
Comparisons of Alloy and Spin (2018) - luu
http://www.pamelazave.com/compare.html
======
wyldfire
Alloy and Spin are used in modeling/verification. You can use these to verify
properties of your system (like your IPC protocol, or a million other ideas).
Aside: on HN, this guy [2] often shares his expertise on formal methods. Let's
hope he chimes in w/his thoughts here ;)

Zave (the author) studies Alloy and Spin by trying to model a service/protocol
called "Chord" [1]. Her findings are summarized in "Table 2. Summary of
comparative advantages on the Chord case study.":

> Promela + C / Spin: not necessary to know a sufficiently strong global
> invariant, supports progress assertions

> Alloy / Alloy Analyzer: half the startup time, safety assertions are
> declarative rather than procedural, can be used for a convincing proof of
> correctness

[1]
[https://pdos.csail.mit.edu/papers/chord:sigcomm01/chord_sigc...](https://pdos.csail.mit.edu/papers/chord:sigcomm01/chord_sigcomm.pdf)

[2] [https://www.hillelwayne.com/about/](https://www.hillelwayne.com/about/)

~~~
hwayne
I've read parts of Holzmann's Spin book but haven't actually tried to apply
any of it. Without some experience I can't really compare other tools to it.

Also I've forgotten like half the language already :/

The primer still sits of my bookshelf, disapproving of my life choices.

