Old_HOL: IOA/meta_theory/IOA.thy@fd1be45b64bf (annotated)

156 fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	1	(* The I/O automata of Lynch and Tuttle. *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	2
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	3	IOA = Asig +
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	4
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	5	types
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	6	'a seq = "nat => 'a"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	7	'a oseq = "nat => 'a option"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	8	('a,'b)execution = "'a oseq * 'b seq"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	9	('a,'s)transition = "('s * 'a * 's)"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	10	('a,'s)ioa = "'a signature * 's set * ('a,'s)transition set"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	11
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	12	consts
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	13
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	14	(* IO automata *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	15	state_trans::"['action signature, ('action,'state)transition set] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	16	asig_of ::"('action,'state)ioa => 'action signature"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	17	starts_of ::"('action,'state)ioa => 'state set"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	18	trans_of ::"('action,'state)ioa => ('action,'state)transition set"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	19	IOA ::"('action,'state)ioa => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	20
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	21	(* Executions, schedules, and behaviours *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	22
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	23	is_execution_fragment,
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	24	has_execution ::"[('action,'state)ioa, ('action,'state)execution] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	25	executions :: "('action,'state)ioa => ('action,'state)execution set"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	26	mk_behaviour :: "[('action,'state)ioa, 'action oseq] => 'action oseq"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	27	reachable :: "[('action,'state)ioa, 'state] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	28	invariant :: "[('action,'state)ioa, 'state=>bool] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	29	has_behaviour :: "[('action,'state)ioa, 'action oseq] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	30	behaviours :: "('action,'state)ioa => 'action oseq set"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	31
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	32	(* Composition of action signatures and automata *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	33	compatible_asigs ::"('a => 'action signature) => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	34	asig_composition ::"('a => 'action signature) => 'action signature"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	35	compatible_ioas ::"('a => ('action,'state)ioa) => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	36	ioa_composition ::"('a => ('action, 'state)ioa) =>('action,'a => 'state)ioa"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	37
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	38	(* binary composition of action signatures and automata *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	39	compat_asigs ::"['action signature, 'action signature] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	40	asig_comp ::"['action signature, 'action signature] => 'action signature"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	41	compat_ioas ::"[('action,'state)ioa, ('action,'state)ioa] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	42	"\|\|" ::"[('a,'s)ioa, ('a,'t)ioa] => ('a,'s*'t)ioa" (infixr 10)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	43
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	44	(* Filtering and hiding *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	45	filter_oseq :: "('a => bool) => 'a oseq => 'a oseq"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	46
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	47	restrict_asig :: "['a signature, 'a set] => 'a signature"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	48	restrict :: "[('a,'s)ioa, 'a set] => ('a,'s)ioa"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	49
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	50	(* Notions of correctness *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	51	ioa_implements :: "[('action,'state1)ioa, ('action,'state2)ioa] => bool"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	52
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	53
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	54	rules
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	55
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	56	state_trans_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	57	"state_trans(asig,R) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	58	\ (!triple. triple:R --> fst(snd(triple)):actions(asig)) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	59	\ (!a. (a:inputs(asig)) --> (!s1. ? s2. <s1,a,s2>:R))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	60
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	61
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	62	ioa_projections_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	63	"asig_of = fst & starts_of = (fst o snd) & trans_of = (snd o snd)"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	64
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	65
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	66	ioa_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	67	"IOA(ioa) == (is_asig(asig_of(ioa)) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	68	\ (~ starts_of(ioa) = {}) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	69	\ state_trans(asig_of(ioa),trans_of(ioa)))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	70
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	71
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	72	(* An execution fragment is modelled with a pair of sequences:
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	73	* the first is the action options, the second the state sequence.
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	74	* Finite executions have None actions from some point on.
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	75	*******)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	76	is_execution_fragment_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	77	"is_execution_fragment(A,ex) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	78	\ let act = fst(ex); state = snd(ex) \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	79	\ in !n a. (act(n)=None --> state(Suc(n)) = state(n)) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	80	\ (act(n)=Some(a) --> <state(n),a,state(Suc(n))>:trans_of(A))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	81
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	82
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	83	executions_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	84	"executions(ioa) == {e. snd(e,0):starts_of(ioa) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	85	\ is_execution_fragment(ioa,e)}"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	86
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	87
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	88	(* Is a state reachable. Using an inductive definition, this could be defined
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	89	* by the following 2 rules
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	90	*
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	91	* x:starts_of(ioa)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	92	* ----------------
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	93	* reachable(ioa,x)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	94	*
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	95	* reachable(ioa,s) & ? <s,a,s'>:trans_of(ioa)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	96	* -------------------------------------------
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	97	* reachable(ioa,s')
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	98	*
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	99	* A direkt definition follows.
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	100	*******************************)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	101	reachable_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	102	"reachable(ioa,s) == (? ex:executions(ioa). ? n. snd(ex,n) = s)"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	103
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	104
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	105	invariant_def "invariant(A,P) == (!s. reachable(A,s) --> P(s))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	106
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	107
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	108	(* Restrict the trace to those members of the set s *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	109	filter_oseq_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	110	"filter_oseq(p,s) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	111	\ (%i.case s(i) \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	112	\ of None => None \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	113	\ \| Some(x) => if(p(x),Some(x),None))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	114
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	115
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	116	mk_behaviour_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	117	"mk_behaviour(ioa) == filter_oseq(%a.a:externals(asig_of(ioa)))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	118
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	119
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	120	(* Does an ioa have an execution with the given behaviour *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	121	has_behaviour_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	122	"has_behaviour(ioa,b) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	123	\ (? ex:executions(ioa). b = mk_behaviour(ioa,fst(ex)))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	124
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	125
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	126	(* All the behaviours of an ioa *)
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	127	behaviours_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	128	"behaviours(ioa) == {b. has_behaviour(ioa,b)}"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	129
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	130
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	131	compat_asigs_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	132	"compat_asigs (a1,a2) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	133	\ (((outputs(a1) Int outputs(a2)) = {}) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	134	\ ((internals(a1) Int actions(a2)) = {}) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	135	\ ((internals(a2) Int actions(a1)) = {}))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	136
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	137
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	138	compat_ioas_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	139	"compat_ioas(ioa1,ioa2) == compat_asigs (asig_of(ioa1)) (asig_of(ioa2))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	140
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	141
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	142	asig_comp_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	143	"asig_comp (a1,a2) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	144	\ (<(inputs(a1) Un inputs(a2)) - (outputs(a1) Un outputs(a2)), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	145	\ (outputs(a1) Un outputs(a2)), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	146	\ (internals(a1) Un internals(a2))>)"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	147
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	148
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	149	par_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	150	"(ioa1 \|\| ioa2) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	151	\ <asig_comp(asig_of(ioa1),asig_of(ioa2)), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	152	\ {pr. fst(pr):starts_of(ioa1) & snd(pr):starts_of(ioa2)}, \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	153	\ {tr. let s = fst(tr); a = fst(snd(tr)); t = snd(snd(tr)) \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	154	\ in (a:actions(asig_of(ioa1)) \| a:actions(asig_of(ioa2))) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	155	\ if(a:actions(asig_of(ioa1)), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	156	\ <fst(s),a,fst(t)>:trans_of(ioa1), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	157	\ fst(t) = fst(s)) \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	158	\ & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	159	\ if(a:actions(asig_of(ioa2)), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	160	\ <snd(s),a,snd(t)>:trans_of(ioa2), \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	161	\ snd(t) = snd(s))}>"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	162
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	163
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	164	restrict_asig_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	165	"restrict_asig(asig,actns) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	166	\ <inputs(asig) Int actns, outputs(asig) Int actns, \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	167	\ internals(asig) Un (externals(asig) - actns)>"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	168
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	169
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	170	restrict_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	171	"restrict(ioa,actns) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	172	\ <restrict_asig(asig_of(ioa),actns), starts_of(ioa), trans_of(ioa)>"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	173
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	174
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	175	ioa_implements_def
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	176	"ioa_implements(ioa1,ioa2) == \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	177	\ (externals(asig_of(ioa1)) = externals(asig_of(ioa2)) & \
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	178	\ behaviours(ioa1) <= behaviours(ioa2))"
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	179
fd1be45b64bf added IOA to isabelle/HOL clasohm parents: diff changeset	180	end

author	clasohm
	Wed, 02 Nov 1994 11:50:09 +0100
changeset 156	fd1be45b64bf
child 168	44ff2275d44f
permissions	-rw-r--r--