Abstract

Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than “we haven’t found a bug” (yet!); but why is “we haven’t found a bug” an acceptable basis for systems trusted with hundreds of millions of people’s personal data? This paper looks at some of these issues in cybersecurity, and the extent to which formal methods, ranging from “fully verified” to better tool support, could help. More importantly, recent policy reports and curricula initiatives appear to recommended formal methods in the limited context of “safety critical applications”; we suggest this is too limited in scope and ambition. Not only are formal methods needed in cybersecurity, the repeated and very public weaknesses of the cybersecurity industry provide a powerful motivation for formal methods.

Original languageEnglish
Title of host publicationFormal Methods – Fun for Everybody - First International Workshop, FMFun 2019, Revised Selected Papers
EditorsAntonio Cerone, Markus Roggenbach
Place of PublicationCham, Switzerland
PublisherSpringer
Pages159-172
Number of pages14
ISBN (Print)9783030713737
DOIs
Publication statusPublished - 2021
Event1st International Workshop on Formal Methods - Fun for Everybody, FMFun 2019 - Bergen, Norway
Duration: 2 Dec 20193 Dec 2019

Publication series

NameCommunications in Computer and Information Science
Volume1301 CCIS
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference1st International Workshop on Formal Methods - Fun for Everybody, FMFun 2019
CountryNorway
CityBergen
Period2/12/193/12/19

Keywords

  • Curricula
  • Cybersecurity
  • Formal methods

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)

Cite this