isabelle: src/HOL/IOA/NTP/Correctness.ML@5a5e508e2a2b (annotated)

1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	1	(* Title: HOL/IOA/NTP/Correctness.ML
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	2	ID: $Id$
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	3	Author: Tobias Nipkow & Konrad Slind
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	4	Copyright 1994 TU Muenchen
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	5
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	6	The main correctness proof: Impl implements Spec
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	7	*)
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	8
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	9
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	10	open Impl Spec;
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	11
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	12	val hom_ioas = [Spec.ioa_def, Spec.trans_def,
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	13	Sender.sender_trans_def,Receiver.receiver_trans_def]
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	14	@ impl_ioas;
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	15
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	16	val impl_asigs = [Sender.sender_asig_def,Receiver.receiver_asig_def,
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	17	Abschannel.srch_asig_def,Abschannel.rsch_asig_def];
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	18
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	19	(* Two simpsets: - !simpset is basic, ss' unfolds hom_ioas *)
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	20
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	21	Delsimps [split_paired_All];
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	22
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	23	val ss' = (!simpset addsimps hom_ioas);
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	24
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	25
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	26	(* A lemma about restricting the action signature of the implementation
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	27	* to that of the specification.
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	28	****************************)
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	29	goal Correctness.thy
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	30	"a:externals(asig_of(restrict impl_ioa (externals spec_sig))) = \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	31	\ (case a of \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	32	\ S_msg(m) => True \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	33	\ \| R_msg(m) => True \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	34	\ \| S_pkt(pkt) => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	35	\ \| R_pkt(pkt) => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	36	\ \| S_ack(b) => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	37	\ \| R_ack(b) => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	38	\ \| C_m_s => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	39	\ \| C_m_r => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	40	\ \| C_r_s => False \
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	41	\ \| C_r_r(m) => False)";
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	42	by(simp_tac (!simpset addsimps ([externals_def, restrict_def,
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	43	restrict_asig_def, Spec.sig_def]
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	44	@asig_projections)) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	45
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	46	by(Action.action.induct_tac "a" 1);
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	47	by(ALLGOALS(simp_tac (!simpset addsimps [actions_def]@asig_projections)));
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	48	(* 2 *)
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	49	by (simp_tac (!simpset addsimps impl_ioas) 1);
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	50	by (simp_tac (!simpset addsimps impl_asigs) 1);
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	51	by (simp_tac (!simpset addsimps
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	52	[asig_of_par, asig_comp_def]@asig_projections) 1);
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	53	by (simp_tac rename_ss 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	54	(* 1 *)
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	55	by (simp_tac (!simpset addsimps impl_ioas) 1);
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	56	by (simp_tac (!simpset addsimps impl_asigs) 1);
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	57	by (simp_tac (!simpset addsimps
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	58	[asig_of_par, asig_comp_def]@asig_projections) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	59	qed "externals_lemma";
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	60
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	61
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	62	val sels = [Sender.sbit_def, Sender.sq_def, Sender.ssending_def,
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	63	Receiver.rbit_def, Receiver.rq_def, Receiver.rsending_def];
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	64
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	65
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	66
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	67	(* Proof of correctness *)
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	68	goalw Correctness.thy [Spec.ioa_def, Solve.is_weak_pmap_def]
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	69	"is_weak_pmap hom (restrict impl_ioa (externals spec_sig)) spec_ioa";
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	70	by(simp_tac (!simpset addsimps
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	71	[Correctness.hom_def,
9a449a91425d * empty log message * mueller parents: 1266 diff changeset	72	cancel_restrict,externals_lemma]) 1);
1465 5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	73	by (rtac conjI 1);
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	74	by(simp_tac ss' 1);
1465 5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	75	by (rtac ballI 1);
5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	76	by (dtac CollectD 1);
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	77	by(asm_simp_tac (!simpset addsimps sels) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	78	by(REPEAT(rtac allI 1));
1465 5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	79	by (rtac imp_conj_lemma 1); (* from lemmas.ML *)
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	80
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	81	by(Action.action.induct_tac "a" 1);
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	82	by(asm_simp_tac (ss' setloop (split_tac [expand_if])) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	83	by(forward_tac [inv4] 1);
1949 1badf0b08040 Simplified some proofs for compatibility with miniscoping paulson parents: 1894 diff changeset	84	by (fast_tac (!claset addss (!simpset addsimps [neq_Nil_conv])) 1);
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	85	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	86	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	87	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	88	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	89	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	90	by(simp_tac ss' 1);
3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	91	by(simp_tac ss' 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	92
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	93	by(asm_simp_tac ss' 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	94	by(forward_tac [inv4] 1);
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	95	by(forward_tac [inv2] 1);
1465 5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	96	by (etac disjE 1);
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	97	by(Asm_simp_tac 1);
1949 1badf0b08040 Simplified some proofs for compatibility with miniscoping paulson parents: 1894 diff changeset	98	by (fast_tac (!claset addss (!simpset addsimps [neq_Nil_conv])) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	99
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	100	by(asm_simp_tac ss' 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	101	by(forward_tac [inv2] 1);
1465 5d7a7e439cec expanded tabs clasohm parents: 1342 diff changeset	102	by (etac disjE 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	103
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	104	by(forward_tac [inv3] 1);
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	105	by(case_tac "sq(sen(s))=[]" 1);
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	106
1266 3ae9fe3c0f68 added local simpsets clasohm parents: 1051 diff changeset	107	by(asm_full_simp_tac ss' 1);
1894 c2c8279d40f0 Classical tactics now use default claset. berghofe parents: 1465 diff changeset	108	by(fast_tac (!claset addSDs [add_leD1 RS leD]) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	109
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	110	by(case_tac "m = hd(sq(sen(s)))" 1);
4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	111
1949 1badf0b08040 Simplified some proofs for compatibility with miniscoping paulson parents: 1894 diff changeset	112	by (fast_tac (!claset addss (!simpset addsimps [neq_Nil_conv])) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	113
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	114	by(Asm_full_simp_tac 1);
1894 c2c8279d40f0 Classical tactics now use default claset. berghofe parents: 1465 diff changeset	115	by(fast_tac (!claset addSDs [add_leD1 RS leD]) 1);
1051 4fcd0638e61d Directory example is now called NTP nipkow parents: diff changeset	116
1328 9a449a91425d * empty log message * mueller parents: 1266 diff changeset	117	by(Asm_full_simp_tac 1);
1342 f6651b6b0482 * empty log message * mueller parents: 1328 diff changeset	118	qed"ntp_correct";

author	paulson
	Mon, 07 Oct 1996 10:55:51 +0200
changeset 2064	5a5e508e2a2b
parent 1949	1badf0b08040
child 2513	d708d8cdc8e8
permissions	-rw-r--r--