Provably correct software
Can we ever write software proven, mathematically, to be free of bugs and exploits?
What makes this fascinating
Bugs are everywhere — Most software is tested, not proven — and tests catch some bugs, never all of them.
Formal verification — Mathematical proof that a program meets its spec — achieved for the seL4 kernel and the CompCert compiler.
It doesn't scale yet — Verifying large, constantly-changing systems is enormously labor-intensive; making it routine is the open challenge.
Frequently asked questions
- What is provably correct software?
- Software mathematically proven to meet its specification — guaranteed free of whole classes of bugs — using formal methods like theorem proving and model checking, rather than relying on testing alone.
- Why isn't all software formally verified?
- Proofs are labor-intensive and scale poorly, specifications can themselves be wrong or incomplete, and verifying large, evolving real-world systems remains impractical despite notable successes like the seL4 kernel and CompCert compiler.
- Can software be proven bug-free?
- Only relative to a specification: a proof shows the code matches what you formally asked for, but it can't catch flaws in the spec itself or in the hardware and assumptions underneath.
More summits in Computer Science
Artificial general intelligence
Can a machine match the full, flexible breadth of human thought — and how would we know?
The foundations of cryptography
All modern security rests on a bet: that some problems are truly hard. Can we ever prove it?
Quantum computing's true power
Which problems can quantum machines crack that ordinary computers never will?
AI interpretability
We build neural networks we can't read. Can we ever truly understand what they learn inside?
Ready to climb?
Learn it the whole way up — from the fundamentals to the frontier.