Formal Methods are mathematically-based techniques for software design and engineering, which enable the unambiguous description of and reasoning about a system’s behaviour. Autonomous systems use software to make decisions without human control, are often embedded in a robotic system, are often safety-critical, and are increasingly being introduced into everyday settings. Autonomous systems need robust development and verification methods, but formal methods practitioners are often asked: Why use Formal Methods for Autonomous Systems? To answer this question, this position paper describes five recipes for formally verifying aspects of an autonomous system, collected from the literature. The recipes are examples of how Formal Methods can be an effective tool for the development and verification of autonomous systems. During design, they enable unambiguous description of requirements; in development, formal specifications can be verified against requirements; software components may be synthesised from verified specifications; and behaviour can be monitored at runtime and compared to its original specification. Modern Formal Methods often include highly automated tool support, which enables exhaustive checking of a system’s state space. This paper argues that Formal Methods are a powerful tool for the repertoire of development techniques for safe autonomous systems, alongside other robust software engineering techniques.

形式方法是用于软件设计和工程的基于数学的技术，它能够对系统行为进行明确的描述和推理。自主系统使用软件在没有人工控制的情况下做出决策，通常嵌入在机器人系统中，通常对安全至关重要，并且越来越多地被引入到日常环境中。自治系统需要稳健的开发和验证方法，但形式方法从业者经常被问到：为什么对自治系统使用形式方法? 为了回答这个问题，本立场文件描述了从文献中收集的用于正式验证自治系统各个方面的五个方法。这些菜谱是形式方法如何成为自主系统开发和验证的有效工具的示例。在设计过程中，它们可以对需求进行明确的描述；在开发中，可以根据需求验证正式的规范；软件组件可以从经过验证的规范中合成；和行为可以在运行时监控并与其原始规范进行比较。现代形式方法通常包括高度自动化的工具支持，可以对系统的状态空间进行详尽的检查。本文认为，形式方法是安全自主系统开发技术的强大工具，