.Curriculum.Vitae
Here is an incomplete version of my curriculum vitae. I will try to keep it updated.
If you print this version, it should output a nice paper version. It is not yet as pretty as a word-processed curriculum vitae. I will also try to improve this ASAP.
.Address
Laurent HUBERT
95, rue de Paris
35 000 Rennes
FRANCE
laurent@trebuh.net
.Personal.Details
Date of birth: 8th August, 1983.
French nationality
Driving license
.Education
PhD in computer science
- To be expected in September, 2010
(Doctorat de l'Universitèe de Rennes 1 en
informatique)
Master of Science in computer
science - 3 years - 2006
(Master de recherche et Diplôme d'ingénieur
INSA)
INSA (National Institute of Applied Science) of Rennes / University of Rennes 1 - France
Subjects: proof assistants (PVS), test, semantics and abstract interpretation, the B method, compilation, computability and complexity, information system security, ray tracing, object oriented design (UML), object oriented programming (C++ and Java), functional programming (Caml), logic programming (Prolog), constraint programming, operating systems, network protocols, databases.
Bachelor of Science
- 2 years - 2003
(Diplôme Universitaire de Technologie)
University of Nantes - France
Subjects: data structures, computer and system architecture, parallel programming, databases, networks, software engineering, web technologies.
.Languages
French: Native
English: Fluent
Spanish: Working
.Work.Experiences
PhD student
Since October 2007 - CNRS/IRISA lab - Rennes (France)
Development of a framework for the conception of security analyses for embedded Java programs. (With Thomas Jensen and David Pichardie.)
Teaching
2008 & 2009 - 120 hours - INSA - Rennes (France)
Professor assistant - coursework for under-graduate and post-graduate students on the Java Programming Language, the Scheme Programming Language, the Emacs Text Editor and Compilation Techniques
2007 - 50 hours - University of Leeds (United Kingdom)
Marker - assessment of under-graduate students in computing and computer science in Databases, Formal Methods (Z), program semantics, Python and Java
2005 - 25 hours - University of Rennes 2 - Rennes (France) - Office Automation Instructor
2005 - 41 hours - Domicours - Rennes (France) - Private Mathematics Teacher
Software engineer
2007 - 4 months - IRISA (INRIA) - Rennes (France)
Maintenance of a tool which transforms Java bytecode programs into rewriting systems encoding their semantics
2007 - 6 months - IRISA (CNRS) - Rennes (France)
Design and development of a null pointer analysis for Java bytecode that could be certified
Intern
2006 - 5 months - Technical University of Madrid (Spain)
Java bytecode verification via transformation and analysis of logic programs (cf. Master's Thesis)
2005 - 2 months - IRISA (INRIA) - Rennes (France)
Over-approximation of the number of iterations of intra-procedural loops
2003 - 10 weeks - La Poste - Nantes (France)
Development of a tool to extract data from HTML files and transfert them in a database
.Publications
| [1] |
Laurent Hubert, Thomas Jensen, and Vincent.
Enforcing secure object initialization in java.
In Proceeding of ESORICS 2010, LNCS. Springer, September 2010. [ bib | .pdf ] Sun and the CERT recommend for secure Java development to “not allow partially initialized objects to be accessed”. The solution currently used to enforce object initialization is to implement a coding pattern. We propose a modular type system to formally specify initialization policies and a type checker. The type system and its soundness theorem have been formalized and machine checked using Coq. This allows to prove the absence of bugs which have allowed some famous privilege escalations in Java. Our experimental results show that by adding 57 simple annotations we proved safe all classes but 4 our of java.lang, java.security and javax.security. |
| [2] |
Laurent Hubert, Nicolas Barré, Frédéric Besson, Delphine
Demange, Thomas Jensen, Vincent Monfort, David Pichardie, and Tiphaine
Turpin.
Sawja: Static analysis workshop for java.
Technical report, CNRS, INRIA, ENS Cachan, June 2010.
Presented at the International Conference on Formal Verification of
Object-Oriented Software (FoVeOOS). [ bib | slides | .pdf ] Static analysis is a powerful technique for automatic verification of programs but raises major engineering challenges when developing a full-fledged analyzer for a realistic language such as Java. This paper describes the Sawja library: a static analysis framework fully compliant with Java 6 which provides OCaml modules for efficiently manipulating Java bytecode programs. We present the main features of the library, including (i) efficient functional data-structures for representing program with implicit sharing and lazy parsing, (ii) an intermediate stack-less representation, and (iii) fast computation and manipulation of complete programs. |
| [3] |
Laurent Hubert and David Pichardie.
Soundly handling static fields: Issues, semantics and analysis.
Electronic Notes in Theoretical Computer Science, 253(5):15 -
30, 2009.
Proceedings of ByteCode'09. [ bib | slides | http | .pdf ] Although in most cases class initialization works as expected, some static fields may be read before being initialized, despite being initialized in their corresponding class initializer. We propose an analysis that can be applied to identify the static fields that may be read before being initialized and show how this can improve the precision of a null-pointer analysis. Keywords: Java, semantics, class initialization, static analysis, control flow, verification |
| [4] |
Laurent Hubert.
A Non-Null annotation inferencer for Java bytecode.
In Proceedings of the Workshop on Program Analysis for Software
Tools and Engineering (PASTE'08), pages 36-42. ACM, November 2008. [ bib | slides | http | .pdf ] We present a non-null annotations inferencer for the Java bytecode language. This paper proposes extensions to our former analysis in order to deal with the Java bytecode language. We have implemented both analyses and compared their behaviour on several benchmarks. The results show a substantial improvement in the precision and, despite being a whole-program analysis, production applications can be analyzed within minutes. Keywords: Java, NonNull, annotation, inference, static analysis |
| [5] |
Laurent Hubert, Thomas Jensen, and David Pichardie.
Semantic foundations and inference of non-null annotations.
In Proceedings of the international conference on Formal Methods
for Open Object-Based Distributed Systems (FMOODS '08), volume 5051 of
LNCS, pages 132-149. Springer Berlin, June 2008. [ bib | slides | http | .pdf ] This paper proposes a semantics-based automatic null pointer analysis for inferring non-null annotations of fields in object-oriented programs. We prove the analysis correct with respect to a semantics of a minimalistic OO language and complete with respect to the non-null type system proposed by Fähndrich and Leino, in the sense that for every typable program the analysis is able to prove the absence of null dereferences without any hand-written annotations. Experiments with a prototype implementation of the analysis show that the inference is feasible for large programs. Keywords: Java, NonNull, annotation, inference, static analysis |
| [6] |
Laurent Hubert, Thomas Jensen, and David Pichardie.
Semantic foundations and inference of non-null annotations.
Research Report 6482, INRIA, March 2008. [ bib | http ] |
| [7] |
Elvira Albert, Miguel Gómez-Zamalloa, Laurent Hubert, and Germán
Puebla.
Verification of Java bytecode using analysis and transformation of
logic programs.
In Practical Aspects of Declarative Languages, LNCS, pages
124-139. Springer, 2007. [ bib | http | .pdf ] |
| [8] |
Elvira Albert, Miguel Gómez-Zamalloa, Laurent Hubert, and Germán
Puebla.
Towards verification of java bytecode using logic programming tools.
In Proceedings of the International Workshop on Software
Verification and Validation, Seattle, August 2006. Computing Research
Repository (CoRR).
Co-located with FLoC'06. [ bib | .pdf ] |
| [9] |
Laurent Hubert.
Java bytecode verification using analysis and transformation of logic
programs.
Master's thesis, INSA de Rennes, June 2006. [ bib | .pdf ] |
| [10] |
Laurent Hubert.
Memory and time consumption of java bytecode programs.
Technical report, INSA de Rennes, February 2006. [ bib | .pdf ] |
.Associative.Experiences
2009 - 1 year
Treasurer of Nicomaque (Federation of the associations of PhD candidates and young researchers of Rennes) - Rennes (France)
2008 - 1 year
Treasurer of ADOC (association of PhD candidates and young researchers of the IRISA lab) - Rennes (France)
2005 - 5 months
President of Ouest Insa Junior Entreprise (information on the concept on www.jadenet.org) - Rennes (France)
2004 - 1 year
Member of Ouest Insa Junior Entreprise - Rennes (France)