* THINGS TO DO WITH TOY GRAIL  -- HIGH PRIORITY  -*- outline -*-
================================================================

** EXAMPLES: some advanced/interesting examples of time/space bounds.
*** Examples with invoke static  (later invoke)
*** List examples, with theory of lists  (cf Tobias talk)
	--- list reversal
	--- Nick's examples
*** Generation of predicates from Camelot datatypes
*** Consider adding integer arrays: we may have simple, familiar examples then.

** Try MUTUAL RECURSION examples [coast/pedal example]

** Check verification conditions for a whole program

** Support experimental translation of SUBSET of Grail to Isabelle/Toy Grail

** Experiments with properties of Diamond class

** A paper describing all this work!  
***  Merlin workshop: deadline 16th June???  Something else?

** Work on document/informal towards deliverable for Sept


* THINGS TO DO WITH TOY GRAIL  -- LOWER PRIORITY  -*- outline -*-
=================================================================

** Experiment with VDM formalization

** A language for writing assertions

** Soundness of recursion rule for partial correctness 
    OR change defn of validity to reflect that we prove total c.
   
** [Formalise proof system; try proving completeness using MGT]

** Experiments with extracting and re-checking proofs, for wire-transmission
   [after Oct]

** Maintain list of things to do for full Grail formalization


=================================================================


* BIGGER QUESTIONS, STRATEGY FOR FULL GRAIL
===========================================

** Do we need to consider data-structure correctness?
   Reasoning about correctness of in-place update algorithms, etc.
   Maybe the heap-usage analysis can avoid this.

** Wait until Alberto joins us!   (July)
   Then discuss Isabelle vs Elf vs dedicated prover possibilities.
     With the Isabelle work, we have two possibilities:  
        (1) return to full Grail formalization, and extend that
        (2) "grow" ToyGrail into a somewhat different full Grail.
     [2 seems preferable]

** Investigate amortized cost examples

** Investigate automated complexity analysis





$Id: PLAN.txt,v 1.12 2003/06/06 16:57:38 da Exp $
