The CARE toolset for developing verified programs from formal specifications

The paper describes the CARE toolset for interactive development of verified programs from formal specifications. The software engineer begins by giving a characterization of the application domain in the form of a mathematical theory. CARE tools are then used to progressively design a program by sketching out the program structure and gradually filling in the details. At any stage the correctness of the partial design can be checked by using one of the CARE tools to generate proof obligations. Another tool gives access to pre-proven parameterised design templates which encapsulate useful programming knowledge. When the design is complete, a third CARE tool is used to automatically synthesize a source code program which-if all the proof obligations can be discharged-is guaranteed to meet its formal specification. The knowledge base of CARE can be extended by users in a soundness-preserving manner to include reusable domain theories, library routines, design templates and proof tactics. The CARE toolset includes a fully automatic resolution-based theorem prover which will discharge many of the simpler proof obligations, and a general-purpose interactive theorem prover for the rest