This book will teach you how to use the specification TLA + language of the computer system. The full text of long length, but most people only need to read Part Ⅰ, that is enough content in front of 83, this section contains most of the engineers need to know about the preparation of specification; as for learning background knowledge it needs , assumed to undergraduate engineering or computer science is expected to master mathematics and computer knowledge. PartⅡ will provide more in-depth content expectations sophisticated readers. Rest of the book is to introduce the reference manual --Part Ⅲ TLA + Tools, Part Ⅳ introduce TLA + language itself.
TLA's official website http://lamport.org provided with the book resources, including TLA + tools, training, reference materials and inventory corrections. You can also search engines, use the following this 21-letter string uidlamporttlahomepage find these pages, but do not put this string will appear in any document inside the Internet.
What Is a Specification?
Writing is nature's way of letting you
know how sloppy your thinking is.
——Guindon
Specification is written to define the system should do. Define a system helps us to better understand it. Prior to the establishment of a system to understand it, before implementing the first to write a Specification is a good idea.
This book is about how to define system behavior properties can also be referred to as functional or logical attributes. These attributes define what operating systems should be executed. There are other important attribute types, we do not consider, including performance attributes. The worst-case performance generally can be expressed as behavioral attributes, for example, Chapter 9 describes how to define the system must respond within a certain time. However, the definition of the average performance beyond the scope of the method described herein.
The basic specification of the tools we write mathematics. Mathematics is to let you know that your writing is not how rigorous the most natural way, because of imprecise language (such as English or Chinese) is difficult to be precise. In engineering practice, inaccuracies can cause a lot of mistakes, so the mathematical sciences and engineering as the basic language.
Mathematics used in this book than you would from small to large to use the more formal mathematics. Mathematical form so that you can naturally know how to use math you grew sloppy. Mathematics used in writing most of mathematicians and scientists are not very accurate, can only say that the precise circumstances under small scale, but imprecise wider scale. Each equation is an accurate assertion, but you must read the accompanying text to understand the exact meaning of the relationship between the equations and theorems. Logicians have been developed to eliminate these explanatory text and math fully formalized, thus completely accurate method.
Most mathematicians and scientists agree that the form of mathematics is very long, very boring, I think they are wrong, ordinary mathematics can also use a precise, compact express fully formalized language. In Chapter 11 DierentialEquations module, the solution can determine an arbitrary differential equation of approximately 20 lines only need to spend. But there is little need to use such a complex specification mathematics, most simply apply some standard mathematical concepts can be.
Why TLA+?
We define system behavior by describing its might occur during execution. In 1977, Amir Pnueli temporal logic introduced to describe the behavior of the system. Theoretically, it is possible with a single temporal logic formulas to describe the system, but it does not work in practical use. His temporal logic is ideal for certain properties of the systems described, but using very awkward in other properties. Thus, it is typically combined with more traditional systems described manner.
In the late 1980s, I invented the TLA, which is based on temporal logic Action - this is Pnueli original logic of simple variants. Such that the TLA become feasible system described by a single formula. Most TLA specification may be composed of a general mathematical formula, a non-temporal logic. Temporal logic only play an important role in the good attributes when describing those described. TLA also provides a good way to regulate the mode of reasoning system, this model is called the assertion reasoning, proved to be the most effective in practice. However, the book is about the specification, in which almost without proof.
Temporal Logic basic logic set for general mathematical expression. There are many ways to make ordinary mathematical formalization, most computer scientists prefer to use their familiar programming language similar to the method. Instead, I chose the most mathematicians prefer the "logic" - often referred to as a logician order logic and set theory.
TLA provides the mathematical basis for the description of the system. To write a specification, we need to build a complete system on the basis of language. I initially thought that the language should be an abstract programming language, which will be based on the semantics of TLA. At first I did not know what kind of programming language constructs with the best, so I decided to write specification directly with TLA, and then introduced the programming language when needed. To my surprise, I found out later I do not need to do that, I just need a robust language for writing mathematical formulas.
Although mathematicians have developed a scientific formula for writing, but they have not converted to engineering applications. They developed a mathematical symbol for small applications, but for large-scale mathematical model does not. specification of the real system may have tens or even hundreds of pages, mathematicians know how to write 20 lines of a formula, rather than the 20-page formula. So, I had to introduce symbolic way of writing long formulas in the language, these methods will benefit from my skills from major specification modular programming language learned.
I will call this language TLA +. In preparing the specification of different systems, I TLA + gradually been refined. But in recent years, it changed little. I found TLA + can be well defined in a variety of systems from the program interface (API) to distributed systems. It can be used to write formal description was accurate almost any kind of discrete systems. The system described is particularly suitable for asynchronous, i.e., does not strictly enforce the system having a lock-step assembly.
About this Book
Part I of this book, including Chapters 1 to 7, is the core of this book, you need to read from start to finish. It describes how to define the attribute category called security attributes (safety properties), which is the most engineers in the preparation of specification need to know, define these properties almost do not need to use any temporal logic.
After reading Part I, Part II you can read according to their needs. It is independent of each chapter. Chapter 8 details the temporal logic, temporal logic is used to define the activity properties (liveness properties). Chapter 9 describes how to define the real-time property (realtime properties), Chapter 10 describes how to write synthesis specification. Chapter 11 contains more advanced examples.
Part III is the following three tools TLA + Reference Manual: Syntactic Analyzer parser, TLATEX typesetting program and TLC model checker. Use TLA +, need to use these tools. You can from TLA pages to get them. TLC is one of the most complex. Examples on the Web can help you familiar with TLC, but if you want to study in depth the effective use of TLC must read Chapter 14.
PartⅣ is TLA + language reference manual. PartⅠ have provided sufficient practical knowledge of the language for most purposes, only the key points of the syntax and semantics of questions need to see if there is PartⅣ. Chapter 15 describes the syntax of TLA +. Chapter 16 of the TLA + exact meaning of all the built-in operators and general form; Chapter 17 describes all higher levels of TLA + exact meaning configuration (e.g. defined). These two chapters together illustrate the semantics of TLA +. Chapter 18 describes the standard module, in addition to TLC module RealTime module and Chapter 14 Chapter 9 describes in the introduction, if you will how to use the TLA + formal standard of basic mathematics are interested, may wish to refer to this chapter.
Part IV does have some content you may need to often read of: a mini manual, compact introduction to a lot of useful information. 268-273 TLA + page lists all operators, all user-definable symbols, ASCII priority, all the operators of the standard module defined in all the operators, and as such a symbol ⊕ represents.
