Temporal logic of actions

Temporal logic of actions (TLA) is a logic developed by Leslie Lamport, which combines temporal logic with a logic of actions. It is used to describe behaviours of concurrent and distributed systems. It is the logic underlying the specification language TLA+.

Details

edit

Statements in the temporal logic of actions are of the form  , where A is an action and t contains a subset of the variables appearing in A. An action is an expression containing primed and non-primed variables, such as  . The meaning of the non-primed variables is the variable's value in this state. The meaning of primed variables is the variable's value in the next state. The above expression means the value of x today, plus the value of x tomorrow times the value of y today, equals the value of y tomorrow.

The meaning of   is that either A is valid now, or the variables appearing in t do not change. This allows for stuttering steps, in which none of the program variables change their values.

Specification Languages

edit

There are multiple specification languages that implement Temporal Logic of Actions. Each language has unique features and use cases:

TLA+

edit

TLA+ is the default and most widely used specification language for TLA. It is a mathematical language designed to describe the behavior of concurrent and distributed systems. The specification is written in functional style.

----------------------------- MODULE HourClock -----------------------------
EXTENDS Naturals

VARIABLES hour

Init == hour = 1

Next == hour' = IF hour = 12 THEN 1 ELSE hour + 1

Spec == Init /\ [][Next]_hour
=============================================================================

PlusCal

edit

PlusCal is a high-level algorithm language that translates to TLA+. It allows users to write algorithms in a familiar pseudocode-like syntax, which are then automatically converted into TLA+ specifications. This makes PlusCal ideal for those who prefer to think in terms of algorithms rather than state machines.

----------------------------- MODULE HourClock ----------------------
EXTENDS Naturals

(*--algorithm HourClock {
    variable hour = 1;
    {
        while (TRUE) {
            hour := (hour % 12) + 1;
        }
    }
} --*)

Quint

edit

Quint is another specification language that translates to TLA+. Quint combines the robust theoretical basis of the Temporal Logic of Actions (TLA) with state-of-the-art type checking and development tooling. Unlike PlusCal, the Quint operators and keywords have one-to-one translation to TLA+.

FizzBee

edit

FizzBee[1] is an alternative to TLA+ with higher level specification language using Python like syntax designed to bring formal methods for mainstream software engineers working on distributed systems. While based on Temporal Logic of Actions, it does not translate to or use TLA+ under the hood unlike PlusCal or Quint.

action Init:
  hour = 1

atomic action Tick:
  # The body of the actions is Starlark (a Python dialect)
  hour = (hour % 12) + 1

See also

edit

References

edit
  1. ^ "Easiest-ever formal methods language for developers crafting distributed systems, microservices, and cloud applications". Retrieved May 28, 2024.
edit