International audienceOver the last decade, the increasing demand for the validation of safety critical systems has led to the development of domain-specific programming languages (e.g. synchronous languages) and automatic verification tools (e.g. model checkers). Conventionally, the verification of a reactive system is implemented by specifying a discrete model of the system (i.e. a finite-state machine) and then checking this model against temporal properties (e.g. using an automata-based tool). We investigate the use of a synchronous programming language, Signal, and of a proof assistant, Coq, for the specification and the verification of co-inductive properties of the well-known steam-boiler problem. By way of this large-scale case-stud...