jeudi 13 mars 2008

Génie logiciel, recherche, droit et société

Je reçois ce jour ce courriel d'une collègue de
Grenoble, courriel qui illustre parfaitement
ce que j'ai enseigné hier matin (aux quelques
étudiants présents dont deux qui dormaient et
que j'ai dû réveiller. Etant secouriste du travail,
si l'un deux était mort par exemple d'un arrêt
cardiaque, j'aurais pu être poursuivi ...
Voila sans doute pourquoi, je suis le seul SST
dans mon établissement !)

Formal methods and software liability:
New synergy, new challenges

PhD and Postdoc positions
VERIMAG - INRIA Grenoble, France

Context :

A strong research effort has been
devoted by the computer science
community to the definition of new
methods and tools to improve software
quality and reduce software risks.
Unfortunately one can hardly say
that, except for critical software,
these results have so far had a
broad impact on industrial software
development practices. One of the
reasons for this disappointing
situation is that industrial actors do
not have enough economical incentives
to adopt these techniques. So far,
software providers have succeeded
in limiting their legal liability for
damages caused by their products
(whether due to malfunctioning or
security attacks). But, as observed
by several authors, software quality
and patterns of security frauds are
directly related to legal liability
patterns. The usual argument to
justify this lack of liability is that
software products are too complex
objects which can be used in
unexpected ways and whose functionalities
(and potential malfunctioning)
cannot be characterized precisely.
Taking up this challenge is precisely
the objective of the LISE (Liability
Issues in Software Engineering)
project: this multidisciplinary project
will study liability issues both
from the legal and technical points
of views with the aim to put forward
methods to (1) define liability in a
precise and unambiguous way and (2)
to establish such liability in case
of incident.

Objectives :

The main results expected from the
doctoral and postdoctoral positions
are as follows:
- Framework for the formal specification
of liabilities in software
systems: the framework will include
the specification of the expected
behaviour of individual components
as well as assumptions about their
environment and a liability relation
associating commitments with
identified agents.
- Technique for the analysis of high
level execution traces to establish
liabilities based on the formal specification.
- Completeness and correctness proofs
of the high level analyser.
- Refinement of the high level analyser
to derive an effective audit
analysis tool (log file analyser).
- Application of the framework to
a case study in collaboration with the
LISE partners.
The positions are proposed at different
levels (PhD and Postdoc) and the
research topics will be adapted to
fit the interests and backgrounds of
the candidates.

Required skills :

Minimal knowledge and motivation
for formal methods in the general sense
(formal specification, programming
language semantics, program analysis,
etc.). Candidates should also be
open minded and ready to take part in
new multidisciplinary initiatives.
NB: no expertise or knowledge in
law is expected from the candidates,
the legal issues of the above topics
being studied in partnership with
research groups in law.

Location :

Grenoble, capital of the French Alps,
and one of the most active areas
in Europe for research in Information
and Communication Technologies.
VERIMAG is a leading research center
in embedded systems and the
coordinator of the European Network
of Excellence ARTIST. VERIMAG hosts
about 80 people, including 40 PhD
and postdoc students. INRIA is the
French National Institute for Research
in Computer Science and Control.
Created in December 1992, the INRIA
Rhône-Alpes research unit hosts
about 600 people, including about
150 researchers and the same number of
PhD students.

Questions :
PhD ça veut dire quoi ?
Avant l'INRIA, il y avait l'IRIA. Créée quand ?
Qui était président de la république ?
Dans quel cadre ?
Quel est le statut juridique de l'INRIA ?
Que veut dire postdoc ?

Aucun commentaire: