Download Abstract State Machines, Alloy, B, TLA, VDM, and Z: 4th by Yamine Ait Ameur, Klaus-Dieter Schewe PDF

By Yamine Ait Ameur, Klaus-Dieter Schewe

This ebook constitutes the completely refereed complaints of the 4th overseas convention on summary country Machines, B, TLA, VDM and Z, which happened in Toulouse, France, in June 2014. The thirteen complete papers awarded including three invited talks and 19 brief papers have been rigorously reviewed and chosen from eighty one submissions. The ABZ convention sequence is devoted to the cross-fertilization of six comparable state-based and machine-based formal equipment: summary country Machines (ASM), Alloy, B, TLA, VDM and Z. They proportion a standard conceptual origin and are regular in either academia and for the layout and research of and software program structures. the most target of this convention sequence is to give a contribution to the combination of those formal equipment, clarifying their commonalities and changes to higher know the way to mix assorted methods for achieving a few of the initiatives in modeling, experimental validation and mathematical verification of trustworthy top quality hardware/software systems.

Taking approximately 5 weeks on a single EC2 instance with 16 virtual CPUs, 60 GB RAM and 2 TB of local SSD storage. Why Amazon Chose TLA+ 29 model checker. However, we found that the SAT solvers often crash or hang when asked to solve the size of finite model that is necessary for achieving reasonable confidence in a more complex concurrent or distributed system. When we were preparing this paper, Daniel Jackson told us [14] that Alloy was not intended or designed for model checking such algorithms.

This is one of the most significant differences between the formal methods that we tried. The primary output of the Alloy Analyzer tool is diagrams; it displays an execution trace as a graph of labelled nodes. The tool uses relatively sophisticated algorithms to arrange the graph for display, but we still found this output to be incomprehensible for systems with more than a few variables or time-steps. To work around this problem we often found ourselves exporting the execution trace to an XML file and then using a text editor and other tools to explore it.

We preferred candidate methods that had already been shown to work on problems in industry, that seemed relatively easy to learn, and that we could apply to real problems while we were learning. We were less concerned about “verification philosophy” such as process algebra vs. state machines; we would have used any method that worked well for our problems. We evaluated Alloy and TLA+ by trying them on real-world problems [29]. We did a smaller evaluation of Microsoft VCC. We read about Promela/Spin [13], Event-B, B, Z, Coq, and PVS, but did not try them, as we halted the investigation when we realized that TLA+ solved our problem.

