2. Formal Methods

• Effective, but not the silver bullet

  • 3:1 reduction in defect density in the CAA study [Pfleeger and Hatton, IEEE Software, 1997]
    • London Air Traffic Control Centre, 200,000 lines of C
    • "We found no compelling quantitative evidence that formal design techniques alone produced code of higher quality than informal design techniques."
  • Recommendation 1: FM's only work in conjunction with other approaches
  • Recommendation 2: Some algorithms MUST have them. Find which ones

• Cleanroom

• Scalability

Previous slide

Next slide

Back to first slide

View graphic version