Home → Magazine Archive → April 2015 (Vol. 58, No. 4) → How Amazon Web Services Uses Formal Methods → Abstract

How Amazon Web Services Uses Formal Methods

By Chris Newcombe, Tim Rath, Fan Zhang, Bogdan Munteanu, Marc Brooker, Michael Deardeuff

Communications of the ACM, Vol. 58 No. 4, Pages 66-73
10.1145/2699417

[article image]


Since 2011, engineers at Amazon Web Services (AWS) have used formal specification and model checking to help solve difficult design problems in critical systems. Here, we describe our motivation and experience, what has worked well in our problem domain, and what has not. When discussing personal experience we refer to the authors by their initials.

At AWS we strive to build services that are simple for customers to use. External simplicity is built on a hidden substrate of complex distributed systems. Such complex internals are required to achieve high availability while running on cost-efficient infrastructure and cope with relentless business growth. As an example of this growth, in 2006, AWS launched S3, its Simple Storage Service. In the following six years, S3 grew to store one trillion objects.3 Less than a year later it had grown to two trillion objects and was regularly handling 1.1 million requests per second.4

1 Comments

K. Babu

Very reassuring article on the use of formal methods. Can the authors point to 'simple' TLA+ examples to be useful as a pedagogical tool?

Displaying 1 comment