isabelle: src/HOLCF/IOA/meta_theory/SimCorrectness.thy@14787722149a (annotated)

4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	1	(* Title: HOLCF/IOA/meta_theory/SimCorrectness.thy
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	2	ID: $Id$
12218 6597093b77e7 GPLed; wenzelm parents: 10835 diff changeset	3	Author: Olaf M�ller
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	4	*)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	5
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	6	header {* Correctness of Simulations in HOLCF/IOA *}
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	7
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	8	theory SimCorrectness
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	9	imports Simulations
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	10	begin
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	11
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	12	consts
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	13
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	14	corresp_ex_sim ::"('a,'s2)ioa => (('s1 *'s2)set) =>
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	15	('a,'s1)execution => ('a,'s2)execution"
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	16	(* Note: s2 instead of s1 in last argument type !! *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	17	corresp_ex_simC ::"('a,'s2)ioa => (('s1 * 's2)set) => ('a,'s1)pairs
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	18	-> ('s2 => ('a,'s2)pairs)"
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	19
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	20
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	21	defs
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	22
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	23	corresp_ex_sim_def:
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	24	"corresp_ex_sim A R ex == let S'= (@s'.(fst ex,s'):R & s': starts_of A)
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	25	in
10835 f4745d77e620 ` -> $ nipkow parents: 4565 diff changeset	26	(S',(corresp_ex_simC A R$(snd ex)) S')"
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	27
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	28
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	29	corresp_ex_simC_def:
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	30	"corresp_ex_simC A R == (fix$(LAM h ex. (%s. case ex of
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	31	nil => nil
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	32	\| x##xs => (flift1 (%pr. let a = (fst pr); t = (snd pr);
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	33	T' = @t'. ? ex1. (t,t'):R & move A ex1 s a t'
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	34	in
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	35	(@cex. move A cex s a T')
10835 f4745d77e620 ` -> $ nipkow parents: 4565 diff changeset	36	@@ ((h$xs) T'))
f4745d77e620 ` -> $ nipkow parents: 4565 diff changeset	37	$x) )))"
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	38
19741 f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	39
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	40	subsection "corresp_ex_sim"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	41
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	42	lemma corresp_ex_simC_unfold: "corresp_ex_simC A R = (LAM ex. (%s. case ex of
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	43	nil => nil
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	44	\| x##xs => (flift1 (%pr. let a = (fst pr); t = (snd pr);
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	45	T' = @t'. ? ex1. (t,t'):R & move A ex1 s a t'
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	46	in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	47	(@cex. move A cex s a T')
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	48	@@ ((corresp_ex_simC A R $xs) T'))
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	49	$x) ))"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	50	apply (rule trans)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	51	apply (rule fix_eq2)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	52	apply (rule corresp_ex_simC_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	53	apply (rule beta_cfun)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	54	apply (simp add: flift1_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	55	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	56
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	57	lemma corresp_ex_simC_UU: "(corresp_ex_simC A R$UU) s=UU"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	58	apply (subst corresp_ex_simC_unfold)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	59	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	60	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	61
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	62	lemma corresp_ex_simC_nil: "(corresp_ex_simC A R$nil) s = nil"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	63	apply (subst corresp_ex_simC_unfold)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	64	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	65	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	66
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	67	lemma corresp_ex_simC_cons: "(corresp_ex_simC A R$((a,t)>>xs)) s =
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	68	(let T' = @t'. ? ex1. (t,t'):R & move A ex1 s a t'
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	69	in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	70	(@cex. move A cex s a T')
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	71	@@ ((corresp_ex_simC A R$xs) T'))"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	72	apply (rule trans)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	73	apply (subst corresp_ex_simC_unfold)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	74	apply (simp add: Consq_def flift1_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	75	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	76	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	77
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	78
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	79	declare corresp_ex_simC_UU [simp] corresp_ex_simC_nil [simp] corresp_ex_simC_cons [simp]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	80
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	81
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	82	subsection "properties of move"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	83
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	84	declare Let_def [simp del]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	85
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	86	lemma move_is_move_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	87	"[\|is_simulation R C A; reachable C s; s -a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	88	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	89	(t,T'): R & move A (@ex2. move A ex2 s' a T') s' a T'"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	90	apply (unfold is_simulation_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	91
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	92	(* Does not perform conditional rewriting on assumptions automatically as
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	93	usual. Instantiate all variables per hand. Ask Tobias?? *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	94	apply (subgoal_tac "? t' ex. (t,t') :R & move A ex s' a t'")
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	95	prefer 2
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	96	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	97	apply (erule conjE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	98	apply (erule_tac x = "s" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	99	apply (erule_tac x = "s'" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	100	apply (erule_tac x = "t" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	101	apply (erule_tac x = "a" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	102	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	103	(* Go on as usual *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	104	apply (erule exE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	105	apply (drule_tac x = "t'" and P = "%t'. ? ex. (t,t') :R & move A ex s' a t'" in someI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	106	apply (erule exE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	107	apply (erule conjE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	108	apply (simp add: Let_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	109	apply (rule_tac x = "ex" in someI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	110	apply (erule conjE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	111	apply assumption
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	112	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	113
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	114	declare Let_def [simp]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	115
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	116	lemma move_subprop1_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	117	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	118	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	119	is_exec_frag A (s',@x. move A x s' a T')"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	120	apply (cut_tac move_is_move_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	121	defer
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	122	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	123	apply (simp add: move_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	124	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	125
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	126	lemma move_subprop2_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	127	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	128	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	129	Finite (@x. move A x s' a T')"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	130	apply (cut_tac move_is_move_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	131	defer
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	132	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	133	apply (simp add: move_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	134	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	135
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	136	lemma move_subprop3_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	137	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	138	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	139	laststate (s',@x. move A x s' a T') = T'"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	140	apply (cut_tac move_is_move_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	141	defer
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	142	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	143	apply (simp add: move_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	144	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	145
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	146	lemma move_subprop4_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	147	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	148	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	149	mk_trace A$((@x. move A x s' a T')) =
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	150	(if a:ext A then a>>nil else nil)"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	151	apply (cut_tac move_is_move_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	152	defer
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	153	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	154	apply (simp add: move_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	155	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	156
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	157	lemma move_subprop5_sim:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	158	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	159	let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	160	(t,T'):R"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	161	apply (cut_tac move_is_move_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	162	defer
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	163	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	164	apply (simp add: move_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	165	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	166
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	167
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	168	subsection {* TRACE INCLUSION Part 1: Traces coincide *}
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	169
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	170	subsubsection "Lemmata for <=="
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	171
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	172	(* ------------------------------------------------------
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	173	Lemma 1 :Traces coincide
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	174	------------------------------------------------------- *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	175
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	176	declare split_if [split del]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	177	lemma traces_coincide_sim [rule_format (no_asm)]:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	178	"[\|is_simulation R C A; ext C = ext A\|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	179	!s s'. reachable C s & is_exec_frag C (s,ex) & (s,s'): R -->
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	180	mk_trace C$ex = mk_trace A$((corresp_ex_simC A R$ex) s')"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	181
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	182	apply (tactic {* pair_induct_tac "ex" [thm "is_exec_frag_def"] 1 *})
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	183	(* cons case *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	184	apply (tactic "safe_tac set_cs")
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	185	apply (rename_tac ex a t s s')
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	186	apply (simp add: mk_traceConc)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	187	apply (frule reachable.reachable_n)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	188	apply assumption
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	189	apply (erule_tac x = "t" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	190	apply (erule_tac x = "@t'. ? ex1. (t,t') :R & move A ex1 s' a t'" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	191	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	192	apply (simp add: move_subprop5_sim [unfolded Let_def]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	193	move_subprop4_sim [unfolded Let_def] split add: split_if)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	194	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	195	declare split_if [split]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	196
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	197
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	198	(* ----------------------------------------------------------- *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	199	(* Lemma 2 : corresp_ex_sim is execution *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	200	(* ----------------------------------------------------------- *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	201
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	202
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	203	lemma correspsim_is_execution [rule_format (no_asm)]:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	204	"[\| is_simulation R C A \|] ==>
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	205	!s s'. reachable C s & is_exec_frag C (s,ex) & (s,s'):R
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	206	--> is_exec_frag A (s',(corresp_ex_simC A R$ex) s')"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	207
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	208	apply (tactic {* pair_induct_tac "ex" [thm "is_exec_frag_def"] 1 *})
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	209	(* main case *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	210	apply (tactic "safe_tac set_cs")
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	211	apply (rename_tac ex a t s s')
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	212	apply (rule_tac t = "@t'. ? ex1. (t,t') :R & move A ex1 s' a t'" in lemma_2_1)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	213
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	214	(* Finite *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	215	apply (erule move_subprop2_sim [unfolded Let_def])
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	216	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	217	apply (rule conjI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	218
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	219	(* is_exec_frag *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	220	apply (erule move_subprop1_sim [unfolded Let_def])
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	221	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	222	apply (rule conjI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	223
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	224	(* Induction hypothesis *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	225	(* reachable_n looping, therefore apply it manually *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	226	apply (erule_tac x = "t" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	227	apply (erule_tac x = "@t'. ? ex1. (t,t') :R & move A ex1 s' a t'" in allE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	228	apply simp
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	229	apply (frule reachable.reachable_n)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	230	apply assumption
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	231	apply (simp add: move_subprop5_sim [unfolded Let_def])
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	232	(* laststate *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	233	apply (erule move_subprop3_sim [unfolded Let_def, symmetric])
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	234	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	235	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	236
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	237
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	238	subsection "Main Theorem: TRACE - INCLUSION"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	239
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	240	(* -------------------------------------------------------------------------------- *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	241
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	242	(* generate condition (s,S'):R & S':starts_of A, the first being intereting
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	243	for the induction cases concerning the two lemmas correpsim_is_execution and
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	244	traces_coincide_sim, the second for the start state case.
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	245	S':= @s'. (s,s'):R & s':starts_of A, where s:starts_of C *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	246
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	247	lemma simulation_starts:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	248	"[\| is_simulation R C A; s:starts_of C \|]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	249	==> let S' = @s'. (s,s'):R & s':starts_of A in
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	250	(s,S'):R & S':starts_of A"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	251	apply (simp add: is_simulation_def corresp_ex_sim_def Int_non_empty Image_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	252	apply (erule conjE)+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	253	apply (erule ballE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	254	prefer 2 apply (blast)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	255	apply (erule exE)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	256	apply (rule someI2)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	257	apply assumption
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	258	apply blast
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	259	done
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	260
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	261	lemmas sim_starts1 = simulation_starts [unfolded Let_def, THEN conjunct1, standard]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	262	lemmas sim_starts2 = simulation_starts [unfolded Let_def, THEN conjunct2, standard]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	263
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	264
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	265	lemma trace_inclusion_for_simulations:
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	266	"[\| ext C = ext A; is_simulation R C A \|]
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	267	==> traces C <= traces A"
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	268
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	269	apply (unfold traces_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	270
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	271	apply (simp (no_asm) add: has_trace_def2)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	272	apply (tactic "safe_tac set_cs")
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	273
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	274	(* give execution of abstract automata *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	275	apply (rule_tac x = "corresp_ex_sim A R ex" in bexI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	276
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	277	(* Traces coincide, Lemma 1 *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	278	apply (tactic {* pair_tac "ex" 1 *})
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	279	apply (rename_tac s ex)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	280	apply (simp (no_asm) add: corresp_ex_sim_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	281	apply (rule_tac s = "s" in traces_coincide_sim)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	282	apply assumption+
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	283	apply (simp add: executions_def reachable.reachable_0 sim_starts1)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	284
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	285	(* corresp_ex_sim is execution, Lemma 2 *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	286	apply (tactic {* pair_tac "ex" 1 *})
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	287	apply (simp add: executions_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	288	apply (rename_tac s ex)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	289
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	290	(* start state *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	291	apply (rule conjI)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	292	apply (simp add: sim_starts2 corresp_ex_sim_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	293
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	294	(* is-execution-fragment *)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	295	apply (simp add: corresp_ex_sim_def)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	296	apply (rule_tac s = s in correspsim_is_execution)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	297	apply assumption
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	298	apply (simp add: reachable.reachable_0 sim_starts1)
f65265d71426 removed legacy ML scripts; wenzelm parents: 17233 diff changeset	299	done
17233 41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	300
41eee2e7b465 converted specifications to Isar theories; wenzelm parents: 14981 diff changeset	301	end

author	huffman
	Mon, 20 Aug 2007 17:31:59 +0200
changeset 24338	14787722149a
parent 19741	f65265d71426
child 25135	4f8176c940cf
permissions	-rw-r--r--