  1. Susan Gerhart & Dan Craigen & Ted Ralson
  2. Experience with Formal Methods in Critical Systems
  3. IEEE Software magazine v11n1(Jan 1994)pp21-28 CR9601-0044
  4. =EXPERIENCE FORMAL [Craigenetal95]
      Note: more in Craigenetal93 Study of 12 cases of industrial use - including SSADM tools, CICS, Cleanroom, Oscilloscopes, Inmos, VDM in the Lacos project, TBACS at NIST, HP Medical instruments


    1. Formal methods more useful at front than for code
    2. Tend to improve things
    3. refinement not cost effective

      p27:"Mathematics involved in most formal methods is elementary, so the greater challenge may lie in teaching users how to model systems properly and carry design through."

      p28: primarily used for

    4. Assurance, Domain Analysis, Communication, Evidence of best practice, Re-Engineering

