Hacker Neue

Preferences
rixed parent
There is another way formal methods parallel documentation: both are futile unless you can prove that the modelized/documented system matches the actual, live one.

"This is just a matter of discipline" is not very convincing, especially when the discipline involves long unpaid afterhours.

The examples I've seen in this report from AWS are mostly about one-shot events (helping going through important changes). It's good to see formal methods used in these cases of course, but I'd really like to read stories about how sustained use of formal methods helps reclaiming the high costs of the initial investment as the actual system evolves alongside the modelization.

hwayne
At least in the TLA+ community, the new state-of-art approach is to use the formal model to generate a test suite.
goostavos
That is interesting. Link?
gamegoblin
The part about S3 using lightweight formal methods in their ShardStore rust codebase is ongoing and operates on the system itself, not a model

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal