[azinman2]

As CS was originally born largely from people with math backgrounds, formal proofs were all the rage for software early on. As time passed and software became more complex, that requirement effectively dropped off to some academia and defense/high-risk (aka nuclear controls) projects.

Now amazon is trying to formally verify a lot of AWS with TLA+ and other techniques. Here Mozilla is trying to verify it’s crypto.

Given the increasing rise of cyber security problems and their consequences, will formal verifications once again become more standard in software engineering? At minimum, we’ll need to see more user-friendly variants of TLA+ and other techniques for average developers to be able to use. Probably it should be taught in normal CS education. Even better would be for some kind of AI to help take existing code or specs and put it into something that can be formally proved.

[lower]

> Here Mozilla is trying to verify it’s crypto.

If you look at the paper describing this work <https://arxiv.org/abs/1703.00053>, you'll see that this is an academic effort and 7 of 12 authors are actually at Microsoft Research. But kudos to Mozilla for bringing all this advanced stuff to their products.

[lomnakkus]

Bad link. Should be: https://arxiv.org/abs/1703.00053

[pron]

> At minimum, we’ll need to see more user-friendly variants of TLA+ and other techniques for average developers to be able to use.

TLA+ is quite user-friendly, certainly more than most other formal methods. It takes about two weeks to become fully productive, without any guidance other than the freely available tutorials. It's easier to learn than most programming languages.

> Probably it should be taught in normal CS education.

I agree.