probabilistic PCF). Finally, generalizing relations to the higher-dimension (profunctors) allows us to obtain the characterization of the theory of a model as a simple corollary of the Approximation Theorem.
Hazel: a Separation Logic for effect handlers
Speaker: Paulo de Vilhena, Inria Paris.
Tuesday 19 April 2022, 11:00, (room 1Z31 ENS Paris-Saclay and online)
Abstract: A program logic is a pair of a language, for writing specifications, and a set of reasoning rules, for deriving specifications. In this talk, I present Hazel, a program logic for effect handlers. I start by laying out the motivation for such work and then I present its main ideas: how to write the specification of effectful programs in Hazel and what reasoning principles does it suggest? Finally, I apply these ideas to `invert`, a function that exploits effect handlers to produce a lazy sequence (a cascade) out of a higher-order iteration function.
Formal Verification of Finite Systems: Contributions and Adoption to security properties
Speaker: Kais Klai, LIPN, Université Sorbonne Paris Nord.
Monday 11 April 2022, 11:00, (room 1Z25 ENS Paris-Saclay and online)
Abstract: In this talk, I will present different variants of an hybrid graph structure called Symbolic Observation Graph (SOG) that preserves stutter-invariant temporal properties of finite systems. The SOG is an explicit graph where nodes are encoded symbolically with decision diagram techniques and allows on-the-fly LTL model checking. Despite its theoretical exponential complexity, it reduces in practice the state space explosion problem and performs better than explicite and symbolic exhaustive verification approaches. The second part of the talk illustrates the adoption of such a graph for the verification and the supervision of the opacity property. Finally, I will introduce a current work on model checking of vulnerability and specific properties of Blockchain smart contracts -based processes.
Electronic voting: design, attacks and proofs
Speaker: Véronique Cortier, Loria
Tuesday 14 December 2021, 11:00, (1Z56, bât ENS)
Abstract: Electronic voting aims to achieve the same properties as traditional paper based voting. Even when voters vote from their home, they should be given the same guarantees, without having to trust the election authorities, the voting infrastructure, and/or the Internet network. The two main security goals are vote privacy: no one should know how I voted; and verifiability: a voter should be able to check that the votes have been properly counted.
In this talk, we will present the Belenios voting platform, its security properties and its limitations. On a more theoretical side, we will see how recent techniques allow to compute exactly the result of an election (e.g. the winners) without leaking information about the set of ballots. Such techniques are based on Multi-Party Computations (MPC).
Structures from Quantum Relations
Speaker: Titouan Carette
Friday, 16 December 2022, 11:00, 1Z77
Abstract: The category of relations and the category of complex linear maps have a lot in common. In particular, they are both compact closed. More concretely, in the same way that any classical process can be characterized by its set of admissible behaviours, any quantum process can be characterized by one vector, a quantum state over all observable behaviours. Thus, complex vectors can be thought of as the quantum generalization of the concept of relations. In this talk, I will illustrate this quantum relation paradigm with two examples. First, I will present a model of quantum wang tiles able to represent quantum configurations obeying local constraints. Then I will outline applications to the semantics of quantum processes via a model of generalized proof nets. Finally, I will provide arguments for the extension of those approaches beyond the quantum realm.