Skip to main content


Formal Verification of Security Properties of Smart Card Embedded Source Code


June Andronick, Boutheina Chetali and Christine Paulin-Mohring

Axalto - Smart card Research
Université Paris-Sud


This paper reports on a method to handle the verification of various security properties of imperative source code embedded on smart cards. The idea is to combine two program verification approaches: the functional verification at the source code level and the verification of high level properties on a formal model built from the program and its specification. The method presented uses the Caduceus tool, built on top of the Why tool. Caduceus enables the verification of an annotated C program and provides a validation process that we used to generate a high level formal model of the C source code. This method is illustrated by an example extracted from the verification of a smart card embedded operating system.

BibTeX Entry

    publisher        = {Springer},
    doi              = {10.1007/11526841_21},
    author           = {June Andronick and Boutheina Chetali and Christine Paulin-Mohring},
    series           = {Lecture Notes in Computer Science},
    title            = {{Formal Verification of Security Properties of Smart Card Embedded Source Code}},
    month            = jul,
    volume           = {3582},
    editor           = {J. Fitzgerald and I. J. Hayes and A. Tarlecki},
    year             = {2005},
    booktitle        = {Proceedings of the International Symposium on Formal Methods (FM)},
    pages            = {302--317},
    address          = {Newcastle, UK}


Served by Apache on Linux on seL4.