replacing at least one original cryptographic function of a computer system with at least one instrumentalized cryptographic function;

installing and executing an executable and non-instrumentalized version of the program in the computer system, the computer system comprising the at least one instrumentalized cryptographic function able to be called by the program to manipulate at least one cryptographic object, the at least one cryptographic function not included in the executable and non-instrumentalized version of the program, the at least one cryptographic function having been instrumentalized before execution of the executable and non-instrumentalized version of the program to allow recording of modalities of calls to the at least one cryptographic function from the executable and non-instrumentalized version of the program;

in a course of execution of the program and without instrumentalizing the program during execution of the program, recording in a tracing file modalities of calls to the cryptographic function, wherein recording in the tracing file comprises obtaining at least a portion of an execution stack when the cryptographic function is called by the program, and wherein recording in the tracing file further comprises recording the modalities of calls to cryptographic-management and usage functions of the cryptographic function in the tracing file; and

after the execution of the program, analyzing the tracing file and creating a data structure of states taken by the at least one cryptographic object manipulated in the course of the execution of the program responsive to the analyzing the tracing file, and analyzing the data structure to detect calls to the at least one cryptographic function that are liable to form a security flaw.