isabelle: src/HOL/IOA/IOA.thy@156e4f179bb0 (annotated)

4530 ac1821645636 corrected Title oheimb parents: 3842 diff changeset	1	(* Title: HOL/IOA/IOA.thy
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	2	ID: $Id$
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	3	Author: Tobias Nipkow & Konrad Slind
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	4	Copyright 1994 TU Muenchen
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	5	*)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	6
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	7	header {* The I/O automata of Lynch and Tuttle *}
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	8
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	9	theory IOA
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	10	imports Asig
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	11	begin
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	12
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	13	types
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	14	'a seq = "nat => 'a"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	15	'a oseq = "nat => 'a option"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	16	('a,'b)execution = "'a oseq * 'b seq"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	17	('a,'s)transition = "('s * 'a * 's)"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	18	('a,'s)ioa = "'a signature * 's set * ('a,'s)transition set"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	19
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	20	consts
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	21
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	22	(* IO automata *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	23	state_trans::"['action signature, ('action,'state)transition set] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	24	asig_of ::"('action,'state)ioa => 'action signature"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	25	starts_of ::"('action,'state)ioa => 'state set"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	26	trans_of ::"('action,'state)ioa => ('action,'state)transition set"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	27	IOA ::"('action,'state)ioa => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	28
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	29	(* Executions, schedules, and traces *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	30
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	31	is_execution_fragment ::"[('action,'state)ioa, ('action,'state)execution] => bool"
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	32	has_execution ::"[('action,'state)ioa, ('action,'state)execution] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	33	executions :: "('action,'state)ioa => ('action,'state)execution set"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	34	mk_trace :: "[('action,'state)ioa, 'action oseq] => 'action oseq"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	35	reachable :: "[('action,'state)ioa, 'state] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	36	invariant :: "[('action,'state)ioa, 'state=>bool] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	37	has_trace :: "[('action,'state)ioa, 'action oseq] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	38	traces :: "('action,'state)ioa => 'action oseq set"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	39	NF :: "'a oseq => 'a oseq"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	40
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	41	(* Composition of action signatures and automata *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	42	compatible_asigs ::"('a => 'action signature) => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	43	asig_composition ::"('a => 'action signature) => 'action signature"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	44	compatible_ioas ::"('a => ('action,'state)ioa) => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	45	ioa_composition ::"('a => ('action, 'state)ioa) =>('action,'a => 'state)ioa"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	46
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	47	(* binary composition of action signatures and automata *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	48	compat_asigs ::"['action signature, 'action signature] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	49	asig_comp ::"['action signature, 'action signature] => 'action signature"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	50	compat_ioas ::"[('action,'s)ioa, ('action,'t)ioa] => bool"
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	51	par ::"[('a,'s)ioa, ('a,'t)ioa] => ('a,'s*'t)ioa" (infixr "\|\|" 10)
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	52
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	53	(* Filtering and hiding *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	54	filter_oseq :: "('a => bool) => 'a oseq => 'a oseq"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	55
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	56	restrict_asig :: "['a signature, 'a set] => 'a signature"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	57	restrict :: "[('a,'s)ioa, 'a set] => ('a,'s)ioa"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	58
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	59	(* Notions of correctness *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	60	ioa_implements :: "[('action,'state1)ioa, ('action,'state2)ioa] => bool"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	61
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	62	(* Instantiation of abstract IOA by concrete actions *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	63	rename:: "('a, 'b)ioa => ('c => 'a option) => ('c,'b)ioa"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	64
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	65	defs
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	66
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	67	state_trans_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	68	"state_trans asig R ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	69	(!triple. triple:R --> fst(snd(triple)):actions(asig)) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	70	(!a. (a:inputs(asig)) --> (!s1. ? s2. (s1,a,s2):R))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	71
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	72
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	73	asig_of_def: "asig_of == fst"
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	74	starts_of_def: "starts_of == (fst o snd)"
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	75	trans_of_def: "trans_of == (snd o snd)"
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	76
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	77	ioa_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	78	"IOA(ioa) == (is_asig(asig_of(ioa)) &
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	79	(~ starts_of(ioa) = {}) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	80	state_trans (asig_of ioa) (trans_of ioa))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	81
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	82
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	83	(* An execution fragment is modelled with a pair of sequences:
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	84	* the first is the action options, the second the state sequence.
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	85	* Finite executions have None actions from some point on.
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	86	*******)
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	87	is_execution_fragment_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	88	"is_execution_fragment A ex ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	89	let act = fst(ex); state = snd(ex)
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	90	in !n a. (act(n)=None --> state(Suc(n)) = state(n)) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	91	(act(n)=Some(a) --> (state(n),a,state(Suc(n))):trans_of(A))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	92
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	93
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	94	executions_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	95	"executions(ioa) == {e. snd e 0:starts_of(ioa) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	96	is_execution_fragment ioa e}"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	97
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	98
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	99	reachable_def:
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	100	"reachable ioa s == (? ex:executions(ioa). ? n. (snd ex n) = s)"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	101
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	102
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	103	invariant_def: "invariant A P == (!s. reachable A s --> P(s))"
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	104
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	105
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	106	(* Restrict the trace to those members of the set s *)
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	107	filter_oseq_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	108	"filter_oseq p s ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	109	(%i. case s(i)
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	110	of None => None
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	111	\| Some(x) => if p x then Some x else None)"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	112
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	113
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	114	mk_trace_def:
3842 b55686a7b22c fixed dots; wenzelm parents: 3078 diff changeset	115	"mk_trace(ioa) == filter_oseq(%a. a:externals(asig_of(ioa)))"
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	116
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	117
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	118	(* Does an ioa have an execution with the given trace *)
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	119	has_trace_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	120	"has_trace ioa b ==
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	121	(? ex:executions(ioa). b = mk_trace ioa (fst ex))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	122
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	123	normal_form_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	124	"NF(tr) == @nf. ? f. mono(f) & (!i. nf(i)=tr(f(i))) &
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	125	(!j. j ~: range(f) --> nf(j)= None) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	126	(!i. nf(i)=None --> (nf (Suc i)) = None) "
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	127
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	128	(* All the traces of an ioa *)
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	129
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	130	traces_def:
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	131	"traces(ioa) == {trace. ? tr. trace=NF(tr) & has_trace ioa tr}"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	132
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	133	(*
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	134	traces_def:
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	135	"traces(ioa) == {tr. has_trace ioa tr}"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	136	*)
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	137
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	138	compat_asigs_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	139	"compat_asigs a1 a2 ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	140	(((outputs(a1) Int outputs(a2)) = {}) &
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	141	((internals(a1) Int actions(a2)) = {}) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	142	((internals(a2) Int actions(a1)) = {}))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	143
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	144
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	145	compat_ioas_def:
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	146	"compat_ioas ioa1 ioa2 == compat_asigs (asig_of(ioa1)) (asig_of(ioa2))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	147
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	148
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	149	asig_comp_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	150	"asig_comp a1 a2 ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	151	(((inputs(a1) Un inputs(a2)) - (outputs(a1) Un outputs(a2)),
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	152	(outputs(a1) Un outputs(a2)),
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	153	(internals(a1) Un internals(a2))))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	154
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	155
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	156	par_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	157	"(ioa1 \|\| ioa2) ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	158	(asig_comp (asig_of ioa1) (asig_of ioa2),
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	159	{pr. fst(pr):starts_of(ioa1) & snd(pr):starts_of(ioa2)},
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	160	{tr. let s = fst(tr); a = fst(snd(tr)); t = snd(snd(tr))
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	161	in (a:actions(asig_of(ioa1)) \| a:actions(asig_of(ioa2))) &
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	162	(if a:actions(asig_of(ioa1)) then
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	163	(fst(s),a,fst(t)):trans_of(ioa1)
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	164	else fst(t) = fst(s))
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	165	&
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	166	(if a:actions(asig_of(ioa2)) then
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	167	(snd(s),a,snd(t)):trans_of(ioa2)
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	168	else snd(t) = snd(s))})"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	169
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	170
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	171	restrict_asig_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	172	"restrict_asig asig actns ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	173	(inputs(asig) Int actns, outputs(asig) Int actns,
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	174	internals(asig) Un (externals(asig) - actns))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	175
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	176
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	177	restrict_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	178	"restrict ioa actns ==
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	179	(restrict_asig (asig_of ioa) actns, starts_of(ioa), trans_of(ioa))"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	180
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	181
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	182	ioa_implements_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	183	"ioa_implements ioa1 ioa2 ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	184	((inputs(asig_of(ioa1)) = inputs(asig_of(ioa2))) &
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	185	(outputs(asig_of(ioa1)) = outputs(asig_of(ioa2))) &
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	186	traces(ioa1) <= traces(ioa2))"
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	187
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	188	rename_def:
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	189	"rename ioa ren ==
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	190	(({b. ? x. Some(x)= ren(b) & x : inputs(asig_of(ioa))},
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	191	{b. ? x. Some(x)= ren(b) & x : outputs(asig_of(ioa))},
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	192	{b. ? x. Some(x)= ren(b) & x : internals(asig_of(ioa))}),
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	193	starts_of(ioa) ,
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	194	{tr. let s = fst(tr); a = fst(snd(tr)); t = snd(snd(tr))
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	195	in
3078 984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	196	? x. Some(x) = ren(a) & (s,x,t):trans_of(ioa)})"
984866a8f905 old IOA meta theory (see also new version in HOLCF/IOA/meta_theory); mueller parents: diff changeset	197
19801 b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	198
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	199	declare Let_def [simp]
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	200
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	201	lemmas ioa_projections = asig_of_def starts_of_def trans_of_def
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	202	and exec_rws = executions_def is_execution_fragment_def
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	203
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	204	lemma ioa_triple_proj:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	205	"asig_of(x,y,z) = x & starts_of(x,y,z) = y & trans_of(x,y,z) = z"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	206	apply (simp add: ioa_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	207	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	208
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	209	lemma trans_in_actions:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	210	"[\| IOA(A); (s1,a,s2):trans_of(A) \|] ==> a:actions(asig_of(A))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	211	apply (unfold ioa_def state_trans_def actions_def is_asig_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	212	apply (erule conjE)+
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	213	apply (erule allE, erule impE, assumption)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	214	apply simp
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	215	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	216
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	217
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	218	lemma filter_oseq_idemp: "filter_oseq p (filter_oseq p s) = filter_oseq p s"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	219	apply (simp add: filter_oseq_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	220	apply (rule ext)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	221	apply (case_tac "s i")
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	222	apply simp_all
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	223	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	224
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	225	lemma mk_trace_thm:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	226	"(mk_trace A s n = None) =
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	227	(s(n)=None \| (? a. s(n)=Some(a) & a ~: externals(asig_of(A))))
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	228	&
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	229	(mk_trace A s n = Some(a)) =
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	230	(s(n)=Some(a) & a : externals(asig_of(A)))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	231	apply (unfold mk_trace_def filter_oseq_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	232	apply (case_tac "s n")
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	233	apply auto
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	234	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	235
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	236	lemma reachable_0: "s:starts_of(A) ==> reachable A s"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	237	apply (unfold reachable_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	238	apply (rule_tac x = "(%i. None, %i. s)" in bexI)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	239	apply simp
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	240	apply (simp add: exec_rws)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	241	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	242
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	243	lemma reachable_n:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	244	"!!A. [\| reachable A s; (s,a,t) : trans_of(A) \|] ==> reachable A t"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	245	apply (unfold reachable_def exec_rws)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	246	apply (simp del: bex_simps)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	247	apply (simp (no_asm_simp) only: split_tupled_all)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	248	apply safe
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	249	apply (rename_tac ex1 ex2 n)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	250	apply (rule_tac x = "(%i. if i<n then ex1 i else (if i=n then Some a else None) , %i. if i<Suc n then ex2 i else t)" in bexI)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	251	apply (rule_tac x = "Suc n" in exI)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	252	apply (simp (no_asm))
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	253	apply simp
24742 73b8b42a36b6 removal of some "ref"s from res_axioms.ML; a side-effect is that the ordering paulson parents: 19801 diff changeset	254	apply (metis ioa_triple_proj less_antisym)
19801 b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	255	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	256
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	257
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	258	lemma invariantI:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	259	assumes p1: "!!s. s:starts_of(A) ==> P(s)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	260	and p2: "!!s t a. [\|reachable A s; P(s)\|] ==> (s,a,t): trans_of(A) --> P(t)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	261	shows "invariant A P"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	262	apply (unfold invariant_def reachable_def Let_def exec_rws)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	263	apply safe
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	264	apply (rename_tac ex1 ex2 n)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	265	apply (rule_tac Q = "reachable A (ex2 n) " in conjunct1)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	266	apply simp
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	267	apply (induct_tac n)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	268	apply (fast intro: p1 reachable_0)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	269	apply (erule_tac x = na in allE)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	270	apply (case_tac "ex1 na", simp_all)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	271	apply safe
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	272	apply (erule p2 [THEN mp])
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	273	apply (fast dest: reachable_n)+
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	274	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	275
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	276	lemma invariantI1:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	277	"[\| !!s. s : starts_of(A) ==> P(s);
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	278	!!s t a. reachable A s ==> P(s) --> (s,a,t):trans_of(A) --> P(t)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	279	\|] ==> invariant A P"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	280	apply (blast intro!: invariantI)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	281	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	282
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	283	lemma invariantE:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	284	"[\| invariant A P; reachable A s \|] ==> P(s)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	285	apply (unfold invariant_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	286	apply blast
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	287	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	288
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	289	lemma actions_asig_comp:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	290	"actions(asig_comp a b) = actions(a) Un actions(b)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	291	apply (auto simp add: actions_def asig_comp_def asig_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	292	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	293
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	294	lemma starts_of_par:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	295	"starts_of(A \|\| B) = {p. fst(p):starts_of(A) & snd(p):starts_of(B)}"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	296	apply (simp add: par_def ioa_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	297	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	298
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	299	(* Every state in an execution is reachable *)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	300	lemma states_of_exec_reachable:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	301	"ex:executions(A) ==> !n. reachable A (snd ex n)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	302	apply (unfold reachable_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	303	apply fast
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	304	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	305
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	306
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	307	lemma trans_of_par4:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	308	"(s,a,t) : trans_of(A \|\| B \|\| C \|\| D) =
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	309	((a:actions(asig_of(A)) \| a:actions(asig_of(B)) \| a:actions(asig_of(C)) \|
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	310	a:actions(asig_of(D))) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	311	(if a:actions(asig_of(A)) then (fst(s),a,fst(t)):trans_of(A)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	312	else fst t=fst s) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	313	(if a:actions(asig_of(B)) then (fst(snd(s)),a,fst(snd(t))):trans_of(B)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	314	else fst(snd(t))=fst(snd(s))) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	315	(if a:actions(asig_of(C)) then
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	316	(fst(snd(snd(s))),a,fst(snd(snd(t)))):trans_of(C)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	317	else fst(snd(snd(t)))=fst(snd(snd(s)))) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	318	(if a:actions(asig_of(D)) then
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	319	(snd(snd(snd(s))),a,snd(snd(snd(t)))):trans_of(D)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	320	else snd(snd(snd(t)))=snd(snd(snd(s)))))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	321	(SLOW)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	322	apply (simp (no_asm) add: par_def actions_asig_comp Pair_fst_snd_eq ioa_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	323	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	324
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	325	lemma cancel_restrict: "starts_of(restrict ioa acts) = starts_of(ioa) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	326	trans_of(restrict ioa acts) = trans_of(ioa) &
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	327	reachable (restrict ioa acts) s = reachable ioa s"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	328	apply (simp add: is_execution_fragment_def executions_def
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	329	reachable_def restrict_def ioa_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	330	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	331
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	332	lemma asig_of_par: "asig_of(A \|\| B) = asig_comp (asig_of A) (asig_of B)"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	333	apply (simp add: par_def ioa_projections)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	334	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	335
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	336
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	337	lemma externals_of_par: "externals(asig_of(A1\|\|A2)) =
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	338	(externals(asig_of(A1)) Un externals(asig_of(A2)))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	339	apply (simp add: externals_def asig_of_par asig_comp_def
26806 40b411ec05aa Adapted to encoding of sets as predicates berghofe parents: 24742 diff changeset	340	asig_inputs_def asig_outputs_def Un_def set_diff_eq)
19801 b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	341	apply blast
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	342	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	343
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	344	lemma ext1_is_not_int2:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	345	"[\| compat_ioas A1 A2; a:externals(asig_of(A1))\|] ==> a~:internals(asig_of(A2))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	346	apply (unfold externals_def actions_def compat_ioas_def compat_asigs_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	347	apply auto
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	348	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	349
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	350	lemma ext2_is_not_int1:
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	351	"[\| compat_ioas A2 A1 ; a:externals(asig_of(A1))\|] ==> a~:internals(asig_of(A2))"
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	352	apply (unfold externals_def actions_def compat_ioas_def compat_asigs_def)
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	353	apply auto
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	354	done
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	355
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	356	lemmas ext1_ext2_is_not_act2 = ext1_is_not_int2 [THEN int_and_ext_is_act]
b2af2549efd1 removed obsolete ML files; wenzelm parents: 17288 diff changeset	357	and ext1_ext2_is_not_act1 = ext2_is_not_int1 [THEN int_and_ext_is_act]
17288 aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	358
aa3833fb7bee converted to Isar theory format; wenzelm parents: 11482 diff changeset	359	end

author	blanchet
	Thu, 22 Apr 2010 15:01:36 +0200
changeset 36288	156e4f179bb0
parent 26806	40b411ec05aa
child 36862	952b2b102a0a
permissions	-rw-r--r--