Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> If the smartest engineers cannot do it, it doesn’t work.

[FIX:] ..., it doesn't work universally.

And the answer to that is pretty clear. It does not work universally. If every developer started only shipping code they had credibly formally verified, the vast majority of developers would go into shock at the scale of work to be done. Even the best "validators" would fall into career shredding pits, due to "minor" but now insurmountable dependencies in previously unverified projects. The vast majority of projects would go into unrecoverable stalls.

But formal validation can still work some of the time with the right people, on the right scale and kind of project, with the right amount of resources/time expended.

It isn't as if regular "best practices" programming works universally either. But validation is much harder.





> But formal validation can still work some of the time with the right people, on the right scale and kind of project, with the right amount of resources/time expended.

The problem is, it’s unclear exactly what those situations are or even should be. That lack of clarity causes us to fail to recognize when we could have applied these methods and so we just don’t. As much as I see value in formal methods, I’ve never worked with a team that has employed them. And I don’t think I’m at all unique in that.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: