Reading the new experience report paper "System Correctness Practices at AWS" by @marcbrooker & Ankush Desai, a successor to 2015 paper "How Amazon Web Services Uses Formal Methods". Documents a whole buffet of industrial formal methods use: P (including new tool PObserve for runtime trace validation), deterministic simulation testing in Rust with the open-sourced Shuttle and Turmoil tools, Dafny, HOL Light, and the open-sourced Kani model-checker for Rust.

While TLA⁺ was the most prominent featured tool in the 2015 paper, it's been lost in the crowd here as part of a clear shift toward verifying & testing the actual running code. I think TLA⁺ must carve out a niche for itself in a world where deterministic simulation testing becomes a commodity technology, or it risks losing relevance same as other design-level tools like UML. There are existing case studies on using TLA⁺ for trace validation and model-driven testing, but a lot of effort needs to go into tooling for making such integrations as smooth as possible instead of bespoke one-off projects.

https://dl.acm.org/doi/10.1145/3712057

QueueSystems Correctness Practices at AWS: Leveraging Formal and Semi-formal Methods: Queue: Vol 22, No 6 Building reliable and secure software requires a range of approaches to reason about systems correctness. Alongside industry-standard testing methods (such as unit and integration testing), AWS has adopted model checking, fuzzing, property-based testing, ...

#TLAplus #FormalMethods

**Lobsters** @lobsters@mastodon.social · Feb 21

Feb 21

Lobsters @lobsters@mastodon.social

Quint Deserves Rust https://lobste.rs/s/t5bzi6 #formalmethods #rust
https://informal.systems/blog/quint-deserves-rust

lobste.rsQuint Deserves Rust | Lobsters

**Jan de Muijnck-Hughes** @jfdm@discuss.systems · Feb 7

Feb 7

Jan de Muijnck-Hughes @jfdm@discuss.systems

I have a funded #PhD position for UK students, available with myself and @bentnib

This project will be looking at developing new methods for asserting the resilience of existing communicating systems by developing new static analysis methods derived from advanced programming language research.

Deadline: Thursday 20th March 2025

You will belong to @StrathCyber and @mspstrath, as well as gaining access to @spli

For now more details about the project are on my personal website.

https://tyde.systems/page/position/2025-jarss/

Please spread the words.

Jan de Muijnck-HughesTowards Type-Driven Assurance of Communicating SystemsDeadline Thursday 20 March 2025 Duration 36 Months Start Date October 2025 Funding Home fee, Stipend Supervisors Jan de Muijnck-Hughes, Bob Atkey Groups StrathCyber, MSP This JARSS PhD studentship will develop new methods for asserting the resilience of existing communicating systems by developing new static analysis methods derived from advanced programming language research as pioneered by the supervising team, and the wider MSP and StrathCyber research groups. Contact Informal enquiries about the studentship are to be directed to Jan de Muijnck-Hughes (Jan.

#dependentTypes #formalMethods #idris

Continued thread

**Rob Sison** @robs@aus.social · Nov 9, 2024

Nov 9, 2024

Rob Sison @robs@aus.social

There's now a video up of the talk I gave at this year's seL4 Summit, on the status of UNSW's projects to verify Time Protection and Microkit-based userland OS services for the seL4 microkernel:

https://youtu.be/7wcFx6OTEL4

youtu.be- YouTubeEnjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

#sel4summit #seL4 #verification

**Reid D. M.** @arrdem@macaw.social · Oct 22, 2024 *

Oct 22, 2024 *

Reid D. M. @arrdem@macaw.social

Okay here's an oddly specifc #devops meets #sre and #fp / #formalmethods problem.

I've got a lockfile/solution of package versions. I've also got a set of other versions of the same packages including in some sense known bad versions (CVEs) and a test suite which with some confidence will pass if an upgrade is good.

I want to use (non)dependencies between packages to split upgrade groups (we can upgrade these without those) and plan a sequence of upgrade steps.

Know any prior art?

**Jan de Muijnck-Hughes** @jfdm@discuss.systems · Dec 30, 2022

Dec 30, 2022

Jan de Muijnck-Hughes @jfdm@discuss.systems

Might as well join the #introduction bandwagon. This more or less repeats my ‘bio’.

I’m a #researcher at Glasgow Uni’s School of Computing Science. My interests are in #typeDriven approaches to #trustworthySystems, specialising in #dependentTypes (#idris) & #functionalProgramming. But I’m not solely in the FP Church, other languages are just as beautiful. I’m also an enthusiast of other #formalMethods.