Formal methods is like a plan. Everyone has one until they are punched in the face (real world requirements and trust boundaries).
Formal methods is like a plan. Everyone has one until they are punched in the face (real world requirements and trust boundaries).
Formal methods are not meant to replace trust in a system. They are meant to minimize the surface area of trust. To not understand and advertise what surface area still exists is foolhardy, and mistakes logic for magic.
Incredibly uninformed comment. The formally verified part is the high confidence component that is the anvil to hammer out bugs in the unverified components.