Correctness, confidence, and context: Framing software assurance in the AI age
2026-07-06 • Software Engineering
Software Engineering
AI summaryⓘ
The authors discuss how software engineering struggles with the idea of 'correctness' because it's hard to fully prove software is perfect. They point out that traditional methods rely on careful reasoning and expert knowledge, while generative AI works by making statistical guesses that are only probably right. This difference means AI can't guarantee correctness in the same way, especially since it misses human tacit knowledge. The authors suggest that the rise of generative AI might push the field to better understand and combine different assurance methods to build reliable software. They encourage software engineers to approach this challenge more systematically and thoughtfully.
software engineeringcorrectnessformal rigorfunctional correctnessgenerative AIstatistical predictionprobably approximately correctassurance techniquestacit knowledgesoftware verification
Authors
Mary Shaw
Abstract
Software engineering has a complicated relationship with "correctness". We recognize the challenges of full formal rigor as well as many required properties beyond functional correctness. Although we satisfice in practice, we are still stuck in the mindset that we could reason our way to correctness, if only we had enough information. Generative AI has introduced a new dimension to assurances: its foundation is statistical rather than formal. Traditional software engineering establishes confidence through rigorous reasoning, domain knowledge and expert judgment. In contrast, generative AI's results are sophisticated predictions, in Valiant's words "probably approximately correct". This inherently limits assurances about the results are to probabilistic assertions. Further, the nuances and implicit associations that guide human judgment are not accessible to its training sets, so that tacit knowledge cannot be incorporated in its models. We have many approaches for developing assurances that a software system does what it's expected to do, though most of them focus on the specification of the code rather than the requirements for the system, let alone fitness for purpose. We have failed to develop a systematic understanding of the relative merits of the various approaches. I hope that generative AI will finally force us to tackle this. To that end, I will challenge us to think systematically about our assurance techniques. We need ways to make informed, reasoned choices about cost-effective combinations of approaches to devel-oping confidence in our systems. We call ourselves software engineers. Let's act like engineers.