Twenty years of formal methods

J. McLean
{"title":"Twenty years of formal methods","authors":"J. McLean","doi":"10.1109/SECPRI.1999.766907","DOIUrl":null,"url":null,"abstract":"Following Godel, consider a formal mathematical system to be a system of symbols together with rules for employing them (K. Godel, 1965). The rules may be formation rules (stipulating the strings of symbols that constitute well formed formulae), proof rules (stipulating the strings of formulae that constitute proofs), or semantic rules (mapping formulae into an algebraic domain). The rules must be recursive. The requirement that the rules be recursive is an important one since it makes it possible to construct a computer program that can determine whether a rule set has been correctly applied. This, in theory, should give us the ability to use computers to determine whether properties we attribute to specifications or computer programs hold for certain. However, the assurance that can be obtained from formal methods comes at a price. For many applications, formal methods are prohibitively expensive. The formal methods community has traditionally looked to computer security as an application area where the expense of faulty software would make the application of formal methods cost-effective. For its part, the computer security community has traditionally looked to formal methods as a source of assurance that goes beyond what is attainable by testing. Although the marriage of formal methods and computer security has not been completely smooth sailing, it has led to a substantial growth in each partner. The article documents that growth.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1999.766907","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10

Abstract

Following Godel, consider a formal mathematical system to be a system of symbols together with rules for employing them (K. Godel, 1965). The rules may be formation rules (stipulating the strings of symbols that constitute well formed formulae), proof rules (stipulating the strings of formulae that constitute proofs), or semantic rules (mapping formulae into an algebraic domain). The rules must be recursive. The requirement that the rules be recursive is an important one since it makes it possible to construct a computer program that can determine whether a rule set has been correctly applied. This, in theory, should give us the ability to use computers to determine whether properties we attribute to specifications or computer programs hold for certain. However, the assurance that can be obtained from formal methods comes at a price. For many applications, formal methods are prohibitively expensive. The formal methods community has traditionally looked to computer security as an application area where the expense of faulty software would make the application of formal methods cost-effective. For its part, the computer security community has traditionally looked to formal methods as a source of assurance that goes beyond what is attainable by testing. Although the marriage of formal methods and computer security has not been completely smooth sailing, it has led to a substantial growth in each partner. The article documents that growth.
二十年的正式方法
按照哥德尔的说法,将形式数学系统看作是符号系统以及使用符号的规则(K.哥德尔,1965)。这些规则可以是形成规则(规定构成良好公式的符号串)、证明规则(规定构成证明的公式串)或语义规则(将公式映射到代数域)。规则必须是递归的。规则是递归的这一要求很重要,因为它使得构建一个计算机程序能够确定规则集是否被正确应用成为可能。从理论上讲,这应该使我们有能力使用计算机来确定我们归属于规范或计算机程序的属性是否确实成立。然而,从形式化方法中获得的保证是有代价的。对于许多应用程序,形式化方法是非常昂贵的。传统上,形式方法社区将计算机安全视为一个应用领域,在这个领域中,错误软件的费用将使形式方法的应用具有成本效益。就其本身而言,计算机安全社区传统上一直将正式方法视为一种超越测试所能达到的保证来源。尽管正式方法和计算机安全的结合并非一帆风顺,但它已经导致了双方的实质性增长。这篇文章记录了这种增长。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信