TLA Plus

TLA Plus is specification language based on the Temporal Logic of Actions.

Example: 1 Bit Clock

State variable: b 𝑏 b Initial predicate: b = 0 b = 1 𝑏 0 𝑏 1 b=0\lor b=1 Next step action ( b superscript 𝑏 b^{\prime} is the variable at the next state; same as b absent 𝑏 \bigcirc b )

(b=0)(b=1)(b=1)(b=0)𝑏0superscript𝑏1𝑏1superscript𝑏0\lor(b=0)\land(b^{\prime}=1)\lor(b=1)\land(b^{\prime}=0)

VARIABLE b

Init == (b = 0) \/ (b = 1)

TypeInv == b \in {0, 1}

Spec == \/ b = 0 /\ b' = 1 \/ b = 1 /\ b' = 0

Spec == Init /\ [][Next]_<<b>>

THEOREM Spec => []TypeInv