This is a short summary. ↗ Open original to view full content
Why Specifications Don't Compose
from blog Blog on Hillel Wayne, | ↗ original
More from Blog on Hillel Wayne
Hiatus
11 Sept 2024 |
original ↗
All of my budgeted blogwriting time is going to Logic for Programmers. Should be back early 2025. (I’m still writing the weekly newsletter.)
Toolbox languages
15 Jul 2024 |
original ↗
A toolbox language is a programming language that’s good at solving problems without requiring third party packages. My default toolbox languages are Python and shell scripts, which you probably already know about. Here are some of my more obscure ones. AutoHotKey Had to show up! Autohotkey is basically “shell scripting for GUIs”. Just a...
Composing TLA+ Specifications with State Machines
17 Jun 2024 |
original ↗
Last year a client asked me to solve a problem: they wanted to be able to compose two large TLA+ specs as part of a larger system. Normally you’re not supposed to do this and instead write one large spec with both systems hardcoded in, but these specs were enormous and had many internal invariants of their own. They needed a way to develop the...
Software Friction
1 May 2024 |
original ↗
In his book On War, Clausewitz defines friction as the difference between military theory and reality: Thus, then, in strategy everything is very simple, but not on that account very easy. Everything is very simple in war, but the simplest thing is difficult. These difficulties accumulate and produce a friction, which no man can imagine exactly...
Don't let Alloy facts make your specs a fiction
10 Apr 2024 |
original ↗
I’ve recently done a lot of work in Alloy and it’s got me thinking about a common specification pitfall. Everything in the main post applies to all formal specifications, everything in dropdowns is for experienced Alloy users. Consider a simple model of a dependency tree. We have a set of top-level dependencies for our program, which have their...