How to convince engineers that formal methods is cool

Logic for Programmers is now in Beta! v0.5 marks the official end of alpha! With the new version, all of the content I wanted to put in the book is now present, and all that's left is copyediting, proofreading, and formatting. Which will probably take as long as it took to actually write the book. You can see the release notes on the leanpub...

Sup nerds, I'm back from SREcon! I had a blast, despite knowing nothing about site reliability engineering and being way over my head in half the talks. I'm trying to catch up on The Book and contract work now so I'll do something silly here: ternary operators. Almost all operations on values in programming languages fall into one of three...

No Newsletter next week I'll be speaking at USENIX SRECon! TLA from first principles I'm working on v0.5 of Logic for Programmers. In the process of revising the "System Modeling" chapter, I stumbled on a great way to explain the temporal logic of actions that TLA+ is based on. I'm reproducing that bit here with some changes to fit the newsletter...

From Leslie Lamport's Specifying Systems: You should be suspicious if [the model checker] does not find a violation of a liveness property... you should also be suspicious if [it] finds no errors when checking safety properties. This is specifically in the context of model-checking a formal specification, but it's a widely applicable software...

(Feeling a little sick so this one will be short.) I'm often asked by clients to review their (usually TLA+) formal specifications. These specs are generally slower and more convoluted than an expert would write. I want to fix them up without changing the overall behavior of the spec or introducing subtle bugs. To do this, I use a rather lovely...