src/HOL/Probability/Sigma_Algebra.thy
author wenzelm
Wed Nov 28 15:59:18 2012 +0100 (2012-11-28)
changeset 50252 4aa34bd43228
parent 50245 dea9363887a6
child 50283 e79a8341dd6b
permissions -rw-r--r--
eliminated slightly odd identifiers;
     1 (*  Title:      HOL/Probability/Sigma_Algebra.thy
     2     Author:     Stefan Richter, Markus Wenzel, TU München
     3     Author:     Johannes Hölzl, TU München
     4     Plus material from the Hurd/Coble measure theory development,
     5     translated by Lawrence Paulson.
     6 *)
     7 
     8 header {* Sigma Algebras *}
     9 
    10 theory Sigma_Algebra
    11 imports
    12   Complex_Main
    13   "~~/src/HOL/Library/Countable_Set"
    14   "~~/src/HOL/Library/FuncSet"
    15   "~~/src/HOL/Library/Indicator_Function"
    16   "~~/src/HOL/Library/Extended_Real"
    17 begin
    18 
    19 text {* Sigma algebras are an elementary concept in measure
    20   theory. To measure --- that is to integrate --- functions, we first have
    21   to measure sets. Unfortunately, when dealing with a large universe,
    22   it is often not possible to consistently assign a measure to every
    23   subset. Therefore it is necessary to define the set of measurable
    24   subsets of the universe. A sigma algebra is such a set that has
    25   three very natural and desirable properties. *}
    26 
    27 subsection {* Families of sets *}
    28 
    29 locale subset_class =
    30   fixes \<Omega> :: "'a set" and M :: "'a set set"
    31   assumes space_closed: "M \<subseteq> Pow \<Omega>"
    32 
    33 lemma (in subset_class) sets_into_space: "x \<in> M \<Longrightarrow> x \<subseteq> \<Omega>"
    34   by (metis PowD contra_subsetD space_closed)
    35 
    36 subsection {* Semiring of sets *}
    37 
    38 subsubsection {* Disjoint sets *}
    39 
    40 definition "disjoint A \<longleftrightarrow> (\<forall>a\<in>A. \<forall>b\<in>A. a \<noteq> b \<longrightarrow> a \<inter> b = {})"
    41 
    42 lemma disjointI:
    43   "(\<And>a b. a \<in> A \<Longrightarrow> b \<in> A \<Longrightarrow> a \<noteq> b \<Longrightarrow> a \<inter> b = {}) \<Longrightarrow> disjoint A"
    44   unfolding disjoint_def by auto
    45 
    46 lemma disjointD:
    47   "disjoint A \<Longrightarrow> a \<in> A \<Longrightarrow> b \<in> A \<Longrightarrow> a \<noteq> b \<Longrightarrow> a \<inter> b = {}"
    48   unfolding disjoint_def by auto
    49 
    50 lemma disjoint_empty[iff]: "disjoint {}"
    51   by (auto simp: disjoint_def)
    52 
    53 lemma disjoint_union: 
    54   assumes C: "disjoint C" and B: "disjoint B" and disj: "\<Union>C \<inter> \<Union>B = {}"
    55   shows "disjoint (C \<union> B)"
    56 proof (rule disjointI)
    57   fix c d assume sets: "c \<in> C \<union> B" "d \<in> C \<union> B" and "c \<noteq> d"
    58   show "c \<inter> d = {}"
    59   proof cases
    60     assume "(c \<in> C \<and> d \<in> C) \<or> (c \<in> B \<and> d \<in> B)"
    61     then show ?thesis
    62     proof 
    63       assume "c \<in> C \<and> d \<in> C" with `c \<noteq> d` C show "c \<inter> d = {}"
    64         by (auto simp: disjoint_def)
    65     next
    66       assume "c \<in> B \<and> d \<in> B" with `c \<noteq> d` B show "c \<inter> d = {}"
    67         by (auto simp: disjoint_def)
    68     qed
    69   next
    70     assume "\<not> ((c \<in> C \<and> d \<in> C) \<or> (c \<in> B \<and> d \<in> B))"
    71     with sets have "(c \<subseteq> \<Union>C \<and> d \<subseteq> \<Union>B) \<or> (c \<subseteq> \<Union>B \<and> d \<subseteq> \<Union>C)"
    72       by auto
    73     with disj show "c \<inter> d = {}" by auto
    74   qed
    75 qed
    76 
    77 locale semiring_of_sets = subset_class +
    78   assumes empty_sets[iff]: "{} \<in> M"
    79   assumes Int[intro]: "\<And>a b. a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> a \<inter> b \<in> M"
    80   assumes Diff_cover:
    81     "\<And>a b. a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> \<exists>C\<subseteq>M. finite C \<and> disjoint C \<and> a - b = \<Union>C"
    82 
    83 lemma (in semiring_of_sets) finite_INT[intro]:
    84   assumes "finite I" "I \<noteq> {}" "\<And>i. i \<in> I \<Longrightarrow> A i \<in> M"
    85   shows "(\<Inter>i\<in>I. A i) \<in> M"
    86   using assms by (induct rule: finite_ne_induct) auto
    87 
    88 lemma (in semiring_of_sets) Int_space_eq1 [simp]: "x \<in> M \<Longrightarrow> \<Omega> \<inter> x = x"
    89   by (metis Int_absorb1 sets_into_space)
    90 
    91 lemma (in semiring_of_sets) Int_space_eq2 [simp]: "x \<in> M \<Longrightarrow> x \<inter> \<Omega> = x"
    92   by (metis Int_absorb2 sets_into_space)
    93 
    94 lemma (in semiring_of_sets) sets_Collect_conj:
    95   assumes "{x\<in>\<Omega>. P x} \<in> M" "{x\<in>\<Omega>. Q x} \<in> M"
    96   shows "{x\<in>\<Omega>. Q x \<and> P x} \<in> M"
    97 proof -
    98   have "{x\<in>\<Omega>. Q x \<and> P x} = {x\<in>\<Omega>. Q x} \<inter> {x\<in>\<Omega>. P x}"
    99     by auto
   100   with assms show ?thesis by auto
   101 qed
   102 
   103 lemma (in semiring_of_sets) sets_Collect_finite_All':
   104   assumes "\<And>i. i \<in> S \<Longrightarrow> {x\<in>\<Omega>. P i x} \<in> M" "finite S" "S \<noteq> {}"
   105   shows "{x\<in>\<Omega>. \<forall>i\<in>S. P i x} \<in> M"
   106 proof -
   107   have "{x\<in>\<Omega>. \<forall>i\<in>S. P i x} = (\<Inter>i\<in>S. {x\<in>\<Omega>. P i x})"
   108     using `S \<noteq> {}` by auto
   109   with assms show ?thesis by auto
   110 qed
   111 
   112 locale ring_of_sets = semiring_of_sets +
   113   assumes Un [intro]: "\<And>a b. a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> a \<union> b \<in> M"
   114 
   115 lemma (in ring_of_sets) finite_Union [intro]:
   116   "finite X \<Longrightarrow> X \<subseteq> M \<Longrightarrow> Union X \<in> M"
   117   by (induct set: finite) (auto simp add: Un)
   118 
   119 lemma (in ring_of_sets) finite_UN[intro]:
   120   assumes "finite I" and "\<And>i. i \<in> I \<Longrightarrow> A i \<in> M"
   121   shows "(\<Union>i\<in>I. A i) \<in> M"
   122   using assms by induct auto
   123 
   124 lemma (in ring_of_sets) Diff [intro]:
   125   assumes "a \<in> M" "b \<in> M" shows "a - b \<in> M"
   126   using Diff_cover[OF assms] by auto
   127 
   128 lemma ring_of_setsI:
   129   assumes space_closed: "M \<subseteq> Pow \<Omega>"
   130   assumes empty_sets[iff]: "{} \<in> M"
   131   assumes Un[intro]: "\<And>a b. a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> a \<union> b \<in> M"
   132   assumes Diff[intro]: "\<And>a b. a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> a - b \<in> M"
   133   shows "ring_of_sets \<Omega> M"
   134 proof
   135   fix a b assume ab: "a \<in> M" "b \<in> M"
   136   from ab show "\<exists>C\<subseteq>M. finite C \<and> disjoint C \<and> a - b = \<Union>C"
   137     by (intro exI[of _ "{a - b}"]) (auto simp: disjoint_def)
   138   have "a \<inter> b = a - (a - b)" by auto
   139   also have "\<dots> \<in> M" using ab by auto
   140   finally show "a \<inter> b \<in> M" .
   141 qed fact+
   142 
   143 lemma ring_of_sets_iff: "ring_of_sets \<Omega> M \<longleftrightarrow> M \<subseteq> Pow \<Omega> \<and> {} \<in> M \<and> (\<forall>a\<in>M. \<forall>b\<in>M. a \<union> b \<in> M) \<and> (\<forall>a\<in>M. \<forall>b\<in>M. a - b \<in> M)"
   144 proof
   145   assume "ring_of_sets \<Omega> M"
   146   then interpret ring_of_sets \<Omega> M .
   147   show "M \<subseteq> Pow \<Omega> \<and> {} \<in> M \<and> (\<forall>a\<in>M. \<forall>b\<in>M. a \<union> b \<in> M) \<and> (\<forall>a\<in>M. \<forall>b\<in>M. a - b \<in> M)"
   148     using space_closed by auto
   149 qed (auto intro!: ring_of_setsI)
   150 
   151 lemma (in ring_of_sets) insert_in_sets:
   152   assumes "{x} \<in> M" "A \<in> M" shows "insert x A \<in> M"
   153 proof -
   154   have "{x} \<union> A \<in> M" using assms by (rule Un)
   155   thus ?thesis by auto
   156 qed
   157 
   158 lemma (in ring_of_sets) sets_Collect_disj:
   159   assumes "{x\<in>\<Omega>. P x} \<in> M" "{x\<in>\<Omega>. Q x} \<in> M"
   160   shows "{x\<in>\<Omega>. Q x \<or> P x} \<in> M"
   161 proof -
   162   have "{x\<in>\<Omega>. Q x \<or> P x} = {x\<in>\<Omega>. Q x} \<union> {x\<in>\<Omega>. P x}"
   163     by auto
   164   with assms show ?thesis by auto
   165 qed
   166 
   167 lemma (in ring_of_sets) sets_Collect_finite_Ex:
   168   assumes "\<And>i. i \<in> S \<Longrightarrow> {x\<in>\<Omega>. P i x} \<in> M" "finite S"
   169   shows "{x\<in>\<Omega>. \<exists>i\<in>S. P i x} \<in> M"
   170 proof -
   171   have "{x\<in>\<Omega>. \<exists>i\<in>S. P i x} = (\<Union>i\<in>S. {x\<in>\<Omega>. P i x})"
   172     by auto
   173   with assms show ?thesis by auto
   174 qed
   175 
   176 locale algebra = ring_of_sets +
   177   assumes top [iff]: "\<Omega> \<in> M"
   178 
   179 lemma (in algebra) compl_sets [intro]:
   180   "a \<in> M \<Longrightarrow> \<Omega> - a \<in> M"
   181   by auto
   182 
   183 lemma algebra_iff_Un:
   184   "algebra \<Omega> M \<longleftrightarrow>
   185     M \<subseteq> Pow \<Omega> \<and>
   186     {} \<in> M \<and>
   187     (\<forall>a \<in> M. \<Omega> - a \<in> M) \<and>
   188     (\<forall>a \<in> M. \<forall> b \<in> M. a \<union> b \<in> M)" (is "_ \<longleftrightarrow> ?Un")
   189 proof
   190   assume "algebra \<Omega> M"
   191   then interpret algebra \<Omega> M .
   192   show ?Un using sets_into_space by auto
   193 next
   194   assume ?Un
   195   then have "\<Omega> \<in> M" by auto
   196   interpret ring_of_sets \<Omega> M
   197   proof (rule ring_of_setsI)
   198     show \<Omega>: "M \<subseteq> Pow \<Omega>" "{} \<in> M"
   199       using `?Un` by auto
   200     fix a b assume a: "a \<in> M" and b: "b \<in> M"
   201     then show "a \<union> b \<in> M" using `?Un` by auto
   202     have "a - b = \<Omega> - ((\<Omega> - a) \<union> b)"
   203       using \<Omega> a b by auto
   204     then show "a - b \<in> M"
   205       using a b  `?Un` by auto
   206   qed
   207   show "algebra \<Omega> M" proof qed fact
   208 qed
   209 
   210 lemma algebra_iff_Int:
   211      "algebra \<Omega> M \<longleftrightarrow>
   212        M \<subseteq> Pow \<Omega> & {} \<in> M &
   213        (\<forall>a \<in> M. \<Omega> - a \<in> M) &
   214        (\<forall>a \<in> M. \<forall> b \<in> M. a \<inter> b \<in> M)" (is "_ \<longleftrightarrow> ?Int")
   215 proof
   216   assume "algebra \<Omega> M"
   217   then interpret algebra \<Omega> M .
   218   show ?Int using sets_into_space by auto
   219 next
   220   assume ?Int
   221   show "algebra \<Omega> M"
   222   proof (unfold algebra_iff_Un, intro conjI ballI)
   223     show \<Omega>: "M \<subseteq> Pow \<Omega>" "{} \<in> M"
   224       using `?Int` by auto
   225     from `?Int` show "\<And>a. a \<in> M \<Longrightarrow> \<Omega> - a \<in> M" by auto
   226     fix a b assume M: "a \<in> M" "b \<in> M"
   227     hence "a \<union> b = \<Omega> - ((\<Omega> - a) \<inter> (\<Omega> - b))"
   228       using \<Omega> by blast
   229     also have "... \<in> M"
   230       using M `?Int` by auto
   231     finally show "a \<union> b \<in> M" .
   232   qed
   233 qed
   234 
   235 lemma (in algebra) sets_Collect_neg:
   236   assumes "{x\<in>\<Omega>. P x} \<in> M"
   237   shows "{x\<in>\<Omega>. \<not> P x} \<in> M"
   238 proof -
   239   have "{x\<in>\<Omega>. \<not> P x} = \<Omega> - {x\<in>\<Omega>. P x}" by auto
   240   with assms show ?thesis by auto
   241 qed
   242 
   243 lemma (in algebra) sets_Collect_imp:
   244   "{x\<in>\<Omega>. P x} \<in> M \<Longrightarrow> {x\<in>\<Omega>. Q x} \<in> M \<Longrightarrow> {x\<in>\<Omega>. Q x \<longrightarrow> P x} \<in> M"
   245   unfolding imp_conv_disj by (intro sets_Collect_disj sets_Collect_neg)
   246 
   247 lemma (in algebra) sets_Collect_const:
   248   "{x\<in>\<Omega>. P} \<in> M"
   249   by (cases P) auto
   250 
   251 lemma algebra_single_set:
   252   "X \<subseteq> S \<Longrightarrow> algebra S { {}, X, S - X, S }"
   253   by (auto simp: algebra_iff_Int)
   254 
   255 section {* Restricted algebras *}
   256 
   257 abbreviation (in algebra)
   258   "restricted_space A \<equiv> (op \<inter> A) ` M"
   259 
   260 lemma (in algebra) restricted_algebra:
   261   assumes "A \<in> M" shows "algebra A (restricted_space A)"
   262   using assms by (auto simp: algebra_iff_Int)
   263 
   264 subsection {* Sigma Algebras *}
   265 
   266 locale sigma_algebra = algebra +
   267   assumes countable_nat_UN [intro]: "\<And>A. range A \<subseteq> M \<Longrightarrow> (\<Union>i::nat. A i) \<in> M"
   268 
   269 lemma (in algebra) is_sigma_algebra:
   270   assumes "finite M"
   271   shows "sigma_algebra \<Omega> M"
   272 proof
   273   fix A :: "nat \<Rightarrow> 'a set" assume "range A \<subseteq> M"
   274   then have "(\<Union>i. A i) = (\<Union>s\<in>M \<inter> range A. s)"
   275     by auto
   276   also have "(\<Union>s\<in>M \<inter> range A. s) \<in> M"
   277     using `finite M` by auto
   278   finally show "(\<Union>i. A i) \<in> M" .
   279 qed
   280 
   281 lemma countable_UN_eq:
   282   fixes A :: "'i::countable \<Rightarrow> 'a set"
   283   shows "(range A \<subseteq> M \<longrightarrow> (\<Union>i. A i) \<in> M) \<longleftrightarrow>
   284     (range (A \<circ> from_nat) \<subseteq> M \<longrightarrow> (\<Union>i. (A \<circ> from_nat) i) \<in> M)"
   285 proof -
   286   let ?A' = "A \<circ> from_nat"
   287   have *: "(\<Union>i. ?A' i) = (\<Union>i. A i)" (is "?l = ?r")
   288   proof safe
   289     fix x i assume "x \<in> A i" thus "x \<in> ?l"
   290       by (auto intro!: exI[of _ "to_nat i"])
   291   next
   292     fix x i assume "x \<in> ?A' i" thus "x \<in> ?r"
   293       by (auto intro!: exI[of _ "from_nat i"])
   294   qed
   295   have **: "range ?A' = range A"
   296     using surj_from_nat
   297     by (auto simp: image_compose intro!: imageI)
   298   show ?thesis unfolding * ** ..
   299 qed
   300 
   301 lemma (in sigma_algebra) countable_Union [intro]:
   302   assumes "countable X" "X \<subseteq> M" shows "Union X \<in> M"
   303 proof cases
   304   assume "X \<noteq> {}"
   305   hence "\<Union>X = (\<Union>n. from_nat_into X n)"
   306     using assms by (auto intro: from_nat_into) (metis from_nat_into_surj)
   307   also have "\<dots> \<in> M" using assms
   308     by (auto intro!: countable_nat_UN) (metis `X \<noteq> {}` from_nat_into set_mp)
   309   finally show ?thesis .
   310 qed simp
   311 
   312 lemma (in sigma_algebra) countable_UN[intro]:
   313   fixes A :: "'i::countable \<Rightarrow> 'a set"
   314   assumes "A`X \<subseteq> M"
   315   shows  "(\<Union>x\<in>X. A x) \<in> M"
   316 proof -
   317   let ?A = "\<lambda>i. if i \<in> X then A i else {}"
   318   from assms have "range ?A \<subseteq> M" by auto
   319   with countable_nat_UN[of "?A \<circ> from_nat"] countable_UN_eq[of ?A M]
   320   have "(\<Union>x. ?A x) \<in> M" by auto
   321   moreover have "(\<Union>x. ?A x) = (\<Union>x\<in>X. A x)" by (auto split: split_if_asm)
   322   ultimately show ?thesis by simp
   323 qed
   324 
   325 lemma (in sigma_algebra) countable_INT [intro]:
   326   fixes A :: "'i::countable \<Rightarrow> 'a set"
   327   assumes A: "A`X \<subseteq> M" "X \<noteq> {}"
   328   shows "(\<Inter>i\<in>X. A i) \<in> M"
   329 proof -
   330   from A have "\<forall>i\<in>X. A i \<in> M" by fast
   331   hence "\<Omega> - (\<Union>i\<in>X. \<Omega> - A i) \<in> M" by blast
   332   moreover
   333   have "(\<Inter>i\<in>X. A i) = \<Omega> - (\<Union>i\<in>X. \<Omega> - A i)" using space_closed A
   334     by blast
   335   ultimately show ?thesis by metis
   336 qed
   337 
   338 lemma ring_of_sets_Pow: "ring_of_sets sp (Pow sp)"
   339   by (auto simp: ring_of_sets_iff)
   340 
   341 lemma algebra_Pow: "algebra sp (Pow sp)"
   342   by (auto simp: algebra_iff_Un)
   343 
   344 lemma sigma_algebra_iff:
   345   "sigma_algebra \<Omega> M \<longleftrightarrow>
   346     algebra \<Omega> M \<and> (\<forall>A. range A \<subseteq> M \<longrightarrow> (\<Union>i::nat. A i) \<in> M)"
   347   by (simp add: sigma_algebra_def sigma_algebra_axioms_def)
   348 
   349 lemma sigma_algebra_Pow: "sigma_algebra sp (Pow sp)"
   350   by (auto simp: sigma_algebra_iff algebra_iff_Int)
   351 
   352 lemma (in sigma_algebra) sets_Collect_countable_All:
   353   assumes "\<And>i. {x\<in>\<Omega>. P i x} \<in> M"
   354   shows "{x\<in>\<Omega>. \<forall>i::'i::countable. P i x} \<in> M"
   355 proof -
   356   have "{x\<in>\<Omega>. \<forall>i::'i::countable. P i x} = (\<Inter>i. {x\<in>\<Omega>. P i x})" by auto
   357   with assms show ?thesis by auto
   358 qed
   359 
   360 lemma (in sigma_algebra) sets_Collect_countable_Ex:
   361   assumes "\<And>i. {x\<in>\<Omega>. P i x} \<in> M"
   362   shows "{x\<in>\<Omega>. \<exists>i::'i::countable. P i x} \<in> M"
   363 proof -
   364   have "{x\<in>\<Omega>. \<exists>i::'i::countable. P i x} = (\<Union>i. {x\<in>\<Omega>. P i x})" by auto
   365   with assms show ?thesis by auto
   366 qed
   367 
   368 lemmas (in sigma_algebra) sets_Collect =
   369   sets_Collect_imp sets_Collect_disj sets_Collect_conj sets_Collect_neg sets_Collect_const
   370   sets_Collect_countable_All sets_Collect_countable_Ex sets_Collect_countable_All
   371 
   372 lemma (in sigma_algebra) sets_Collect_countable_Ball:
   373   assumes "\<And>i. {x\<in>\<Omega>. P i x} \<in> M"
   374   shows "{x\<in>\<Omega>. \<forall>i::'i::countable\<in>X. P i x} \<in> M"
   375   unfolding Ball_def by (intro sets_Collect assms)
   376 
   377 lemma (in sigma_algebra) sets_Collect_countable_Bex:
   378   assumes "\<And>i. {x\<in>\<Omega>. P i x} \<in> M"
   379   shows "{x\<in>\<Omega>. \<exists>i::'i::countable\<in>X. P i x} \<in> M"
   380   unfolding Bex_def by (intro sets_Collect assms)
   381 
   382 lemma sigma_algebra_single_set:
   383   assumes "X \<subseteq> S"
   384   shows "sigma_algebra S { {}, X, S - X, S }"
   385   using algebra.is_sigma_algebra[OF algebra_single_set[OF `X \<subseteq> S`]] by simp
   386 
   387 subsection {* Binary Unions *}
   388 
   389 definition binary :: "'a \<Rightarrow> 'a \<Rightarrow> nat \<Rightarrow> 'a"
   390   where "binary a b =  (\<lambda>x. b)(0 := a)"
   391 
   392 lemma range_binary_eq: "range(binary a b) = {a,b}"
   393   by (auto simp add: binary_def)
   394 
   395 lemma Un_range_binary: "a \<union> b = (\<Union>i::nat. binary a b i)"
   396   by (simp add: SUP_def range_binary_eq)
   397 
   398 lemma Int_range_binary: "a \<inter> b = (\<Inter>i::nat. binary a b i)"
   399   by (simp add: INF_def range_binary_eq)
   400 
   401 lemma sigma_algebra_iff2:
   402      "sigma_algebra \<Omega> M \<longleftrightarrow>
   403        M \<subseteq> Pow \<Omega> \<and>
   404        {} \<in> M \<and> (\<forall>s \<in> M. \<Omega> - s \<in> M) \<and>
   405        (\<forall>A. range A \<subseteq> M \<longrightarrow> (\<Union>i::nat. A i) \<in> M)"
   406   by (auto simp add: range_binary_eq sigma_algebra_def sigma_algebra_axioms_def
   407          algebra_iff_Un Un_range_binary)
   408 
   409 subsection {* Initial Sigma Algebra *}
   410 
   411 text {*Sigma algebras can naturally be created as the closure of any set of
   412   M with regard to the properties just postulated.  *}
   413 
   414 inductive_set
   415   sigma_sets :: "'a set \<Rightarrow> 'a set set \<Rightarrow> 'a set set"
   416   for sp :: "'a set" and A :: "'a set set"
   417   where
   418     Basic[intro, simp]: "a \<in> A \<Longrightarrow> a \<in> sigma_sets sp A"
   419   | Empty: "{} \<in> sigma_sets sp A"
   420   | Compl: "a \<in> sigma_sets sp A \<Longrightarrow> sp - a \<in> sigma_sets sp A"
   421   | Union: "(\<And>i::nat. a i \<in> sigma_sets sp A) \<Longrightarrow> (\<Union>i. a i) \<in> sigma_sets sp A"
   422 
   423 lemma (in sigma_algebra) sigma_sets_subset:
   424   assumes a: "a \<subseteq> M"
   425   shows "sigma_sets \<Omega> a \<subseteq> M"
   426 proof
   427   fix x
   428   assume "x \<in> sigma_sets \<Omega> a"
   429   from this show "x \<in> M"
   430     by (induct rule: sigma_sets.induct, auto) (metis a subsetD)
   431 qed
   432 
   433 lemma sigma_sets_into_sp: "A \<subseteq> Pow sp \<Longrightarrow> x \<in> sigma_sets sp A \<Longrightarrow> x \<subseteq> sp"
   434   by (erule sigma_sets.induct, auto)
   435 
   436 lemma sigma_algebra_sigma_sets:
   437      "a \<subseteq> Pow \<Omega> \<Longrightarrow> sigma_algebra \<Omega> (sigma_sets \<Omega> a)"
   438   by (auto simp add: sigma_algebra_iff2 dest: sigma_sets_into_sp
   439            intro!: sigma_sets.Union sigma_sets.Empty sigma_sets.Compl)
   440 
   441 lemma sigma_sets_least_sigma_algebra:
   442   assumes "A \<subseteq> Pow S"
   443   shows "sigma_sets S A = \<Inter>{B. A \<subseteq> B \<and> sigma_algebra S B}"
   444 proof safe
   445   fix B X assume "A \<subseteq> B" and sa: "sigma_algebra S B"
   446     and X: "X \<in> sigma_sets S A"
   447   from sigma_algebra.sigma_sets_subset[OF sa, simplified, OF `A \<subseteq> B`] X
   448   show "X \<in> B" by auto
   449 next
   450   fix X assume "X \<in> \<Inter>{B. A \<subseteq> B \<and> sigma_algebra S B}"
   451   then have [intro!]: "\<And>B. A \<subseteq> B \<Longrightarrow> sigma_algebra S B \<Longrightarrow> X \<in> B"
   452      by simp
   453   have "A \<subseteq> sigma_sets S A" using assms by auto
   454   moreover have "sigma_algebra S (sigma_sets S A)"
   455     using assms by (intro sigma_algebra_sigma_sets[of A]) auto
   456   ultimately show "X \<in> sigma_sets S A" by auto
   457 qed
   458 
   459 lemma sigma_sets_top: "sp \<in> sigma_sets sp A"
   460   by (metis Diff_empty sigma_sets.Compl sigma_sets.Empty)
   461 
   462 lemma sigma_sets_Un:
   463   "a \<in> sigma_sets sp A \<Longrightarrow> b \<in> sigma_sets sp A \<Longrightarrow> a \<union> b \<in> sigma_sets sp A"
   464 apply (simp add: Un_range_binary range_binary_eq)
   465 apply (rule Union, simp add: binary_def)
   466 done
   467 
   468 lemma sigma_sets_Inter:
   469   assumes Asb: "A \<subseteq> Pow sp"
   470   shows "(\<And>i::nat. a i \<in> sigma_sets sp A) \<Longrightarrow> (\<Inter>i. a i) \<in> sigma_sets sp A"
   471 proof -
   472   assume ai: "\<And>i::nat. a i \<in> sigma_sets sp A"
   473   hence "\<And>i::nat. sp-(a i) \<in> sigma_sets sp A"
   474     by (rule sigma_sets.Compl)
   475   hence "(\<Union>i. sp-(a i)) \<in> sigma_sets sp A"
   476     by (rule sigma_sets.Union)
   477   hence "sp-(\<Union>i. sp-(a i)) \<in> sigma_sets sp A"
   478     by (rule sigma_sets.Compl)
   479   also have "sp-(\<Union>i. sp-(a i)) = sp Int (\<Inter>i. a i)"
   480     by auto
   481   also have "... = (\<Inter>i. a i)" using ai
   482     by (blast dest: sigma_sets_into_sp [OF Asb])
   483   finally show ?thesis .
   484 qed
   485 
   486 lemma sigma_sets_INTER:
   487   assumes Asb: "A \<subseteq> Pow sp"
   488       and ai: "\<And>i::nat. i \<in> S \<Longrightarrow> a i \<in> sigma_sets sp A" and non: "S \<noteq> {}"
   489   shows "(\<Inter>i\<in>S. a i) \<in> sigma_sets sp A"
   490 proof -
   491   from ai have "\<And>i. (if i\<in>S then a i else sp) \<in> sigma_sets sp A"
   492     by (simp add: sigma_sets.intros(2-) sigma_sets_top)
   493   hence "(\<Inter>i. (if i\<in>S then a i else sp)) \<in> sigma_sets sp A"
   494     by (rule sigma_sets_Inter [OF Asb])
   495   also have "(\<Inter>i. (if i\<in>S then a i else sp)) = (\<Inter>i\<in>S. a i)"
   496     by auto (metis ai non sigma_sets_into_sp subset_empty subset_iff Asb)+
   497   finally show ?thesis .
   498 qed
   499 
   500 lemma (in sigma_algebra) sigma_sets_eq:
   501      "sigma_sets \<Omega> M = M"
   502 proof
   503   show "M \<subseteq> sigma_sets \<Omega> M"
   504     by (metis Set.subsetI sigma_sets.Basic)
   505   next
   506   show "sigma_sets \<Omega> M \<subseteq> M"
   507     by (metis sigma_sets_subset subset_refl)
   508 qed
   509 
   510 lemma sigma_sets_eqI:
   511   assumes A: "\<And>a. a \<in> A \<Longrightarrow> a \<in> sigma_sets M B"
   512   assumes B: "\<And>b. b \<in> B \<Longrightarrow> b \<in> sigma_sets M A"
   513   shows "sigma_sets M A = sigma_sets M B"
   514 proof (intro set_eqI iffI)
   515   fix a assume "a \<in> sigma_sets M A"
   516   from this A show "a \<in> sigma_sets M B"
   517     by induct (auto intro!: sigma_sets.intros(2-) del: sigma_sets.Basic)
   518 next
   519   fix b assume "b \<in> sigma_sets M B"
   520   from this B show "b \<in> sigma_sets M A"
   521     by induct (auto intro!: sigma_sets.intros(2-) del: sigma_sets.Basic)
   522 qed
   523 
   524 lemma sigma_sets_subseteq: assumes "A \<subseteq> B" shows "sigma_sets X A \<subseteq> sigma_sets X B"
   525 proof
   526   fix x assume "x \<in> sigma_sets X A" then show "x \<in> sigma_sets X B"
   527     by induct (insert `A \<subseteq> B`, auto intro: sigma_sets.intros(2-))
   528 qed
   529 
   530 lemma sigma_sets_mono: assumes "A \<subseteq> sigma_sets X B" shows "sigma_sets X A \<subseteq> sigma_sets X B"
   531 proof
   532   fix x assume "x \<in> sigma_sets X A" then show "x \<in> sigma_sets X B"
   533     by induct (insert `A \<subseteq> sigma_sets X B`, auto intro: sigma_sets.intros(2-))
   534 qed
   535 
   536 lemma sigma_sets_mono': assumes "A \<subseteq> B" shows "sigma_sets X A \<subseteq> sigma_sets X B"
   537 proof
   538   fix x assume "x \<in> sigma_sets X A" then show "x \<in> sigma_sets X B"
   539     by induct (insert `A \<subseteq> B`, auto intro: sigma_sets.intros(2-))
   540 qed
   541 
   542 lemma sigma_sets_superset_generator: "A \<subseteq> sigma_sets X A"
   543   by (auto intro: sigma_sets.Basic)
   544 
   545 lemma (in sigma_algebra) restriction_in_sets:
   546   fixes A :: "nat \<Rightarrow> 'a set"
   547   assumes "S \<in> M"
   548   and *: "range A \<subseteq> (\<lambda>A. S \<inter> A) ` M" (is "_ \<subseteq> ?r")
   549   shows "range A \<subseteq> M" "(\<Union>i. A i) \<in> (\<lambda>A. S \<inter> A) ` M"
   550 proof -
   551   { fix i have "A i \<in> ?r" using * by auto
   552     hence "\<exists>B. A i = B \<inter> S \<and> B \<in> M" by auto
   553     hence "A i \<subseteq> S" "A i \<in> M" using `S \<in> M` by auto }
   554   thus "range A \<subseteq> M" "(\<Union>i. A i) \<in> (\<lambda>A. S \<inter> A) ` M"
   555     by (auto intro!: image_eqI[of _ _ "(\<Union>i. A i)"])
   556 qed
   557 
   558 lemma (in sigma_algebra) restricted_sigma_algebra:
   559   assumes "S \<in> M"
   560   shows "sigma_algebra S (restricted_space S)"
   561   unfolding sigma_algebra_def sigma_algebra_axioms_def
   562 proof safe
   563   show "algebra S (restricted_space S)" using restricted_algebra[OF assms] .
   564 next
   565   fix A :: "nat \<Rightarrow> 'a set" assume "range A \<subseteq> restricted_space S"
   566   from restriction_in_sets[OF assms this[simplified]]
   567   show "(\<Union>i. A i) \<in> restricted_space S" by simp
   568 qed
   569 
   570 lemma sigma_sets_Int:
   571   assumes "A \<in> sigma_sets sp st" "A \<subseteq> sp"
   572   shows "op \<inter> A ` sigma_sets sp st = sigma_sets A (op \<inter> A ` st)"
   573 proof (intro equalityI subsetI)
   574   fix x assume "x \<in> op \<inter> A ` sigma_sets sp st"
   575   then obtain y where "y \<in> sigma_sets sp st" "x = y \<inter> A" by auto
   576   then have "x \<in> sigma_sets (A \<inter> sp) (op \<inter> A ` st)"
   577   proof (induct arbitrary: x)
   578     case (Compl a)
   579     then show ?case
   580       by (force intro!: sigma_sets.Compl simp: Diff_Int_distrib ac_simps)
   581   next
   582     case (Union a)
   583     then show ?case
   584       by (auto intro!: sigma_sets.Union
   585                simp add: UN_extend_simps simp del: UN_simps)
   586   qed (auto intro!: sigma_sets.intros(2-))
   587   then show "x \<in> sigma_sets A (op \<inter> A ` st)"
   588     using `A \<subseteq> sp` by (simp add: Int_absorb2)
   589 next
   590   fix x assume "x \<in> sigma_sets A (op \<inter> A ` st)"
   591   then show "x \<in> op \<inter> A ` sigma_sets sp st"
   592   proof induct
   593     case (Compl a)
   594     then obtain x where "a = A \<inter> x" "x \<in> sigma_sets sp st" by auto
   595     then show ?case using `A \<subseteq> sp`
   596       by (force simp add: image_iff intro!: bexI[of _ "sp - x"] sigma_sets.Compl)
   597   next
   598     case (Union a)
   599     then have "\<forall>i. \<exists>x. x \<in> sigma_sets sp st \<and> a i = A \<inter> x"
   600       by (auto simp: image_iff Bex_def)
   601     from choice[OF this] guess f ..
   602     then show ?case
   603       by (auto intro!: bexI[of _ "(\<Union>x. f x)"] sigma_sets.Union
   604                simp add: image_iff)
   605   qed (auto intro!: sigma_sets.intros(2-))
   606 qed
   607 
   608 lemma sigma_sets_empty_eq: "sigma_sets A {} = {{}, A}"
   609 proof (intro set_eqI iffI)
   610   fix a assume "a \<in> sigma_sets A {}" then show "a \<in> {{}, A}"
   611     by induct blast+
   612 qed (auto intro: sigma_sets.Empty sigma_sets_top)
   613 
   614 lemma sigma_sets_single[simp]: "sigma_sets A {A} = {{}, A}"
   615 proof (intro set_eqI iffI)
   616   fix x assume "x \<in> sigma_sets A {A}"
   617   then show "x \<in> {{}, A}"
   618     by induct blast+
   619 next
   620   fix x assume "x \<in> {{}, A}"
   621   then show "x \<in> sigma_sets A {A}"
   622     by (auto intro: sigma_sets.Empty sigma_sets_top)
   623 qed
   624 
   625 lemma sigma_sets_sigma_sets_eq:
   626   "M \<subseteq> Pow S \<Longrightarrow> sigma_sets S (sigma_sets S M) = sigma_sets S M"
   627   by (rule sigma_algebra.sigma_sets_eq[OF sigma_algebra_sigma_sets, of M S]) auto
   628 
   629 lemma sigma_sets_singleton:
   630   assumes "X \<subseteq> S"
   631   shows "sigma_sets S { X } = { {}, X, S - X, S }"
   632 proof -
   633   interpret sigma_algebra S "{ {}, X, S - X, S }"
   634     by (rule sigma_algebra_single_set) fact
   635   have "sigma_sets S { X } \<subseteq> sigma_sets S { {}, X, S - X, S }"
   636     by (rule sigma_sets_subseteq) simp
   637   moreover have "\<dots> = { {}, X, S - X, S }"
   638     using sigma_sets_eq by simp
   639   moreover
   640   { fix A assume "A \<in> { {}, X, S - X, S }"
   641     then have "A \<in> sigma_sets S { X }"
   642       by (auto intro: sigma_sets.intros(2-) sigma_sets_top) }
   643   ultimately have "sigma_sets S { X } = sigma_sets S { {}, X, S - X, S }"
   644     by (intro antisym) auto
   645   with sigma_sets_eq show ?thesis by simp
   646 qed
   647 
   648 lemma restricted_sigma:
   649   assumes S: "S \<in> sigma_sets \<Omega> M" and M: "M \<subseteq> Pow \<Omega>"
   650   shows "algebra.restricted_space (sigma_sets \<Omega> M) S =
   651     sigma_sets S (algebra.restricted_space M S)"
   652 proof -
   653   from S sigma_sets_into_sp[OF M]
   654   have "S \<in> sigma_sets \<Omega> M" "S \<subseteq> \<Omega>" by auto
   655   from sigma_sets_Int[OF this]
   656   show ?thesis by simp
   657 qed
   658 
   659 lemma sigma_sets_vimage_commute:
   660   assumes X: "X \<in> \<Omega> \<rightarrow> \<Omega>'"
   661   shows "{X -` A \<inter> \<Omega> |A. A \<in> sigma_sets \<Omega>' M'}
   662        = sigma_sets \<Omega> {X -` A \<inter> \<Omega> |A. A \<in> M'}" (is "?L = ?R")
   663 proof
   664   show "?L \<subseteq> ?R"
   665   proof clarify
   666     fix A assume "A \<in> sigma_sets \<Omega>' M'"
   667     then show "X -` A \<inter> \<Omega> \<in> ?R"
   668     proof induct
   669       case Empty then show ?case
   670         by (auto intro!: sigma_sets.Empty)
   671     next
   672       case (Compl B)
   673       have [simp]: "X -` (\<Omega>' - B) \<inter> \<Omega> = \<Omega> - (X -` B \<inter> \<Omega>)"
   674         by (auto simp add: funcset_mem [OF X])
   675       with Compl show ?case
   676         by (auto intro!: sigma_sets.Compl)
   677     next
   678       case (Union F)
   679       then show ?case
   680         by (auto simp add: vimage_UN UN_extend_simps(4) simp del: UN_simps
   681                  intro!: sigma_sets.Union)
   682     qed auto
   683   qed
   684   show "?R \<subseteq> ?L"
   685   proof clarify
   686     fix A assume "A \<in> ?R"
   687     then show "\<exists>B. A = X -` B \<inter> \<Omega> \<and> B \<in> sigma_sets \<Omega>' M'"
   688     proof induct
   689       case (Basic B) then show ?case by auto
   690     next
   691       case Empty then show ?case
   692         by (auto intro!: sigma_sets.Empty exI[of _ "{}"])
   693     next
   694       case (Compl B)
   695       then obtain A where A: "B = X -` A \<inter> \<Omega>" "A \<in> sigma_sets \<Omega>' M'" by auto
   696       then have [simp]: "\<Omega> - B = X -` (\<Omega>' - A) \<inter> \<Omega>"
   697         by (auto simp add: funcset_mem [OF X])
   698       with A(2) show ?case
   699         by (auto intro: sigma_sets.Compl)
   700     next
   701       case (Union F)
   702       then have "\<forall>i. \<exists>B. F i = X -` B \<inter> \<Omega> \<and> B \<in> sigma_sets \<Omega>' M'" by auto
   703       from choice[OF this] guess A .. note A = this
   704       with A show ?case
   705         by (auto simp: vimage_UN[symmetric] intro: sigma_sets.Union)
   706     qed
   707   qed
   708 qed
   709 
   710 section "Disjoint families"
   711 
   712 definition
   713   disjoint_family_on  where
   714   "disjoint_family_on A S \<longleftrightarrow> (\<forall>m\<in>S. \<forall>n\<in>S. m \<noteq> n \<longrightarrow> A m \<inter> A n = {})"
   715 
   716 abbreviation
   717   "disjoint_family A \<equiv> disjoint_family_on A UNIV"
   718 
   719 lemma range_subsetD: "range f \<subseteq> B \<Longrightarrow> f i \<in> B"
   720   by blast
   721 
   722 lemma Int_Diff_disjoint: "A \<inter> B \<inter> (A - B) = {}"
   723   by blast
   724 
   725 lemma Int_Diff_Un: "A \<inter> B \<union> (A - B) = A"
   726   by blast
   727 
   728 lemma disjoint_family_subset:
   729      "disjoint_family A \<Longrightarrow> (!!x. B x \<subseteq> A x) \<Longrightarrow> disjoint_family B"
   730   by (force simp add: disjoint_family_on_def)
   731 
   732 lemma disjoint_family_on_bisimulation:
   733   assumes "disjoint_family_on f S"
   734   and "\<And>n m. n \<in> S \<Longrightarrow> m \<in> S \<Longrightarrow> n \<noteq> m \<Longrightarrow> f n \<inter> f m = {} \<Longrightarrow> g n \<inter> g m = {}"
   735   shows "disjoint_family_on g S"
   736   using assms unfolding disjoint_family_on_def by auto
   737 
   738 lemma disjoint_family_on_mono:
   739   "A \<subseteq> B \<Longrightarrow> disjoint_family_on f B \<Longrightarrow> disjoint_family_on f A"
   740   unfolding disjoint_family_on_def by auto
   741 
   742 lemma disjoint_family_Suc:
   743   assumes Suc: "!!n. A n \<subseteq> A (Suc n)"
   744   shows "disjoint_family (\<lambda>i. A (Suc i) - A i)"
   745 proof -
   746   {
   747     fix m
   748     have "!!n. A n \<subseteq> A (m+n)"
   749     proof (induct m)
   750       case 0 show ?case by simp
   751     next
   752       case (Suc m) thus ?case
   753         by (metis Suc_eq_plus1 assms nat_add_commute nat_add_left_commute subset_trans)
   754     qed
   755   }
   756   hence "!!m n. m < n \<Longrightarrow> A m \<subseteq> A n"
   757     by (metis add_commute le_add_diff_inverse nat_less_le)
   758   thus ?thesis
   759     by (auto simp add: disjoint_family_on_def)
   760       (metis insert_absorb insert_subset le_SucE le_antisym not_leE)
   761 qed
   762 
   763 lemma setsum_indicator_disjoint_family:
   764   fixes f :: "'d \<Rightarrow> 'e::semiring_1"
   765   assumes d: "disjoint_family_on A P" and "x \<in> A j" and "finite P" and "j \<in> P"
   766   shows "(\<Sum>i\<in>P. f i * indicator (A i) x) = f j"
   767 proof -
   768   have "P \<inter> {i. x \<in> A i} = {j}"
   769     using d `x \<in> A j` `j \<in> P` unfolding disjoint_family_on_def
   770     by auto
   771   thus ?thesis
   772     unfolding indicator_def
   773     by (simp add: if_distrib setsum_cases[OF `finite P`])
   774 qed
   775 
   776 definition disjointed :: "(nat \<Rightarrow> 'a set) \<Rightarrow> nat \<Rightarrow> 'a set "
   777   where "disjointed A n = A n - (\<Union>i\<in>{0..<n}. A i)"
   778 
   779 lemma finite_UN_disjointed_eq: "(\<Union>i\<in>{0..<n}. disjointed A i) = (\<Union>i\<in>{0..<n}. A i)"
   780 proof (induct n)
   781   case 0 show ?case by simp
   782 next
   783   case (Suc n)
   784   thus ?case by (simp add: atLeastLessThanSuc disjointed_def)
   785 qed
   786 
   787 lemma UN_disjointed_eq: "(\<Union>i. disjointed A i) = (\<Union>i. A i)"
   788   apply (rule UN_finite2_eq [where k=0])
   789   apply (simp add: finite_UN_disjointed_eq)
   790   done
   791 
   792 lemma less_disjoint_disjointed: "m<n \<Longrightarrow> disjointed A m \<inter> disjointed A n = {}"
   793   by (auto simp add: disjointed_def)
   794 
   795 lemma disjoint_family_disjointed: "disjoint_family (disjointed A)"
   796   by (simp add: disjoint_family_on_def)
   797      (metis neq_iff Int_commute less_disjoint_disjointed)
   798 
   799 lemma disjointed_subset: "disjointed A n \<subseteq> A n"
   800   by (auto simp add: disjointed_def)
   801 
   802 lemma (in ring_of_sets) UNION_in_sets:
   803   fixes A:: "nat \<Rightarrow> 'a set"
   804   assumes A: "range A \<subseteq> M"
   805   shows  "(\<Union>i\<in>{0..<n}. A i) \<in> M"
   806 proof (induct n)
   807   case 0 show ?case by simp
   808 next
   809   case (Suc n)
   810   thus ?case
   811     by (simp add: atLeastLessThanSuc) (metis A Un UNIV_I image_subset_iff)
   812 qed
   813 
   814 lemma (in ring_of_sets) range_disjointed_sets:
   815   assumes A: "range A \<subseteq> M"
   816   shows  "range (disjointed A) \<subseteq> M"
   817 proof (auto simp add: disjointed_def)
   818   fix n
   819   show "A n - (\<Union>i\<in>{0..<n}. A i) \<in> M" using UNION_in_sets
   820     by (metis A Diff UNIV_I image_subset_iff)
   821 qed
   822 
   823 lemma (in algebra) range_disjointed_sets':
   824   "range A \<subseteq> M \<Longrightarrow> range (disjointed A) \<subseteq> M"
   825   using range_disjointed_sets .
   826 
   827 lemma disjointed_0[simp]: "disjointed A 0 = A 0"
   828   by (simp add: disjointed_def)
   829 
   830 lemma incseq_Un:
   831   "incseq A \<Longrightarrow> (\<Union>i\<le>n. A i) = A n"
   832   unfolding incseq_def by auto
   833 
   834 lemma disjointed_incseq:
   835   "incseq A \<Longrightarrow> disjointed A (Suc n) = A (Suc n) - A n"
   836   using incseq_Un[of A]
   837   by (simp add: disjointed_def atLeastLessThanSuc_atLeastAtMost atLeast0AtMost)
   838 
   839 lemma sigma_algebra_disjoint_iff:
   840   "sigma_algebra \<Omega> M \<longleftrightarrow> algebra \<Omega> M \<and>
   841     (\<forall>A. range A \<subseteq> M \<longrightarrow> disjoint_family A \<longrightarrow> (\<Union>i::nat. A i) \<in> M)"
   842 proof (auto simp add: sigma_algebra_iff)
   843   fix A :: "nat \<Rightarrow> 'a set"
   844   assume M: "algebra \<Omega> M"
   845      and A: "range A \<subseteq> M"
   846      and UnA: "\<forall>A. range A \<subseteq> M \<longrightarrow> disjoint_family A \<longrightarrow> (\<Union>i::nat. A i) \<in> M"
   847   hence "range (disjointed A) \<subseteq> M \<longrightarrow>
   848          disjoint_family (disjointed A) \<longrightarrow>
   849          (\<Union>i. disjointed A i) \<in> M" by blast
   850   hence "(\<Union>i. disjointed A i) \<in> M"
   851     by (simp add: algebra.range_disjointed_sets'[of \<Omega>] M A disjoint_family_disjointed)
   852   thus "(\<Union>i::nat. A i) \<in> M" by (simp add: UN_disjointed_eq)
   853 qed
   854 
   855 lemma disjoint_family_on_disjoint_image:
   856   "disjoint_family_on A I \<Longrightarrow> disjoint (A ` I)"
   857   unfolding disjoint_family_on_def disjoint_def by force
   858 
   859 lemma disjoint_image_disjoint_family_on:
   860   assumes d: "disjoint (A ` I)" and i: "inj_on A I"
   861   shows "disjoint_family_on A I"
   862   unfolding disjoint_family_on_def
   863 proof (intro ballI impI)
   864   fix n m assume nm: "m \<in> I" "n \<in> I" and "n \<noteq> m"
   865   with i[THEN inj_onD, of n m] show "A n \<inter> A m = {}"
   866     by (intro disjointD[OF d]) auto
   867 qed
   868 
   869 section {* Ring generated by a semiring *}
   870 
   871 definition (in semiring_of_sets)
   872   "generated_ring = { \<Union>C | C. C \<subseteq> M \<and> finite C \<and> disjoint C }"
   873 
   874 lemma (in semiring_of_sets) generated_ringE[elim?]:
   875   assumes "a \<in> generated_ring"
   876   obtains C where "finite C" "disjoint C" "C \<subseteq> M" "a = \<Union>C"
   877   using assms unfolding generated_ring_def by auto
   878 
   879 lemma (in semiring_of_sets) generated_ringI[intro?]:
   880   assumes "finite C" "disjoint C" "C \<subseteq> M" "a = \<Union>C"
   881   shows "a \<in> generated_ring"
   882   using assms unfolding generated_ring_def by auto
   883 
   884 lemma (in semiring_of_sets) generated_ringI_Basic:
   885   "A \<in> M \<Longrightarrow> A \<in> generated_ring"
   886   by (rule generated_ringI[of "{A}"]) (auto simp: disjoint_def)
   887 
   888 lemma (in semiring_of_sets) generated_ring_disjoint_Un[intro]:
   889   assumes a: "a \<in> generated_ring" and b: "b \<in> generated_ring"
   890   and "a \<inter> b = {}"
   891   shows "a \<union> b \<in> generated_ring"
   892 proof -
   893   from a guess Ca .. note Ca = this
   894   from b guess Cb .. note Cb = this
   895   show ?thesis
   896   proof
   897     show "disjoint (Ca \<union> Cb)"
   898       using `a \<inter> b = {}` Ca Cb by (auto intro!: disjoint_union)
   899   qed (insert Ca Cb, auto)
   900 qed
   901 
   902 lemma (in semiring_of_sets) generated_ring_empty: "{} \<in> generated_ring"
   903   by (auto simp: generated_ring_def disjoint_def)
   904 
   905 lemma (in semiring_of_sets) generated_ring_disjoint_Union:
   906   assumes "finite A" shows "A \<subseteq> generated_ring \<Longrightarrow> disjoint A \<Longrightarrow> \<Union>A \<in> generated_ring"
   907   using assms by (induct A) (auto simp: disjoint_def intro!: generated_ring_disjoint_Un generated_ring_empty)
   908 
   909 lemma (in semiring_of_sets) generated_ring_disjoint_UNION:
   910   "finite I \<Longrightarrow> disjoint (A ` I) \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> A i \<in> generated_ring) \<Longrightarrow> UNION I A \<in> generated_ring"
   911   unfolding SUP_def by (intro generated_ring_disjoint_Union) auto
   912 
   913 lemma (in semiring_of_sets) generated_ring_Int:
   914   assumes a: "a \<in> generated_ring" and b: "b \<in> generated_ring"
   915   shows "a \<inter> b \<in> generated_ring"
   916 proof -
   917   from a guess Ca .. note Ca = this
   918   from b guess Cb .. note Cb = this
   919   def C \<equiv> "(\<lambda>(a,b). a \<inter> b)` (Ca\<times>Cb)"
   920   show ?thesis
   921   proof
   922     show "disjoint C"
   923     proof (simp add: disjoint_def C_def, intro ballI impI)
   924       fix a1 b1 a2 b2 assume sets: "a1 \<in> Ca" "b1 \<in> Cb" "a2 \<in> Ca" "b2 \<in> Cb"
   925       assume "a1 \<inter> b1 \<noteq> a2 \<inter> b2"
   926       then have "a1 \<noteq> a2 \<or> b1 \<noteq> b2" by auto
   927       then show "(a1 \<inter> b1) \<inter> (a2 \<inter> b2) = {}"
   928       proof
   929         assume "a1 \<noteq> a2"
   930         with sets Ca have "a1 \<inter> a2 = {}"
   931           by (auto simp: disjoint_def)
   932         then show ?thesis by auto
   933       next
   934         assume "b1 \<noteq> b2"
   935         with sets Cb have "b1 \<inter> b2 = {}"
   936           by (auto simp: disjoint_def)
   937         then show ?thesis by auto
   938       qed
   939     qed
   940   qed (insert Ca Cb, auto simp: C_def)
   941 qed
   942 
   943 lemma (in semiring_of_sets) generated_ring_Inter:
   944   assumes "finite A" "A \<noteq> {}" shows "A \<subseteq> generated_ring \<Longrightarrow> \<Inter>A \<in> generated_ring"
   945   using assms by (induct A rule: finite_ne_induct) (auto intro: generated_ring_Int)
   946 
   947 lemma (in semiring_of_sets) generated_ring_INTER:
   948   "finite I \<Longrightarrow> I \<noteq> {} \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> A i \<in> generated_ring) \<Longrightarrow> INTER I A \<in> generated_ring"
   949   unfolding INF_def by (intro generated_ring_Inter) auto
   950 
   951 lemma (in semiring_of_sets) generating_ring:
   952   "ring_of_sets \<Omega> generated_ring"
   953 proof (rule ring_of_setsI)
   954   let ?R = generated_ring
   955   show "?R \<subseteq> Pow \<Omega>"
   956     using sets_into_space by (auto simp: generated_ring_def generated_ring_empty)
   957   show "{} \<in> ?R" by (rule generated_ring_empty)
   958 
   959   { fix a assume a: "a \<in> ?R" then guess Ca .. note Ca = this
   960     fix b assume b: "b \<in> ?R" then guess Cb .. note Cb = this
   961   
   962     show "a - b \<in> ?R"
   963     proof cases
   964       assume "Cb = {}" with Cb `a \<in> ?R` show ?thesis
   965         by simp
   966     next
   967       assume "Cb \<noteq> {}"
   968       with Ca Cb have "a - b = (\<Union>a'\<in>Ca. \<Inter>b'\<in>Cb. a' - b')" by auto
   969       also have "\<dots> \<in> ?R"
   970       proof (intro generated_ring_INTER generated_ring_disjoint_UNION)
   971         fix a b assume "a \<in> Ca" "b \<in> Cb"
   972         with Ca Cb Diff_cover[of a b] show "a - b \<in> ?R"
   973           by (auto simp add: generated_ring_def)
   974       next
   975         show "disjoint ((\<lambda>a'. \<Inter>b'\<in>Cb. a' - b')`Ca)"
   976           using Ca by (auto simp add: disjoint_def `Cb \<noteq> {}`)
   977       next
   978         show "finite Ca" "finite Cb" "Cb \<noteq> {}" by fact+
   979       qed
   980       finally show "a - b \<in> ?R" .
   981     qed }
   982   note Diff = this
   983 
   984   fix a b assume sets: "a \<in> ?R" "b \<in> ?R"
   985   have "a \<union> b = (a - b) \<union> (a \<inter> b) \<union> (b - a)" by auto
   986   also have "\<dots> \<in> ?R"
   987     by (intro sets generated_ring_disjoint_Un generated_ring_Int Diff) auto
   988   finally show "a \<union> b \<in> ?R" .
   989 qed
   990 
   991 lemma (in semiring_of_sets) sigma_sets_generated_ring_eq: "sigma_sets \<Omega> generated_ring = sigma_sets \<Omega> M"
   992 proof
   993   interpret M: sigma_algebra \<Omega> "sigma_sets \<Omega> M"
   994     using space_closed by (rule sigma_algebra_sigma_sets)
   995   show "sigma_sets \<Omega> generated_ring \<subseteq> sigma_sets \<Omega> M"
   996     by (blast intro!: sigma_sets_mono elim: generated_ringE)
   997 qed (auto intro!: generated_ringI_Basic sigma_sets_mono)
   998 
   999 section {* Measure type *}
  1000 
  1001 definition positive :: "'a set set \<Rightarrow> ('a set \<Rightarrow> ereal) \<Rightarrow> bool" where
  1002   "positive M \<mu> \<longleftrightarrow> \<mu> {} = 0 \<and> (\<forall>A\<in>M. 0 \<le> \<mu> A)"
  1003 
  1004 definition countably_additive :: "'a set set \<Rightarrow> ('a set \<Rightarrow> ereal) \<Rightarrow> bool" where
  1005   "countably_additive M f \<longleftrightarrow> (\<forall>A. range A \<subseteq> M \<longrightarrow> disjoint_family A \<longrightarrow> (\<Union>i. A i) \<in> M \<longrightarrow>
  1006     (\<Sum>i. f (A i)) = f (\<Union>i. A i))"
  1007 
  1008 definition measure_space :: "'a set \<Rightarrow> 'a set set \<Rightarrow> ('a set \<Rightarrow> ereal) \<Rightarrow> bool" where
  1009   "measure_space \<Omega> A \<mu> \<longleftrightarrow> sigma_algebra \<Omega> A \<and> positive A \<mu> \<and> countably_additive A \<mu>"
  1010 
  1011 typedef 'a measure = "{(\<Omega>::'a set, A, \<mu>). (\<forall>a\<in>-A. \<mu> a = 0) \<and> measure_space \<Omega> A \<mu> }"
  1012 proof
  1013   have "sigma_algebra UNIV {{}, UNIV}"
  1014     by (auto simp: sigma_algebra_iff2)
  1015   then show "(UNIV, {{}, UNIV}, \<lambda>A. 0) \<in> {(\<Omega>, A, \<mu>). (\<forall>a\<in>-A. \<mu> a = 0) \<and> measure_space \<Omega> A \<mu>} "
  1016     by (auto simp: measure_space_def positive_def countably_additive_def)
  1017 qed
  1018 
  1019 definition space :: "'a measure \<Rightarrow> 'a set" where
  1020   "space M = fst (Rep_measure M)"
  1021 
  1022 definition sets :: "'a measure \<Rightarrow> 'a set set" where
  1023   "sets M = fst (snd (Rep_measure M))"
  1024 
  1025 definition emeasure :: "'a measure \<Rightarrow> 'a set \<Rightarrow> ereal" where
  1026   "emeasure M = snd (snd (Rep_measure M))"
  1027 
  1028 definition measure :: "'a measure \<Rightarrow> 'a set \<Rightarrow> real" where
  1029   "measure M A = real (emeasure M A)"
  1030 
  1031 declare [[coercion sets]]
  1032 
  1033 declare [[coercion measure]]
  1034 
  1035 declare [[coercion emeasure]]
  1036 
  1037 lemma measure_space: "measure_space (space M) (sets M) (emeasure M)"
  1038   by (cases M) (auto simp: space_def sets_def emeasure_def Abs_measure_inverse)
  1039 
  1040 interpretation sets!: sigma_algebra "space M" "sets M" for M :: "'a measure"
  1041   using measure_space[of M] by (auto simp: measure_space_def)
  1042 
  1043 definition measure_of :: "'a set \<Rightarrow> 'a set set \<Rightarrow> ('a set \<Rightarrow> ereal) \<Rightarrow> 'a measure" where
  1044   "measure_of \<Omega> A \<mu> = Abs_measure (\<Omega>, sigma_sets \<Omega> A,
  1045     \<lambda>a. if a \<in> sigma_sets \<Omega> A \<and> measure_space \<Omega> (sigma_sets \<Omega> A) \<mu> then \<mu> a else 0)"
  1046 
  1047 abbreviation "sigma \<Omega> A \<equiv> measure_of \<Omega> A (\<lambda>x. 0)"
  1048 
  1049 lemma measure_space_0: "A \<subseteq> Pow \<Omega> \<Longrightarrow> measure_space \<Omega> (sigma_sets \<Omega> A) (\<lambda>x. 0)"
  1050   unfolding measure_space_def
  1051   by (auto intro!: sigma_algebra_sigma_sets simp: positive_def countably_additive_def)
  1052 
  1053 lemma (in ring_of_sets) positive_cong_eq:
  1054   "(\<And>a. a \<in> M \<Longrightarrow> \<mu>' a = \<mu> a) \<Longrightarrow> positive M \<mu>' = positive M \<mu>"
  1055   by (auto simp add: positive_def)
  1056 
  1057 lemma (in sigma_algebra) countably_additive_eq:
  1058   "(\<And>a. a \<in> M \<Longrightarrow> \<mu>' a = \<mu> a) \<Longrightarrow> countably_additive M \<mu>' = countably_additive M \<mu>"
  1059   unfolding countably_additive_def
  1060   by (intro arg_cong[where f=All] ext) (auto simp add: countably_additive_def subset_eq)
  1061 
  1062 lemma measure_space_eq:
  1063   assumes closed: "A \<subseteq> Pow \<Omega>" and eq: "\<And>a. a \<in> sigma_sets \<Omega> A \<Longrightarrow> \<mu> a = \<mu>' a"
  1064   shows "measure_space \<Omega> (sigma_sets \<Omega> A) \<mu> = measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>'"
  1065 proof -
  1066   interpret sigma_algebra \<Omega> "sigma_sets \<Omega> A" using closed by (rule sigma_algebra_sigma_sets)
  1067   from positive_cong_eq[OF eq, of "\<lambda>i. i"] countably_additive_eq[OF eq, of "\<lambda>i. i"] show ?thesis
  1068     by (auto simp: measure_space_def)
  1069 qed
  1070 
  1071 lemma measure_of_eq:
  1072   assumes closed: "A \<subseteq> Pow \<Omega>" and eq: "(\<And>a. a \<in> sigma_sets \<Omega> A \<Longrightarrow> \<mu> a = \<mu>' a)"
  1073   shows "measure_of \<Omega> A \<mu> = measure_of \<Omega> A \<mu>'"
  1074 proof -
  1075   have "measure_space \<Omega> (sigma_sets \<Omega> A) \<mu> = measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>'"
  1076     using assms by (rule measure_space_eq)
  1077   with eq show ?thesis
  1078     by (auto simp add: measure_of_def intro!: arg_cong[where f=Abs_measure])
  1079 qed
  1080 
  1081 lemma
  1082   assumes A: "A \<subseteq> Pow \<Omega>"
  1083   shows sets_measure_of[simp]: "sets (measure_of \<Omega> A \<mu>) = sigma_sets \<Omega> A" (is ?sets)
  1084     and space_measure_of[simp]: "space (measure_of \<Omega> A \<mu>) = \<Omega>" (is ?space)
  1085 proof -
  1086   have "?sets \<and> ?space"
  1087   proof cases
  1088     assume "measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>"
  1089     moreover have "measure_space \<Omega> (sigma_sets \<Omega> A) \<mu> = measure_space \<Omega> (sigma_sets \<Omega> A)
  1090        (\<lambda>a. if a \<in> sigma_sets \<Omega> A then \<mu> a else 0)"
  1091       using A by (rule measure_space_eq) auto
  1092     ultimately show "?sets \<and> ?space"
  1093       by (auto simp: Abs_measure_inverse measure_of_def sets_def space_def)
  1094   next
  1095     assume "\<not> measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>"
  1096     with A show "?sets \<and> ?space"
  1097       by (auto simp: Abs_measure_inverse measure_of_def sets_def space_def measure_space_0)
  1098   qed
  1099   then show ?sets ?space by auto
  1100 qed
  1101 
  1102 lemma (in sigma_algebra) sets_measure_of_eq[simp]:
  1103   "sets (measure_of \<Omega> M \<mu>) = M"
  1104   using space_closed by (auto intro!: sigma_sets_eq)
  1105 
  1106 lemma (in sigma_algebra) space_measure_of_eq[simp]:
  1107   "space (measure_of \<Omega> M \<mu>) = \<Omega>"
  1108   using space_closed by (auto intro!: sigma_sets_eq)
  1109 
  1110 lemma measure_of_subset:
  1111   "M \<subseteq> Pow \<Omega> \<Longrightarrow> M' \<subseteq> M \<Longrightarrow> sets (measure_of \<Omega> M' \<mu>) \<subseteq> sets (measure_of \<Omega> M \<mu>')"
  1112   by (auto intro!: sigma_sets_subseteq)
  1113 
  1114 lemma sigma_sets_mono'':
  1115   assumes "A \<in> sigma_sets C D"
  1116   assumes "B \<subseteq> D"
  1117   assumes "D \<subseteq> Pow C"
  1118   shows "sigma_sets A B \<subseteq> sigma_sets C D"
  1119 proof
  1120   fix x assume "x \<in> sigma_sets A B"
  1121   thus "x \<in> sigma_sets C D"
  1122   proof induct
  1123     case (Basic a) with assms have "a \<in> D" by auto
  1124     thus ?case ..
  1125   next
  1126     case Empty show ?case by (rule sigma_sets.Empty)
  1127   next
  1128     from assms have "A \<in> sets (sigma C D)" by (subst sets_measure_of[OF `D \<subseteq> Pow C`])
  1129     moreover case (Compl a) hence "a \<in> sets (sigma C D)" by (subst sets_measure_of[OF `D \<subseteq> Pow C`])
  1130     ultimately have "A - a \<in> sets (sigma C D)" ..
  1131     thus ?case by (subst (asm) sets_measure_of[OF `D \<subseteq> Pow C`])
  1132   next
  1133     case (Union a)
  1134     thus ?case by (intro sigma_sets.Union)
  1135   qed
  1136 qed
  1137 
  1138 lemma in_measure_of[intro, simp]: "M \<subseteq> Pow \<Omega> \<Longrightarrow> A \<in> M \<Longrightarrow> A \<in> sets (measure_of \<Omega> M \<mu>)"
  1139   by auto
  1140 
  1141 section {* Constructing simple @{typ "'a measure"} *}
  1142 
  1143 lemma emeasure_measure_of:
  1144   assumes M: "M = measure_of \<Omega> A \<mu>"
  1145   assumes ms: "A \<subseteq> Pow \<Omega>" "positive (sets M) \<mu>" "countably_additive (sets M) \<mu>"
  1146   assumes X: "X \<in> sets M"
  1147   shows "emeasure M X = \<mu> X"
  1148 proof -
  1149   interpret sigma_algebra \<Omega> "sigma_sets \<Omega> A" by (rule sigma_algebra_sigma_sets) fact
  1150   have "measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>"
  1151     using ms M by (simp add: measure_space_def sigma_algebra_sigma_sets)
  1152   moreover have "measure_space \<Omega> (sigma_sets \<Omega> A) (\<lambda>a. if a \<in> sigma_sets \<Omega> A then \<mu> a else 0)
  1153     = measure_space \<Omega> (sigma_sets \<Omega> A) \<mu>"
  1154     using ms(1) by (rule measure_space_eq) auto
  1155   moreover have "X \<in> sigma_sets \<Omega> A"
  1156     using X M ms by simp
  1157   ultimately show ?thesis
  1158     unfolding emeasure_def measure_of_def M
  1159     by (subst Abs_measure_inverse) (simp_all add: sigma_sets_eq)
  1160 qed
  1161 
  1162 lemma emeasure_measure_of_sigma:
  1163   assumes ms: "sigma_algebra \<Omega> M" "positive M \<mu>" "countably_additive M \<mu>"
  1164   assumes A: "A \<in> M"
  1165   shows "emeasure (measure_of \<Omega> M \<mu>) A = \<mu> A"
  1166 proof -
  1167   interpret sigma_algebra \<Omega> M by fact
  1168   have "measure_space \<Omega> (sigma_sets \<Omega> M) \<mu>"
  1169     using ms sigma_sets_eq by (simp add: measure_space_def)
  1170   moreover have "measure_space \<Omega> (sigma_sets \<Omega> M) (\<lambda>a. if a \<in> sigma_sets \<Omega> M then \<mu> a else 0)
  1171     = measure_space \<Omega> (sigma_sets \<Omega> M) \<mu>"
  1172     using space_closed by (rule measure_space_eq) auto
  1173   ultimately show ?thesis using A
  1174     unfolding emeasure_def measure_of_def
  1175     by (subst Abs_measure_inverse) (simp_all add: sigma_sets_eq)
  1176 qed
  1177 
  1178 lemma measure_cases[cases type: measure]:
  1179   obtains (measure) \<Omega> A \<mu> where "x = Abs_measure (\<Omega>, A, \<mu>)" "\<forall>a\<in>-A. \<mu> a = 0" "measure_space \<Omega> A \<mu>"
  1180   by atomize_elim (cases x, auto)
  1181 
  1182 lemma sets_eq_imp_space_eq:
  1183   "sets M = sets M' \<Longrightarrow> space M = space M'"
  1184   using sets.top[of M] sets.top[of M'] sets.space_closed[of M] sets.space_closed[of M']
  1185   by blast
  1186 
  1187 lemma emeasure_notin_sets: "A \<notin> sets M \<Longrightarrow> emeasure M A = 0"
  1188   by (cases M) (auto simp: sets_def emeasure_def Abs_measure_inverse measure_space_def)
  1189 
  1190 lemma measure_notin_sets: "A \<notin> sets M \<Longrightarrow> measure M A = 0"
  1191   by (simp add: measure_def emeasure_notin_sets)
  1192 
  1193 lemma measure_eqI:
  1194   fixes M N :: "'a measure"
  1195   assumes "sets M = sets N" and eq: "\<And>A. A \<in> sets M \<Longrightarrow> emeasure M A = emeasure N A"
  1196   shows "M = N"
  1197 proof (cases M N rule: measure_cases[case_product measure_cases])
  1198   case (measure_measure \<Omega> A \<mu> \<Omega>' A' \<mu>')
  1199   interpret M: sigma_algebra \<Omega> A using measure_measure by (auto simp: measure_space_def)
  1200   interpret N: sigma_algebra \<Omega>' A' using measure_measure by (auto simp: measure_space_def)
  1201   have "A = sets M" "A' = sets N"
  1202     using measure_measure by (simp_all add: sets_def Abs_measure_inverse)
  1203   with `sets M = sets N` have "A = A'" by simp
  1204   moreover with M.top N.top M.space_closed N.space_closed have "\<Omega> = \<Omega>'" by auto
  1205   moreover { fix B have "\<mu> B = \<mu>' B"
  1206     proof cases
  1207       assume "B \<in> A"
  1208       with eq `A = sets M` have "emeasure M B = emeasure N B" by simp
  1209       with measure_measure show "\<mu> B = \<mu>' B"
  1210         by (simp add: emeasure_def Abs_measure_inverse)
  1211     next
  1212       assume "B \<notin> A"
  1213       with `A = sets M` `A' = sets N` `A = A'` have "B \<notin> sets M" "B \<notin> sets N"
  1214         by auto
  1215       then have "emeasure M B = 0" "emeasure N B = 0"
  1216         by (simp_all add: emeasure_notin_sets)
  1217       with measure_measure show "\<mu> B = \<mu>' B"
  1218         by (simp add: emeasure_def Abs_measure_inverse)
  1219     qed }
  1220   then have "\<mu> = \<mu>'" by auto
  1221   ultimately show "M = N"
  1222     by (simp add: measure_measure)
  1223 qed
  1224 
  1225 lemma emeasure_sigma: "A \<subseteq> Pow \<Omega> \<Longrightarrow> emeasure (sigma \<Omega> A) = (\<lambda>_. 0)"
  1226   using measure_space_0[of A \<Omega>]
  1227   by (simp add: measure_of_def emeasure_def Abs_measure_inverse)
  1228 
  1229 lemma sigma_eqI:
  1230   assumes [simp]: "M \<subseteq> Pow \<Omega>" "N \<subseteq> Pow \<Omega>" "sigma_sets \<Omega> M = sigma_sets \<Omega> N"
  1231   shows "sigma \<Omega> M = sigma \<Omega> N"
  1232   by (rule measure_eqI) (simp_all add: emeasure_sigma)
  1233 
  1234 section {* Measurable functions *}
  1235 
  1236 definition measurable :: "'a measure \<Rightarrow> 'b measure \<Rightarrow> ('a \<Rightarrow> 'b) set" where
  1237   "measurable A B = {f \<in> space A -> space B. \<forall>y \<in> sets B. f -` y \<inter> space A \<in> sets A}"
  1238 
  1239 lemma measurable_space:
  1240   "f \<in> measurable M A \<Longrightarrow> x \<in> space M \<Longrightarrow> f x \<in> space A"
  1241    unfolding measurable_def by auto
  1242 
  1243 lemma measurable_sets:
  1244   "f \<in> measurable M A \<Longrightarrow> S \<in> sets A \<Longrightarrow> f -` S \<inter> space M \<in> sets M"
  1245    unfolding measurable_def by auto
  1246 
  1247 lemma measurable_sets_Collect:
  1248   assumes f: "f \<in> measurable M N" and P: "{x\<in>space N. P x} \<in> sets N" shows "{x\<in>space M. P (f x)} \<in> sets M"
  1249 proof -
  1250   have "f -` {x \<in> space N. P x} \<inter> space M = {x\<in>space M. P (f x)}"
  1251     using measurable_space[OF f] by auto
  1252   with measurable_sets[OF f P] show ?thesis
  1253     by simp
  1254 qed
  1255 
  1256 lemma measurable_sigma_sets:
  1257   assumes B: "sets N = sigma_sets \<Omega> A" "A \<subseteq> Pow \<Omega>"
  1258       and f: "f \<in> space M \<rightarrow> \<Omega>"
  1259       and ba: "\<And>y. y \<in> A \<Longrightarrow> (f -` y) \<inter> space M \<in> sets M"
  1260   shows "f \<in> measurable M N"
  1261 proof -
  1262   interpret A: sigma_algebra \<Omega> "sigma_sets \<Omega> A" using B(2) by (rule sigma_algebra_sigma_sets)
  1263   from B sets.top[of N] A.top sets.space_closed[of N] A.space_closed have \<Omega>: "\<Omega> = space N" by force
  1264   
  1265   { fix X assume "X \<in> sigma_sets \<Omega> A"
  1266     then have "f -` X \<inter> space M \<in> sets M \<and> X \<subseteq> \<Omega>"
  1267       proof induct
  1268         case (Basic a) then show ?case
  1269           by (auto simp add: ba) (metis B(2) subsetD PowD)
  1270       next
  1271         case (Compl a)
  1272         have [simp]: "f -` \<Omega> \<inter> space M = space M"
  1273           by (auto simp add: funcset_mem [OF f])
  1274         then show ?case
  1275           by (auto simp add: vimage_Diff Diff_Int_distrib2 sets.compl_sets Compl)
  1276       next
  1277         case (Union a)
  1278         then show ?case
  1279           by (simp add: vimage_UN, simp only: UN_extend_simps(4)) blast
  1280       qed auto }
  1281   with f show ?thesis
  1282     by (auto simp add: measurable_def B \<Omega>)
  1283 qed
  1284 
  1285 lemma measurable_measure_of:
  1286   assumes B: "N \<subseteq> Pow \<Omega>"
  1287       and f: "f \<in> space M \<rightarrow> \<Omega>"
  1288       and ba: "\<And>y. y \<in> N \<Longrightarrow> (f -` y) \<inter> space M \<in> sets M"
  1289   shows "f \<in> measurable M (measure_of \<Omega> N \<mu>)"
  1290 proof -
  1291   have "sets (measure_of \<Omega> N \<mu>) = sigma_sets \<Omega> N"
  1292     using B by (rule sets_measure_of)
  1293   from this assms show ?thesis by (rule measurable_sigma_sets)
  1294 qed
  1295 
  1296 lemma measurable_iff_measure_of:
  1297   assumes "N \<subseteq> Pow \<Omega>" "f \<in> space M \<rightarrow> \<Omega>"
  1298   shows "f \<in> measurable M (measure_of \<Omega> N \<mu>) \<longleftrightarrow> (\<forall>A\<in>N. f -` A \<inter> space M \<in> sets M)"
  1299   by (metis assms in_measure_of measurable_measure_of assms measurable_sets)
  1300 
  1301 lemma measurable_cong_sets:
  1302   assumes sets: "sets M = sets M'" "sets N = sets N'"
  1303   shows "measurable M N = measurable M' N'"
  1304   using sets[THEN sets_eq_imp_space_eq] sets by (simp add: measurable_def)
  1305 
  1306 lemma measurable_cong:
  1307   assumes "\<And> w. w \<in> space M \<Longrightarrow> f w = g w"
  1308   shows "f \<in> measurable M M' \<longleftrightarrow> g \<in> measurable M M'"
  1309   unfolding measurable_def using assms
  1310   by (simp cong: vimage_inter_cong Pi_cong)
  1311 
  1312 lemma measurable_eqI:
  1313      "\<lbrakk> space m1 = space m1' ; space m2 = space m2' ;
  1314         sets m1 = sets m1' ; sets m2 = sets m2' \<rbrakk>
  1315       \<Longrightarrow> measurable m1 m2 = measurable m1' m2'"
  1316   by (simp add: measurable_def sigma_algebra_iff2)
  1317 
  1318 lemma measurable_compose:
  1319   assumes f: "f \<in> measurable M N" and g: "g \<in> measurable N L"
  1320   shows "(\<lambda>x. g (f x)) \<in> measurable M L"
  1321 proof -
  1322   have "\<And>A. (\<lambda>x. g (f x)) -` A \<inter> space M = f -` (g -` A \<inter> space N) \<inter> space M"
  1323     using measurable_space[OF f] by auto
  1324   with measurable_space[OF f] measurable_space[OF g] show ?thesis
  1325     by (auto intro: measurable_sets[OF f] measurable_sets[OF g]
  1326              simp del: vimage_Int simp add: measurable_def)
  1327 qed
  1328 
  1329 lemma measurable_comp:
  1330   "f \<in> measurable M N \<Longrightarrow> g \<in> measurable N L \<Longrightarrow> g \<circ> f \<in> measurable M L"
  1331   using measurable_compose[of f M N g L] by (simp add: comp_def)
  1332 
  1333 lemma measurable_const:
  1334   "c \<in> space M' \<Longrightarrow> (\<lambda>x. c) \<in> measurable M M'"
  1335   by (auto simp add: measurable_def)
  1336 
  1337 lemma measurable_If:
  1338   assumes measure: "f \<in> measurable M M'" "g \<in> measurable M M'"
  1339   assumes P: "{x\<in>space M. P x} \<in> sets M"
  1340   shows "(\<lambda>x. if P x then f x else g x) \<in> measurable M M'"
  1341   unfolding measurable_def
  1342 proof safe
  1343   fix x assume "x \<in> space M"
  1344   thus "(if P x then f x else g x) \<in> space M'"
  1345     using measure unfolding measurable_def by auto
  1346 next
  1347   fix A assume "A \<in> sets M'"
  1348   hence *: "(\<lambda>x. if P x then f x else g x) -` A \<inter> space M =
  1349     ((f -` A \<inter> space M) \<inter> {x\<in>space M. P x}) \<union>
  1350     ((g -` A \<inter> space M) \<inter> (space M - {x\<in>space M. P x}))"
  1351     using measure unfolding measurable_def by (auto split: split_if_asm)
  1352   show "(\<lambda>x. if P x then f x else g x) -` A \<inter> space M \<in> sets M"
  1353     using `A \<in> sets M'` measure P unfolding * measurable_def
  1354     by (auto intro!: sets.Un)
  1355 qed
  1356 
  1357 lemma measurable_If_set:
  1358   assumes measure: "f \<in> measurable M M'" "g \<in> measurable M M'"
  1359   assumes P: "A \<inter> space M \<in> sets M"
  1360   shows "(\<lambda>x. if x \<in> A then f x else g x) \<in> measurable M M'"
  1361 proof (rule measurable_If[OF measure])
  1362   have "{x \<in> space M. x \<in> A} = A \<inter> space M" by auto
  1363   thus "{x \<in> space M. x \<in> A} \<in> sets M" using `A \<inter> space M \<in> sets M` by auto
  1364 qed
  1365 
  1366 lemma measurable_ident: "id \<in> measurable M M"
  1367   by (auto simp add: measurable_def)
  1368 
  1369 lemma measurable_ident_sets:
  1370   assumes eq: "sets M = sets M'" shows "(\<lambda>x. x) \<in> measurable M M'"
  1371   using measurable_ident[of M]
  1372   unfolding id_def measurable_def eq sets_eq_imp_space_eq[OF eq] .
  1373 
  1374 lemma sets_Least:
  1375   assumes meas: "\<And>i::nat. {x\<in>space M. P i x} \<in> M"
  1376   shows "(\<lambda>x. LEAST j. P j x) -` A \<inter> space M \<in> sets M"
  1377 proof -
  1378   { fix i have "(\<lambda>x. LEAST j. P j x) -` {i} \<inter> space M \<in> sets M"
  1379     proof cases
  1380       assume i: "(LEAST j. False) = i"
  1381       have "(\<lambda>x. LEAST j. P j x) -` {i} \<inter> space M =
  1382         {x\<in>space M. P i x} \<inter> (space M - (\<Union>j<i. {x\<in>space M. P j x})) \<union> (space M - (\<Union>i. {x\<in>space M. P i x}))"
  1383         by (simp add: set_eq_iff, safe)
  1384            (insert i, auto dest: Least_le intro: LeastI intro!: Least_equality)
  1385       with meas show ?thesis
  1386         by (auto intro!: sets.Int)
  1387     next
  1388       assume i: "(LEAST j. False) \<noteq> i"
  1389       then have "(\<lambda>x. LEAST j. P j x) -` {i} \<inter> space M =
  1390         {x\<in>space M. P i x} \<inter> (space M - (\<Union>j<i. {x\<in>space M. P j x}))"
  1391       proof (simp add: set_eq_iff, safe)
  1392         fix x assume neq: "(LEAST j. False) \<noteq> (LEAST j. P j x)"
  1393         have "\<exists>j. P j x"
  1394           by (rule ccontr) (insert neq, auto)
  1395         then show "P (LEAST j. P j x) x" by (rule LeastI_ex)
  1396       qed (auto dest: Least_le intro!: Least_equality)
  1397       with meas show ?thesis
  1398         by auto
  1399     qed }
  1400   then have "(\<Union>i\<in>A. (\<lambda>x. LEAST j. P j x) -` {i} \<inter> space M) \<in> sets M"
  1401     by (intro sets.countable_UN) auto
  1402   moreover have "(\<Union>i\<in>A. (\<lambda>x. LEAST j. P j x) -` {i} \<inter> space M) =
  1403     (\<lambda>x. LEAST j. P j x) -` A \<inter> space M" by auto
  1404   ultimately show ?thesis by auto
  1405 qed
  1406 
  1407 lemma measurable_strong:
  1408   fixes f :: "'a \<Rightarrow> 'b" and g :: "'b \<Rightarrow> 'c"
  1409   assumes f: "f \<in> measurable a b" and g: "g \<in> space b \<rightarrow> space c"
  1410       and t: "f ` (space a) \<subseteq> t"
  1411       and cb: "\<And>s. s \<in> sets c \<Longrightarrow> (g -` s) \<inter> t \<in> sets b"
  1412   shows "(g o f) \<in> measurable a c"
  1413 proof -
  1414   have fab: "f \<in> (space a -> space b)"
  1415    and ba: "\<And>y. y \<in> sets b \<Longrightarrow> (f -` y) \<inter> (space a) \<in> sets a" using f
  1416      by (auto simp add: measurable_def)
  1417   have eq: "\<And>y. f -` g -` y \<inter> space a = f -` (g -` y \<inter> t) \<inter> space a" using t
  1418     by force
  1419   show ?thesis
  1420     apply (auto simp add: measurable_def vimage_compose)
  1421     apply (metis funcset_mem fab g)
  1422     apply (subst eq, metis ba cb)
  1423     done
  1424 qed
  1425 
  1426 lemma measurable_mono1:
  1427   "M' \<subseteq> Pow \<Omega> \<Longrightarrow> M \<subseteq> M' \<Longrightarrow>
  1428     measurable (measure_of \<Omega> M \<mu>) N \<subseteq> measurable (measure_of \<Omega> M' \<mu>') N"
  1429   using measure_of_subset[of M' \<Omega> M] by (auto simp add: measurable_def)
  1430 
  1431 section {* Counting space *}
  1432 
  1433 definition count_space :: "'a set \<Rightarrow> 'a measure" where
  1434   "count_space \<Omega> = measure_of \<Omega> (Pow \<Omega>) (\<lambda>A. if finite A then ereal (card A) else \<infinity>)"
  1435 
  1436 lemma 
  1437   shows space_count_space[simp]: "space (count_space \<Omega>) = \<Omega>"
  1438     and sets_count_space[simp]: "sets (count_space \<Omega>) = Pow \<Omega>"
  1439   using sigma_sets_into_sp[of "Pow \<Omega>" \<Omega>]
  1440   by (auto simp: count_space_def)
  1441 
  1442 lemma measurable_count_space_eq1[simp]:
  1443   "f \<in> measurable (count_space A) M \<longleftrightarrow> f \<in> A \<rightarrow> space M"
  1444  unfolding measurable_def by simp
  1445 
  1446 lemma measurable_count_space_eq2:
  1447   assumes "finite A"
  1448   shows "f \<in> measurable M (count_space A) \<longleftrightarrow> (f \<in> space M \<rightarrow> A \<and> (\<forall>a\<in>A. f -` {a} \<inter> space M \<in> sets M))"
  1449 proof -
  1450   { fix X assume "X \<subseteq> A" "f \<in> space M \<rightarrow> A"
  1451     with `finite A` have "f -` X \<inter> space M = (\<Union>a\<in>X. f -` {a} \<inter> space M)" "finite X"
  1452       by (auto dest: finite_subset)
  1453     moreover assume "\<forall>a\<in>A. f -` {a} \<inter> space M \<in> sets M"
  1454     ultimately have "f -` X \<inter> space M \<in> sets M"
  1455       using `X \<subseteq> A` by (auto intro!: sets.finite_UN simp del: UN_simps) }
  1456   then show ?thesis
  1457     unfolding measurable_def by auto
  1458 qed
  1459 
  1460 lemma measurable_compose_countable:
  1461   assumes f: "\<And>i::'i::countable. (\<lambda>x. f i x) \<in> measurable M N" and g: "g \<in> measurable M (count_space UNIV)"
  1462   shows "(\<lambda>x. f (g x) x) \<in> measurable M N"
  1463   unfolding measurable_def
  1464 proof safe
  1465   fix x assume "x \<in> space M" then show "f (g x) x \<in> space N"
  1466     using f[THEN measurable_space] g[THEN measurable_space] by auto
  1467 next
  1468   fix A assume A: "A \<in> sets N"
  1469   have "(\<lambda>x. f (g x) x) -` A \<inter> space M = (\<Union>i. (g -` {i} \<inter> space M) \<inter> (f i -` A \<inter> space M))"
  1470     by auto
  1471   also have "\<dots> \<in> sets M" using f[THEN measurable_sets, OF A] g[THEN measurable_sets]
  1472     by (auto intro!: sets.countable_UN measurable_sets)
  1473   finally show "(\<lambda>x. f (g x) x) -` A \<inter> space M \<in> sets M" .
  1474 qed
  1475 
  1476 subsection {* Measurable method *}
  1477 
  1478 lemma (in algebra) sets_Collect_finite_All:
  1479   assumes "\<And>i. i \<in> S \<Longrightarrow> {x\<in>\<Omega>. P i x} \<in> M" "finite S"
  1480   shows "{x\<in>\<Omega>. \<forall>i\<in>S. P i x} \<in> M"
  1481 proof -
  1482   have "{x\<in>\<Omega>. \<forall>i\<in>S. P i x} = (if S = {} then \<Omega> else \<Inter>i\<in>S. {x\<in>\<Omega>. P i x})"
  1483     by auto
  1484   with assms show ?thesis by (auto intro!: sets_Collect_finite_All')
  1485 qed
  1486 
  1487 abbreviation "pred M P \<equiv> P \<in> measurable M (count_space (UNIV::bool set))"
  1488 
  1489 lemma pred_def: "pred M P \<longleftrightarrow> {x\<in>space M. P x} \<in> sets M"
  1490 proof
  1491   assume "pred M P"
  1492   then have "P -` {True} \<inter> space M \<in> sets M"
  1493     by (auto simp: measurable_count_space_eq2)
  1494   also have "P -` {True} \<inter> space M = {x\<in>space M. P x}" by auto
  1495   finally show "{x\<in>space M. P x} \<in> sets M" .
  1496 next
  1497   assume P: "{x\<in>space M. P x} \<in> sets M"
  1498   moreover
  1499   { fix X
  1500     have "X \<in> Pow (UNIV :: bool set)" by simp
  1501     then have "P -` X \<inter> space M = {x\<in>space M. ((X = {True} \<longrightarrow> P x) \<and> (X = {False} \<longrightarrow> \<not> P x) \<and> X \<noteq> {})}"
  1502       unfolding UNIV_bool Pow_insert Pow_empty by auto
  1503     then have "P -` X \<inter> space M \<in> sets M"
  1504       by (auto intro!: sets.sets_Collect_neg sets.sets_Collect_imp sets.sets_Collect_conj sets.sets_Collect_const P) }
  1505   then show "pred M P"
  1506     by (auto simp: measurable_def)
  1507 qed
  1508 
  1509 lemma pred_sets1: "{x\<in>space M. P x} \<in> sets M \<Longrightarrow> f \<in> measurable N M \<Longrightarrow> pred N (\<lambda>x. P (f x))"
  1510   by (rule measurable_compose[where f=f and N=M]) (auto simp: pred_def)
  1511 
  1512 lemma pred_sets2: "A \<in> sets N \<Longrightarrow> f \<in> measurable M N \<Longrightarrow> pred M (\<lambda>x. f x \<in> A)"
  1513   by (rule measurable_compose[where f=f and N=N]) (auto simp: pred_def Int_def[symmetric])
  1514 
  1515 lemma measurable_count_space_const:
  1516   "(\<lambda>x. c) \<in> measurable M (count_space UNIV)"
  1517   by (simp add: measurable_const)
  1518 
  1519 lemma measurable_count_space:
  1520   "f \<in> measurable (count_space A) (count_space UNIV)"
  1521   by simp
  1522 
  1523 lemma measurable_compose_rev:
  1524   assumes f: "f \<in> measurable L N" and g: "g \<in> measurable M L"
  1525   shows "(\<lambda>x. f (g x)) \<in> measurable M N"
  1526   using measurable_compose[OF g f] .
  1527 
  1528 ML {*
  1529 
  1530 structure Measurable =
  1531 struct
  1532 
  1533 datatype level = Concrete | Generic;
  1534 
  1535 structure Data = Generic_Data
  1536 (
  1537   type T = {
  1538     concrete_thms : thm Item_Net.T,
  1539     generic_thms : thm Item_Net.T,
  1540     dest_thms : thm Item_Net.T,
  1541     app_thms : thm Item_Net.T }
  1542   val empty = {
  1543     concrete_thms = Thm.full_rules,
  1544     generic_thms = Thm.full_rules,
  1545     dest_thms = Thm.full_rules,
  1546     app_thms = Thm.full_rules};
  1547   val extend = I;
  1548   fun merge (t1, t2) = {
  1549     concrete_thms = Item_Net.merge (#concrete_thms t1, #concrete_thms t2),
  1550     generic_thms = Item_Net.merge (#generic_thms t1, #generic_thms t2),
  1551     dest_thms = Item_Net.merge (#dest_thms t1, #dest_thms t2),
  1552     app_thms = Item_Net.merge (#app_thms t1, #app_thms t2) };
  1553 );
  1554 
  1555 val debug =
  1556   Attrib.setup_config_bool @{binding measurable_debug} (K false)
  1557 
  1558 val backtrack =
  1559   Attrib.setup_config_int @{binding measurable_backtrack} (K 20)
  1560 
  1561 val split =
  1562   Attrib.setup_config_bool @{binding measurable_split} (K true)
  1563 
  1564 fun TAKE n tac = Seq.take n o tac
  1565 
  1566 fun get lv =
  1567   rev o Item_Net.content o (case lv of Concrete => #concrete_thms | Generic => #generic_thms) o
  1568   Data.get o Context.Proof;
  1569 
  1570 fun get_all ctxt = get Concrete ctxt @ get Generic ctxt;
  1571 
  1572 fun map_data f1 f2 f3 f4
  1573   {generic_thms = t1,    concrete_thms = t2,    dest_thms = t3,    app_thms = t4} =
  1574   {generic_thms = f1 t1, concrete_thms = f2 t2, dest_thms = f3 t3, app_thms = f4 t4 }
  1575 
  1576 fun map_concrete_thms f = map_data f I I I
  1577 fun map_generic_thms f = map_data I f I I
  1578 fun map_dest_thms f = map_data I I f I
  1579 fun map_app_thms f = map_data I I I f
  1580 
  1581 fun update f lv = Data.map (case lv of Concrete => map_concrete_thms f | Generic => map_generic_thms f);
  1582 fun add thms' = update (fold Item_Net.update thms');
  1583 
  1584 val get_dest = Item_Net.content o #dest_thms o Data.get;
  1585 val add_dest = Data.map o map_dest_thms o Item_Net.update;
  1586 
  1587 val get_app = Item_Net.content o #app_thms o Data.get;
  1588 val add_app = Data.map o map_app_thms o Item_Net.update;
  1589 
  1590 fun is_too_generic thm =
  1591   let 
  1592     val concl = concl_of thm
  1593     val concl' = HOLogic.dest_Trueprop concl handle TERM _ => concl
  1594   in is_Var (head_of concl') end
  1595 
  1596 fun import_theorem ctxt thm = if is_too_generic thm then [] else
  1597   [thm] @ map_filter (try (fn th' => thm RS th')) (get_dest ctxt);
  1598 
  1599 fun add_thm (raw, lv) thm ctxt = add (if raw then [thm] else import_theorem ctxt thm) lv ctxt;
  1600 
  1601 fun debug_tac ctxt msg f = if Config.get ctxt debug then print_tac (msg ()) THEN f else f
  1602 
  1603 fun nth_hol_goal thm i =
  1604   HOLogic.dest_Trueprop (Logic.strip_imp_concl (strip_all_body (nth (prems_of thm) (i - 1))))
  1605 
  1606 fun dest_measurable_fun t =
  1607   (case t of
  1608     (Const (@{const_name "Set.member"}, _) $ f $ (Const (@{const_name "measurable"}, _) $ _ $ _)) => f
  1609   | _ => raise (TERM ("not a measurability predicate", [t])))
  1610 
  1611 fun is_cond_formula n thm = if length (prems_of thm) < n then false else
  1612   (case nth_hol_goal thm n of
  1613     (Const (@{const_name "Set.member"}, _) $ _ $ (Const (@{const_name "sets"}, _) $ _)) => false
  1614   | (Const (@{const_name "Set.member"}, _) $ _ $ (Const (@{const_name "measurable"}, _) $ _ $ _)) => false
  1615   | _ => true)
  1616   handle TERM _ => true;
  1617 
  1618 fun indep (Bound i) t b = i < b orelse t <= i
  1619   | indep (f $ t) top bot = indep f top bot andalso indep t top bot
  1620   | indep (Abs (_,_,t)) top bot = indep t (top + 1) (bot + 1)
  1621   | indep _ _ _ = true;
  1622 
  1623 fun cnt_prefixes ctxt (Abs (n, T, t)) = let
  1624       fun is_countable t = Type.of_sort (Proof_Context.tsig_of ctxt) (t, @{sort countable})
  1625       fun cnt_walk (Abs (ns, T, t)) Ts =
  1626           map (fn (t', t'') => (Abs (ns, T, t'), t'')) (cnt_walk t (T::Ts))
  1627         | cnt_walk (f $ g) Ts = let
  1628             val n = length Ts - 1
  1629           in
  1630             map (fn (f', t) => (f' $ g, t)) (cnt_walk f Ts) @
  1631             map (fn (g', t) => (f $ g', t)) (cnt_walk g Ts) @
  1632             (if is_countable (type_of1 (Ts, g)) andalso loose_bvar1 (g, n)
  1633                 andalso indep g n 0 andalso g <> Bound n
  1634               then [(f $ Bound (n + 1), incr_boundvars (~ n) g)]
  1635               else [])
  1636           end
  1637         | cnt_walk _ _ = []
  1638     in map (fn (t1, t2) => let
  1639         val T1 = type_of1 ([T], t2)
  1640         val T2 = type_of1 ([T], t)
  1641       in ([SOME (Abs (n, T1, Abs (n, T, t1))), NONE, NONE, SOME (Abs (n, T, t2))],
  1642         [SOME T1, SOME T, SOME T2])
  1643       end) (cnt_walk t [T])
  1644     end
  1645   | cnt_prefixes _ _ = []
  1646 
  1647 val split_countable_tac =
  1648   Subgoal.FOCUS (fn {context = ctxt, ...} => SUBGOAL (fn (t, i) =>
  1649     let
  1650       val f = dest_measurable_fun (HOLogic.dest_Trueprop t)
  1651       fun cert f = map (Option.map (f (Proof_Context.theory_of ctxt)))
  1652       fun inst t (ts, Ts) = Drule.instantiate' (cert ctyp_of Ts) (cert cterm_of ts) t
  1653       val cps = cnt_prefixes ctxt f |> map (inst @{thm measurable_compose_countable})
  1654     in if null cps then no_tac else debug_tac ctxt (K "split countable fun") (resolve_tac cps i) end
  1655     handle TERM _ => no_tac) 1)
  1656 
  1657 fun measurable_tac' ctxt ss facts = let
  1658 
  1659     val imported_thms =
  1660       (maps (import_theorem (Context.Proof ctxt) o Simplifier.norm_hhf) facts) @ get_all ctxt
  1661 
  1662     fun debug_facts msg () =
  1663       msg ^ " + " ^ Pretty.str_of (Pretty.list "[" "]"
  1664         (map (Syntax.pretty_term ctxt o prop_of) (maps (import_theorem (Context.Proof ctxt)) facts)));
  1665 
  1666     val splitter = if Config.get ctxt split then split_countable_tac ctxt else K no_tac
  1667 
  1668     val split_app_tac =
  1669       Subgoal.FOCUS (fn {context = ctxt, ...} => SUBGOAL (fn (t, i) =>
  1670         let
  1671           fun app_prefixes (Abs (n, T, (f $ g))) = let
  1672                 val ps = (if not (loose_bvar1 (g, 0)) then [(f, g)] else [])
  1673               in map (fn (f, c) => (Abs (n, T, f), c, T, type_of c, type_of1 ([T], f $ c))) ps end
  1674             | app_prefixes _ = []
  1675 
  1676           fun dest_app (Abs (_, T, t as ((f $ Bound 0) $ c))) = (f, c, T, type_of c, type_of1 ([T], t))
  1677             | dest_app t = raise (TERM ("not a measurability predicate of an application", [t]))
  1678           val thy = Proof_Context.theory_of ctxt
  1679           val tunify = Sign.typ_unify thy
  1680           val thms = map
  1681               (fn thm => (thm, dest_app (dest_measurable_fun (HOLogic.dest_Trueprop (concl_of thm)))))
  1682               (get_app (Context.Proof ctxt))
  1683           fun cert f = map (fn (t, t') => (f thy t, f thy t'))
  1684           fun inst (f, c, T, Tc, Tf) (thm, (thmf, thmc, thmT, thmTc, thmTf)) =
  1685             let
  1686               val inst =
  1687                 (Vartab.empty, ~1)
  1688                 |> tunify (T, thmT)
  1689                 |> tunify (Tf, thmTf)
  1690                 |> tunify (Tc, thmTc)
  1691                 |> Vartab.dest o fst
  1692               val subst = subst_TVars (map (apsnd snd) inst)
  1693             in
  1694               Thm.instantiate (cert ctyp_of (map (fn (n, (s, T)) => (TVar (n, s), T)) inst),
  1695                 cert cterm_of [(subst thmf, f), (subst thmc, c)]) thm
  1696             end
  1697           val cps = map_product inst (app_prefixes (dest_measurable_fun (HOLogic.dest_Trueprop t))) thms
  1698         in if null cps then no_tac
  1699             else debug_tac ctxt (K ("split app fun")) (resolve_tac cps i)
  1700               ORELSE debug_tac ctxt (fn () => "FAILED") no_tac end
  1701         handle TERM t => debug_tac ctxt (fn () => "TERM " ^ fst t ^ Pretty.str_of (Pretty.list "[" "]" (map (Syntax.pretty_term ctxt) (snd t)))) no_tac
  1702         handle Type.TUNIFY => debug_tac ctxt (fn () => "TUNIFY") no_tac) 1)
  1703 
  1704     val depth_measurable_tac = REPEAT
  1705       (COND (is_cond_formula 1)
  1706         (debug_tac ctxt (K "simp") (SOLVED' (asm_full_simp_tac ss) 1))
  1707         ((debug_tac ctxt (K "single") (resolve_tac imported_thms 1)) APPEND
  1708           (split_app_tac ctxt 1) APPEND
  1709           (splitter 1)))
  1710 
  1711   in debug_tac ctxt (debug_facts "start") depth_measurable_tac end;
  1712 
  1713 fun measurable_tac ctxt facts =
  1714   TAKE (Config.get ctxt backtrack) (measurable_tac' ctxt (simpset_of ctxt) facts);
  1715 
  1716 val attr_add = Thm.declaration_attribute o add_thm;
  1717 
  1718 val attr : attribute context_parser =
  1719   Scan.lift (Scan.optional (Args.parens (Scan.optional (Args.$$$ "raw" >> K true) false --
  1720      Scan.optional (Args.$$$ "generic" >> K Generic) Concrete)) (false, Concrete) >> attr_add);
  1721 
  1722 val dest_attr : attribute context_parser =
  1723   Scan.lift (Scan.succeed (Thm.declaration_attribute add_dest));
  1724 
  1725 val app_attr : attribute context_parser =
  1726   Scan.lift (Scan.succeed (Thm.declaration_attribute add_app));
  1727 
  1728 val method : (Proof.context -> Method.method) context_parser =
  1729   Scan.lift (Scan.succeed (fn ctxt => METHOD (fn facts => measurable_tac ctxt facts)));
  1730 
  1731 fun simproc ss redex = let
  1732     val ctxt = Simplifier.the_context ss;
  1733     val t = HOLogic.mk_Trueprop (term_of redex);
  1734     fun tac {context = ctxt, ...} =
  1735       SOLVE (measurable_tac' ctxt ss (Simplifier.prems_of ss));
  1736   in try (fn () => Goal.prove ctxt [] [] t tac RS @{thm Eq_TrueI}) () end;
  1737 
  1738 end
  1739 
  1740 *}
  1741 
  1742 attribute_setup measurable = {* Measurable.attr *} "declaration of measurability theorems"
  1743 attribute_setup measurable_dest = {* Measurable.dest_attr *} "add dest rule for measurability prover"
  1744 attribute_setup measurable_app = {* Measurable.app_attr *} "add application rule for measurability prover"
  1745 method_setup measurable = {* Measurable.method *} "measurability prover"
  1746 simproc_setup measurable ("A \<in> sets M" | "f \<in> measurable M N") = {* K Measurable.simproc *}
  1747 
  1748 declare
  1749   measurable_compose_rev[measurable_dest]
  1750   pred_sets1[measurable_dest]
  1751   pred_sets2[measurable_dest]
  1752   sets.sets_into_space[measurable_dest]
  1753 
  1754 declare
  1755   sets.top[measurable]
  1756   sets.empty_sets[measurable (raw)]
  1757   sets.Un[measurable (raw)]
  1758   sets.Diff[measurable (raw)]
  1759 
  1760 declare
  1761   measurable_count_space[measurable (raw)]
  1762   measurable_ident[measurable (raw)]
  1763   measurable_ident_sets[measurable (raw)]
  1764   measurable_const[measurable (raw)]
  1765   measurable_If[measurable (raw)]
  1766   measurable_comp[measurable (raw)]
  1767   measurable_sets[measurable (raw)]
  1768 
  1769 lemma predE[measurable (raw)]: 
  1770   "pred M P \<Longrightarrow> {x\<in>space M. P x} \<in> sets M"
  1771   unfolding pred_def .
  1772 
  1773 lemma pred_intros_imp'[measurable (raw)]:
  1774   "(K \<Longrightarrow> pred M (\<lambda>x. P x)) \<Longrightarrow> pred M (\<lambda>x. K \<longrightarrow> P x)"
  1775   by (cases K) auto
  1776 
  1777 lemma pred_intros_conj1'[measurable (raw)]:
  1778   "(K \<Longrightarrow> pred M (\<lambda>x. P x)) \<Longrightarrow> pred M (\<lambda>x. K \<and> P x)"
  1779   by (cases K) auto
  1780 
  1781 lemma pred_intros_conj2'[measurable (raw)]:
  1782   "(K \<Longrightarrow> pred M (\<lambda>x. P x)) \<Longrightarrow> pred M (\<lambda>x. P x \<and> K)"
  1783   by (cases K) auto
  1784 
  1785 lemma pred_intros_disj1'[measurable (raw)]:
  1786   "(\<not> K \<Longrightarrow> pred M (\<lambda>x. P x)) \<Longrightarrow> pred M (\<lambda>x. K \<or> P x)"
  1787   by (cases K) auto
  1788 
  1789 lemma pred_intros_disj2'[measurable (raw)]:
  1790   "(\<not> K \<Longrightarrow> pred M (\<lambda>x. P x)) \<Longrightarrow> pred M (\<lambda>x. P x \<or> K)"
  1791   by (cases K) auto
  1792 
  1793 lemma pred_intros_logic[measurable (raw)]:
  1794   "pred M (\<lambda>x. x \<in> space M)"
  1795   "pred M (\<lambda>x. P x) \<Longrightarrow> pred M (\<lambda>x. \<not> P x)"
  1796   "pred M (\<lambda>x. Q x) \<Longrightarrow> pred M (\<lambda>x. P x) \<Longrightarrow> pred M (\<lambda>x. Q x \<and> P x)"
  1797   "pred M (\<lambda>x. Q x) \<Longrightarrow> pred M (\<lambda>x. P x) \<Longrightarrow> pred M (\<lambda>x. Q x \<longrightarrow> P x)"
  1798   "pred M (\<lambda>x. Q x) \<Longrightarrow> pred M (\<lambda>x. P x) \<Longrightarrow> pred M (\<lambda>x. Q x \<or> P x)"
  1799   "pred M (\<lambda>x. Q x) \<Longrightarrow> pred M (\<lambda>x. P x) \<Longrightarrow> pred M (\<lambda>x. Q x = P x)"
  1800   "pred M (\<lambda>x. f x \<in> UNIV)"
  1801   "pred M (\<lambda>x. f x \<in> {})"
  1802   "pred M (\<lambda>x. P' (f x) x) \<Longrightarrow> pred M (\<lambda>x. f x \<in> {y. P' y x})"
  1803   "pred M (\<lambda>x. f x \<in> (B x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> - (B x))"
  1804   "pred M (\<lambda>x. f x \<in> (A x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (B x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (A x) - (B x))"
  1805   "pred M (\<lambda>x. f x \<in> (A x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (B x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (A x) \<inter> (B x))"
  1806   "pred M (\<lambda>x. f x \<in> (A x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (B x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (A x) \<union> (B x))"
  1807   "pred M (\<lambda>x. g x (f x) \<in> (X x)) \<Longrightarrow> pred M (\<lambda>x. f x \<in> (g x) -` (X x))"
  1808   by (auto simp: iff_conv_conj_imp pred_def)
  1809 
  1810 lemma pred_intros_countable[measurable (raw)]:
  1811   fixes P :: "'a \<Rightarrow> 'i :: countable \<Rightarrow> bool"
  1812   shows 
  1813     "(\<And>i. pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<forall>i. P x i)"
  1814     "(\<And>i. pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<exists>i. P x i)"
  1815   by (auto intro!: sets.sets_Collect_countable_All sets.sets_Collect_countable_Ex simp: pred_def)
  1816 
  1817 lemma pred_intros_countable_bounded[measurable (raw)]:
  1818   fixes X :: "'i :: countable set"
  1819   shows 
  1820     "(\<And>i. i \<in> X \<Longrightarrow> pred M (\<lambda>x. x \<in> N x i)) \<Longrightarrow> pred M (\<lambda>x. x \<in> (\<Inter>i\<in>X. N x i))"
  1821     "(\<And>i. i \<in> X \<Longrightarrow> pred M (\<lambda>x. x \<in> N x i)) \<Longrightarrow> pred M (\<lambda>x. x \<in> (\<Union>i\<in>X. N x i))"
  1822     "(\<And>i. i \<in> X \<Longrightarrow> pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<forall>i\<in>X. P x i)"
  1823     "(\<And>i. i \<in> X \<Longrightarrow> pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<exists>i\<in>X. P x i)"
  1824   by (auto simp: Bex_def Ball_def)
  1825 
  1826 lemma pred_intros_finite[measurable (raw)]:
  1827   "finite I \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> pred M (\<lambda>x. x \<in> N x i)) \<Longrightarrow> pred M (\<lambda>x. x \<in> (\<Inter>i\<in>I. N x i))"
  1828   "finite I \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> pred M (\<lambda>x. x \<in> N x i)) \<Longrightarrow> pred M (\<lambda>x. x \<in> (\<Union>i\<in>I. N x i))"
  1829   "finite I \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<forall>i\<in>I. P x i)"
  1830   "finite I \<Longrightarrow> (\<And>i. i \<in> I \<Longrightarrow> pred M (\<lambda>x. P x i)) \<Longrightarrow> pred M (\<lambda>x. \<exists>i\<in>I. P x i)"
  1831   by (auto intro!: sets.sets_Collect_finite_Ex sets.sets_Collect_finite_All simp: iff_conv_conj_imp pred_def)
  1832 
  1833 lemma countable_Un_Int[measurable (raw)]:
  1834   "(\<And>i :: 'i :: countable. i \<in> I \<Longrightarrow> N i \<in> sets M) \<Longrightarrow> (\<Union>i\<in>I. N i) \<in> sets M"
  1835   "I \<noteq> {} \<Longrightarrow> (\<And>i :: 'i :: countable. i \<in> I \<Longrightarrow> N i \<in> sets M) \<Longrightarrow> (\<Inter>i\<in>I. N i) \<in> sets M"
  1836   by auto
  1837 
  1838 declare
  1839   finite_UN[measurable (raw)]
  1840   finite_INT[measurable (raw)]
  1841 
  1842 lemma sets_Int_pred[measurable (raw)]:
  1843   assumes space: "A \<inter> B \<subseteq> space M" and [measurable]: "pred M (\<lambda>x. x \<in> A)" "pred M (\<lambda>x. x \<in> B)"
  1844   shows "A \<inter> B \<in> sets M"
  1845 proof -
  1846   have "{x\<in>space M. x \<in> A \<inter> B} \<in> sets M" by auto
  1847   also have "{x\<in>space M. x \<in> A \<inter> B} = A \<inter> B"
  1848     using space by auto
  1849   finally show ?thesis .
  1850 qed
  1851 
  1852 lemma [measurable (raw generic)]:
  1853   assumes f: "f \<in> measurable M N" and c: "c \<in> space N \<Longrightarrow> {c} \<in> sets N"
  1854   shows pred_eq_const1: "pred M (\<lambda>x. f x = c)"
  1855     and pred_eq_const2: "pred M (\<lambda>x. c = f x)"
  1856 proof -
  1857   show "pred M (\<lambda>x. f x = c)"
  1858   proof cases
  1859     assume "c \<in> space N"
  1860     with measurable_sets[OF f c] show ?thesis
  1861       by (auto simp: Int_def conj_commute pred_def)
  1862   next
  1863     assume "c \<notin> space N"
  1864     with f[THEN measurable_space] have "{x \<in> space M. f x = c} = {}" by auto
  1865     then show ?thesis by (auto simp: pred_def cong: conj_cong)
  1866   qed
  1867   then show "pred M (\<lambda>x. c = f x)"
  1868     by (simp add: eq_commute)
  1869 qed
  1870 
  1871 lemma pred_le_const[measurable (raw generic)]:
  1872   assumes f: "f \<in> measurable M N" and c: "{.. c} \<in> sets N" shows "pred M (\<lambda>x. f x \<le> c)"
  1873   using measurable_sets[OF f c]
  1874   by (auto simp: Int_def conj_commute eq_commute pred_def)
  1875 
  1876 lemma pred_const_le[measurable (raw generic)]:
  1877   assumes f: "f \<in> measurable M N" and c: "{c ..} \<in> sets N" shows "pred M (\<lambda>x. c \<le> f x)"
  1878   using measurable_sets[OF f c]
  1879   by (auto simp: Int_def conj_commute eq_commute pred_def)
  1880 
  1881 lemma pred_less_const[measurable (raw generic)]:
  1882   assumes f: "f \<in> measurable M N" and c: "{..< c} \<in> sets N" shows "pred M (\<lambda>x. f x < c)"
  1883   using measurable_sets[OF f c]
  1884   by (auto simp: Int_def conj_commute eq_commute pred_def)
  1885 
  1886 lemma pred_const_less[measurable (raw generic)]:
  1887   assumes f: "f \<in> measurable M N" and c: "{c <..} \<in> sets N" shows "pred M (\<lambda>x. c < f x)"
  1888   using measurable_sets[OF f c]
  1889   by (auto simp: Int_def conj_commute eq_commute pred_def)
  1890 
  1891 declare
  1892   sets.Int[measurable (raw)]
  1893 
  1894 lemma pred_in_If[measurable (raw)]:
  1895   "(P \<Longrightarrow> pred M (\<lambda>x. x \<in> A x)) \<Longrightarrow> (\<not> P \<Longrightarrow> pred M (\<lambda>x. x \<in> B x)) \<Longrightarrow>
  1896     pred M (\<lambda>x. x \<in> (if P then A x else B x))"
  1897   by auto
  1898 
  1899 lemma sets_range[measurable_dest]:
  1900   "A ` I \<subseteq> sets M \<Longrightarrow> i \<in> I \<Longrightarrow> A i \<in> sets M"
  1901   by auto
  1902 
  1903 lemma pred_sets_range[measurable_dest]:
  1904   "A ` I \<subseteq> sets N \<Longrightarrow> i \<in> I \<Longrightarrow> f \<in> measurable M N \<Longrightarrow> pred M (\<lambda>x. f x \<in> A i)"
  1905   using pred_sets2[OF sets_range] by auto
  1906 
  1907 lemma sets_All[measurable_dest]:
  1908   "\<forall>i. A i \<in> sets (M i) \<Longrightarrow> A i \<in> sets (M i)"
  1909   by auto
  1910 
  1911 lemma pred_sets_All[measurable_dest]:
  1912   "\<forall>i. A i \<in> sets (N i) \<Longrightarrow> f \<in> measurable M (N i) \<Longrightarrow> pred M (\<lambda>x. f x \<in> A i)"
  1913   using pred_sets2[OF sets_All, of A N f] by auto
  1914 
  1915 lemma sets_Ball[measurable_dest]:
  1916   "\<forall>i\<in>I. A i \<in> sets (M i) \<Longrightarrow> i\<in>I \<Longrightarrow> A i \<in> sets (M i)"
  1917   by auto
  1918 
  1919 lemma pred_sets_Ball[measurable_dest]:
  1920   "\<forall>i\<in>I. A i \<in> sets (N i) \<Longrightarrow> i\<in>I \<Longrightarrow> f \<in> measurable M (N i) \<Longrightarrow> pred M (\<lambda>x. f x \<in> A i)"
  1921   using pred_sets2[OF sets_Ball, of _ _ _ f] by auto
  1922 
  1923 lemma measurable_finite[measurable (raw)]:
  1924   fixes S :: "'a \<Rightarrow> nat set"
  1925   assumes [measurable]: "\<And>i. {x\<in>space M. i \<in> S x} \<in> sets M"
  1926   shows "pred M (\<lambda>x. finite (S x))"
  1927   unfolding finite_nat_set_iff_bounded by (simp add: Ball_def)
  1928 
  1929 lemma measurable_Least[measurable]:
  1930   assumes [measurable]: "(\<And>i::nat. (\<lambda>x. P i x) \<in> measurable M (count_space UNIV))"q
  1931   shows "(\<lambda>x. LEAST i. P i x) \<in> measurable M (count_space UNIV)"
  1932   unfolding measurable_def by (safe intro!: sets_Least) simp_all
  1933 
  1934 lemma measurable_count_space_insert[measurable (raw)]:
  1935   "s \<in> S \<Longrightarrow> A \<in> sets (count_space S) \<Longrightarrow> insert s A \<in> sets (count_space S)"
  1936   by simp
  1937 
  1938 hide_const (open) pred
  1939 
  1940 subsection {* Extend measure *}
  1941 
  1942 definition "extend_measure \<Omega> I G \<mu> =
  1943   (if (\<exists>\<mu>'. (\<forall>i\<in>I. \<mu>' (G i) = \<mu> i) \<and> measure_space \<Omega> (sigma_sets \<Omega> (G`I)) \<mu>') \<and> \<not> (\<forall>i\<in>I. \<mu> i = 0)
  1944       then measure_of \<Omega> (G`I) (SOME \<mu>'. (\<forall>i\<in>I. \<mu>' (G i) = \<mu> i) \<and> measure_space \<Omega> (sigma_sets \<Omega> (G`I)) \<mu>')
  1945       else measure_of \<Omega> (G`I) (\<lambda>_. 0))"
  1946 
  1947 lemma space_extend_measure: "G ` I \<subseteq> Pow \<Omega> \<Longrightarrow> space (extend_measure \<Omega> I G \<mu>) = \<Omega>"
  1948   unfolding extend_measure_def by simp
  1949 
  1950 lemma sets_extend_measure: "G ` I \<subseteq> Pow \<Omega> \<Longrightarrow> sets (extend_measure \<Omega> I G \<mu>) = sigma_sets \<Omega> (G`I)"
  1951   unfolding extend_measure_def by simp
  1952 
  1953 lemma emeasure_extend_measure:
  1954   assumes M: "M = extend_measure \<Omega> I G \<mu>"
  1955     and eq: "\<And>i. i \<in> I \<Longrightarrow> \<mu>' (G i) = \<mu> i"
  1956     and ms: "G ` I \<subseteq> Pow \<Omega>" "positive (sets M) \<mu>'" "countably_additive (sets M) \<mu>'"
  1957     and "i \<in> I"
  1958   shows "emeasure M (G i) = \<mu> i"
  1959 proof cases
  1960   assume *: "(\<forall>i\<in>I. \<mu> i = 0)"
  1961   with M have M_eq: "M = measure_of \<Omega> (G`I) (\<lambda>_. 0)"
  1962    by (simp add: extend_measure_def)
  1963   from measure_space_0[OF ms(1)] ms `i\<in>I`
  1964   have "emeasure M (G i) = 0"
  1965     by (intro emeasure_measure_of[OF M_eq]) (auto simp add: M measure_space_def sets_extend_measure)
  1966   with `i\<in>I` * show ?thesis
  1967     by simp
  1968 next
  1969   def P \<equiv> "\<lambda>\<mu>'. (\<forall>i\<in>I. \<mu>' (G i) = \<mu> i) \<and> measure_space \<Omega> (sigma_sets \<Omega> (G`I)) \<mu>'"
  1970   assume "\<not> (\<forall>i\<in>I. \<mu> i = 0)"
  1971   moreover
  1972   have "measure_space (space M) (sets M) \<mu>'"
  1973     using ms unfolding measure_space_def by auto default
  1974   with ms eq have "\<exists>\<mu>'. P \<mu>'"
  1975     unfolding P_def
  1976     by (intro exI[of _ \<mu>']) (auto simp add: M space_extend_measure sets_extend_measure)
  1977   ultimately have M_eq: "M = measure_of \<Omega> (G`I) (Eps P)"
  1978     by (simp add: M extend_measure_def P_def[symmetric])
  1979 
  1980   from `\<exists>\<mu>'. P \<mu>'` have P: "P (Eps P)" by (rule someI_ex)
  1981   show "emeasure M (G i) = \<mu> i"
  1982   proof (subst emeasure_measure_of[OF M_eq])
  1983     have sets_M: "sets M = sigma_sets \<Omega> (G`I)"
  1984       using M_eq ms by (auto simp: sets_extend_measure)
  1985     then show "G i \<in> sets M" using `i \<in> I` by auto
  1986     show "positive (sets M) (Eps P)" "countably_additive (sets M) (Eps P)" "Eps P (G i) = \<mu> i"
  1987       using P `i\<in>I` by (auto simp add: sets_M measure_space_def P_def)
  1988   qed fact
  1989 qed
  1990 
  1991 lemma emeasure_extend_measure_Pair:
  1992   assumes M: "M = extend_measure \<Omega> {(i, j). I i j} (\<lambda>(i, j). G i j) (\<lambda>(i, j). \<mu> i j)"
  1993     and eq: "\<And>i j. I i j \<Longrightarrow> \<mu>' (G i j) = \<mu> i j"
  1994     and ms: "\<And>i j. I i j \<Longrightarrow> G i j \<in> Pow \<Omega>" "positive (sets M) \<mu>'" "countably_additive (sets M) \<mu>'"
  1995     and "I i j"
  1996   shows "emeasure M (G i j) = \<mu> i j"
  1997   using emeasure_extend_measure[OF M _ _ ms(2,3), of "(i,j)"] eq ms(1) `I i j`
  1998   by (auto simp: subset_eq)
  1999 
  2000 subsection {* Sigma algebra generated by function preimages *}
  2001 
  2002 definition
  2003   "vimage_algebra M S f = sigma S ((\<lambda>A. f -` A \<inter> S) ` sets M)"
  2004 
  2005 lemma sigma_algebra_preimages:
  2006   fixes f :: "'x \<Rightarrow> 'a"
  2007   assumes "f \<in> S \<rightarrow> space M"
  2008   shows "sigma_algebra S ((\<lambda>A. f -` A \<inter> S) ` sets M)"
  2009     (is "sigma_algebra _ (?F ` sets M)")
  2010 proof (simp add: sigma_algebra_iff2, safe)
  2011   show "{} \<in> ?F ` sets M" by blast
  2012 next
  2013   fix A assume "A \<in> sets M"
  2014   moreover have "S - ?F A = ?F (space M - A)"
  2015     using assms by auto
  2016   ultimately show "S - ?F A \<in> ?F ` sets M"
  2017     by blast
  2018 next
  2019   fix A :: "nat \<Rightarrow> 'x set" assume *: "range A \<subseteq> ?F ` M"
  2020   have "\<forall>i. \<exists>b. b \<in> M \<and> A i = ?F b"
  2021   proof safe
  2022     fix i
  2023     have "A i \<in> ?F ` M" using * by auto
  2024     then show "\<exists>b. b \<in> M \<and> A i = ?F b" by auto
  2025   qed
  2026   from choice[OF this] obtain b where b: "range b \<subseteq> M" "\<And>i. A i = ?F (b i)"
  2027     by auto
  2028   then have "(\<Union>i. A i) = ?F (\<Union>i. b i)" by auto
  2029   then show "(\<Union>i. A i) \<in> ?F ` M" using b(1) by blast
  2030 qed
  2031 
  2032 lemma sets_vimage_algebra[simp]:
  2033   "f \<in> S \<rightarrow> space M \<Longrightarrow> sets (vimage_algebra M S f) = (\<lambda>A. f -` A \<inter> S) ` sets M"
  2034   using sigma_algebra.sets_measure_of_eq[OF sigma_algebra_preimages, of f S M]
  2035   by (simp add: vimage_algebra_def)
  2036 
  2037 lemma space_vimage_algebra[simp]:
  2038   "f \<in> S \<rightarrow> space M \<Longrightarrow> space (vimage_algebra M S f) = S"
  2039   using sigma_algebra.space_measure_of_eq[OF sigma_algebra_preimages, of f S M]
  2040   by (simp add: vimage_algebra_def)
  2041 
  2042 lemma in_vimage_algebra[simp]:
  2043   "f \<in> S \<rightarrow> space M \<Longrightarrow> A \<in> sets (vimage_algebra M S f) \<longleftrightarrow> (\<exists>B\<in>sets M. A = f -` B \<inter> S)"
  2044   by (simp add: image_iff)
  2045 
  2046 lemma measurable_vimage_algebra:
  2047   fixes S :: "'c set" assumes "f \<in> S \<rightarrow> space M"
  2048   shows "f \<in> measurable (vimage_algebra M S f) M"
  2049   unfolding measurable_def using assms by force
  2050 
  2051 lemma measurable_vimage:
  2052   fixes g :: "'a \<Rightarrow> 'c" and f :: "'d \<Rightarrow> 'a"
  2053   assumes "g \<in> measurable M M2" "f \<in> S \<rightarrow> space M"
  2054   shows "(\<lambda>x. g (f x)) \<in> measurable (vimage_algebra M S f) M2"
  2055 proof -
  2056   note measurable_vimage_algebra[OF assms(2)]
  2057   from measurable_comp[OF this assms(1)]
  2058   show ?thesis by (simp add: comp_def)
  2059 qed
  2060 
  2061 lemma sigma_sets_vimage:
  2062   assumes "f \<in> S' \<rightarrow> S" and "A \<subseteq> Pow S"
  2063   shows "sigma_sets S' ((\<lambda>X. f -` X \<inter> S') ` A) = (\<lambda>X. f -` X \<inter> S') ` sigma_sets S A"
  2064 proof (intro set_eqI iffI)
  2065   let ?F = "\<lambda>X. f -` X \<inter> S'"
  2066   fix X assume "X \<in> sigma_sets S' (?F ` A)"
  2067   then show "X \<in> ?F ` sigma_sets S A"
  2068   proof induct
  2069     case (Basic X) then obtain X' where "X = ?F X'" "X' \<in> A"
  2070       by auto
  2071     then show ?case by auto
  2072   next
  2073     case Empty then show ?case
  2074       by (auto intro!: image_eqI[of _ _ "{}"] sigma_sets.Empty)
  2075   next
  2076     case (Compl X) then obtain X' where X: "X = ?F X'" and "X' \<in> sigma_sets S A"
  2077       by auto
  2078     then have "S - X' \<in> sigma_sets S A"
  2079       by (auto intro!: sigma_sets.Compl)
  2080     then show ?case
  2081       using X assms by (auto intro!: image_eqI[where x="S - X'"])
  2082   next
  2083     case (Union F)
  2084     then have "\<forall>i. \<exists>F'.  F' \<in> sigma_sets S A \<and> F i = f -` F' \<inter> S'"
  2085       by (auto simp: image_iff Bex_def)
  2086     from choice[OF this] obtain F' where
  2087       "\<And>i. F' i \<in> sigma_sets S A" and "\<And>i. F i = f -` F' i \<inter> S'"
  2088       by auto
  2089     then show ?case
  2090       by (auto intro!: sigma_sets.Union image_eqI[where x="\<Union>i. F' i"])
  2091   qed
  2092 next
  2093   let ?F = "\<lambda>X. f -` X \<inter> S'"
  2094   fix X assume "X \<in> ?F ` sigma_sets S A"
  2095   then obtain X' where "X' \<in> sigma_sets S A" "X = ?F X'" by auto
  2096   then show "X \<in> sigma_sets S' (?F ` A)"
  2097   proof (induct arbitrary: X)
  2098     case Empty then show ?case by (auto intro: sigma_sets.Empty)
  2099   next
  2100     case (Compl X')
  2101     have "S' - (S' - X) \<in> sigma_sets S' (?F ` A)"
  2102       apply (rule sigma_sets.Compl)
  2103       using assms by (auto intro!: Compl.hyps simp: Compl.prems)
  2104     also have "S' - (S' - X) = X"
  2105       using assms Compl by auto
  2106     finally show ?case .
  2107   next
  2108     case (Union F)
  2109     have "(\<Union>i. f -` F i \<inter> S') \<in> sigma_sets S' (?F ` A)"
  2110       by (intro sigma_sets.Union Union.hyps) simp
  2111     also have "(\<Union>i. f -` F i \<inter> S') = X"
  2112       using assms Union by auto
  2113     finally show ?case .
  2114   qed auto
  2115 qed
  2116 
  2117 subsection {* A Two-Element Series *}
  2118 
  2119 definition binaryset :: "'a set \<Rightarrow> 'a set \<Rightarrow> nat \<Rightarrow> 'a set "
  2120   where "binaryset A B = (\<lambda>x. {})(0 := A, Suc 0 := B)"
  2121 
  2122 lemma range_binaryset_eq: "range(binaryset A B) = {A,B,{}}"
  2123   apply (simp add: binaryset_def)
  2124   apply (rule set_eqI)
  2125   apply (auto simp add: image_iff)
  2126   done
  2127 
  2128 lemma UN_binaryset_eq: "(\<Union>i. binaryset A B i) = A \<union> B"
  2129   by (simp add: SUP_def range_binaryset_eq)
  2130 
  2131 section {* Closed CDI *}
  2132 
  2133 definition closed_cdi where
  2134   "closed_cdi \<Omega> M \<longleftrightarrow>
  2135    M \<subseteq> Pow \<Omega> &
  2136    (\<forall>s \<in> M. \<Omega> - s \<in> M) &
  2137    (\<forall>A. (range A \<subseteq> M) & (A 0 = {}) & (\<forall>n. A n \<subseteq> A (Suc n)) \<longrightarrow>
  2138         (\<Union>i. A i) \<in> M) &
  2139    (\<forall>A. (range A \<subseteq> M) & disjoint_family A \<longrightarrow> (\<Union>i::nat. A i) \<in> M)"
  2140 
  2141 inductive_set
  2142   smallest_ccdi_sets :: "'a set \<Rightarrow> 'a set set \<Rightarrow> 'a set set"
  2143   for \<Omega> M
  2144   where
  2145     Basic [intro]:
  2146       "a \<in> M \<Longrightarrow> a \<in> smallest_ccdi_sets \<Omega> M"
  2147   | Compl [intro]:
  2148       "a \<in> smallest_ccdi_sets \<Omega> M \<Longrightarrow> \<Omega> - a \<in> smallest_ccdi_sets \<Omega> M"
  2149   | Inc:
  2150       "range A \<in> Pow(smallest_ccdi_sets \<Omega> M) \<Longrightarrow> A 0 = {} \<Longrightarrow> (\<And>n. A n \<subseteq> A (Suc n))
  2151        \<Longrightarrow> (\<Union>i. A i) \<in> smallest_ccdi_sets \<Omega> M"
  2152   | Disj:
  2153       "range A \<in> Pow(smallest_ccdi_sets \<Omega> M) \<Longrightarrow> disjoint_family A
  2154        \<Longrightarrow> (\<Union>i::nat. A i) \<in> smallest_ccdi_sets \<Omega> M"
  2155 
  2156 lemma (in subset_class) smallest_closed_cdi1: "M \<subseteq> smallest_ccdi_sets \<Omega> M"
  2157   by auto
  2158 
  2159 lemma (in subset_class) smallest_ccdi_sets: "smallest_ccdi_sets \<Omega> M \<subseteq> Pow \<Omega>"
  2160   apply (rule subsetI)
  2161   apply (erule smallest_ccdi_sets.induct)
  2162   apply (auto intro: range_subsetD dest: sets_into_space)
  2163   done
  2164 
  2165 lemma (in subset_class) smallest_closed_cdi2: "closed_cdi \<Omega> (smallest_ccdi_sets \<Omega> M)"
  2166   apply (auto simp add: closed_cdi_def smallest_ccdi_sets)
  2167   apply (blast intro: smallest_ccdi_sets.Inc smallest_ccdi_sets.Disj) +
  2168   done
  2169 
  2170 lemma closed_cdi_subset: "closed_cdi \<Omega> M \<Longrightarrow> M \<subseteq> Pow \<Omega>"
  2171   by (simp add: closed_cdi_def)
  2172 
  2173 lemma closed_cdi_Compl: "closed_cdi \<Omega> M \<Longrightarrow> s \<in> M \<Longrightarrow> \<Omega> - s \<in> M"
  2174   by (simp add: closed_cdi_def)
  2175 
  2176 lemma closed_cdi_Inc:
  2177   "closed_cdi \<Omega> M \<Longrightarrow> range A \<subseteq> M \<Longrightarrow> A 0 = {} \<Longrightarrow> (!!n. A n \<subseteq> A (Suc n)) \<Longrightarrow> (\<Union>i. A i) \<in> M"
  2178   by (simp add: closed_cdi_def)
  2179 
  2180 lemma closed_cdi_Disj:
  2181   "closed_cdi \<Omega> M \<Longrightarrow> range A \<subseteq> M \<Longrightarrow> disjoint_family A \<Longrightarrow> (\<Union>i::nat. A i) \<in> M"
  2182   by (simp add: closed_cdi_def)
  2183 
  2184 lemma closed_cdi_Un:
  2185   assumes cdi: "closed_cdi \<Omega> M" and empty: "{} \<in> M"
  2186       and A: "A \<in> M" and B: "B \<in> M"
  2187       and disj: "A \<inter> B = {}"
  2188     shows "A \<union> B \<in> M"
  2189 proof -
  2190   have ra: "range (binaryset A B) \<subseteq> M"
  2191    by (simp add: range_binaryset_eq empty A B)
  2192  have di:  "disjoint_family (binaryset A B)" using disj
  2193    by (simp add: disjoint_family_on_def binaryset_def Int_commute)
  2194  from closed_cdi_Disj [OF cdi ra di]
  2195  show ?thesis
  2196    by (simp add: UN_binaryset_eq)
  2197 qed
  2198 
  2199 lemma (in algebra) smallest_ccdi_sets_Un:
  2200   assumes A: "A \<in> smallest_ccdi_sets \<Omega> M" and B: "B \<in> smallest_ccdi_sets \<Omega> M"
  2201       and disj: "A \<inter> B = {}"
  2202     shows "A \<union> B \<in> smallest_ccdi_sets \<Omega> M"
  2203 proof -
  2204   have ra: "range (binaryset A B) \<in> Pow (smallest_ccdi_sets \<Omega> M)"
  2205     by (simp add: range_binaryset_eq  A B smallest_ccdi_sets.Basic)
  2206   have di:  "disjoint_family (binaryset A B)" using disj
  2207     by (simp add: disjoint_family_on_def binaryset_def Int_commute)
  2208   from Disj [OF ra di]
  2209   show ?thesis
  2210     by (simp add: UN_binaryset_eq)
  2211 qed
  2212 
  2213 lemma (in algebra) smallest_ccdi_sets_Int1:
  2214   assumes a: "a \<in> M"
  2215   shows "b \<in> smallest_ccdi_sets \<Omega> M \<Longrightarrow> a \<inter> b \<in> smallest_ccdi_sets \<Omega> M"
  2216 proof (induct rule: smallest_ccdi_sets.induct)
  2217   case (Basic x)
  2218   thus ?case
  2219     by (metis a Int smallest_ccdi_sets.Basic)
  2220 next
  2221   case (Compl x)
  2222   have "a \<inter> (\<Omega> - x) = \<Omega> - ((\<Omega> - a) \<union> (a \<inter> x))"
  2223     by blast
  2224   also have "... \<in> smallest_ccdi_sets \<Omega> M"
  2225     by (metis smallest_ccdi_sets.Compl a Compl(2) Diff_Int2 Diff_Int_distrib2
  2226            Diff_disjoint Int_Diff Int_empty_right smallest_ccdi_sets_Un
  2227            smallest_ccdi_sets.Basic smallest_ccdi_sets.Compl)
  2228   finally show ?case .
  2229 next
  2230   case (Inc A)
  2231   have 1: "(\<Union>i. (\<lambda>i. a \<inter> A i) i) = a \<inter> (\<Union>i. A i)"
  2232     by blast
  2233   have "range (\<lambda>i. a \<inter> A i) \<in> Pow(smallest_ccdi_sets \<Omega> M)" using Inc
  2234     by blast
  2235   moreover have "(\<lambda>i. a \<inter> A i) 0 = {}"
  2236     by (simp add: Inc)
  2237   moreover have "!!n. (\<lambda>i. a \<inter> A i) n \<subseteq> (\<lambda>i. a \<inter> A i) (Suc n)" using Inc
  2238     by blast
  2239   ultimately have 2: "(\<Union>i. (\<lambda>i. a \<inter> A i) i) \<in> smallest_ccdi_sets \<Omega> M"
  2240     by (rule smallest_ccdi_sets.Inc)
  2241   show ?case
  2242     by (metis 1 2)
  2243 next
  2244   case (Disj A)
  2245   have 1: "(\<Union>i. (\<lambda>i. a \<inter> A i) i) = a \<inter> (\<Union>i. A i)"
  2246     by blast
  2247   have "range (\<lambda>i. a \<inter> A i) \<in> Pow(smallest_ccdi_sets \<Omega> M)" using Disj
  2248     by blast
  2249   moreover have "disjoint_family (\<lambda>i. a \<inter> A i)" using Disj
  2250     by (auto simp add: disjoint_family_on_def)
  2251   ultimately have 2: "(\<Union>i. (\<lambda>i. a \<inter> A i) i) \<in> smallest_ccdi_sets \<Omega> M"
  2252     by (rule smallest_ccdi_sets.Disj)
  2253   show ?case
  2254     by (metis 1 2)
  2255 qed
  2256 
  2257 
  2258 lemma (in algebra) smallest_ccdi_sets_Int:
  2259   assumes b: "b \<in> smallest_ccdi_sets \<Omega> M"
  2260   shows "a \<in> smallest_ccdi_sets \<Omega> M \<Longrightarrow> a \<inter> b \<in> smallest_ccdi_sets \<Omega> M"
  2261 proof (induct rule: smallest_ccdi_sets.induct)
  2262   case (Basic x)
  2263   thus ?case
  2264     by (metis b smallest_ccdi_sets_Int1)
  2265 next
  2266   case (Compl x)
  2267   have "(\<Omega> - x) \<inter> b = \<Omega> - (x \<inter> b \<union> (\<Omega> - b))"
  2268     by blast
  2269   also have "... \<in> smallest_ccdi_sets \<Omega> M"
  2270     by (metis Compl(2) Diff_disjoint Int_Diff Int_commute Int_empty_right b
  2271            smallest_ccdi_sets.Compl smallest_ccdi_sets_Un)
  2272   finally show ?case .
  2273 next
  2274   case (Inc A)
  2275   have 1: "(\<Union>i. (\<lambda>i. A i \<inter> b) i) = (\<Union>i. A i) \<inter> b"
  2276     by blast
  2277   have "range (\<lambda>i. A i \<inter> b) \<in> Pow(smallest_ccdi_sets \<Omega> M)" using Inc
  2278     by blast
  2279   moreover have "(\<lambda>i. A i \<inter> b) 0 = {}"
  2280     by (simp add: Inc)
  2281   moreover have "!!n. (\<lambda>i. A i \<inter> b) n \<subseteq> (\<lambda>i. A i \<inter> b) (Suc n)" using Inc
  2282     by blast
  2283   ultimately have 2: "(\<Union>i. (\<lambda>i. A i \<inter> b) i) \<in> smallest_ccdi_sets \<Omega> M"
  2284     by (rule smallest_ccdi_sets.Inc)
  2285   show ?case
  2286     by (metis 1 2)
  2287 next
  2288   case (Disj A)
  2289   have 1: "(\<Union>i. (\<lambda>i. A i \<inter> b) i) = (\<Union>i. A i) \<inter> b"
  2290     by blast
  2291   have "range (\<lambda>i. A i \<inter> b) \<in> Pow(smallest_ccdi_sets \<Omega> M)" using Disj
  2292     by blast
  2293   moreover have "disjoint_family (\<lambda>i. A i \<inter> b)" using Disj
  2294     by (auto simp add: disjoint_family_on_def)
  2295   ultimately have 2: "(\<Union>i. (\<lambda>i. A i \<inter> b) i) \<in> smallest_ccdi_sets \<Omega> M"
  2296     by (rule smallest_ccdi_sets.Disj)
  2297   show ?case
  2298     by (metis 1 2)
  2299 qed
  2300 
  2301 lemma (in algebra) sigma_property_disjoint_lemma:
  2302   assumes sbC: "M \<subseteq> C"
  2303       and ccdi: "closed_cdi \<Omega> C"
  2304   shows "sigma_sets \<Omega> M \<subseteq> C"
  2305 proof -
  2306   have "smallest_ccdi_sets \<Omega> M \<in> {B . M \<subseteq> B \<and> sigma_algebra \<Omega> B}"
  2307     apply (auto simp add: sigma_algebra_disjoint_iff algebra_iff_Int
  2308             smallest_ccdi_sets_Int)
  2309     apply (metis Union_Pow_eq Union_upper subsetD smallest_ccdi_sets)
  2310     apply (blast intro: smallest_ccdi_sets.Disj)
  2311     done
  2312   hence "sigma_sets (\<Omega>) (M) \<subseteq> smallest_ccdi_sets \<Omega> M"
  2313     by clarsimp
  2314        (drule sigma_algebra.sigma_sets_subset [where a="M"], auto)
  2315   also have "...  \<subseteq> C"
  2316     proof
  2317       fix x
  2318       assume x: "x \<in> smallest_ccdi_sets \<Omega> M"
  2319       thus "x \<in> C"
  2320         proof (induct rule: smallest_ccdi_sets.induct)
  2321           case (Basic x)
  2322           thus ?case
  2323             by (metis Basic subsetD sbC)
  2324         next
  2325           case (Compl x)
  2326           thus ?case
  2327             by (blast intro: closed_cdi_Compl [OF ccdi, simplified])
  2328         next
  2329           case (Inc A)
  2330           thus ?case
  2331                by (auto intro: closed_cdi_Inc [OF ccdi, simplified])
  2332         next
  2333           case (Disj A)
  2334           thus ?case
  2335                by (auto intro: closed_cdi_Disj [OF ccdi, simplified])
  2336         qed
  2337     qed
  2338   finally show ?thesis .
  2339 qed
  2340 
  2341 lemma (in algebra) sigma_property_disjoint:
  2342   assumes sbC: "M \<subseteq> C"
  2343       and compl: "!!s. s \<in> C \<inter> sigma_sets (\<Omega>) (M) \<Longrightarrow> \<Omega> - s \<in> C"
  2344       and inc: "!!A. range A \<subseteq> C \<inter> sigma_sets (\<Omega>) (M)
  2345                      \<Longrightarrow> A 0 = {} \<Longrightarrow> (!!n. A n \<subseteq> A (Suc n))
  2346                      \<Longrightarrow> (\<Union>i. A i) \<in> C"
  2347       and disj: "!!A. range A \<subseteq> C \<inter> sigma_sets (\<Omega>) (M)
  2348                       \<Longrightarrow> disjoint_family A \<Longrightarrow> (\<Union>i::nat. A i) \<in> C"
  2349   shows "sigma_sets (\<Omega>) (M) \<subseteq> C"
  2350 proof -
  2351   have "sigma_sets (\<Omega>) (M) \<subseteq> C \<inter> sigma_sets (\<Omega>) (M)"
  2352     proof (rule sigma_property_disjoint_lemma)
  2353       show "M \<subseteq> C \<inter> sigma_sets (\<Omega>) (M)"
  2354         by (metis Int_greatest Set.subsetI sbC sigma_sets.Basic)
  2355     next
  2356       show "closed_cdi \<Omega> (C \<inter> sigma_sets (\<Omega>) (M))"
  2357         by (simp add: closed_cdi_def compl inc disj)
  2358            (metis PowI Set.subsetI le_infI2 sigma_sets_into_sp space_closed
  2359              IntE sigma_sets.Compl range_subsetD sigma_sets.Union)
  2360     qed
  2361   thus ?thesis
  2362     by blast
  2363 qed
  2364 
  2365 section {* Dynkin systems *}
  2366 
  2367 locale dynkin_system = subset_class +
  2368   assumes space: "\<Omega> \<in> M"
  2369     and   compl[intro!]: "\<And>A. A \<in> M \<Longrightarrow> \<Omega> - A \<in> M"
  2370     and   UN[intro!]: "\<And>A. disjoint_family A \<Longrightarrow> range A \<subseteq> M
  2371                            \<Longrightarrow> (\<Union>i::nat. A i) \<in> M"
  2372 
  2373 lemma (in dynkin_system) empty[intro, simp]: "{} \<in> M"
  2374   using space compl[of "\<Omega>"] by simp
  2375 
  2376 lemma (in dynkin_system) diff:
  2377   assumes sets: "D \<in> M" "E \<in> M" and "D \<subseteq> E"
  2378   shows "E - D \<in> M"
  2379 proof -
  2380   let ?f = "\<lambda>x. if x = 0 then D else if x = Suc 0 then \<Omega> - E else {}"
  2381   have "range ?f = {D, \<Omega> - E, {}}"
  2382     by (auto simp: image_iff)
  2383   moreover have "D \<union> (\<Omega> - E) = (\<Union>i. ?f i)"
  2384     by (auto simp: image_iff split: split_if_asm)
  2385   moreover
  2386   then have "disjoint_family ?f" unfolding disjoint_family_on_def
  2387     using `D \<in> M`[THEN sets_into_space] `D \<subseteq> E` by auto
  2388   ultimately have "\<Omega> - (D \<union> (\<Omega> - E)) \<in> M"
  2389     using sets by auto
  2390   also have "\<Omega> - (D \<union> (\<Omega> - E)) = E - D"
  2391     using assms sets_into_space by auto
  2392   finally show ?thesis .
  2393 qed
  2394 
  2395 lemma dynkin_systemI:
  2396   assumes "\<And> A. A \<in> M \<Longrightarrow> A \<subseteq> \<Omega>" "\<Omega> \<in> M"
  2397   assumes "\<And> A. A \<in> M \<Longrightarrow> \<Omega> - A \<in> M"
  2398   assumes "\<And> A. disjoint_family A \<Longrightarrow> range A \<subseteq> M
  2399           \<Longrightarrow> (\<Union>i::nat. A i) \<in> M"
  2400   shows "dynkin_system \<Omega> M"
  2401   using assms by (auto simp: dynkin_system_def dynkin_system_axioms_def subset_class_def)
  2402 
  2403 lemma dynkin_systemI':
  2404   assumes 1: "\<And> A. A \<in> M \<Longrightarrow> A \<subseteq> \<Omega>"
  2405   assumes empty: "{} \<in> M"
  2406   assumes Diff: "\<And> A. A \<in> M \<Longrightarrow> \<Omega> - A \<in> M"
  2407   assumes 2: "\<And> A. disjoint_family A \<Longrightarrow> range A \<subseteq> M
  2408           \<Longrightarrow> (\<Union>i::nat. A i) \<in> M"
  2409   shows "dynkin_system \<Omega> M"
  2410 proof -
  2411   from Diff[OF empty] have "\<Omega> \<in> M" by auto
  2412   from 1 this Diff 2 show ?thesis
  2413     by (intro dynkin_systemI) auto
  2414 qed
  2415 
  2416 lemma dynkin_system_trivial:
  2417   shows "dynkin_system A (Pow A)"
  2418   by (rule dynkin_systemI) auto
  2419 
  2420 lemma sigma_algebra_imp_dynkin_system:
  2421   assumes "sigma_algebra \<Omega> M" shows "dynkin_system \<Omega> M"
  2422 proof -
  2423   interpret sigma_algebra \<Omega> M by fact
  2424   show ?thesis using sets_into_space by (fastforce intro!: dynkin_systemI)
  2425 qed
  2426 
  2427 subsection "Intersection stable algebras"
  2428 
  2429 definition "Int_stable M \<longleftrightarrow> (\<forall> a \<in> M. \<forall> b \<in> M. a \<inter> b \<in> M)"
  2430 
  2431 lemma (in algebra) Int_stable: "Int_stable M"
  2432   unfolding Int_stable_def by auto
  2433 
  2434 lemma Int_stableI:
  2435   "(\<And>a b. a \<in> A \<Longrightarrow> b \<in> A \<Longrightarrow> a \<inter> b \<in> A) \<Longrightarrow> Int_stable A"
  2436   unfolding Int_stable_def by auto
  2437 
  2438 lemma Int_stableD:
  2439   "Int_stable M \<Longrightarrow> a \<in> M \<Longrightarrow> b \<in> M \<Longrightarrow> a \<inter> b \<in> M"
  2440   unfolding Int_stable_def by auto
  2441 
  2442 lemma (in dynkin_system) sigma_algebra_eq_Int_stable:
  2443   "sigma_algebra \<Omega> M \<longleftrightarrow> Int_stable M"
  2444 proof
  2445   assume "sigma_algebra \<Omega> M" then show "Int_stable M"
  2446     unfolding sigma_algebra_def using algebra.Int_stable by auto
  2447 next
  2448   assume "Int_stable M"
  2449   show "sigma_algebra \<Omega> M"
  2450     unfolding sigma_algebra_disjoint_iff algebra_iff_Un
  2451   proof (intro conjI ballI allI impI)
  2452     show "M \<subseteq> Pow (\<Omega>)" using sets_into_space by auto
  2453   next
  2454     fix A B assume "A \<in> M" "B \<in> M"
  2455     then have "A \<union> B = \<Omega> - ((\<Omega> - A) \<inter> (\<Omega> - B))"
  2456               "\<Omega> - A \<in> M" "\<Omega> - B \<in> M"
  2457       using sets_into_space by auto
  2458     then show "A \<union> B \<in> M"
  2459       using `Int_stable M` unfolding Int_stable_def by auto
  2460   qed auto
  2461 qed
  2462 
  2463 subsection "Smallest Dynkin systems"
  2464 
  2465 definition dynkin where
  2466   "dynkin \<Omega> M =  (\<Inter>{D. dynkin_system \<Omega> D \<and> M \<subseteq> D})"
  2467 
  2468 lemma dynkin_system_dynkin:
  2469   assumes "M \<subseteq> Pow (\<Omega>)"
  2470   shows "dynkin_system \<Omega> (dynkin \<Omega> M)"
  2471 proof (rule dynkin_systemI)
  2472   fix A assume "A \<in> dynkin \<Omega> M"
  2473   moreover
  2474   { fix D assume "A \<in> D" and d: "dynkin_system \<Omega> D"
  2475     then have "A \<subseteq> \<Omega>" by (auto simp: dynkin_system_def subset_class_def) }
  2476   moreover have "{D. dynkin_system \<Omega> D \<and> M \<subseteq> D} \<noteq> {}"
  2477     using assms dynkin_system_trivial by fastforce
  2478   ultimately show "A \<subseteq> \<Omega>"
  2479     unfolding dynkin_def using assms
  2480     by auto
  2481 next
  2482   show "\<Omega> \<in> dynkin \<Omega> M"
  2483     unfolding dynkin_def using dynkin_system.space by fastforce
  2484 next
  2485   fix A assume "A \<in> dynkin \<Omega> M"
  2486   then show "\<Omega> - A \<in> dynkin \<Omega> M"
  2487     unfolding dynkin_def using dynkin_system.compl by force
  2488 next
  2489   fix A :: "nat \<Rightarrow> 'a set"
  2490   assume A: "disjoint_family A" "range A \<subseteq> dynkin \<Omega> M"
  2491   show "(\<Union>i. A i) \<in> dynkin \<Omega> M" unfolding dynkin_def
  2492   proof (simp, safe)
  2493     fix D assume "dynkin_system \<Omega> D" "M \<subseteq> D"
  2494     with A have "(\<Union>i. A i) \<in> D"
  2495       by (intro dynkin_system.UN) (auto simp: dynkin_def)
  2496     then show "(\<Union>i. A i) \<in> D" by auto
  2497   qed
  2498 qed
  2499 
  2500 lemma dynkin_Basic[intro]: "A \<in> M \<Longrightarrow> A \<in> dynkin \<Omega> M"
  2501   unfolding dynkin_def by auto
  2502 
  2503 lemma (in dynkin_system) restricted_dynkin_system:
  2504   assumes "D \<in> M"
  2505   shows "dynkin_system \<Omega> {Q. Q \<subseteq> \<Omega> \<and> Q \<inter> D \<in> M}"
  2506 proof (rule dynkin_systemI, simp_all)
  2507   have "\<Omega> \<inter> D = D"
  2508     using `D \<in> M` sets_into_space by auto
  2509   then show "\<Omega> \<inter> D \<in> M"
  2510     using `D \<in> M` by auto
  2511 next
  2512   fix A assume "A \<subseteq> \<Omega> \<and> A \<inter> D \<in> M"
  2513   moreover have "(\<Omega> - A) \<inter> D = (\<Omega> - (A \<inter> D)) - (\<Omega> - D)"
  2514     by auto
  2515   ultimately show "\<Omega> - A \<subseteq> \<Omega> \<and> (\<Omega> - A) \<inter> D \<in> M"
  2516     using  `D \<in> M` by (auto intro: diff)
  2517 next
  2518   fix A :: "nat \<Rightarrow> 'a set"
  2519   assume "disjoint_family A" "range A \<subseteq> {Q. Q \<subseteq> \<Omega> \<and> Q \<inter> D \<in> M}"
  2520   then have "\<And>i. A i \<subseteq> \<Omega>" "disjoint_family (\<lambda>i. A i \<inter> D)"
  2521     "range (\<lambda>i. A i \<inter> D) \<subseteq> M" "(\<Union>x. A x) \<inter> D = (\<Union>x. A x \<inter> D)"
  2522     by ((fastforce simp: disjoint_family_on_def)+)
  2523   then show "(\<Union>x. A x) \<subseteq> \<Omega> \<and> (\<Union>x. A x) \<inter> D \<in> M"
  2524     by (auto simp del: UN_simps)
  2525 qed
  2526 
  2527 lemma (in dynkin_system) dynkin_subset:
  2528   assumes "N \<subseteq> M"
  2529   shows "dynkin \<Omega> N \<subseteq> M"
  2530 proof -
  2531   have "dynkin_system \<Omega> M" by default
  2532   then have "dynkin_system \<Omega> M"
  2533     using assms unfolding dynkin_system_def dynkin_system_axioms_def subset_class_def by simp
  2534   with `N \<subseteq> M` show ?thesis by (auto simp add: dynkin_def)
  2535 qed
  2536 
  2537 lemma sigma_eq_dynkin:
  2538   assumes sets: "M \<subseteq> Pow \<Omega>"
  2539   assumes "Int_stable M"
  2540   shows "sigma_sets \<Omega> M = dynkin \<Omega> M"
  2541 proof -
  2542   have "dynkin \<Omega> M \<subseteq> sigma_sets (\<Omega>) (M)"
  2543     using sigma_algebra_imp_dynkin_system
  2544     unfolding dynkin_def sigma_sets_least_sigma_algebra[OF sets] by auto
  2545   moreover
  2546   interpret dynkin_system \<Omega> "dynkin \<Omega> M"
  2547     using dynkin_system_dynkin[OF sets] .
  2548   have "sigma_algebra \<Omega> (dynkin \<Omega> M)"
  2549     unfolding sigma_algebra_eq_Int_stable Int_stable_def
  2550   proof (intro ballI)
  2551     fix A B assume "A \<in> dynkin \<Omega> M" "B \<in> dynkin \<Omega> M"
  2552     let ?D = "\<lambda>E. {Q. Q \<subseteq> \<Omega> \<and> Q \<inter> E \<in> dynkin \<Omega> M}"
  2553     have "M \<subseteq> ?D B"
  2554     proof
  2555       fix E assume "E \<in> M"
  2556       then have "M \<subseteq> ?D E" "E \<in> dynkin \<Omega> M"
  2557         using sets_into_space `Int_stable M` by (auto simp: Int_stable_def)
  2558       then have "dynkin \<Omega> M \<subseteq> ?D E"
  2559         using restricted_dynkin_system `E \<in> dynkin \<Omega> M`
  2560         by (intro dynkin_system.dynkin_subset) simp_all
  2561       then have "B \<in> ?D E"
  2562         using `B \<in> dynkin \<Omega> M` by auto
  2563       then have "E \<inter> B \<in> dynkin \<Omega> M"
  2564         by (subst Int_commute) simp
  2565       then show "E \<in> ?D B"
  2566         using sets `E \<in> M` by auto
  2567     qed
  2568     then have "dynkin \<Omega> M \<subseteq> ?D B"
  2569       using restricted_dynkin_system `B \<in> dynkin \<Omega> M`
  2570       by (intro dynkin_system.dynkin_subset) simp_all
  2571     then show "A \<inter> B \<in> dynkin \<Omega> M"
  2572       using `A \<in> dynkin \<Omega> M` sets_into_space by auto
  2573   qed
  2574   from sigma_algebra.sigma_sets_subset[OF this, of "M"]
  2575   have "sigma_sets (\<Omega>) (M) \<subseteq> dynkin \<Omega> M" by auto
  2576   ultimately have "sigma_sets (\<Omega>) (M) = dynkin \<Omega> M" by auto
  2577   then show ?thesis
  2578     by (auto simp: dynkin_def)
  2579 qed
  2580 
  2581 lemma (in dynkin_system) dynkin_idem:
  2582   "dynkin \<Omega> M = M"
  2583 proof -
  2584   have "dynkin \<Omega> M = M"
  2585   proof
  2586     show "M \<subseteq> dynkin \<Omega> M"
  2587       using dynkin_Basic by auto
  2588     show "dynkin \<Omega> M \<subseteq> M"
  2589       by (intro dynkin_subset) auto
  2590   qed
  2591   then show ?thesis
  2592     by (auto simp: dynkin_def)
  2593 qed
  2594 
  2595 lemma (in dynkin_system) dynkin_lemma:
  2596   assumes "Int_stable E"
  2597   and E: "E \<subseteq> M" "M \<subseteq> sigma_sets \<Omega> E"
  2598   shows "sigma_sets \<Omega> E = M"
  2599 proof -
  2600   have "E \<subseteq> Pow \<Omega>"
  2601     using E sets_into_space by force
  2602   then have "sigma_sets \<Omega> E = dynkin \<Omega> E"
  2603     using `Int_stable E` by (rule sigma_eq_dynkin)
  2604   moreover then have "dynkin \<Omega> E = M"
  2605     using assms dynkin_subset[OF E(1)] by simp
  2606   ultimately show ?thesis
  2607     using assms by (auto simp: dynkin_def)
  2608 qed
  2609 
  2610 lemma sigma_sets_induct_disjoint[consumes 3, case_names basic empty compl union]:
  2611   assumes "Int_stable G"
  2612     and closed: "G \<subseteq> Pow \<Omega>"
  2613     and A: "A \<in> sigma_sets \<Omega> G"
  2614   assumes basic: "\<And>A. A \<in> G \<Longrightarrow> P A"
  2615     and empty: "P {}"
  2616     and compl: "\<And>A. A \<in> sigma_sets \<Omega> G \<Longrightarrow> P A \<Longrightarrow> P (\<Omega> - A)"
  2617     and union: "\<And>A. disjoint_family A \<Longrightarrow> range A \<subseteq> sigma_sets \<Omega> G \<Longrightarrow> (\<And>i. P (A i)) \<Longrightarrow> P (\<Union>i::nat. A i)"
  2618   shows "P A"
  2619 proof -
  2620   let ?D = "{ A \<in> sigma_sets \<Omega> G. P A }"
  2621   interpret sigma_algebra \<Omega> "sigma_sets \<Omega> G"
  2622     using closed by (rule sigma_algebra_sigma_sets)
  2623   from compl[OF _ empty] closed have space: "P \<Omega>" by simp
  2624   interpret dynkin_system \<Omega> ?D
  2625     by default (auto dest: sets_into_space intro!: space compl union)
  2626   have "sigma_sets \<Omega> G = ?D"
  2627     by (rule dynkin_lemma) (auto simp: basic `Int_stable G`)
  2628   with A show ?thesis by auto
  2629 qed
  2630 
  2631 end