|
| 1 | +# Alloy Models |
| 2 | + |
| 3 | +This folder houses "lightweight formal models" written using the |
| 4 | +[Alloy](https://alloytools.org/about.html) model checker and language. |
| 5 | + |
| 6 | +Compared to typical formal methods, Alloy is a _bounded_ model checker, |
| 7 | +considered a [lightweight |
| 8 | +method](https://en.wikipedia.org/wiki/Formal_methods#:~:text=As%20an%20alternative,Tools.%5B31) |
| 9 | +to formal analysis. Lightweight formal methods are easier to use than fully |
| 10 | +fledged formal methods as rather than attempting to prove the that a model is |
| 11 | +_always_ correct (for all instances), they instead operate on an input of a set |
| 12 | +of bounded parameters and iterations. These models can then be used to specify |
| 13 | +a model, then use the model checker to find counter examples of a given |
| 14 | +assertion. If a counter example can't be found, then the model _may_ be valid. |
| 15 | + |
| 16 | +Alloy in particular is an expressive, human readable language for formal |
| 17 | +modeling. It also has a nice visualizer which can show counter examples, aiding |
| 18 | +in development and understanding. |
| 19 | + |
| 20 | +Alloy is useful as when used during upfront software design (or even after the |
| 21 | +fact), one can create a formal model of a software system to gain better |
| 22 | +confidence re the _correctness_ of a system. The model can then be translated |
| 23 | +to code. Many times, writing the model (either before or after the code) can |
| 24 | +help one to better understand a given software system. Models can also be used |
| 25 | +to specify protocols in p2p systems such as Lightning (as it [supports temporal |
| 26 | +logic](https://alloytools.org/alloy6.html#:~:text=Meaning%20of%20temporal%20connectives), |
| 27 | +which enables creation of state machines and other interactive transcripts), |
| 28 | +serving as a complement to a normal prosed based specification. |
| 29 | + |
| 30 | +## How To Learn Alloy? |
| 31 | + |
| 32 | +We recommend the following places to learn Alloy: |
| 33 | + * [The online tutorial for Alloy 4.0](https://alloytools.org/about.html): |
| 34 | + * Even though this is written with Alloy 4.0 (which doesn't support |
| 35 | + temporal logic), the tutorial is very useful, as it introduces |
| 36 | + fundamental concept of Alloy, using an accessible example based on a file |
| 37 | + system. |
| 38 | + |
| 39 | + * [Alloy Docs](https://alloy.readthedocs.io/en/latest/index.html): |
| 40 | + * This serves as a one stop shop for reference to the Alloy language. It |
| 41 | + explains all the major syntax, tooling, and also how to model time in |
| 42 | + Alloy. |
| 43 | + |
| 44 | + * [Formal Software Design with Alloy 6](https://haslab.github.io/formal-software-design/index.html): |
| 45 | + * A more in depth tutorial which uses Alloy 6. This tutorial covers more |
| 46 | + advanced topics such as [event |
| 47 | + reification](https://alloytools.discourse.group/t/modelling-a-state-machine-in-electrum-towards-alloy-6/88). |
| 48 | + This tutorial is also very useful, as it includes examples for how to |
| 49 | + model interactions in a p2p network, such as one peer sending a message |
| 50 | + to another. |
0 commit comments