Engineer Research and Development (M/F), Formal Verification



November 7, 2021


2021-04144 - Engineer Research and Development (M/F), Formal Verification

Contract type : Fixed-term contract

Renewable contract : Oui

Level of qualifications required : Graduate degree or equivalent

Other valued qualifications : PhD thesis

Fonction : Temporary scientific engineer

About the research centre or Inria department

Le centre de recherche Inria Saclay – Île-de-France, créé en 2008, accueille 450 scientifiques et 60 membres des services d'appui à la recherche. Les scientifiques sont organisés en 28 équipes de recherche dont 23 sont communes avec des partenaires du plateau de Saclay.

Le centre Inria Saclay - Île-de-France est un acteur essentiel de la recherche en sciences du numérique sur le plateau de Saclay. Il porte les valeurs et les projets qui font l'originalité d'Inria dans le paysage de la recherche : l'excellence scientifique, le transfert technologique, les partenariats pluridisciplinaires avec des établissements aux compétences complémentaires aux nôtres, afin de maximiser l'impact scientifique, économique et sociétal d'Inria.


This job is proposed in the context of the ProofInUse consortium (https: //, a laboratory for research and development in the domain of high-assurance software. This laboratory is the result of collaborations between the Inria project-team Toccata (https: // and industrial partners. The general objective is to contribute to the activities of formal verification performed by these partners, those conducted using the proof tools developed by the Toccata team, in particular Why3.

The proposed position is dedicated to activities in collaboration with the companies AdaCore (https:// www. and TrustInSoft (https: // The work will be carried out half-time in the Toccata team location in Orsay and half-time at these companies offices in Paris.


In direct collaboration with Why3 developers at Toccata and with engineers at AdaCore and TrustInSoft, the recruited person will contribute to meet the needs in Why3's usage by these partners, as identified in the roadmaps of the respective collaborations. The main objective is to improve the capabilities for advanced formal proof, respectively inside the Spark environment for the verification of Ada programs at AdaCore, and inside the TIS-Analyzer environment for the verification of C and C++ code, at TrustInSoft. The common objectives concern, among others, the increase of the automation ratio of proofs, the generation of pertinent counterexamples in case of proof failure, the proof of numerical programs.

Main activities

Development in OCaml for Why3, development of Why3 libraries, dedicated modeling for Ada, C and C++ code, software testing and experimentations, writing of documentation, contribution to the writing of scientific articles.


The candidate must have some work experience in the field of formal methods of software engineering. Development skills in OCaml and in the use of a formal proof environment will be a plus.

A level of English at least in writing is required. In oral English or French must be sufficiently mastered.

Benefits package
  • Subsidized meals
  • Partial reimbursement of public transport costs
  • Leave: 7 weeks of annual leave + 10 extra days off due to RTT (statutory reduction in working hours) + possibility of exceptional leave (sick children, moving home, etc.)
  • Possibility of teleworking (after 6 months of employment) and flexible organization of working hours
  • Professional equipment available (videoconferencing, loan of computer equipment, etc.)
  • Social, cultural and sports events and activities
  • Access to vocational training
  • Social security coverage
  • Remuneration

    Selon profil et expérience

    General Information
  • Theme/Domain : Proofs and Verification Software engineering (BAP E)

  • Town/city : Orsay

  • Inria Center : CRI Saclay - Île-de-France
  • Starting date : 2021-12-01
  • Duration of contract : 12 months
  • Deadline to apply : 2021-11-07
  • Contacts
  • Inria Team : TOCCATA
  • Recruiter : Marche Claude /
  • The keys to success

    The candidate will be required to work in a team with all Why3 developers and also to participate in joint activities of the research team: joint seminar, working groups, etc. Likewise, he/she will be required to work in collaboration with engineers at Adacore and/or TrustInSoft.

    About Inria

    Inria is the French national research institute dedicated to digital science and technology. It employs 2,600 people. Its 200 agile project teams, generally run jointly with academic partners, include more than 3,500 scientists and engineers working to meet the challenges of digital technology, often at the interface with other disciplines. The Institute also employs numerous talents in over forty different professions. 900 research support staff contribute to the preparation and development of scientific and entrepreneurial projects that have a worldwide impact.

    Instruction to apply

    Defence Security : This position is likely to be situated in a restricted area (ZRR), as defined in Decree No. 2011-1425 relating to the protection of national scientific and technical potential (PPST).Authorisation to enter an area is granted by the director of the unit, following a favourable Ministerial decision, as defined in the decree of 3 July 2012 relating to the PPST. An unfavourable Ministerial decision in respect of a position situated in a ZRR would result in the cancellation of the appointment.

    Recruitment Policy : As part of its diversity policy, all Inria positions are accessible to people with disabilities.

    Warning : you must enter your e-mail address in order to save your application to Inria. Applications must be submitted online on the Inria website. Processing of applications sent from other channels is not guaranteed.