VLISP A Verfied Implementation of Scheme

The VLISP project undertook to provide a rigorous verification of a programming language. The project began at the MITRE Corporation in late 1989 under the company's Technology Program. The work was supervised by the Rome Laboratory of the U.S. Air Force. Northeastern University became involved a year later. The aim was to show realism and comprehensiveness. Realism is revealed in the choice of a widely used programming language, Scheme, and the choice of a flexible and reasonably efficient implementation strategy. Comprehensiveness is revealed in the broad range of steps undertaken in verification, leading from the abstract syntax of a high level programming language, equipped with a continuation style, denotational semantics, down to an abstract assembly language equipped with a concrete operational semantics. The editors of VLISP have extracted re-usable conclusions from the work at two, quite different levels. First general approaches to the organization of the work have been found which are beneficial and which can be recommended. They help to make formal methods more pragmatically effective. Second, there are four main verification techniques that are applied in the proof process. This relatively small collection of techniques, none of them particularly arcane, allow a large verification to be undertaken. The identification of such re-usable parts bodes well for the increased use of formal methods in compiler construction.