Specification-Code Mismatch

A specification-code mismatch occurs when the actual implementation of a protocol deviates from the formal specification created during the design phase. This can happen due to developer error during coding or last-minute changes that are not reflected in the proof model.

These discrepancies are often where the most critical vulnerabilities hide. Ensuring that the code and the formal proof remain synchronized throughout the development lifecycle is essential for maintaining the integrity of the system.

It requires tight integration between the engineering and verification teams.