Share

Together, DGA and CEA-List move security code analysis forward

The procurement department of the French defense agency (DGA) relies on tools developed by CEA-List for the formal analysis of the code in the security products used by the agency and its suppliers. The software, originally developed for operating safety analysis, is being adapted to meet the agency’s security requirements under a partnership signed in 2022.

CEA-List’s partnership with the agency is focussed on extending the formal analysis software applications Frama-C (C source-code) and BINSEC (binary code) to new, security-specific code structures and features as needed by the agency and its suppliers.

The partnership has produced two BINSEC demonstrators:

  • A tool to verify the secure deletion of confidential data (passwords, encryption keys, etc.) after a program is run;
  • A binary-to-C decompiler, which checks binary code embedded in C code.

 

For Frama-C, the research has focused its plug-in used to verify that a program complies with its specifications. Mixed modeling of the memory has been used to analyze, in detail, low-level operations without the total analysis time being prohibitive. Two code operation models are used in the analysis: a high-level model of usual operations, and a low-level model of complex operations that act directly on the program’s working memory [1]. Two feasibility studies on Frama-C confirmed that there was no leakage of confidential data or indeterminate memory access behavior.

The conclusive results led to two new projects: integration of the results into Frama-C, and a BINSEC plug-in to detect hidden channel flaws in post-quantum cryptographic primitives (i.e security algorithms protecting against attacks by a quantum computer).

 

[1] Jérémy Damour, Allan Blanchard, Loïc Correnson, Frédéric Loulergue. Formalization of a region analysis for Frama-C/WP. 36es Journées Francophones des Langages Applicatifs (JFLA 2025), Jan 2025, Roiffé, France. ffhal-04859489

 

Contributors to this article:

  • Allan Blanchard, research engineer and head of the Frama-C team
  • Sébastien Bardin, research engineer and head of the BINSEC team
  • Julien Signoles, research director
  • Loïc Correnson, senior expert
  • David Buhler, research engineer
  • Virgile Prevosto, research engineer
  • Frédéric Recoules, research engineer
  • Yanis Sellami, research engineer

 

CEA-List’s formal software analysis know-how is exactly what France’s defense procurement agency, DGA, needs for its security code verification.”

Allan Blanchard & Sébastien Bardin

— CEA-List

See also

2024 Activity Report

Formal methods for program analysis

CEA-List possesses a formal methods-based toolkit that can help cybersecurity experts pinpoint vulnerabilities in software and prove that software protects data privacy and integrity—something that ...
Read more
Technological advances

July 9, 2024 | Formal methods for blockchain

When it comes to consensus-based distributed systems like the most recent blockchain protocols, innovative formal specification and verification methods can help increase trust.
Read more