Information and Software Technology 1995 37 (5-6) 261-268 Making formal methods education effective for professional software engineers zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA David Garlan Department of Computer Science, 5ooO Forbes Avenue, Carnegie Mellon University, Pittsburgh, PA 15213, USA A critical issue in the design of a professional software engineering degree program is the way in which formal methods are integrated into the curriculum. The approach taken by most programs is to teach formal techniques for software development in a separate course on formal methods. In this paper we detail some of the problems with that approach and describe an alternative in which formal methods are integrated across the curriculum. We illustrate the strengths and weaknesses of this alternative in terms of our experience of using it in the Master of Software Engineering Program at Carnegie Mellon University. Keywords: formal methods, software engineering education, masters programs, Z, MSE A critical component of any engineering discipline is a collection of formal techniques for development and analysis of the artefacts produced by engineers. Civil engineers use structural analysis based on formalisms for characterizing strength of materials. Chemical engineers use formalisms based on unit operations. What, then, do software engineers use? The sad fact is that there is little in the way of routine formalism that is applied throughout the industry. By and large, software engineers develop systems using informal methods and procedures based on accumulated experience building similar systems. The situation can be partly explained by the fact that the state of the science underlying large-scale, commercial software development is relatively immature’. While there are many proposals for formal software development methods (such as program verification’, rigorous program development3.4, abstract specifications of module?, and modelling of concurrency6), there is no well-established body of formal foundations that is uniformly recognized as fundamental to industrial software development. There have been some notable successes of formal methods in in- dustry7-9. However, the fact remains that the primary pro- ponents of systematic application of formal development have been academicians and those working in the areas of secure and safety-critical systems. But a lack of widely accepted, scientific underpinnings is (at best) only partly the reason. Indeed, the emerging examples of successful development and the application of special-purpose formalisms (e.g. in areas such as protocol verification”, testing, and real-time scheduling’ ’ , indicate that benefits of existing formal methods are simply not being exploited. For educators this presents both a problem and an oppor- tunity. It is a problem because the lack of a coherent body of widely applicable, formal methods makes it difficult for educators to know what and how to teach existing techniques. It is an opportunity because it allows educators to advance the state of practice by helping to produce fresh practitioners who are equipped with a new set of practical, formal skills, and who can speed the broader dissemination and adoption of formal methods in industry. In response to this situation, the usual approach to the introduction of formal methods in software engineering curricula is to provide a special course in which a variety of formal techniques are surveyed, and perhaps partially mastered by the students. Such a course satisfies the need to make students aware of some formal approaches to soft- ware development. But it also has a number of problems, detailed later, the most serious of which is that it tends to isolate the use of formal methods from the mainstream activities of software development emphasized in the rest of the curriculum. In this paper we describe a different approach. Instead of segregating instruction of formal methods, we attempt to integrate it across the curriculum. To illustrate this approach we describe the recently redesigned Master of Software Engineering curriculum at Carnegie Mellon University, and evaluate our experience in using it to date. 0950-5849/1995 Elsevier Science B.V. 261