Proof Scores: A Survey (full version)
Adrian Riesco, Kazuhiro Ogata, Masaki Nakamura, Daniel Gaina, Duong Dinh Tran, Kokichi Futatsugi
TL;DR
Proof Scores survey documents a verification approach where proof obligations are encoded directly as executable scores embedded in the same specification language. Grounded in the OBJ family, the methodology leverages order-sorted signatures, initial algebras, and a robust satisfaction framework to integrate proof generation with specification. The paper details foundational theory, modular specification-building operators, tooling (CafeOBJ, Maude, and CafeInMaude), and practical demonstrations via observational transition systems and the QLOCK example, along with automation aids like CiMPA, CiMPG, and IPSG. It also candidly discusses adoption barriers and sketches a roadmap toward automated lemma discovery, IDE support, and AI-assisted verification to bridge theory and industry practice.
Abstract
Proof scores can be regarded as outlines of the formal verification of system properties. They have been historically used by the OBJ family of specification languages. The main advantage of proof scores is that they follow the same syntax as the specification language they are used in, so specifiers can easily adopt them and use as many features as the particular language provides. In this way, proof scores have been successfully used to prove properties of a large number of systems and protocols. However, proof scores also present a number of disadvantages that prevented a large audience from adopting them as proving mechanism. In this paper we present the theoretical foundations of proof scores; the different systems where they have been adopted and their latest developments; the classes of systems successfully verified using proof scores, including the main techniques used for it; the main reasons why they have not been widely adopted; and finally we discuss some directions of future work that might solve the problems discussed previously.