Crypto Wiki

A proof of concept or a proof of principle is realization of a certain method or idea(s) to demonstrate its feasibility,[1] or a demonstration in principle, whose purpose is to verify that some concept or theory is probably capable of being useful. A proof-of-concept may or may not be complete, and is usually small and incomplete.

A proof of concept of an idea is usually considered a milestone on the way to a fully functioning prototype.

In computer security the term proof of concept (proof of concept code or PoC) is often used as a synonym for a zero-day exploit which, mainly for its early creation, does not take full advantage over some vulnerability.

Origin of the phrase[]

The Oxford English Dictionary has an example of the use of the phrase as early as January 22, 1967 by the Los Angeles Times.

Results from a Google News Archive search (link) might suggest that the phrase was in common use by 1973.

One of the early uses of the term "proof of concept" was by Bruce Carsten in the context of a "proof of concept prototype". His usage was defined in the November 1989 Power Conversion and Intelligent Motion magazine, in a column "Carsten's Corner", (p. 38) subtitled "Let's Define a Few Terms":


Also defined and distinguished in the column were the terms 'breadboard', 'prototype', 'engineering prototype', and 'brassboard'.


In filmmaking[]

  • Sky Captain and the World of Tomorrow, 300, and Sin City were all shot in front of a bluescreen with almost all backgrounds and props computer generated. All three used proof of concept short films to demonstrate how their finished product would look, and the technical capabilities of the medium. In the case of Sin City, the proof of concept short made by director Robert Rodriguez was also used to convince Frank Miller (the author and artist of the original graphic novel series) that his work would be treated in a respectful manner and thus to approve the release of the movie rights. Supposedly, Rodriguez also used the proof of concept to convince the actors he wanted to cast in various parts.
  • The computer animation specialists Pixar sometimes create short animated films that include a proof of concept of a technically difficult task. Their short film Geri's Game (1997) included proofs of concept of the animation of cloth and of human facial expressions. These techniques were later used in the film Toy Story 2 (1999).
  • Similarly, in preparation for the creation of the film Finding Nemo (2003), the team created several short proofs of concept to experiment with the animation of water movement, the tentacles of a sea anemone, and the slow appearance of a whale swimming toward the camera from a long distance. These proofs of concept demonstrated ways for the team to accomplish difficult technical tasks, or proved that a particular creative concept "worked" (or didn't work!).

In security[]

In both computer security and encryption, proof of concept refers to a demonstration that in principle shows how a system may be protected or compromised, without the necessity of building a complete working vehicle for that purpose. Winzapper was a proof of concept which possessed the bare minimum of capabilities needed to selectively remove an item from the Windows Security Log; but, it was not optimized in any way.

In research and development[]

In the field of applied research people working on a project or proposal will often undertake internal research initially, to verify that the core ideas are functional and feasible, before going further. This sometimes includes limited performance testing. This use of proof of concept helps establish viability, technical issues, and overall direction, as well as providing feedback for budgeting and other forms of commercial discussion and control. It is not related to a scientific proof.

In sales and business development[]

In the field of business development and sales, a vendor may allow a prospect customer to trial the software product. This use of proof of concept helps establish viability, technical issues, and overall direction, as well as providing feedback for budgeting and other forms of internal decision making processes.

In software development[]

In software development, proof of concept (abbreviated POC) is often used to describe three processes with different objectives and different participant roles. These uses of the phrase proof of concept are therefore not synonymous and are delineated below.

A proof of concept can refer to a partial solution that involves a relatively small number of users acting in business roles to establish whether the system satisfies some aspect of the requirements.

By contrast, the objective of a proof of technology is to determine the solution to some technical problem, such as how two systems might be integrated or that a certain throughput can be achieved with a given configuration. No business users need be involved in a proof of technology.

A pilot project refers to an initial roll out of a system into production, targeting a limited scope of the intended final solution. The scope may be limited by the number of users who can access the system, the business processes affected, the business partners involved, or other restrictions as appropriate to the domain. The purpose of a pilot project is to test, often in a production environment, whether the system is working as it was designed while limiting business exposure.

See also[]

  • Sanity testing
  • Case study
  • Feasibility study
  • Concept vehicle
  • Prototype
  • An example: Template:Wikibooks-poc


de:Proof of Concept es:Prueba de concepto fr:Preuve de concept it:Proof of concept ja:概念実証 pl:Kod proof-of-concept zh:概念验证 fa:شاهد مثال