coq-club AT inria.fr

Subject: The Coq mailing list

List archive

[Coq-Club] Coq & Tla

From: satrajit AT attbi.com
To: coq-club AT pauillac.inria.fr
Subject: [Coq-Club] Coq & Tla
Date: Fri, 13 Sep 2002 04:14:14 +0000
List-archive: <http://pauillac.inria.fr/pipermail/coq-club/>

Where can I learn about converting TLA+ syntax used
in 'Specifying Systems' by Leslie Lamport to Coq?

I assume it should be possible to do so. Is my
assumption correct?

Here is a simple example of TLA+ specification for an
asynchronous interface:

------------------ MODULE AsynchInterface --------------
-------
EXTENDS Naturals
CONSTANT Data
VARIABLES val, rdy, ack

TypeInvariant == /\ val \in Data
                 /\ rdy \in {0, 1}
                 /\ ack \in {0, 1}
--------------------------------------------------------
-----
Init == /\ val \in Data
        /\ rdy \in {0, 1}
        /\ ack = rdy

Send == /\ rdy = ack
        /\ val' \in Data
        /\ rdy' = 1 - rdy
        /\ UNCHANGED ack

Rcv  == /\ rdy # ack
        /\ ack' = 1 - ack
        /\ UNCHANGED <<val, rdy>>

Next == Send \/ Rcv

Spec == Init /\ [][Next]_<<val, rdy, ack>>

--------------------------------------------------------
------
THEOREM Spec => []TypeInvariant
========================================================
======

[Coq-Club] Coq & Tla, satrajit