Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site wdl1.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxt!houxm!vax135!cornell!uw-beaver!tektronix!hplabs!hpda!fortune!wdl1!jbn From: jbn@wdl1.UUCP Newsgroups: net.ai Subject: SRI verification work reviewed Message-ID: <723@wdl1.UUCP> Date: Thu, 26-Sep-85 14:58:52 EDT Article-I.D.: wdl1.723 Posted: Thu Sep 26 14:58:52 1985 Date-Received: Sun, 29-Sep-85 08:26:03 EDT Sender: notes@wdl1.UUCP Organization: Ford Aerospace, Western Development Laboratories Lines: 37 Nf-ID: #N:wdl1:1100022:000:1792 Nf-From: wdl1!jbn Sep 26 11:49:00 1985 The current state of the art in the verification field is worse than one may think from reading the literature. I have just obtained a copy of ``Peer Review of a Formal Verification/Design Proof Methodology'', (NASA Conference Publication 2377, NASA Langley Research Center, Scientific and Technical Information Branch, 1985), which is highly critical of SRI International's work in the area. The work being evaluated is SRI's verification of the Software Implemented Fault Tolerance system, a multiprocessor system intended for use in future aircraft flight control systems. Some quotes from the report: [p. 22] ``Scientific workers are expected to describe their accomplishments in a way that will not mislead or misinform. Members of the peer review panel felt that many publications and conference presentations of the SRI International verification work have not accurately presented the accomplishments of the project; several panel members, as a result of the peer review, felt that much of what they though had been done had indeed not been done.'' ``The research claims that the panel considered to be unjustified are primarily in two categories; the first concerns the methodology purportedly used by SRI International to validate SIFT, and the second concerns the degree to which the validation had actually been done. Many publications and conference presentations concerning SIFT appear to have misrepresented the accomplishments of the project.'' [p. 23] ``The incompleteness of the SIFT verification exercise caused concern at the peer review. Many panel members who expected (from the literature) a more extensive proof were disillusioned. It was the consensus of the panel that SRI's acomplishment claims were strongly misleading.'' John Nagle Brought to you by Super Global Mega Corp .com