
Formal Reasoning About Programs (2017) [pdf] - p0llard
http://adam.chlipala.net/frap/frap_book.pdf
======
DoofusOfDeath
The link provided seems down (hug of death?)

I'm guessing that this is the same material:
[https://github.com/achlipala/frap](https://github.com/achlipala/frap)

~~~
nextos
Try [http://adam.chlipala.net/frap/](http://adam.chlipala.net/frap/)

It's a really great book as an introduction to semantics and proofs.

A great alternative is [http://www.concrete-
semantics.org/](http://www.concrete-semantics.org/).

Concrete Semantics uses Isabelle, which is based on ZFC set theory. Whereas
FRAP uses Coq, that employs constructive types.

[https://softwarefoundations.cis.upenn.edu](https://softwarefoundations.cis.upenn.edu)
is also fantastic, covers some of the same topics, and proceeds a bit more
slowly.

I'm betting formal methods will become more wildly used in the 2020s. It'd be
interesting to see e.g. reinforcement learning used to automate proof
discovery.

~~~
crimsonalucard
>I'm betting formal methods will become more wildly used in the 2020s. It'd be
interesting to see e.g. reinforcement learning used to automate proof
discovery.

Even though I think formal methods in programming would be a great thing, If
anything I see evidence for it not happening. I got hired into a new job last
year and I mentioned it as one of my interests and the guy literally laughed
in my face commenting at how pointless it is proving a program to be correct.

What is it that makes you think formal methods will become more popular?

~~~
DoofusOfDeath
Sadly, I share your pessimism about formal methods. I suspect one of the
headwinds is that there's a greater demand for _more_ software than there is
for _better-proven_ software.

~~~
tuvistavie
At the end of the day I think it's just a matter of cost. If it's cheaper to
let a software fail and simply fix it when it does, there will not be much
interest into proving it to be correct. If a failure will likely be vastly
more expensive than proving correctness, then proving correctness will make
sense. There are simply way less instances of the second category. I think one
of the few "new" instances, which might be worth mentioning is smart contract
programming, where failures can cause millions of loss and proving correctness
is not too expensive.

~~~
crimsonalucard
With the amount of infrastructure focused around testing I think the opposite
is true.

I think it's more ignorance and culture. Many people don't know about formal
methods.

~~~
Ididntdothis
Agreed.

------
rovolo
This book and the Coq proof assistant are what pushed me to learn Emacs. The
'coqide' application my class (CSE 505 at UW) used was not a good text editing
experience. Emacs + Proof General by contrast were incredible.

It's important to have a solid on-ramp for beginners. I tried using Emacs for
a Java project in my next class, but I never managed to set up anything as
nice as the IntelliJ IDE. I'm sure setting up something nicer is possible, but
first impressions matter.

~~~
jakear
There’s also a nice VS Code extension for Coq I used when taking Adam’s class.

