Skip to main content
SpringerLink
Log in

A practical comparison of Alloy and Spin

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

Because potential users have to choose a formal method before they can start using one, research on assessing the applicability of specific formal methods might be as effective in encouraging their use as work on the methods themselves. This comparison of Alloy and Spin is based on a demanding project that exploited the full capabilities of both languages and tools. The study exposed issues not apparent from more superficial studies, and resulted in some unexpected conclusions. The paper provides tentative recommendations for two different classes of network protocol, a research agenda for solidifying the recommendations, and a few general lessons learned about research on selection of formal methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Keshav S: Editor’s message: modeling. ACM SIGCOMM Comput. Commun. Rev. 42(3), 3 (2012)

    Google Scholar 

  2. Woodcock J, Larsen PG, Bicarregui J, Fitzgerald J (2009) Formal methods: practice and experience. ACM Comput. Surv. 41(4)

  3. Jackson D: 2012) Software abstractions: logic, language, and analysis. MIT Press, Massachusetts (2006)

    Google Scholar 

  4. Holzmann GJ: The spin model checker: primer and reference manual. Addison-Wesley, Boston (2004)

    Google Scholar 

  5. Frappier M, Fraiken B, Chossart R, Chane-Yack-Fa R, Ouenzar M (2010) Comparison of model checking tools for information systems. Formal methods and software engineering. Springer, Berlin, LNCS 6447, pp 581–596

  6. Stoica I, Morris R, Karger D, Kaashoek MF, Balakrishnan H (2001) Chord: a scalable peer-to-peer lookup service for internet applications. In: Proceedings of ACM SIGCOMM

  7. Stoica I, Morris R, Liben-Nowell D, Karger D, Kaashoek MF, Dabek F, Balakrishnan H: Chord: a scalable peer-to-peer lookup protocol for internet applications. In: IEEE/ACM Transactions on Networking 11(1), 17–32 (2003)

    Google Scholar 

  8. Stoica I, Morris R, Liben-Nowell D, Karger D, Kaashoek MF, Dabek F, Balakrishnan H (2001) Chord: a scalable peer-to-peer lookup service for internet applications. MIT LCS technical report, vol 819. http://www.pdos.lcs.mit.edu/chord/papers/chord-tn

  9. Liben-Nowell D, Balakrishnan H, Karger D (2002) Analysis of the evolution of peer-to-peer systems. In: Proceedings of the 21st ACM symposium on principles of distributed computing, pp 233–242

  10. Zave P: Using lightweight modeling to understand chord. ACM SIGCOMM Comput. Commun. Rev. 42(2), 50–57 (2012)

    Article  Google Scholar 

  11. Emerson EA, Namjoshi KS (1995) Reasoning about rings. In: Proceedings of the symposium on principles of programming languages, pp 85–94

  12. Zave P: Using lightweight modeling to understand chord. ACM SIGCOMM Comput. Commun. Rev. 42(2), 50–57 (2012)

    Article  Google Scholar 

  13. Arye M, Harrison R, Wang R, Zave P, Rexford J (2011) Toward a lightweight model of BGP safety. In: Proceedings of the 1st international workshop on rigorous protocol engineering

  14. Zave P (2008) Understanding SIP through model-checking. In: Proceedings of the 2nd international conference on principles, systems and applications of IP telecommunications. Springer, Berlin, LNCS 5310, pp 256–279

  15. Zave P, Bond GW, Cheung E, Smith TM: Abstractions for programming SIP back-to-back user agents. In: Proceedings of the 3rd international conference on principles, systems and applications of IP telecommunications (2009)

    Google Scholar 

  16. Bishop S, Fairbairn M, Norrish M, Sewell P, Smith M, Wansbrough K (2005) Rigorous specification and conformance testing techniques for network protocols, as applied to TCP, UDP and sockets. In: Proceedings of SIGCOMM

  17. Glendenning L, Beschastnikh I, Krishnamurthy A, Anderson T (2011) Scalable consistency in scatter. In: Proceedings of the 23rd ACM symposium on operating systems principles

  18. Freedman MJ, Lakshminarayanan K, Rhea S, Stoica I (2005) Non-transitive connectivity and DHTs. In: Proceedings of the 2nd conference on real, large, distributed systems, pp 55–60

  19. Killian C, Anderson JA, Jhala R, Vahdat A (2007) Life, death, and the critical transition: finding liveness bugs in systems code. In: Proceedings of the 4th USENIX symposium on networked system design and implementation, pp 243–256

  20. Yabandeh M, Knežević N, Kostić D, Kuncak V (2009) CrystalBall: predicting and preventing inconsistencies in deployed distributed systems. In: Proceedings of the 6th USENIX symposium on networked systems design and implementation

  21. Yabandeh M, Anand A, Canini M, Kostić D: Almost-invariants: from bugs in distributed systems to invariants, EPFL NSL-REPORT- 2009(007), 2009–007 (2009)

Download references

Author information

Authors and Affiliations

  1. AT&T Laboratories-Research, Bedminster, NJ, USA

    P. Zave

Authors
  1. P. Zave
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to P. Zave.

Additional information

J. Woodcock

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zave, P. A practical comparison of Alloy and Spin. Form Asp Comp 27, 239–253 (2015). https://doi.org/10.1007/s00165-014-0302-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-014-0302-2

Keywords

Search

Navigation