| participant | summary of remarks |
| Rex Page | My objective is to broaden the incorporation in
undergraduate computer science software development courses the use predicate-based specifications of program properties expected by the
programmer. For such specs to be practical and effective in practice,
tools to automate testing based on the
predicates provide a minimal base, and mechanical logics to support fully
formal proofs that the properties hold provide important additional
capabilities.
To be useful in undergraduate education, such tools must be accessible to students willing to invest, say, 5 to 25 hours of study in their use. (With a nominal study-time of two hours outside class for each our in class, that investment comprises one to five weeks of course work effort.) In our experience over the past five years at the University of Oklahoma, the DrACuLa/ACL2 programming-environment/theorem-prover combination provides the necessary support for effective education on automated, predicate-based testing and the use of mechanical logic to formally verify software properties for senior-level computer science students. The use of these tools comprises about a third of the lecture material and project work associated with a required course in software engineering. Ten to twelve hours of the 37 hours of lecture time in the course are devoted to the DrACuLa/ACL2 topic, and students succeed at normal rates. Almost all of them acquire the ability to effectively use predicate-based, automated testing provided in DrACuLa, the great majority have at least a few successes with ACL2, the top half acquire enough skills with ACL2 to seek experience similar tools in future projects, and the top decile becomes more effective with ACL2 than one could reasonable expect. A second, project-based software engineering course makes extensive use of the facilities with no significant additional lecture time devoted to the topic. The project-based course is also required for BS students in CS at OU, and virtually all students see a reasonable measure of success, with the best exceeding expectations. |
| Carl Eastlund | In the spring term of 2007 Northeastern University offered an experimental freshman course in symbolic logic to a group of six students selected from 28 volunteers. Selections formed a class with a range of abilities about equally distributed across the top half of computer science students. The course made use of the Dracula/ACL2 environment, focused on applications of logic in the design of computing artifacts, and was designed to replace a logic course offered by the Department of Philosophy and required in the CS curriculum. The course was successful enough to generate as a follow-up a regularly scheduled course in symbolic logic, using the ACL2 from an alternative environment (the ACL2 Sedan) the following term for computer science students, and the material is now on track to replace the existing requirement in logic. |
| Daniel Moix | The Arkansas School
for Mathematics, Sciences & the Arts is a residential school for
third- and fourth-year high school students selected from Arkansas
applicants who will have completed the first two years of high school by
the time of matriculation. It offers college-level courses in computer science, ranging from introductory
programming to data structures, and including courses in databases, networking, and symbolic logic.
Presently, the core programming courses focus on Java to better prepare students for the Advanced Placement exam. However, beginning in 2009 AP testing will no longer include an AB level, which is the level targeted by certain current programming courses. At that point, the faculty will reevaluate the languages chosen for advanced courses, we will look for a way to work Dracula/ACL2 or similar tools into the curriculum. At this point, we are also looking into introducing some of these ideas into the symbolic logic course, since AP requirements do not constrain it to Java. We will consider both the Northeastern approach in this endeavor and an approach used at OU. We have had for many years agreements in place for concurrent registration between our courses and equivalent ones at Arkansas colleges, and would try to fit any new offering in symbolic logic into this framework. |
| Yifei Dong | My background in formal methods lies mostly in the area of model checking, but theorem proving systems interest me, too. I teach a required undergraduate course in programming languages in which the Dracula/ACL2 environment could play a role. |
| Dwayne Towell | We have a strong interest in formal methods and will be looking for ways to introduce some material such as has been discussed at this workshop into our curriculum. |
| Nelson Rushton | I have been introducing logic and proofs in my data structures
class. The class uses C++ as as implementation language (by department policy), but by prohibiting students in certain
assignments from using the assignment operator (=), programs can be forced to be essentially
functional so that standard mathematical reasoning may be used to analyze them. I have found that one of students' primary hurdles to reading and writing rigorous arguments is the ability to formulate individual propositions precisely. I have used formal predicate calculus as a language for them to write propositions and found it helpful. In constructing arguments using these propositions I use informal methods, to keep proofs from being tedious. An example of a student exercise along these lines can be found here: http://docs.google.com/Doc?id=d5z9dbp_143hs4p7nfw |
| Ruben Gamboa | I teach an undergraduate course in software engineering at the University of Wyoming and will consider including material of the type discussed here in that course. It has been a long time dream of mine to integrate ideas from my research in the development and application of theorem proving systems into my course offerings, and this appears to be a path leading in that direction. |
| Jon Hoag | My advisor, David Schmidt, has a strong interest and deep background in mathematical aspects of computer science. He has been teaching an introductory CS course for many years and may be able to incorporate some of this material into that course. Methods of this kind also bear on my PhD research program and future research plans. I have written some notes assessing my experience in the workshop. |
| Walid Taha | A seminar conducted by my research group meets
three days each week and provides an opportunity to discuss issues like
those of this workshop. It seems to me that the best route for this type
of material, given ongoing revision in the undergrad curriculum at Rice, is to begin with graduate courses and, possibly, a
few undergraduate research projects. This reflects what is possible for
the present, and it could give us an experience base
from which to expand.
To facilitate interchange in the Texas/Oklahoma area of ways to work concepts related to the material of this workshop into computer science curricula, we would like to begin a collaborative workgroup, with activities including in-person meetings at a central location. |