NVIDIA products are now running formally verified SPARK code, a shift from traditional testing methods for security. Daniel Rohrer, VP of Software Security at NVIDIA, highlights that testing security is nearly impossible, leading them to emphasize provability over testing. This led NVIDIA to investigate SPARK and conduct a successful Proof-of-Concept converting applications to SPARK in three months. The return on investment was promising, with major security improvements and efficiency gains. Over fifty developers are now trained in SPARK, and many NVIDIA products include SPARK components. The case study covers important topics like performance, skepticism, audits, and customer relationships, shedding light on the benefits of formal verification for cybersecurity strategies.
https://blog.adacore.com/nvidia-security-team-what-if-we-just-stopped-using-c