This is the complete syntax reference for ISL (Intent Specification Language). ISL uses a declarative, contract-first syntax for specifying software behavior.
Program structure
An ISL program consists of one domain block containing types, entities, behaviors, scenarios, and chaos blocks.
Modules and imports
ISL supports a module system for organizing and reusing specifications.
// Import a standard library module
use { Length, Trim, Contains } from @isl / string
Domain declaration
version : "1.0.0" // Semantic version (required)
owner: "Team Name" // Owning team (optional)
Type declarations
Custom types with constraints
pattern: "^[^ \\ s@]+@[^ \\ s@]+ \\ .[^ \\ s@]+$"
type NonEmptyList < T > = List < T > {
Enumerations
Entity declarations
field_name: Type [modifier1, modifier2]
// Conditions that must always hold
Field modifiers
Modifier Description immutableCannot be changed after creation uniqueMust be unique across all instances indexedShould be queryable/indexed sensitiveContains sensitive data (PII, secrets) secretMust never be logged or exposed optionalField may be absent (equivalent to T?) requiredField must be present (default) readonlyCan be read but not directly written
Behavior declarations
description : "What this behavior does"
RoleName { must : permission1, owns : resource }
param_name: Type [modifier]
when : "Human-readable condition"
// Must be true before execution
success implies { /* ... */ }
failure implies { /* ... */ }
// Must remain true throughout
within 1s ( p99 ) : response returned
eventually : data.replicated
// Regulatory requirements
Expressions
Operators (by precedence, low to high)
Precedence Operators Description 1 (lowest) or, ||Logical OR 2 and, &&Logical AND 3 implies, iffLogical implication 4 ==, !=Equality 5 <, >, <=, >=, inComparison / membership 6 +, -Addition, subtraction 7 *, /, %Multiplication, division, modulo 8 (highest) not, - (unary)Negation
Member access
entity .field // Field access
entity .method ( arg ) // Method call
list[index] // Index access
entity .field.subfield // Chained access
Special expressions
Expression Description old(expr)Value of expression before behavior executed resultReturn value of the behavior result.fieldField on the return value input.fieldInput parameter value now()Current timestamp
Quantifiers
// All items satisfy condition
all ( item in items: item.valid )
// At least one item satisfies condition
any ( item in items: item.active )
// No items satisfy condition
none ( item in items: item.deleted )
// Count items satisfying condition
count ( item in items: item.enabled ) > 3
sum ( item in items: item.amount ) <= budget
filter ( item in items: item.status == ACTIVE )
Scenarios
// Action: invoke behavior
result = BehaviorName ( param: value )
Chaos blocks
scenario "failure description" {
inject fault_type ( parameters )
Injection types
Injection Parameters database_failuretarget, mode (UNAVAILABLE, TIMEOUT)network_latencytarget, delaynetwork_partitiontarget, durationservice_unavailabletarget, durationcpu_pressuretarget, loadmemory_pressuretarget, usageclock_skewtarget, offsetconcurrent_requestscount
Temporal constraints
within 1s ( p99 ) : response returned
eventually : data.replicated
immediately : cache.invalidated
before : notification.sent
always : audit_log.appended
Reserved keywords
domain entity behavior type enum struct
input output preconditions postconditions invariants
temporal security compliance actors errors lifecycle
version description scope module use from as
extends implements import export policy view
intent pre post invariant scenario chaos
given when then inject expect retries with
success failure result this self null true false
implies iff old if else return where for in
eventually within immediately never always before after
all any none count sum filter exists forall
