Case studies in systematic software development
Case studies in systematic software development
Systematic software development using VDM (2nd ed.)
Systematic software development using VDM (2nd ed.)
Larch: languages and tools for formal specification
Larch: languages and tools for formal specification
Problem frames: analyzing and structuring software development problems
Problem frames: analyzing and structuring software development problems
Software Development: A Rigorous Approach
Software Development: A Rigorous Approach
Mural: A Formal Development Support System
Mural: A Formal Development Support System
Rippling: meta-level guidance for mathematical reasoning
Rippling: meta-level guidance for mathematical reasoning
Deriving specifications for systems that are connected to the physical world
Formal methods and hybrid real-time systems
| Hi-index | 0.00 |
It is now widely understood how to write formal specifications so as to be able to justify designs (and thus implementations) against such specifications. In many formal approaches, a "posit and prove" approach allows a designer to record an engineering design decision from which a collection of "proof obligations" are generated; their discharge justifies the design step. Modern theorem proving tools greatly simplify the discharge of such proof obligations. In typical industrial applications, however, there remain sufficiently many proof obligations that require manual intervention that an engineer finds them a hurdle to the deployment of formal proofs. This problem is exacerbated by the need to repeat proofs when changes are made to specifications or designs. This paper outlines how a key additional resource can be brought to bear on the discharge of proof obligations: the central idea is to "learn" new ways of discharging families of proof obligations by tracking one interactive proof performed by an expert. Since what blocks any fixed set of heuristics from automatically discharging proof obligations is issues around data structures and/or functions, it is expected that what the system can learn from one interactive proof will facilitate the discharge of significant "families" of recalcitrant proof tasks.