Using a formal specification and a model checker to monitor and direct simulation
Proceedings of the 40th annual Design Automation Conference
Action systems in incremental and aspect-oriented modeling
Distributed Computing - Papers in celebration of the 20th anniversary of PODC
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Faster constraint solving with subtypes
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Modular Design of Reactive Systems
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Linking Simulation with Formal Verification at a Higher Level
IEEE Design & Test
Implementation of control systems using B action systems: a case study
Nordic Journal of Computing
A formal logic-based language and an automated verification tool for computer forensic investigation
Proceedings of the 2005 ACM symposium on Applied computing
Toward a semantic anchoring infrastructure for domain-specific modeling languages
Proceedings of the 5th ACM international conference on Embedded software
Object-oriented algorithm analysis and design with Java
Science of Computer Programming - Special issue on principles and practice of programming in java (PPPJ 2003)
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
Formal security analysis of basic network-attached storage
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Multifacet's general execution-driven multiprocessor simulator (GEMS) toolset
ACM SIGARCH Computer Architecture News - Special issue: dasCMP'05
High-level synthesis: an essential ingredient for designing complex ASICs
Proceedings of the 2004 IEEE/ACM International conference on Computer-aided design
Tinker: a tool for designing data-centric sensor networks
Proceedings of the 5th international conference on Information processing in sensor networks
Decidability results for sets with atoms
ACM Transactions on Computational Logic (TOCL)
Ad hoc extensibility and access control
ACM SIGOPS Operating Systems Review
Efficient and decentralized PageRank approximation in a peer-to-peer web search network
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
The SMART way to migrate replicated stateful services
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Design and implementation of a GUI for the TLC model checker
ACM SIGPLAN Notices
Mace: language support for building distributed systems
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
WiDS: an integrated toolkit for distributed system development
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Policy-based Coordination in PAGODA: A Case Study
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards Property Oriented Testing
Electronic Notes in Theoretical Computer Science (ENTCS)
Formal techniques for SystemC verification
Proceedings of the 44th annual Design Automation Conference
A mapping from AADL to Java-RTSJ
JTRES '07 Proceedings of the 5th international workshop on Java technologies for real-time and embedded systems
Staging telephony service creation: a language approach
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Niobe: A practical replication protocol
ACM Transactions on Storage (TOS)
Automatic proof of refinement among design patterns using the TLC model checker
ACOS'07 Proceedings of the 6th Conference on WSEAS International Conference on Applied Computer Science - Volume 6
Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
UML&AADL '2007 grand challenges
ACM SIGBED Review
Validating Behavioral Component Interfaces in Rewriting Logic
Fundamenta Informaticae - Behavior of Composed Concurrent Systems: Logic and Reasoning
Composing heterogeneous reactive systems
ACM Transactions on Embedded Computing Systems (TECS)
Pre-RTL formal verification: an intel experience
Proceedings of the 45th annual Design Automation Conference
Building Verifiable Sensing Applications Through Temporal Logic Specification
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part I: ICCS 2007
Temporal Logic with Capacity Constraints
FroCoS '07 Proceedings of the 6th international symposium on Frontiers of Combining Systems
Mechanical Verification of Transactional Memories with Non-transactional Memory Accesses
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Modelling with Relational Calculus of Object and Component Systems - rCOS
The Common Component Modeling Example
A Scalable and Oblivious Atomicity Assertion
CONCUR '08 Proceedings of the 19th international conference on Concurrency Theory
Formal Verification of ASM Models Using TLA +
ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
State space abstraction for parameterized self-stabilizing embedded systems
EMSOFT '08 Proceedings of the 8th ACM international conference on Embedded software
Formal specification and validation of multi-agent behaviour using TLA+ and TLC model checker
International Journal of Artificial Intelligence and Soft Computing
Towards reasoning about teleo-reactive programs for robust real-time systems
Proceedings of the 2008 RISE/EFTS Joint International Workshop on Software Engineering for Resilient Systems
An Efficient Approach to Compose Web Services
WI-IAT '08 Proceedings of the 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
Refinement and verification in component-based model-driven design
Science of Computer Programming
Improving reliability of cooperative concurrent systems with exception flow analysis
Journal of Systems and Software
Dynamically Detecting Faults via Integrity Constraints
Methods, Models and Tools for Fault Tolerance
Modelling of Complex Systems: Systems as Dataflow Machines
Fundamenta Informaticae - Machines, Computations and Universality, Part II
A TLA+ Formal Specification and Verification of a New Real-Time Communication Protocol
Electronic Notes in Theoretical Computer Science (ENTCS)
Cimbiosys: a platform for content-based partial replication
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Teaching and practicing computer science at the university level
ACM SIGCSE Bulletin
Visibility: a novel concept for characterising provable network digital evidences
International Journal of Security and Networks
Multicore parallel min-cost flow algorithm for CAD applications
Proceedings of the 46th Annual Design Automation Conference
DSF: a common platform for distributed systems research and development
Proceedings of the 10th ACM/IFIP/USENIX International Conference on Middleware
Best-first heuristic search for multi-core machines
IJCAI'09 Proceedings of the 21st international jont conference on Artifical intelligence
A formal analysis of database replication protocols with SI replicas and crash failures
The Journal of Supercomputing
Modeling Concurrent Systems with Shared Resources
FMICS '09 Proceedings of the 14th International Workshop on Formal Methods for Industrial Critical Systems
On the Difficulties of Concurrent-System Design, Illustrated with a 2×2 Switch Case Study
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Making Temporal Logic Calculational: A Tool for Unification and Discovery
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Reduced Execution Semantics of MPI: From Theory to Practice
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Role-Based Symmetry Reduction of Fault-Tolerant Distributed Protocols with Language Support
ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Towards formalising AADL in Proof Assistants
Electronic Notes in Theoretical Computer Science (ENTCS)
Architecture Description for Mobile Distributed Systems Using Typed π-Calculus
Electronic Notes in Theoretical Computer Science (ENTCS)
Specialization of Interaction Protocols in a Temporal Action Logic
Electronic Notes in Theoretical Computer Science (ENTCS)
Interactive verification of concurrent systems using symbolic execution
AI Communications - Practical Aspects of Automated Reasoning
SelfTalk for Dena: query language and runtime support for evaluating system behavior
ACM SIGOPS Operating Systems Review
Proceedings of the 5th European conference on Computer systems
Low-level programming in Hume: an exploration of the HW-Hume level
IFL'06 Proceedings of the 18th international conference on Implementation and application of functional languages
Formal derivation of spanning trees algorithms
ZB'03 Proceedings of the 3rd international conference on Formal specification and development in Z and B
Formalizing the well-formedness rules of EJB3QL in UML + OCL
MoDELS'06 Proceedings of the 2006 international conference on Models in software engineering
Efficient methods for formally verifying safety properties of hierarchical cache coherence protocols
Formal Methods in System Design
Data generation in model-based testing
Proceedings of the 2010 ACM Symposium on Applied Computing
A formal analysis of the deferred update technique
OPODIS'07 Proceedings of the 11th international conference on Principles of distributed systems
Using mobile architecture modeling and simulation for enterprise applications
TEAA'06 Proceedings of the 2nd international conference on Trends in enterprise application architecture
Services as a paradigm of computation
Formal methods and hybrid real-time systems
Taming the complexity of temporal epistemic reasoning
FroCoS'09 Proceedings of the 7th international conference on Frontiers of combining systems
A query language and runtime tool for evaluating behavior of multi-tier servers
Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems
DSF: a common platform for distributed systems research and development
Middleware'09 Proceedings of the ACM/IFIP/USENIX 10th international conference on Middleware
On hierarchically developing reactive systems
Information and Computation
Journal of Systems and Software
Consistability: describing usually consistent systems
HotDep'08 Proceedings of the Fourth conference on Hot topics in system dependability
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Multicore parallelization of min-cost flow for CAD applications
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems - Special section on the ACM IEEE international conference on formal methods and models for codesign (MEMOCODE) 2009
A formal approach for the development of reactive systems
Information and Software Technology
Compositional action system derivation using enforced properties
MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Unifying theories of programming that distinguish nontermination and abort
MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Toward reliable and efficient message passing software through formal analysis
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
A distributed platform based on web services for multimedia resource discovery
ISPDC'03 Proceedings of the Second international conference on Parallel and distributed computing
Towards a specific software development process for high integrity systems
ACM SIGSOFT Software Engineering Notes
Pointfree expression and calculation: from quantification to temporal logic
Formal Methods in System Design
Suitability of mCRL2 for concurrent-system design: a 2 × 2 switch case study
FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Model-driven protocol design based on component oriented modeling
ICFEM'10 Proceedings of the 12th international conference on Formal engineering methods and software engineering
Best-first heuristic search for multicore machines
Journal of Artificial Intelligence Research
A high-level language for modeling algorithms and their properties
SBMF'10 Proceedings of the 13th Brazilian conference on Formal methods: foundations and applications
MOMMIE knows best: systematic optimizations for verifiable distributed algorithms
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
Abstraction in hardware system design
Communications of the ACM
Abstraction in Hardware System Design
Queue - Data
Towards verification of the pastry protocol using TLA+
FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
On the refinement of liveness properties of distributed systems
Formal Methods in System Design
Proceedings of the 10th ACM international conference on Generative programming and component engineering
Innovations in Systems and Software Engineering
Towards a system model for ensembles
Formal modeling
Journal of Computer and System Sciences
Modeling and analyzing mobile software architectures
EWSA'06 Proceedings of the Third European conference on Software Architecture
Maximal group membership in ad hoc networks
PPAM'05 Proceedings of the 6th international conference on Parallel Processing and Applied Mathematics
An open extensible tool environment for event-b
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
Modelling of complex software systems: a reasoned overview
FORTE'06 Proceedings of the 26th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
Architecture description for mobile distributed systems
EWSA'05 Proceedings of the 2nd European conference on Software Architecture
Reliability, thermal, and power modeling and optimization
Proceedings of the International Conference on Computer-Aided Design
Empirically efficient verification for a class of infinite-state systems
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Combining formal methods for the development of reactive systems
International Journal of Computer Applications in Technology
Symbolic partial order reduction for rule based transition systems
CHARME'05 Proceedings of the 13 IFIP WG 10.5 international conference on Correct Hardware Design and Verification Methods
A temporal logic-based model for forensic investigation in networked system security
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Component-based software engineering
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
DISC'05 Proceedings of the 19th international conference on Distributed Computing
Using domain-independent problems for introducing formal methods
FM'06 Proceedings of the 14th international conference on Formal Methods
Enforcing different contracts in hierarchical component-based systems
SC'06 Proceedings of the 5th international conference on Software Composition
Applications of the ASF+SDF meta-environment
GTTSE'05 Proceedings of the 2005 international conference on Generative and Transformational Techniques in Software Engineering
MadLINQ: large-scale distributed matrix computation for the cloud
Proceedings of the 7th ACM european conference on Computer Systems
Designing old and new distributed algorithms by replaying an incremental proof-based development
Rigorous Methods for Software Construction and Analysis
Enabling security testing from specification to code
IFM'05 Proceedings of the 5th international conference on Integrated Formal Methods
Specifying system families with TLA+
SEPADS'12/EDUCATION'12 Proceedings of the 11th WSEAS international conference on Software Engineering, Parallel and Distributed Systems, and proceedings of the 9th WSEAS international conference on Engineering Education
The development and writing of "process structuring"
Dependable and Historic Computing
Formal specification and verification of vehicular handoff using π-calculus
Proceedings of the 1st International Conference on Wireless Technologies for Humanitarian Relief
Teaching formal methods in a third world country: what, why and how
TFM'06 Proceedings of the 2006 conference on Teaching Formal Methods: practice and experience
Microsemantics as a bootstrap in teaching formal methods
TFM'06 Proceedings of the 2006 conference on Teaching Formal Methods: practice and experience
Automatic verification of TLA+ proof obligations with SMT solvers
LPAR'12 Proceedings of the 18th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Modelling of Complex Systems: Systems as Dataflow Machines
Fundamenta Informaticae - Machines, Computations and Universality, Part II
Medical protocol diagnosis using formal methods
FHIES'11 Proceedings of the First international conference on Foundations of Health Informatics Engineering and Systems
Validating Behavioral Component Interfaces in Rewriting Logic
Fundamenta Informaticae - Behavior of Composed Concurrent Systems: Logic and Reasoning
Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
Enhancing OSGi with explicit, vendor independent extra-functional properties
TOOLS'12 Proceedings of the 50th international conference on Objects, Models, Components, Patterns
Translating TLA+ to b for validation with ProB
IFM'12 Proceedings of the 9th international conference on Integrated Formal Methods
Rely/Guarantee reasoning for teleo-reactive programs over multiple time bands
IFM'12 Proceedings of the 9th international conference on Integrated Formal Methods
Security Analysis of Standards-Driven Communication Protocols for Healthcare Scenarios
Journal of Medical Systems
The Journal of Supercomputing
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Verification of distributed applications
SAFECOMP'07 Proceedings of the 26th international conference on Computer Safety, Reliability, and Security
Formal specification and analysis of AFDX redundancy management algorithms
SAFECOMP'07 Proceedings of the 26th international conference on Computer Safety, Reliability, and Security
A formal analysis of the deferred update technique
DISC'07 Proceedings of the 21st international conference on Distributed Computing
A theory of history dependent abstractions for learning interface automata
CONCUR'12 Proceedings of the 23rd international conference on Concurrency Theory
Combining Formal Methods for the Development of Reactive Systems
ACM Transactions on Embedded Computing Systems (TECS) - Special Issue on Modeling and Verification of Discrete Event Systems
High-Level executable specifications of distributed algorithms
SSS'12 Proceedings of the 14th international conference on Stabilization, Safety, and Security of Distributed Systems
Formal verification of distributed algorithms: from pseudo code to checked proofs
TCS'12 Proceedings of the 7th IFIP TC 1/WG 202 international conference on Theoretical Computer Science
A model-driven approach to teaching concurrency
ACM Transactions on Computing Education (TOCE)
Compositional verification of application-level security properties
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Proceedings of the 2013 ACM symposium on Principles of distributed computing
Deriving real-time action systems in a sampling logic
Science of Computer Programming
A method and tool for tracing requirements into specifications
Science of Computer Programming
| Hi-index | 0.02 |
From the Book: This book will teach you how to write specifications of computer systems, using the language TLA+. It's rather long, but most people will read only Part I, which comprises the first 83 pages. That part contains all that most engineers need to know about writing specifications; it assumes only the basic background in computing and knowledge of mathematics expected of an undergraduate studying engineering or computer science. Part II contains more advanced material for more sophisticated readers. The remainder of the book is a reference manualPart III for the TLA+ tools and Part IV for the language itself. The TLA World Wide Web page contains material to accompany the book, including the TLA+ tools, exercises, references to the literature, and a list of corrections. There is a link to the TLA Web page on http://lamport.org.What Is a Specification?Writing is nature's way of letting you know how sloppy your thinking is.-GuindonA specification is a written description of what a system is supposed to do. Specifying a system helps us understand it. It's a good idea to understand a system before building it, so it's a good idea to write a specification of a system before implementing it.This book is about specifying the behavioral properties of a systemalso called its functional or logical properties. These are the properties that specify what the system is supposed to do. There are other important kinds of properties that we don't consider, including performance properties. Worst-case performance can often be expressed as a behavioral propertyforexample, Chapter 9 explains how to specify that a system must react within a certain length of time. However, specifying average performance is beyond the scope of the methods described here.Our basic tool for writing specifications is mathematics. Mathematics is nature's way of letting you know how sloppy your writing is. It's hard to be precise in an imprecise language like English or Chinese. In engineering, imprecision can lead to errors. To avoid errors, science and engineering have adopted mathematics as their language.The mathematics we use is more formal than the math you've grown up with. Formal mathematics is nature's way of letting you know how sloppy your mathematics is. The mathematics written by most mathematicians and scientists is not really precise. It's precise in the small, but imprecise in the large. Each equation is a precise assertion, but you have to read the accompanying words to understand how the equations relate to one another and exactly what the theorems mean. Logicians have developed ways of eliminating those words and making the mathematics completely formal, and hence completely precise.Most mathematicians and scientists think that formal mathematics, without words, is long and tiresome. They're wrong. Ordinary mathematics can be expressed compactly in a precise, completely formal language. It takes only about two dozen lines to define the solution to an arbitrary differential equation in the Differential Equations module of Chapter 11. But few specifications need such sophisticated mathematics. Most require only simple application of a few standard mathematical concepts.Why TLA+?We specify a system by describing its allowed behaviorswhat it may do in the course of an execution. In 1977, Amir Pnueli introduced the use of temporal logic for describing system behaviors. In principle, a system could be described by a single temporal logic formula. In practice, it couldn't. Pnueli's temporal logic was ideal for describing some properties of systems, but awkward for others. So, it was usually combined with a more traditional way of describing systems.In the late 1980s, I invented TLA, the Temporal Logic of Actionsa simple variant of Pnueli's original logic. TLA makes it practical to describe a system by a single formula. Most of a TLA specification consists of ordinary, nontemporal mathematics. Temporal logic plays a significant role only in describing those properties that it's good at describing. TLA also provides a nice way to formalize the style of reasoning about systems that has proved to be most effective in practicea style known as assertional reasoning. However, this book is about specification; it says almost nothing about proofs.Temporal logic assumes an underlying logic for expressing ordinary mathematics. There are many ways to formalize ordinary math. Most computer scientists prefer one that resembles their favorite programming language. I chose instead the one that most mathematicians preferthe one logicians call first-order logic and set theory.TLA provides a mathematical foundation for describing systems. To write specifications, we need a complete language built atop that foundation. I initially thought that this language should be some sort of abstract programming language whose semantics would be based on TLA. I didn't know what kind of programming language constructs would be best, so I decided to start writing specifications directly in TLA. I intended to introduce programming constructs as I needed them. To my surprise, I discovered that I didn't need them. What I needed was a robust language for writing mathematics.Although mathematicians have developed the science of writing formulas, they haven't turned that science into an engineering discipline. They have developed notations for mathematics in the small, but not for mathematics in the large. The specification of a real system can be dozens or even hundreds of pages long. Mathematicians know how to write 20-line formulas, not 20-page formulas. So, I had to introduce notations for writing long formulas. What I took from programming languages were ideas for modularizing large specifications.The language I came up with is called TLA+. I refined TLA+ in the course of writing specifications of disparate systems. But it has changed little in the last few years. I have found TLA+ to be quite good for specifying a wide class of systemsfrom program interfaces (APIs) to distributed systems. It can be used to write a precise, formal description of almost any sort of discrete system. It's especially well suited to describing asynchronous systemsthat is, systems with components that do not operate in strict lock-step.About This BookPart I, consisting of Chapters 1 through 7, is the core of the book and is meant to be read from beginning to end. It explains how to specify the class of properties known as safety properties. These properties, which can be specified with almost no temporal logic, are all that most engineers need to know about. After reading Part I, you can read as much of Part II as you like. Each of its chapters is independent of the others. Temporal logic comes to the fore in Chapter 8, where it is used to specify the additional class of properties known as liveness properties. Chapter 9 describes how to specify real-time properties, and Chapter 10 describes how to write specifications as compositions. Chapter 11 contains more advanced examples. The three chapters in Part III serve as the reference manual for three TLA+ tools: the Syntactic Analyzer, the TLATEX typesetting program, and the TLC model checker. If you want to use TLA+, then you probably want to use these tools. They are available from the TLA Web page. TLC is the most sophisticated of them. The examples on the Web can get you started using it, but you'll have to read Chapter 14 to learn to use TLC effectively.Part IV is a reference manual for the TLA+ language. Part I provides a good enough working knowledge of the language for most purposes. You need look at Part IV only if you have questions about the fine points of the syntax and semantics. Chapter 15 gives the syntax of TLA+. Chapter 16 describes the precise meanings and the general forms of all the built-in operators of TLA+; Chapter 17 describes the precise meaning of all the higher-level TLA+ constructs such as definitions. Together, these two chapters specify the semantics of the language. Chapter 18 describes the standard modulesexcept for module RealTime, described in Chapter 9, and module TLC, described in Chapter 14. You might want to look at this chapter if you're curious about how standard elementary mathematics can be formalized in TLA+.Part IV does have something you may want to refer to often: a mini-manual that compactly presents lots of useful information. Pages 268-273 list all TLA+ operators, all user-definable symbols, the precedence of all operators, all operators defined in the standard modules, and the ASCII representation of symbols.