Yeah that's fine if you can do it. His point is that most software is not that simple. I work in RISC-V verification and the spec is full of ambiguously worded or easy to misinterpret or just plain unspecified requirements. Even if you formally verify your chip against a formal specification there's a huge gap between the asciidoc ISA manual and that formal specification where bugs can exist.
Something like compression is the absolute best case - you have a trivial property that covers everything. Mostly it isn't like that though.
Something like compression is the absolute best case - you have a trivial property that covers everything. Mostly it isn't like that though.