July 1 – 6 , 2012, Dagstuhl Seminar 12271

AI meets Formal Software Development


Alan Bundy (University of Edinburgh, GB)
Dieter Hutter (DFKI – Bremen, DE)
Cliff B. Jones (University of Newcastle, GB)
J Strother Moore (University of Texas – Austin, US)

1 / 2 >

For support, please contact

Dagstuhl Service Team


Dagstuhl Report, Volume 2, Issue 7 Dagstuhl Report
List of Participants
Shared Documents


This seminar brought together researchers from formal methods and AI. The participants addressed the issue of how AI can aid the formal software development process, including modelling and proof. There was a pleasing number of participants from industry and this made it possible to ground the discussions on industrial-scale problems.

Industrial use of formal methods is certainly increasing but in order to make it more mainstream, the cost of applying formal methods, in terms of mathematical skill level and development time, must be reduced --- and we believe that AI can help with these issues.

Rigorous software development using formal methods allows the construction of an accurate characterisation of a problem domain that is firmly based on mathematics; by applying standard mathematical analyses, these methods can be used to prove that systems satisfy formal specifications. A recent ACM computing survey describes over sixty industrial projects and discusses the effect formal methods have on time, cost, and quality. It shows that with tools backed by mature theory, formal methods are becoming cost effective and their use is easier to justify, not as an academic exercise or legal requirement, but as part of a business case. Furthermore, the use of such formal methods is no longer confined to safety critical systems: the list of industrial partners in the DEPLOY project is one indication of this broader use. Most methods tend to be posit-and-prove, where the user posits a development step (expressed in terms of specifications of yet-to-be-realised components) that has to be justified by proofs. The associated properties that must be verified are often called proof obligations (POs) or verification conditions. In most cases, such proofs require mechanical support by theorem provers.

One can distinguish between automatic and interactive provers, where the latter are generally more expressive but require user interaction. Examples of state-of-the-art interactive theorem provers are ACL2, Isabelle, HOL, Coq and PVS, while E, SPASS, Vampire and Z3 are examples of automatic provers.

AI has had a large impact on the development of provers. In fact, one of the first AI application was a theorem prover and all theorem provers now contain heuristics to reduce the search space that can be attributed to AI. Nevertheless, theorem proving research and (pure) AI research have diverged, and theorem proving is barely considered to be AI-related anymore.


  • Artificial Intelligence/robotics
  • Semantics/formal Methods
  • Verification/logic


  • Learning of proof processes and strategies
  • Theory Development
  • Formal Software Development
  • Automated reasoning
  • Formal modelling
  • Industrial use of formal methods

Book exhibition

Books from the participants of the current Seminar 

Book exhibition in the library, ground floor, during the seminar week.


In the series Dagstuhl Reports each Dagstuhl Seminar and Dagstuhl Perspectives Workshop is documented. The seminar organizers, in cooperation with the collector, prepare a report that includes contributions from the participants' talks together with a summary of the seminar.


Download overview leaflet (PDF).


Furthermore, a comprehensive peer-reviewed collection of research papers can be published in the series Dagstuhl Follow-Ups.

Dagstuhl's Impact

Please inform us when a publication was published as a result from your seminar. These publications are listed in the category Dagstuhl's Impact and are presented on a special shelf on the ground floor of the library.