Sandrine Blazy

I am professor in the computer science department of the University of Rennes 1.

I am a member of CELTIQUE, a joint project-team with Inria and the IRISA laboratory.

My research activities concern the formal verification using the Coq proof assistant of program transformations and semantic properties of programming languages, such as those found in the CompCert C compiler and the Verasco static analyzer. A prime application domain is software security.

I teach mechanized semantics (in Coq) and formal methods (using the Why3 deductive verification tool).

Deputy director of IRISA CNRS UMR 6074 laboratory since 2021

Member of Section 6 of the national committee for scientific research CoNRS (2016-21)

Former coordinator of the LTP (Languages, Types, Proofs) group of the French GDR GPL

[09/2021] Invited talk: a tutorial on teaching deductive verification with Why3, Tutorial Series of the FME Teaching Committee

[11/2020] Invited talk: From Verified Compilation to Secure Compilation: a Semantic Approach, ACM SIGSAC PLAS 2020 workshop

[09/2019] Invited talk: Formal Verification of a Constant-Time Preserving C Compiler, Verified software workshop, Newton institute, Cambridge, United Kingdom

[05/2019] Effective Verification: Static Analysis Meets Program Logics, Lorentz center, Netherlands

[12/2018] Invited talk: Semantics preservation of program obfuscations, GDR Sécurité, Paris Saclay

[07/2016] Logic and Semantics Seminar, Cambridge, United Kingdom

[08/2015] Coq tutorial, ITP conference, Nanjing, China

[04/2015] Dagstuhl seminar: Qualification of formal methods tools, Germany

[03/2015] NII Shonan meeting on low-level code analysis and applications to computer security, Japan

[01/2015] Programming Languages Mentoring Workshop, PLMW 2015, India

[08/2014] NII Shonan summer school on Coq, Japan

[06/2014] Dagstuhl seminar: Challenges in Analysing Executables: Scalability, Self-Modifying Code and Synergy, Germany

[01/2014] Invited talk (in French): Formal verification of a graph coloring algorithm for register allocation, JFLA 2014 (session in honor of JFLA's 25th birthday), previously published in JFLA 2008

[05/2013] A tutorial on the CompCert verified compiler, invited talk given at the VSTTE 2013 conference, Menlo Park, USA

Types 2022, ECOOP 2022, ITP 2022, JFLA 2022, POPL 2022,

FMTea 2021, AFADL 2021, Types 2021, ESOP 2021, GPCE 2020, AFADL 2020, TyDe 2020,

ICFP 2020 (ERC), POPL 2020, PriSC 2020, APLAS 2019, SpISA 2019, ITP 2019, AFADL 2019,

LOPSTR 2018, ICFP 2018, AFADL 2018, EuroS&P 2018, CPP 2018, IFL 2017,

SRC@PLDI 2017, TFP 2017, GPCE 2017, VSTTE 2017, AFADL 2017, CoqPL 2017 (co-chair),

PLMW@SPLASH 2016 (co-chair), APLAS 2016, IFL 2016,

VSTTE 2016 (co-chair), GPCE'16, DS@STAF16, AFADL 2016, CPP 2016,

SAS 2015 (co-chair), OCaml workshop 2015, ITP 2015, AFADL 2015,

VSTTE 2014, AFADL 2014, CC 2014, LPAR 2013, ITP 2013 (co-chair), VMCAI 2013

Secure Compilation of Constant-Resource Programs, with Gilles Barthe, Rémi Hutin and David Pichardie, CSF 2021

Formally Verified Speculation and Deoptimization in a JIT Compiler, with Aurèle Barrière, Olivier Flückiger, David Pichardie and Jan Vitek. POPL 2021

A Fast Verified Liveness Analysis in SSA Form, with Jean-Christophe Léchenet and David Pichardie. IJCAR 2020

Formal Verification of a Constant-Time Preserving C Compiler, with Gilles Barthe, Benjamin Grégoire, Rémi Hutin, Vincent Laporte, David Pichardie and Alix Trieu. POPL 2020

Teaching Deductive Verification in Why3 to Undergraduate Students. FMTea 2019

Compiling Sandboxes: Formally Verified Software Fault Isolation, with Frédéric Besson, Alexandre Dang, Thomas Jensen and Pierre Wilke. ESOP 2019

Formal verification of a program obfuscation based on mixed boolean-arithmetic expressions, with Rémi Hutin. CPP 2019

L'assistant de preuve Coq, with Pierre Castéran and Hugo Herbelin. Techniques de l'Ingénieur, 2017

Verified Constant-Time Implementations by Abstract Interpretation, with David Pichardie and Alix Trieu. ESORICS 2017

CompCertS: a memory-aware verified C compiler using pointer as integer semantics, with Frédéric Besson and Pierre Wilke. ITP 2017

Verified Translation Validation of Static Analyses, with Gilles Barthe, Vincent Laporte, David Pichardie and Alix Trieu. CSF 2017

Structuring Abstract Interpreters Through State and Value Abstractions, with David Bühler and Boris Yakobowski. VMCAI 2017

An Abstract Memory Functor for Verified C Static Analyzers, with Vincent Laporte and David Pichardie. ICFP 2016

CompCert - A formally verified optimizing compiler, with Xavier Leroy, Daniel Kästner, Bernhard Schommer, Markus Pister and Christian Ferdinand. ERTS2 2016

Formal verification of control flow flattening, with Alix Trieu. CPP 2016

Data tainting and Obfuscation: Improving Plausibility of Incorrect Taint, with Stéphanie Riaud and Thomas Sirvent. SCAM 2015

Validating Dominator Trees for a Fast, Verified Dominance Test, with Delphine Demange and David Pichardie. ITP 2015

A concrete memory model for CompCert, with Frédéric Besson and Pierre Wilke. ITP 2015

A formally-verified C static analyzer, with Jacques-Henri Jourdan, Vincent Laporte, Xavier Leroy and David Pichardie. POPL 2015

Verified validation of program slicing, with André Maroneze and David Pichardie. CPP 2015

ERC VESTA: verified static analysis platform (2018-2021) led by David Pichardie

Scrypt (funded by grant ANR-18-CE25-0014): secure compilation for cryptography (2019-2023)

AnaStaSec (funded by grant ANR-14-CE28-0014): static analysis for security properties (2015-2017)

BINSEC (funded by grant ANR-12-INSE-002): binary code analysis for security (2013-2016)

VERASCO (funded by grant ANR-11-INSE-003): formal verification of static analyzers and of compilers (2012-2015)

ASCERT (funded by FNRAE): formal verification of static analysis (2009-2012)

U3CAT (funded by ANR-08-SEGI-021): unification of critical C code analysis techniques inside the Frama-C platform (2008-2011).

CompCert (funded by ANR): formal verification of a C compiler (2005-2007)

E-mail: Sandrine.Blazy@irisa.fr
Snail mail: IRISA, Campus de Beaulieu, 35 042 Rennes cedex, France.
Phone: 02 99 84 22 87.

GPG public key