Significant advances in the practic

Significant advances in the practical
use of formal methods have relied on
fundamental results drawn from all areas in computer science, not necessarily
directly intended for formal methods.
Further work needs to be done in the
following areas.
—Composition. We need to understand
how to compose methods, specifications, models, theories, and proofs.
—Decomposition. We need to develop
more efficient methods for decomposing a computationally demanding
global property into local properties
whose verification is computationally
simple (e.g., task decomposition and
localization reduction methods [Kurshan 1994b]).
—Abstraction. Real systems are difficult
to specify and verify without abstractions. We need to identify different
kinds of abstractions, perhaps tailored for certain kinds of systems or
problem domains, and we need to develop ways to justify them formally,
perhaps using mechanical help.
—Reusable models and theories. Rather
than defining models and theories
from scratch each time a new application is tackled, it would be better to
have reusable and parameterized
models and theories.
—Combinations of mathematical theories. Many safety-critical systems
have both digital and analog components. These hybrid systems require
reasoning about both discrete and
continuous mathematics.
System developers would like to be
able to predict how well their system
will operate in the field. Indeed, they
often care more about performance
than correctness. Performance modeling borrows strongly from probability,
statistics, and queueing theory.
—Data structures and algorithms. To
handle larger search spaces and
larger systems, new data structures
and algorithms, for example, more