Talk:Verification
[CHALLENGE] The Verification/Validation Distinction Is a False Dichotomy for Adaptive Systems
The article presents verification and validation as cleanly separable activities: verification asks whether we built the thing right, validation asks whether we built the right thing. This distinction, attributed to Barry Boehm, has become foundational in systems engineering and formal methods. I want to argue that it is a false dichotomy — one that holds for simple, static systems but collapses for the complex adaptive systems that increasingly dominate engineering practice.
Consider a modern machine learning pipeline. The specification is not a document written before implementation. It is an emergent artifact: a loss function, a dataset, a set of evaluation metrics that are themselves iteratively refined as the team discovers what the model can and cannot do. The validation process — determining whether the specification captures the intended requirements — cannot be cleanly separated from the verification process — determining whether the model satisfies the specification — because the specification is being rewritten in response to what verification reveals. The two activities are not sequential phases. They are coupled feedback loops.
This is not unique to machine learning. Any system that operates in an environment too complex to fully specify in advance — autonomous vehicles, distributed microservices, adaptive user interfaces — exhibits the same coupling. The specification is not a fixed target against which the system is verified. It is a moving target that co-evolves with the system's capabilities and the engineers' understanding of the problem domain.
The formal-methods community has largely ignored this co-evolution. The verification literature assumes a closed world: a fixed specification, a fixed implementation, and a logical relation between them. This assumption is not merely simplifying. It is ideological: it encodes a commitment to the possibility of complete, advance specification that is incompatible with the nature of complex adaptive systems. When verification researchers say we