W. Andrew, S. Appel, and . Blazy, Separation logic for small-step Cminor, Theorem Proving in Higher Order Logics (TPHOL), pp.5-21, 2007.

B. Armand, A. Grégoire, L. Spiwack, and . Théry, Extending Coq with Imperative Features and Its Application to SAT Verification, Interactive Theorem Proving (ITP), pp.83-98, 2010.
DOI : 10.1007/978-3-642-14052-5_8
URL : https://hal.archives-ouvertes.fr/inria-00502496

W. Andrew, D. Appel, and . Mcallester, An indexed model of recursive types for foundational proof-carrying code, ACM Transactions on Programming Languages and Systems (TOPLAS), vol.23, issue.5, pp.657-683, 2001.

W. Andrew and . Appel, Program logics for certified compilers, p.79, 2014.

A. Bessey, K. Block, B. Chelf, A. Chou, B. Fulton et al., A few billion lines of code later, Communications of the ACM, vol.53, issue.2, pp.66-75, 2010.
DOI : 10.1145/1646353.1646374

Y. Bertot and P. Castéran, Interactive theorem proving and program development. Coq'Art: the calculus of inductive constructions, 2004.
URL : https://hal.archives-ouvertes.fr/hal-00344237

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne et al., Design and implementation of a special-purpose static program analyzer for safetycritical real-time embedded software, The Essence of Computation, pp.85-108, 2002.
URL : https://hal.archives-ouvertes.fr/inria-00528442

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne et al., A static analyzer for large safety-critical software, PLDI '03, pp.196-207, 2003.
URL : https://hal.archives-ouvertes.fr/hal-00128135

[. Besson, D. Cachera, T. Jensen, and D. Pichardie, Certified Static Analysis by Abstract Interpretation, Foundations of Security Analysis and Design V, pp.223-257, 2009.
DOI : 10.1145/1146809.1146811
URL : https://hal.archives-ouvertes.fr/inria-00538753

J. T. Bradley and N. J. Davies, Compositional BDD construction: A lazy algorithm, 1998.

S. Blazy, Z. Dargaye, and X. Leroy, Formal Verification of a C Compiler Front-End, FM 2006: Formal Methods, pp.460-475, 2006.
DOI : 10.1007/11813040_31
URL : https://hal.archives-ouvertes.fr/inria-00106401

[. Barthe, D. Demange, and D. Pichardie, Formal Verification of an SSA-Based Middle-End for CompCert, ACM Transactions on Programming Languages and Systems, vol.36, issue.1, 2014.
DOI : 10.1145/2579080
URL : https://hal.archives-ouvertes.fr/hal-01097677

Y. Bertot, Structural Abstract Interpretation: A Formal Study Using Coq, Language Engineering and Rigorous Software Development, pp.153-194, 2009.
DOI : 10.1007/978-3-540-31987-0_3
URL : https://hal.archives-ouvertes.fr/inria-00329572

S. Robert, W. A. Boyer, and . Hunt-jr, Function memoization and unique object representation for acl2 functions, ACL2 '06: Proceedings of the sixth international workshop on the ACL2 theorem prover and its applications, pp.81-89, 2006.

[. Beckert, R. Hähnle, and P. H. Schmitt, Verification of Object-Oriented Software: The KeY Approach, volume 4334 of LNAI, 2007.

[. Bagnara, M. Patricia, E. Hill, and . Zaffanella, Weakly-relational shapes for numeric abstractions: improved algorithms and proofs of correctness, Formal Methods in System Design, vol.27, issue.2, pp.279-323, 2009.
DOI : 10.1007/s10703-009-0073-1

S. Boldo, J. Jourdan, X. Leroy, and G. Melquiond, A Formally-Verified C Compiler Supporting Floating-Point Arithmetic, 2013 IEEE 21st Symposium on Computer Arithmetic, pp.107-115, 2013.
DOI : 10.1109/ARITH.2013.30
URL : https://hal.archives-ouvertes.fr/hal-00743090

S. Boldo, J. Jourdan, X. Leroy, and G. Melquiond, Verified Compilation of Floating-Point Computations, Journal of Automated Reasoning, vol.1, issue.1, pp.135-163, 2015.
DOI : 10.1007/s10817-014-9317-x
URL : https://hal.archives-ouvertes.fr/hal-00862689

[. Braibant, J. Jourdan, and D. Monniaux, Implementing Hash-Consed Structures in Coq, Interactive Theorem Proving (ITP), pp.477-483, 2013.
DOI : 10.1007/978-3-642-39634-2_36
URL : https://hal.archives-ouvertes.fr/hal-00816672

[. Braibant, J. Jourdan, and D. Monniaux, Implementing and Reasoning About Hash-consed Data Structures in Coq, Journal of Automated Reasoning, vol.53, issue.3, pp.271-304, 0198.
DOI : 10.1007/s10817-014-9306-0
URL : https://hal.archives-ouvertes.fr/hal-00881085

M. Bodin, T. Jensen, and A. Schmitt, Certified Abstract Interpretation with Pretty-Big-Step Semantics, Proceedings of the 2015 Conference on Certified Programs and Proofs, CPP '15, pp.29-40, 2015.
DOI : 10.1145/2676724.2693174
URL : https://hal.archives-ouvertes.fr/hal-01111588

A. Lukas-bulwahn, F. Krauss, L. Haftmann, J. Erkök, and . Matthews, Imperative functional programming with Isabelle/HOL, Theorem Proving in Higher Order Logics (TPHOL), pp.134-149, 2008.

[. Blazy, V. Laporte, A. Maroneze, and D. Pichardie, Formal Verification of a C Value Analysis Based on Abstract Interpretation, Static Analysis (SAS), pp.324-344, 2013.
DOI : 10.1007/978-3-642-38856-9_18
URL : https://hal.archives-ouvertes.fr/hal-00812515

S. Boldo and G. Melquiond, Flocq: A Unified Library for Proving Floating-Point Algorithms in Coq, 2011 IEEE 20th Symposium on Computer Arithmetic, pp.243-252, 2011.
DOI : 10.1109/ARITH.2011.40
URL : https://hal.archives-ouvertes.fr/inria-00534854

[. Bourdoncle, Efficient chaotic iteration strategies with widenings, Formal Methods in Programming and their Applications, pp.128-141, 1993.
DOI : 10.1007/BFb0039704

P. Cousot and R. Cousot, Static determination of dynamic properties of programs, Proceedings of the Second International Symposium on Programming, pp.106-130, 1976.

P. Cousot and R. Cousot, Abstract interpretation, Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '77, pp.238-252, 1977.
DOI : 10.1145/512950.512973
URL : https://hal.archives-ouvertes.fr/hal-01108790

P. Cousot and R. Cousot, Systematic design of program analysis frameworks, Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '79, pp.269-282, 1979.
DOI : 10.1145/567752.567778

P. Cousot and R. Cousot, Abstract Interpretation Frameworks, Journal of Logic and Computation, vol.2, issue.4, pp.511-547, 1992.
DOI : 10.1093/logcom/2.4.511

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné et al., Combination of Abstractions in the ASTR??E Static Analyzer, Advances in Computer Science -ASIAN 2006, pp.272-300, 2006.
DOI : 10.1007/978-3-540-24725-8_2

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné et al., Why does astrée scale up? Formal Methods in System Design A parametric segmentation functor for fully automatic and scalable array content analysis, 146, and 181.] [CCL11] Patrick Cousot, Radhia Cousot, and Francesco Logozzo POPL '11, pp.229-264, 2009.

[. Cousot, R. Cousot, and L. Mauborgne, The Reduced Product of Abstract Domains and the Combination of Decision Procedures, Foundations of Software Science and Computation Structures (FOSSACS), pp.456-472, 2011.
DOI : 10.1007/978-3-642-19805-2_31

. Cer and . Certikos, Certified kit operating system

P. Cousot and N. Halbwachs, Automatic discovery of linear restraints among variables of a program, Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '78, pp.84-96, 1978.
DOI : 10.1145/512760.512770

A. Chlipala, Certified programming with dependent types: A pragmatic introduction to the Coq proof assistant, 2013.

D. Cachera, T. Jensen, D. Pichardie, and V. Rusu, Extracting a data flow analyser in constructive logic, Programming Languages and Systems, pp.385-400, 2004.
URL : https://hal.archives-ouvertes.fr/inria-00564633

D. Cachera, T. Jensen, D. Pichardie, and G. Schneider, Certified Memory Usage Analysis, FM 2005: Formal Methods, pp.91-106, 2005.
DOI : 10.1007/11526841_8

[. Cho, J. Kang, J. Choi, and K. Yi, Sparrowberry: A verified validator for an industrial-strength static analyzer, pp.2-45, 2013.

[. Cortesi, P. Baudouin-le-charlier, and . Van-hentenryck, Combinations of abstract domains for logic programming, Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '94, pp.227-239, 1994.
DOI : 10.1145/174675.177880

[. Chetali and Q. Nguyen, Industrial Use of Formal Methods for a High-Level Security Evaluation, FM 2008: Formal Methods, pp.198-213, 2008.
DOI : 10.1007/978-3-540-68237-0_15

P. Cousot, Constructive design of a hierarchy of semantics of a transition system by abstract interpretation, Theoretical Computer Science, vol.277, issue.1-2, pp.47-103, 2002.
DOI : 10.1016/S0304-3975(00)00313-3

D. Cachera and D. Pichardie, A Certified Denotational Abstract Interpreter, Interactive Theorem Proving, pp.9-24, 2010.
DOI : 10.1007/978-3-642-14052-5_3
URL : https://hal.archives-ouvertes.fr/inria-00537810

[. Chawdhary, E. Robbins, and A. King, Simple and Efficient Algorithms for Octagons, Programming Languages and Systems (APLAS), pp.296-313, 2014.
DOI : 10.1007/978-3-319-12736-1_16

D. Chen, T. Ziegler, A. Chajed, M. F. Chlipala, N. Kaashoek et al., Using Crash Hoare logic for certifying the FSCQ file system, Proceedings of the 25th Symposium on Operating Systems Principles, SOSP '15, pp.18-37, 2015.
DOI : 10.1145/2815400.2815402

D. Delmas, E. Goubault, S. Putot, J. Souyris, K. Tekkal et al., Towards an industrial use of Fluctuat on safetycritical avionics software, Formal Methods for Industrial Critical Systems (FMICS), pp.53-69, 2009.

D. Darais and D. Van-horn, Constructive galois connections

A. Fouilhé and S. Boulmé, A Certifying Frontend for (Sub)polyhedral Abstract Domains, Verified Software: Theories, Tools and Experiments (VSTTE), pp.200-215, 2014.
DOI : 10.1007/978-3-319-12154-3_13

J. Filliâtre and S. Conchon, Type-safe modular hashconsing, Proceedings of the 2006 workshop on ML, pp.12-19, 2006.

J. Feret, Static Analysis of Digital Filters, Programming Languages and Systems, pp.33-48, 2004.
DOI : 10.1007/978-3-540-24725-8_4
URL : https://hal.archives-ouvertes.fr/inria-00528447

J. Feret, The Arithmetic-Geometric Progression Abstract Domain, Verification, Model Checking, and Abstract Interpretation (VMCAI), pp.42-58, 2005.
DOI : 10.1007/978-3-540-30579-8_3
URL : https://hal.archives-ouvertes.fr/inria-00528450

A. Samuel and . Figueroa, When is double rounding innocuous?, ACM SIGNUM Newsletter, vol.30, issue.115, pp.21-26, 1995.

M. Fähndrich and F. Logozzo, Static contract checking with abstract interpretation In Formal Verification of Object-Oriented Software, LNCS, vol.6528, pp.10-30, 2010.

[. Fouilhé, D. Monniaux, and M. Périn, Efficient Generation of Correctness Certificates for the Abstract Domain of Polyhedra, In Static Analysis (SAS) LNCS, vol.7935, issue.214, pp.345-365, 2013.
DOI : 10.1007/978-3-642-38856-9_19

G. Gonthier, A. Asperti, J. Avigad, Y. Bertot, C. Cohen et al., A Machine-Checked Proof of the Odd Order Theorem, Interactive Theorem Proving (ITP), pp.163-179, 2013.
DOI : 10.1007/978-3-642-39634-2_14
URL : https://hal.archives-ouvertes.fr/hal-00816699

R. Gu, J. Koenig, T. Ramananandro, Z. Shao, X. Newman-wu et al., Deep specifications and certified abstraction layers, POPL '15, pp.595-608

E. Goubault, T. L. Gall, and S. Putot, An Accurate Join for Zonotopes, Preserving Affine Input/Output Relations, Proceedings of the Fourth International Workshop on Numerical and Symbolic Abstract Domains (NSAD), pp.65-76, 2012.
DOI : 10.1016/j.entcs.2012.09.007

[. Gonthier, Formal proof?the four-color theorem, Notices of the AMS, vol.55, issue.11, pp.1382-1393, 2008.

J. Goubault, HimML: Standard ML with fast sets and maps, Workshop on ML and its Applications, 1994.

J. Goubault, Implementing functional languages with fast equality, sets and maps: an exercise in hash consing, 1994.

P. Granger, Static analysis of arithmetical congruences, International Journal of Computer Mathematics, vol.30, issue.3-4, pp.165-190, 1989.
DOI : 10.1145/29873.29875

M. Giorgino and M. Strecker, Correctness of Pointer Manipulating Algorithms Illustrated by a Verified BDD Construction, FM 2012: Formal Methods, pp.202-216, 2012.
DOI : 10.1007/978-3-642-32759-9_18

[. Gulwani and A. Tiwari, Combining abstract interpreters, PLDI '06, pp.376-386, 2006.

[. Hoare, An axiomatic basis for computer programming, Communications of the ACM, vol.12, issue.10, pp.576-580, 1969.
DOI : 10.1145/363235.363259

V. Jacques-henri-jourdan, S. Laporte, X. Blazy, D. Leroy, and . Pichardie, A formally-verified C static analyzer, POPL '15, pp.247-259, 2015.

K. Keh-+-09-]-gerwin-klein, G. Elphinstone, D. Heiser-andronick, P. Cock, D. Derrin et al., Michael Norrish, et al. sel4: Formal verification of an os kernel, SOSP '09, pp.207-220, 2009.

G. Klein and T. Nipkow, A machine-checked model for a Java-like language, virtual machine, and compiler, ACM Transactions on Programming Languages and Systems, vol.28, issue.4, pp.619-695, 2006.
DOI : 10.1145/1146809.1146811

E. Donald and . Knuth, The Art of Computer Programming Binary decision diagrams, p.186, 2011.

R. Krebbers, The C standard formalized in Coq, p.12, 2015.

V. Laporte, Vérification d'analyses statiques pour langages de bas niveau, 2015.

X. Leroy, Formal certification of a compiler back-end or: programming a compiler with a proof assistant, POPL '06, pp.42-54, 2006.
URL : https://hal.archives-ouvertes.fr/inria-00000963

X. Leroy, Formal verification of a realistic compiler, Communications of the ACM, vol.52, issue.7, pp.107-115, 2009.
DOI : 10.1145/1538788.1538814
URL : https://hal.archives-ouvertes.fr/inria-00415861

X. Leroy, A Formally Verified Compiler Back-end, Journal of Automated Reasoning, vol.27, issue.1, pp.363-446, 2009.
DOI : 10.1007/s10817-009-9155-4
URL : https://hal.archives-ouvertes.fr/inria-00360768

X. Leroy, Proving a compiler: Mechanized verification of program transformations and static analyses. Oregon Programming Language Summer School, 2012.

F. Logozzo and M. Fähndrich, On the relative completeness of bytecode analysis versus source code analysis [Cited on page 137.] [LF08b] Francesco Logozzo and Manuel Fähndrich. Pentagons: a weakly relational abstract domain for the efficient validation of array accesses, Compiler Construction (CC) SAC '08, pp.197-212, 2008.

F. Vincent-laviron and . Logozzo, Subpolyhedra: A (more) scalable approach to infer linear inequalities, Verification, Model Checking, and Abstract Interpretation (VMCAI), pp.229-244

G. Nancy, . Leveson, S. Clark, and . Turner, An investigation of the Therac-25 accidents, Computer, vol.26, issue.7, pp.18-41, 1993.

G. Melquiond, Floating-point arithmetic in the Coq system, Information and Computation, vol.216, pp.14-23, 2012.
DOI : 10.1016/j.ic.2011.09.005
URL : https://hal.archives-ouvertes.fr/hal-00797913

A. Miné, Weakly relational numerical abstract domains, pp.55-172, 2004.

A. Miné, The octagon abstract domain. Higher-Order and Symbolic Computation, pp.31-100, 2006.

A. Miné, Symbolic Methods to Enhance the Precision of Numerical Abstract Domains, Verification, Model Checking, and Abstract Interpretation (VMCAI), pp.348-363, 2006.
DOI : 10.1007/11609773_23

D. Monniaux, Réalisation mécanisée d'interpréteurs abstraits, 1998.

A. Maréchal and M. Périn, Three linearization techniques for multivariate polynomials in static analysis using convex polyhedra, 2014.

T. Nipkow, Abstract Interpretation of Annotated Commands, Interactive Theorem Proving, pp.116-132, 2012.
DOI : 10.1007/978-3-642-32347-8_9

T. Nipkow and G. Klein, Chapter 13: Abstract interpretation, Concrete Semantics with Isabelle/HOL, pp.219-280, 2014.

G. Nelson, C. Derek, and . Oppen, Simplification by Cooperating Decision Procedures, ACM Transactions on Programming Languages and Systems, vol.1, issue.2, pp.245-257, 1979.
DOI : 10.1145/357073.357079

A. Jorge, P. Navas, H. Schachte, . Søndergaard, J. Peter et al., Signedness-agnostic program analysis: Precise integer bounds for low-level code, Programming Languages and Systems, pp.115-130, 2012.

W. Peter and . Hearn, Resources, concurrency and local reasoning, LNCS, vol.3170, pp.49-67, 2004.

V. Ortner and N. Schirmer, Verification of BDD Normalization, Theorem Proving in Higher Order Logics (TPHOL), pp.261-277, 2005.
DOI : 10.1007/11541868_17

C. Benjamin, C. Pierce, M. Casinghino, M. Gaboardi, C. Greenberg et al., Software foundations, 2015.

S. Putot and E. Goubault, Static analysis of numerical algorithms, Static Analysis (SAS), pp.18-34, 2006.

D. Pichardie, Interprétation abstraite en logique intuitionniste : extraction d'analyseurs Java certifiés, french. [Cited on pages 2, pp.54-121, 2005.

D. Pichardie, Building Certified Static Analysers by Modular Construction of Well-founded Lattices, Proceedings of the First International Conference on Foundations of Informatics, Computing and Software (FICS), pp.225-239, 2008.
DOI : 10.1016/j.entcs.2008.04.064
URL : https://hal.archives-ouvertes.fr/inria-00332365

C. John and . Reynolds, Separation logic: A logic for shared mutable data structures, 17th IEEE Symposium on Logic in Computer Science, pp.55-74, 2002.

X. Rival and L. Mauborgne, The trace partitioning abstract domain, ACM Transactions on Programming Languages and Systems, vol.29, issue.5, p.106, 2007.
DOI : 10.1145/1275497.1275501

P. Roux, Innocuous double rounding of basic arithmetic operations, Journal of Formalized Reasoning (JFR), vol.7, issue.115, pp.131-142, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01091186

A. Simon and A. King, The two variable per inequality abstract domain . Higher-Order and Symbolic Computation, pp.87-143, 2010.

[. Sozeau, Subset coercions in Coq In Types for Proofs and Programs, LNCS, vol.4502, pp.237-252, 2007.

[. Singh, M. Püschel, and M. Vechev, Making numerical program analysis fast, PLDI 2015, pp.303-313, 2015.

V. ?ev?ík, F. Z. Vafeiadis, S. Nardelli, P. Jagannathan, and . Sewell, CompCertTSO, Journal of the ACM, vol.60, issue.3, p.22, 2013.
DOI : 10.1145/2487241.2487248

N. Kumar, J. Verma, and . Goubault-larrecq, Reflecting BDDs in Coq, p.191, 2000.

[. Verma, J. Goubault-larrecq, S. Prasad, and S. Arun-kumar, Reflecting BDDs in Coq, Advances in Computing Science (ASIAN), pp.162-181, 1961.
DOI : 10.1007/3-540-44464-5_13
URL : https://hal.archives-ouvertes.fr/inria-00072797

J. Yang and C. Hawblitzel, Safe to the last instruction, Communications of the ACM, vol.54, issue.12, pp.123-131, 2011.
DOI : 10.1145/2043174.2043197