isabelle: src/HOL/UNITY/Traces.ML@1f9362e769c1 (annotated)

4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	1	open Traces;
1f9362e769c1 New UNITY theory paulson parents: diff changeset	2
1f9362e769c1 New UNITY theory paulson parents: diff changeset	3	goal thy "reachable Init Acts <= {s. EX evs. s#evs: traces Init Acts}";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	4	by (rtac subsetI 1);
1f9362e769c1 New UNITY theory paulson parents: diff changeset	5	be reachable.induct 1;
1f9362e769c1 New UNITY theory paulson parents: diff changeset	6	by (REPEAT (blast_tac (claset() addIs traces.intrs) 1));
1f9362e769c1 New UNITY theory paulson parents: diff changeset	7	val lemma1 = result();
1f9362e769c1 New UNITY theory paulson parents: diff changeset	8
1f9362e769c1 New UNITY theory paulson parents: diff changeset	9	goal thy "!!evs. evs : traces Init Acts \
1f9362e769c1 New UNITY theory paulson parents: diff changeset	10	\ ==> ALL s evs'. evs = s#evs' --> s: reachable Init Acts";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	11	be traces.induct 1;
1f9362e769c1 New UNITY theory paulson parents: diff changeset	12	by (REPEAT (blast_tac (claset() addIs reachable.intrs) 1));
1f9362e769c1 New UNITY theory paulson parents: diff changeset	13	val lemma2 = normalize_thm [RSmp, RSspec] (result());
1f9362e769c1 New UNITY theory paulson parents: diff changeset	14
1f9362e769c1 New UNITY theory paulson parents: diff changeset	15	goal thy "{s. EX evs. s#evs: traces Init Acts} <= reachable Init Acts";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	16	by (blast_tac (claset() addIs [lemma2]) 1);
1f9362e769c1 New UNITY theory paulson parents: diff changeset	17	val lemma3 = result();
1f9362e769c1 New UNITY theory paulson parents: diff changeset	18
1f9362e769c1 New UNITY theory paulson parents: diff changeset	19	goal thy "reachable Init Acts = {s. EX evs. s#evs: traces Init Acts}";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	20	by (rtac ([lemma1,lemma3] MRS equalityI) 1);
1f9362e769c1 New UNITY theory paulson parents: diff changeset	21	qed "reachable_eq_traces";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	22
1f9362e769c1 New UNITY theory paulson parents: diff changeset	23
1f9362e769c1 New UNITY theory paulson parents: diff changeset	24	(Could/should this be proved?)
1f9362e769c1 New UNITY theory paulson parents: diff changeset	25	goal thy "reachable Init Acts = (UN evs: traces Init Acts. set evs)";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	26
1f9362e769c1 New UNITY theory paulson parents: diff changeset	27
1f9362e769c1 New UNITY theory paulson parents: diff changeset	28	(The strongest invariant is the set of all reachable states!)
1f9362e769c1 New UNITY theory paulson parents: diff changeset	29	goalw thy [stable_def, constrains_def]
1f9362e769c1 New UNITY theory paulson parents: diff changeset	30	"!!A. [\| Init<=A; stable Acts A \|] ==> reachable Init Acts <= A";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	31	by (rtac subsetI 1);
1f9362e769c1 New UNITY theory paulson parents: diff changeset	32	be reachable.induct 1;
1f9362e769c1 New UNITY theory paulson parents: diff changeset	33	by (REPEAT (blast_tac (claset() addIs reachable.intrs) 1));
1f9362e769c1 New UNITY theory paulson parents: diff changeset	34	qed "strongest_invariant";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	35
1f9362e769c1 New UNITY theory paulson parents: diff changeset	36	goal thy "stable Acts (reachable Init Acts)";
1f9362e769c1 New UNITY theory paulson parents: diff changeset	37	by (REPEAT (blast_tac (claset() addIs [stableI, constrainsI]
1f9362e769c1 New UNITY theory paulson parents: diff changeset	38	addIs reachable.intrs) 1));
1f9362e769c1 New UNITY theory paulson parents: diff changeset	39	qed "stable_reachable";

author	paulson
	Fri, 03 Apr 1998 12:34:33 +0200
changeset 4776	1f9362e769c1
child 5069	3ea049f7979d
permissions	-rw-r--r--