A software development process may support a transition from unverifiable, legacy code to verifiable code that is provably correct by construction. A behavioral model may be developed for legacy software that includes various behavioral criteria. Then, source code implemented in a verifiable language may be verified using the behavioral model to perform verification. Once the source code is complete and verified, a new verified implementation may be compiled. The verified implementation may then be executed, along with the legacy software, to identify differences in behavior which are fed back into the behavioral model and subsequently into the new source code. This process may then be iterated with the verifiable code being deployable once behavioral differences are resolved.