Refinement type contracts for verification of scientific investigative software

Our scientific knowledge is increasingly built on software output. User code which defines data analysis pipelines and computational models is essential for research in the natural and social sciences, but little is known about how to ensure its correctness. The structure of this code and the development process used to build it limit the utility of traditional testing methodology. Formal methods for software verification have seen great success in ensuring code correctness but generally require more specialized training, development time, and funding than is available in the natural and social sciences. Here, we present a Python library which uses lightweight formal methods to provide correctness guarantees without the need for specialized knowledge or substantial time investment. Our package provides runtime verification of function entry and exit condition contracts using refinement types. It allows checking hyperproperties within contracts and offers automated test case generation to supplement online checking. We co-developed our tool with a medium-sized ($\approx$3000 LOC) software package which simulates decision-making in cognitive neuroscience. In addition to helping us locate trivial bugs earlier on in the development cycle, our tool was able to locate four bugs which may have been difficult to find using traditional testing methods. It was also able to find bugs in user code which did not contain contracts or refinement type annotations. This demonstrates how formal methods can be used to verify the correctness of scientific software which is difficult to test with mainstream approaches

Rampant software errors may undermine scientific results [version 2; referees: 2 approved]

The opportunities for both subtle and profound errors in software and data management are boundless, yet they remain surprisingly underappreciated. Here I estimate that any reported scientific result could very well be wrong if data have passed through a computer, and that these errors may remain largely undetected.  It is therefore necessary to greatly expand our efforts to validate scientific software and computed results

The <i>Bal des Ardents</i> (1393), Thomas of Woodstock (1397) and Richard II (1400): Three Medieval Conspiracy Rumours and the Scots’ Mine Play (1608).

Assassination vehicles in Elizabethan and Jacobean tragedies sometimes involve meta-theatrical court festival massacres: court performances embedded within full-length drama, resulting in violent death or trauma to characters in the play. During his career as a playwright (c. 1600–08), John Marston pioneered the masquerade-within as a popular sub-category of court festival massacre. Were such underhand festival appropriations wholly inspired by stage precedents? Or did they also occur in real life? Whether its deaths were accidental or resulted from a botched assassination plot, the 1393 Bal des Ardents was hugely culturally and politically influential. Its continuing cultural afterlives bear witness to the geographical, chronological and social shockwaves of a medieval event whose impact illuminates the persistent collective trauma generated by extreme modern assassinations. My researches identify the conspiracy rumours encouraged in the wake of the 1393 Paris disaster and two English conspiracies of 1397 and 1400 linked to court festivals, as key to a fresh approach to the meta-theatrical court festival massacre, and to interpretation of two plays traditionally discussed together, which refer to these English conspiracies, Shakespeare’s Richard II and the anonymous Thomas of Woodstock. My analysis supports a post-Elizabethan dating of Woodstock, and encourages the hypothesis that it could be the so-called Scots’ Mine Play of 1608, the lost Jacobean play thought by some to have ended Marston’s career as a playwright