Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Position Statement Tim Sauerwein GaloisConnections Inc. 3875SWHall Blvd. Beaverton, OR97005 USA [email protected] At Galois Connections, our business includes the construction of high-assurance software using formal methods. Our primary formal method is to program in modemfunctional programming languages, such as Haskell. These languages have powerful type systems that prevent certain classes of errors and promoteintellectual control. Moreover,good functional programshave traits such as being declarative, using high levels of abstraction, using small, embeddeddomaln-specifin languages at appropriate points, and adopting a mathematicalbias. We have found by experience that functional programming is a very effective industrial technique, one that lies in the "sweet spot" on the terrain that stretches betweenformal methodstheory and induslrial practice. Weare also starting to explore theorem-proving technology in one of our projects. At present, we are formalizing a few small portions of the project, with the hope of provinga few important properties that will raise confidence in the design. Howbest to apply theoremproving technologies to large functional programsis an open research question. Weintend to makesomeprogress 111 toward answeringthis question in practice, but without engagingin the sort of open-endedexploration that is more appropriate in an academicsetting. The project will try a variety of different approaches,striving at first for small successes and learning from experience. Wesee theorem proving as a technology that will becomegradually more and moreimportantduring the next decade. To be really practical, the worldof formalizedreasoning needs an automatic and reliable link to the world of programming.Moreover,it is essential to find ways of structuring the program development to make proof construction moreefficient. Thenature of this link is not clear to meat present, but I amsure that those workingin logic-based programsynthesis have thought deeply about this problem. Myinterest in the symposiumlies in its opportunities to find out what the experts have beendoing and thinking. I am particularly interested in assessing what maybe ready for practical application now,and what maybecomeso in the future. I maybe able to offer some opinions about whatis practical and what is not, but I am coming to the symposium primarily to learn.