You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, in the requirements it is stated "MUST have a formal proof of correctness that we can show to regulators;"
It is not clear that what is the full scope of this formal proof. Are we looking at Formal spec and a model with automated checking or more traditional mathematical approach?
The text was updated successfully, but these errors were encountered:
This requirement seems to be very specific to Financial Markets use cases. EEA clients could be used in environments where there is no regulator. Whilst I think this is a good requirement I feel MUST is too strong.
I also think this is too strong - the formal proofs start from assumptions and deal with idealizations. Very often it is side-channel issues (=from outside of the theoretical model) that spoil the show.
Currently, in the requirements it is stated "MUST have a formal proof of correctness that we can show to regulators;"
It is not clear that what is the full scope of this formal proof. Are we looking at Formal spec and a model with automated checking or more traditional mathematical approach?
The text was updated successfully, but these errors were encountered: