Public iCal link: https://calendar.google.com/calendar/ical/proval%40lri.fr/public/basic.ics
Seminars
Planning
Past seminars
Connected multi-agent path finding
Speaker: Francois Schwarzentruber, ENS Rennes and IRISA.
Tuesday March 29 2022, 11:00, (salle 1Z71 ENS Paris-Saclay and online)
Abstract: Motivated by the increasing appeal of robots in information-gathering missions, we study multi-agent path planning problems in which the agents must remain interconnected. We model an area by a topological graph specifying the movement and the connectivity constraints of the agents. In the first part of the talk, we study the theoretical complexity of the reachability and the coverage problems of a fleet of connected agents. We also introduce a new class called sight-moveable graphs which admit efficient algorithms. In the second part, we discuss conflict-based search and rapidly-exploring random tree.
Weakly unambiguous Parikh automata and their link to holonomic series
Speaker: Florent Koechlin, LORIA.
Monday March 28 2022, 11:00, (room 1Z61 ENS Paris-Saclay and online)
Abstract: I will talk about the connection between inherent ambiguity of formal languages and the properties of their generating series. It is a classical result that regular languages have rational generating series and that the generating series of unambiguous context-free languages are algebraic. In the eighties, Philippe Flajolet developed several tools based on this connection to prove efficiently and easily the inherent ambiguity of many context-free languages, some of which resisted the historical methods based on iterations.
In this talk I will present how these ideas relying on generating series can be extended to Parikh automata, and how they provide an algorithmic tool to decide the inclusion problem for weakly unambiguous Parikh automata. This is a joint work with Alin Bostan, Arnaud Carayol and Cyril Nicaud.
Rational Defeasible Belief Change
Speaker: Ivan Varzinczak, CRIL, Université d'Artois & CNRS, France.
Tuesday March 22 2022, 11:00, (salle 1Z71 ENS Paris-Saclay and online)
Abstract: In this talk, I will present a formal framework for modelling belief change within a non-monotonic reasoning system. Belief change and non-monotonic reasoning are two areas that are formally closely related, with recent attention being paid towards the analysis of belief change within a non-monotonic environment. In this talk, I consider the classical AGM belief change operators, contraction and revision, applied to a KLM-style defeasible setting. The investigation leads us to the formal characterisation of a number of classes of defeasible belief change operators. For the most interesting classes we need to consider the problem of iterated belief change, generalising the classical work of Darwiche and Pearl in the process. This work involves belief change operators aimed at ensuring logical consistency, as well as the characterisation of analogous operators aimed at obtaining coherence, an important notion within the field of logic-based ontologies.
Semantics for Variational Quantum Programming
Speaker: Vladimir Zamdzhiev, Inria
Tuesday 15 March 2022, 11:00, (online)
Abstract: In this talk, I will first introduce myself by briefly summarising my main research activities: (1) formal methods for diagrammatic reasoning about quantum information processing (e.g. higher-order rewriting of ZX-calculus diagrams); and (2) design and analysis of quantum programming languages. I will also explain how this fits perfectly within the research activities of the QuaCS team.
After that I will talk about some recent work on variational quantum programming that will appear in POPL 2022. The technical summary of this talk is below.
We consider a programming language that can manipulate both classical and quantum information. Our language is type-safe and designed for variational quantum programming, which is a hybrid classical-quantum computational paradigm. The classical subsystem of the language is the Probabilistic FixPoint Calculus (PFPC), which is a lambda calculus with mixed-variance recursive types, term recursion and probabilistic choice.
The quantum subsystem is a first-order linear type system that can manipulate quantum information. The two subsystems are related by mixed classical/quantum terms that specify how classical probabilistic effects are induced by quantum measurements, and conversely, how classical (probabilistic) programs can influence the quantum dynamics. We also describe a sound and computationally adequate denotational semantics for the language. Classical probabilistic effects are interpreted using a recently-described commutative probabilistic monad on DCPO. Quantum effects and resources are interpreted in a category of von Neumann algebras that we show is enriched over (continuous) domains. This strong sense of enrichment allows us to develop novel semantic methods that we use to interpret the relationship between the quantum and classical probabilistic effects. By doing so we provide a very detailed denotational analysis that relates domain-theoretic models of classical probabilistic programming to models of quantum programming.
Proving cryptographic protocols: the complex relationship between symbolic and computation models
Speaker: Guillaume Scerri, Université de Versailles
Tuesday 8 March 2022, 11:00, (salle 1Z34 ENS Paris-Saclay)
Abstract: A number of different models coexist for proving cryptographic protocols. They can roughly be divided in two classes. First, the so called computational model deals with probabilistic Turing machines, precise reductions to specific cryptographic hypotheses often with explicit bounds, and provides very strong guarantees against adversaries that are close to real world. Second the symbolic models, that abstract away probabilities, and model the adversary as a specific list of capabilities. While the computational model provides stronger guarantees, proofs in this model are generally rather complex, hard to check, and not amenable to automation. On the other hand symbolic models typically allow for automated or quasi automated proofs in a much simpler framework. In this talk we will first explore why it is so hard to obtain symbolic models that soundly abstract the computation models. We will then present a fairly recent development, the computationally complete symbolic attacker, developed by Bana and Comon, that takes the opposite approach of usual symbolic models and model what the attacker cannot do rather than modelling the attacker through a list of capabilities. We will explore how this model allows for more modular proofs and proof composition results, and may even allow for efficiently deriving explicit bounds of reductions without ever dealing with the complexity of computational models.
On the strategy synthesis problem in MDPs: probabilistic CTL and rolling windows.
Speaker: Damien Busatto-Gaston, Université Libre de Bruxelles (ULB)
Tuesday 15 February 2022, 11:00, (online)
Abstract: In this talk I will present ongoing work on Markov decision processes. Given an MDP and a formula phi, the strategy synthesis problem asks if there exists a strategy for the MDP such that the resulting Markov chain satisfies phi. This challenging problem is known to be undecidable for the probabilistic temporal logic PCTL. We study a class of formulae that can be seen as a fragment of PCTL where a local, bounded horizon property is enforced globally. Moreover, we allow for linear expressions in the probabilistic inequalities. We show that this class of formulae is at the frontier of decidability, depending on the type of strategies considered. In particular, strategy synthesis becomes decidable when strategies are either deterministic or memoryless, while the general problem remains undecidable. We compare with results on the entire PCTL logic and consider applications to the PCTL satisfiability problem.
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms
Speaker: Benjamin Farinier, TU Wien, Austria
Tuesday 25 January 2022, 11:00, (online)
Abstract: The complexity of browsers has steadily increased over the years, driven by the continuous introduction and update of Web platform components, such as novel Web APIs and security mechanisms. Their specifications are manually reviewed by experts to identify potential security issues. However, this process has proved to be error-prone due to the extensiveness of modern browser specifications and the interplay between new and existing Web platform components. To tackle this problem, we developed WebSpec, the first formal security framework for the analysis of browser security mechanisms, which enables both the automatic discovery of logical flaws and the development of machine-checked security proofs. WebSpec, in particular, includes a comprehensive semantic model of the browser in the Coq proof assistant, a formalization in this model of ten Web security invariants, and a compiler turning the Coq model and the Web invariants into SMT-lib formulas.
We showcase the effectiveness of WebSpec by discovering two new logical flaws caused by the interaction of different browser mechanisms and by identifying three previously discovered logical flaws in the current Web platform, as well as five in old versions. Finally, we show how WebSpec can aid the verification of our proposed changes to amend the reported inconsistencies affecting the current Web platform.
Active learning for sound negotiations
Speaker: Anca Muscholl, LaBRI
Tuesday 18 January 2022, 11:00, (online)
Abstract: We present an active learning algorithm for sound deterministic negotiations. Sound deterministic negotiations are graph-based models of distributed systems, a kind of Petri nets or Zielonka automata with additional structure. We show that sound deterministic negotiations can be minimised. Our learning algorithm has similar complexity to Angluin’s L* algorithm, in particular, the number of queries is polynomial in the size of the negotiation, and not in the number of configurations.
Joint work with Igor Walukiewicz. Extended abstract: here
Formal methods at Thales Research & Technology
Speakers: Delphine Longuet, Nikolai Kosmatov and Romain Soulat from THALES Research & Technology
Tuesday 11 January 2022, 11:00, (online)
Abstract: Formal methods adoption in Thales teams is often led by developments and experiments at the research center. Over the years, we worked on a wide variety of formal methods techniques and benchmarked a lot of tools from the academia and industry. In this talk, we present three particular past or ongoing projects:
- the model checking of a real-time distributed algorithm
- the ongoing development of an automated test generation tool suite for Ada
- the formal verification of a JavaCard virtual machine with Frama-C.
Through those three projects, we present an illustrative selection of the job done at the research center by our team in the last few years.
E-voting protocols - how to analyse the security of these (real-world) systems?
Speaker: Alexandre Debant, Inria
Tuesday 04 January 2022, 11:00, (online)
Abstract: For many years, e-voting protocols have been designed and formal methods (computational or symbolic) have been developed to prove the main properties that such systems must satisfy, e.g. vote secrecy and verifiability. Based on these security proofs, e-voting systems are now used (or ready to be) in our daily life for association elections, company elections, or even political elections (e.g. in Switzerland, Estonia, Australia…).
In this talk I will first introduce the topic of e-voting and how symbolic models can be used to provide security proofs. Then, I will discuss the accuracy of the models in comparison to the real-world constraints that arise when these protocols are deployed in practice. To this aim, I will present new attacks we discovered. Finally, I will talk about some properties (e.g. cast-as-intended, accountability) which are at the limit of the state-of-the-art in symbolic analysis and what we are doing to overcome these limitations.