How can you trust formally verified software?

When: 29th Sep 2017, 17:15 - 29th Sep 2017, 21:00
Where: BCS, 1st Floor, The Davidson Building, 5 Southampton Street, London, WC2E 7HA
Town/City: London
Organiser: BCS FACS (Formal Aspects of Computing Science) Specialist Group
Price: Free
Further Information: Further Information

Speaker: Alastair Reid, ARM Ltd, UK


Formal verification of software has finally started to become viable: we have examples of formally verified microkernels, realistic compilers, hypervisors etc. These are huge achievements and we can expect to see even more impressive results in the future but the correctness proofs depend on a number of assumptions about the Trusted Computing Base that the software depends on. Two key questions to ask are: Are the specifications of the Trusted Computing Base correct? And do the implementations match the specifications? I will explore the philosophical challenges and practical steps you can take in answering that question for one of the major dependencies: the hardware your software runs on. I will describe the combination of formal verification and testing that ARM uses to verify the processor specification and I will talk about our current challenge: getting the specification down to zero bugs while the architecture continues to evolve.


Alastair Reid is a Senior Principal Research Engineer at ARM Ltd. His current research focus is on formalizing the ARM architecture specifications and finding ways that those specifications can be used to make hardware and software better. He has 17 granted patents in Computer Architecture and has published over a dozen research papers in Formal Verification, Software Defined Radio, Operating Systems, and Lazy Functional Programming. Before ARM, he worked/studied at University of Utah, Yale University, University of Glasgow and the University of Strathclyde. In his spare time, he builds his own keyboards and enjoys trashing his body in cyclocross races. You can find him at and at @alastair_d_reid.