谋定后动法

谋定后动法（Correct by Construction，CbC）是一种开发方法论，在设计编码之前先构建数学模型^[1]，以在设计稳健性与物理约束之间取得平衡。^[2]谋定后动法强调代码与算法设计最底层的正确性，^[3]减少周期时间和成本，提升产品质量，并使实时产品反馈成为可能。^[4]

原则

设计错误常在开发周期后期或发布后被发现，^[4]未被验证发现的缺陷修复成本高且耗时。谋定后动法的目标是在进入寄存器传输级（RTL）设计并在验证工程师用硬件验证语言编写测试平台之前，尽早尽可能多地发现并消除缺陷。^[5]

例如，在土木工程中，桥梁设计师在打基础之前，先创建拟建方案的精确计算机模型。同样，谋定后动法使用模型对方案进行推理，以确保所需功能被实现且行为正确。后续测试仍会进行，但其作用转为验证谋定后动法的正确性，而非用于寻找错误。^[1]

参考

^ ^1.0 ^1.1 Escher Technologies - Correct by Construction. www.eschertech.com. [2025-10-04].
^ Sun, Minghui; Bakirtzis, Georgios; Jafarzadeh, Hassan; Fleming, Cody. Correct-by-construction requirement decomposition. Software and Systems Modeling. 2025-05-13. ISSN 1619-1366. doi:10.1007/s10270-025-01291-4 （英语）.
^ Kourie, Derrick G. The Correctness-By-Construction Approach to Programming. Astrophysics and Space Science Library. Bruce W. Watson 1st. Berlin, Heidelberg: Springer Berlin / Heidelberg. 2012: 48 (2012-04-12). ISBN 978-3-642-27918-8 （英语）.
^ ^4.0 ^4.1 Correct by Construction Design Principles. www5.cadence.com. [2025-10-04].
^ Find and Fix Bugs Early with Correct-by-Construction Coding | Synopsys. www.synopsys.com. [2025-10-04] （英语）.

[:0-1] 1.0 ^1.1 Escher Technologies - Correct by Construction. www.eschertech.com. [2025-10-04].

[2] Sun, Minghui; Bakirtzis, Georgios; Jafarzadeh, Hassan; Fleming, Cody. Correct-by-construction requirement decomposition. Software and Systems Modeling. 2025-05-13. ISSN 1619-1366. doi:10.1007/s10270-025-01291-4 （英语）.

[3] Kourie, Derrick G. The Correctness-By-Construction Approach to Programming. Astrophysics and Space Science Library. Bruce W. Watson 1st. Berlin, Heidelberg: Springer Berlin / Heidelberg. 2012: 48 (2012-04-12). ISBN 978-3-642-27918-8 （英语）.

[:1-4] 4.0 ^4.1 Correct by Construction Design Principles. www5.cadence.com. [2025-10-04].

[5] Find and Fix Bugs Early with Correct-by-Construction Coding | Synopsys. www.synopsys.com. [2025-10-04] （英语）.

[1]

[2]

[3]

[4]

[5]