Verified Mutable Data Structures

Malfunctions in software like airplane control systems or nuclear plant control systems can have catastrophic consequences. Formal verification is the only form of sofware testing that can guarantee the absence of bugs. Formally verified software gives a mathematical proof that the specification is correctly implemented and that no bugs would induce unwanted behaviour. This has a high development cost and having an entirely verified program takes time and effort. However, having verified components already has great benefits. We implement in Scala and formally verify with Stainless a hash map that can then be reused and act as a basis on which to rely. The implementation we propose is based on the LongMap of the Scala standard library with some minor adaptations. This map is implemented with mutable arrays. We give the specification with respect to an implementation of a map based on a list of tuples, that we implement and formally verify as well.