A beautiful and simple explanation of formal specs. I especially like the remark that a spec can be incorrect. The art of building correct systems is just in showing the implementation is correct but also choosing a spec that matches our intuitive understanding of the system.
Posted at https://news.ycombinator.com/item?id=44700744
Comments moved thither. Thanks!
A beautiful and simple explanation of formal specs. I especially like the remark that a spec can be incorrect. The art of building correct systems is just in showing the implementation is correct but also choosing a spec that matches our intuitive understanding of the system.