
Use of Formal Methods at Amazon Web Services (2014) [pdf] - Tomte
http://research.microsoft.com/en-us/um/people/lamport/tla/formal-methods-amazon.pdf
======
nickpsecurity
The best part was the section about finding a bug that took 35 steps to show
up which got through both code reviews and testing. The ability to catch such
obscure stuff is a benefit of formal methods that's been in the literature a
long time. Model-checkers like TLA+ and SPIN let it get done with less skill
and time than full, formal verification. Further, the properties can be
combined with methods like Design-by-Contract and static analysis to knock out
problems that show up 80-90% of the time.

Hardly any justification anymore to not be using these tools for most critical
software. Even a mainstream company has figured it out. Hopefully, we'll see
more adoption. :)

------
jefffoster
See
[https://news.ycombinator.com/item?id=8096185](https://news.ycombinator.com/item?id=8096185)
for previous discussion

------
jbclements
Is this the same article that appeared in the Communications of the ACM? Not
behind paywall, that's a plus.
([http://dl.acm.org/citation.cfm?id=2699417&CFID=612805967&CFT...](http://dl.acm.org/citation.cfm?id=2699417&CFID=612805967&CFTOKEN=69304030))

~~~
copperx
It's paywalled for me.

~~~
EuAndreh
Try using SciHub.

