isabelle: src/HOLCF/IOA/meta_theory/SimCorrectness.ML@6536fb8c9fc6 (annotated)

4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	1	(* Title: HOLCF/IOA/meta_theory/SimCorrectness.ML
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	2	ID: $Id$
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	3	Author: Olaf Mueller
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	4	Copyright 1996 TU Muenchen
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	5
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	6	Correctness of Simulations in HOLCF/IOA
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	7	*)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	8
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	9
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	10
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	11	(* -------------------------------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	12
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	13	section "corresp_ex_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	14
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	15
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	16	(* ---------------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	17	(* corresp_ex_simC *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	18	(* ---------------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	19
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	20
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	21	Goal "corresp_ex_simC A R = (LAM ex. (%s. case ex of \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	22	\ nil => nil \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	23	\ \| x##xs => (flift1 (%pr. let a = (fst pr); t = (snd pr); \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	24	\ T' = @t'. ? ex1. (t,t'):R & move A ex1 s a t' \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	25	\ in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	26	\ (@cex. move A cex s a T') \
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	27	\ @@ ((corresp_ex_simC A R $xs) T')) \
f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	28	\ $x) ))";
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	29	by (rtac trans 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	30	by (rtac fix_eq2 1);
24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	31	by (rtac corresp_ex_simC_def 1);
24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	32	by (rtac beta_cfun 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	33	by (simp_tac (simpset() addsimps [flift1_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	34	qed"corresp_ex_simC_unfold";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	35
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	36	Goal "(corresp_ex_simC A R$UU) s=UU";
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	37	by (stac corresp_ex_simC_unfold 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	38	by (Simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	39	qed"corresp_ex_simC_UU";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	40
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	41	Goal "(corresp_ex_simC A R$nil) s = nil";
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	42	by (stac corresp_ex_simC_unfold 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	43	by (Simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	44	qed"corresp_ex_simC_nil";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	45
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	46	Goal "(corresp_ex_simC A R$((a,t)>>xs)) s = \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	47	\ (let T' = @t'. ? ex1. (t,t'):R & move A ex1 s a t' \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	48	\ in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	49	\ (@cex. move A cex s a T') \
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	50	\ @@ ((corresp_ex_simC A R$xs) T'))";
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	51	by (rtac trans 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	52	by (stac corresp_ex_simC_unfold 1);
7229 6773ba0c36d5 renamed Cons to Consq in order to avoid clash with List.Cons; wenzelm parents: 6161 diff changeset	53	by (asm_full_simp_tac (simpset() addsimps [Consq_def,flift1_def]) 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	54	by (Simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	55	qed"corresp_ex_simC_cons";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	56
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	57
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	58	Addsimps [corresp_ex_simC_UU,corresp_ex_simC_nil,corresp_ex_simC_cons];
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	59
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	60
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	61
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	62	(* ------------------------------------------------------------------ *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	63	(* The following lemmata describe the definition *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	64	(* of move in more detail *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	65	(* ------------------------------------------------------------------ *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	66
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	67	section"properties of move";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	68
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	69	Delsimps [Let_def];
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	70
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	71	Goalw [is_simulation_def]
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	72	"[\|is_simulation R C A; reachable C s; s -a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	73	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	74	\ (t,T'): R & move A (@ex2. move A ex2 s' a T') s' a T'";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	75
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	76	(* Does not perform conditional rewriting on assumptions automatically as
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	77	usual. Instantiate all variables per hand. Ask Tobias?? *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	78	by (subgoal_tac "? t' ex. (t,t'):R & move A ex s' a t'" 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	79	by (Asm_full_simp_tac 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	80	by (etac conjE 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	81	by (eres_inst_tac [("x","s")] allE 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	82	by (eres_inst_tac [("x","s'")] allE 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	83	by (eres_inst_tac [("x","t")] allE 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	84	by (eres_inst_tac [("x","a")] allE 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	85	by (Asm_full_simp_tac 2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	86	(* Go on as usual *)
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	87	by (etac exE 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	88	by (dres_inst_tac [("x","t'"),
9970 dfe4747c8318 the final renaming: selectI -> someI paulson parents: 9969 diff changeset	89	("P","%t'. ? ex.(t,t'):R & move A ex s' a t'")] someI 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	90	by (etac exE 1);
24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	91	by (etac conjE 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	92	by (asm_full_simp_tac (simpset() addsimps [Let_def]) 1);
9970 dfe4747c8318 the final renaming: selectI -> someI paulson parents: 9969 diff changeset	93	by (res_inst_tac [("x","ex")] someI 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	94	by (etac conjE 1);
24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	95	by (assume_tac 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	96	qed"move_is_move_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	97
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	98
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	99	Addsimps [Let_def];
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	100
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	101	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	102	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	103	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	104	\ is_exec_frag A (s',@x. move A x s' a T')";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	105	by (cut_inst_tac [] move_is_move_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	106	by (REPEAT (assume_tac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	107	by (asm_full_simp_tac (simpset() addsimps [move_def,Let_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	108	qed"move_subprop1_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	109
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	110	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	111	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	112	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	113	\ Finite (@x. move A x s' a T')";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	114	by (cut_inst_tac [] move_is_move_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	115	by (REPEAT (assume_tac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	116	by (asm_full_simp_tac (simpset() addsimps [move_def,Let_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	117	qed"move_subprop2_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	118
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	119	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	120	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	121	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	122	\ laststate (s',@x. move A x s' a T') = T'";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	123	by (cut_inst_tac [] move_is_move_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	124	by (REPEAT (assume_tac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	125	by (asm_full_simp_tac (simpset() addsimps [move_def,Let_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	126	qed"move_subprop3_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	127
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	128	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	129	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	130	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	131	\ mk_trace A$((@x. move A x s' a T')) = \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	132	\ (if a:ext A then a>>nil else nil)";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	133	by (cut_inst_tac [] move_is_move_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	134	by (REPEAT (assume_tac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	135	by (asm_full_simp_tac (simpset() addsimps [move_def,Let_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	136	qed"move_subprop4_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	137
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	138	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	139	"[\|is_simulation R C A; reachable C s; s-a--C-> t; (s,s'):R\|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	140	\ let T' = @t'. ? ex1. (t,t'):R & move A ex1 s' a t' in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	141	\ (t,T'):R";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	142	by (cut_inst_tac [] move_is_move_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	143	by (REPEAT (assume_tac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	144	by (asm_full_simp_tac (simpset() addsimps [move_def,Let_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	145	qed"move_subprop5_sim";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	146
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	147	(* ------------------------------------------------------------------ *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	148	(* The following lemmata contribute to *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	149	(* TRACE INCLUSION Part 1: Traces coincide *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	150	(* ------------------------------------------------------------------ *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	151
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	152	section "Lemmata for <==";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	153
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	154
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	155	(* ------------------------------------------------------
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	156	Lemma 1 :Traces coincide
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	157	------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	158
4833 2e53109d4bc8 Renamed expand_const -> split_const nipkow parents: 4681 diff changeset	159	Delsplits[split_if];
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	160	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	161	"[\|is_simulation R C A; ext C = ext A\|] ==> \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	162	\ !s s'. reachable C s & is_exec_frag C (s,ex) & (s,s'): R --> \
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	163	\ mk_trace C$ex = mk_trace A$((corresp_ex_simC A R$ex) s')";
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	164
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	165	by (pair_induct_tac "ex" [is_exec_frag_def] 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	166	(* cons case *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	167	by (safe_tac set_cs);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	168	ren "ex a t s s'" 1;
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	169	by (asm_full_simp_tac (simpset() addsimps [mk_traceConc]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	170	by (forward_tac [reachable.reachable_n] 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	171	by (assume_tac 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	172	by (eres_inst_tac [("x","t")] allE 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	173	by (eres_inst_tac [("x",
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	174	"@t'. ? ex1. (t,t'):R & move A ex1 s' a t'")]
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	175	allE 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	176	by (Asm_full_simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	177	by (asm_full_simp_tac (simpset() addsimps
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	178	[rewrite_rule [Let_def] move_subprop5_sim,
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	179	rewrite_rule [Let_def] move_subprop4_sim]
4833 2e53109d4bc8 Renamed expand_const -> split_const nipkow parents: 4681 diff changeset	180	addsplits [split_if]) 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	181	qed_spec_mp"traces_coincide_sim";
4833 2e53109d4bc8 Renamed expand_const -> split_const nipkow parents: 4681 diff changeset	182	Addsplits[split_if];
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	183
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	184
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	185	(* ----------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	186	(* Lemma 2 : corresp_ex_sim is execution *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	187	(* ----------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	188
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	189
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	190	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	191	"[\| is_simulation R C A \|] ==>\
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	192	\ !s s'. reachable C s & is_exec_frag C (s,ex) & (s,s'):R \
10835 f4745d77e620 ` -> $ nipkow parents: 9970 diff changeset	193	\ --> is_exec_frag A (s',(corresp_ex_simC A R$ex) s')";
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	194
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	195	by (Asm_full_simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	196	by (pair_induct_tac "ex" [is_exec_frag_def] 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	197	(* main case *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	198	by (safe_tac set_cs);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	199	ren "ex a t s s'" 1;
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	200	by (res_inst_tac [("t",
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	201	"@t'. ? ex1. (t,t'):R & move A ex1 s' a t'")]
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	202	lemma_2_1 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	203
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	204	(* Finite *)
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	205	by (etac (rewrite_rule [Let_def] move_subprop2_sim) 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	206	by (REPEAT (atac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	207	by (rtac conjI 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	208
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	209	(* is_exec_frag *)
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	210	by (etac (rewrite_rule [Let_def] move_subprop1_sim) 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	211	by (REPEAT (atac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	212	by (rtac conjI 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	213
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	214	(* Induction hypothesis *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	215	(* reachable_n looping, therefore apply it manually *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	216	by (eres_inst_tac [("x","t")] allE 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	217	by (eres_inst_tac [("x",
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	218	"@t'. ? ex1. (t,t'):R & move A ex1 s' a t'")]
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	219	allE 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	220	by (Asm_full_simp_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	221	by (forward_tac [reachable.reachable_n] 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	222	by (assume_tac 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	223	by (asm_full_simp_tac (simpset() addsimps
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	224	[rewrite_rule [Let_def] move_subprop5_sim]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	225	(* laststate *)
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	226	by (etac ((rewrite_rule [Let_def] move_subprop3_sim) RS sym) 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	227	by (REPEAT (atac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	228	qed_spec_mp"correspsim_is_execution";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	229
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	230
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	231	(* -------------------------------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	232
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	233	section "Main Theorem: T R A C E - I N C L U S I O N";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	234
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	235	(* -------------------------------------------------------------------------------- *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	236
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	237	(* generate condition (s,S'):R & S':starts_of A, the first being intereting
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	238	for the induction cases concerning the two lemmas correpsim_is_execution and
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	239	traces_coincide_sim, the second for the start state case.
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	240	S':= @s'. (s,s'):R & s':starts_of A, where s:starts_of C *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	241
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	242	Goal
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	243	"[\| is_simulation R C A; s:starts_of C \|] \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	244	\ ==> let S' = @s'. (s,s'):R & s':starts_of A in \
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	245	\ (s,S'):R & S':starts_of A";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	246	by (asm_full_simp_tac (simpset() addsimps [is_simulation_def,
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	247	corresp_ex_sim_def, Int_non_empty,Image_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	248	by (REPEAT (etac conjE 1));
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	249	by (etac ballE 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	250	by (Blast_tac 2);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	251	by (etac exE 1);
9969 4753185f1dd2 renamed (most of...) the select rules paulson parents: 7229 diff changeset	252	by (rtac someI2 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	253	by (assume_tac 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	254	by (Blast_tac 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	255	qed"simulation_starts";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	256
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	257	bind_thm("sim_starts1",(rewrite_rule [Let_def] simulation_starts) RS conjunct1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	258	bind_thm("sim_starts2",(rewrite_rule [Let_def] simulation_starts) RS conjunct2);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	259
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	260
5068 fb28eaa07e01 isatool fixgoal; wenzelm parents: 4833 diff changeset	261	Goalw [traces_def]
6161 bc2a76ce1ea3 tidied paulson parents: 5132 diff changeset	262	"[\| ext C = ext A; is_simulation R C A \|] \
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	263	\ ==> traces C <= traces A";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	264
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	265	by (simp_tac(simpset() addsimps [has_trace_def2])1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	266	by (safe_tac set_cs);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	267
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	268	(* give execution of abstract automata *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	269	by (res_inst_tac[("x","corresp_ex_sim A R ex")] bexI 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	270
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	271	(* Traces coincide, Lemma 1 *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	272	by (pair_tac "ex" 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	273	ren "s ex" 1;
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	274	by (simp_tac (simpset() addsimps [corresp_ex_sim_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	275	by (res_inst_tac [("s","s")] traces_coincide_sim 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	276	by (REPEAT (atac 1));
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	277	by (asm_full_simp_tac (simpset() addsimps [executions_def,
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	278	reachable.reachable_0,sim_starts1]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	279
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	280	(* corresp_ex_sim is execution, Lemma 2 *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	281	by (pair_tac "ex" 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	282	by (asm_full_simp_tac (simpset() addsimps [executions_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	283	ren "s ex" 1;
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	284
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	285	(* start state *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	286	by (rtac conjI 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	287	by (asm_full_simp_tac (simpset() addsimps [sim_starts2,
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	288	corresp_ex_sim_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	289
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	290	(* is-execution-fragment *)
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	291	by (asm_full_simp_tac (simpset() addsimps [corresp_ex_sim_def]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	292	by (res_inst_tac [("s","s")] correspsim_is_execution 1);
5132 24f992a25adc isatool expandshort; wenzelm parents: 5068 diff changeset	293	by (assume_tac 1);
4565 ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	294	by (asm_full_simp_tac (simpset() addsimps [reachable.reachable_0,sim_starts1]) 1);
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	295	qed"trace_inclusion_for_simulations";
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	296
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	297
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	298
ea467ce15040 added forward simulation correectness; mueller parents: diff changeset	299

author	paulson
	Mon, 21 May 2001 14:46:30 +0200
changeset 11318	6536fb8c9fc6
parent 10835	f4745d77e620
child 12218	6597093b77e7
permissions	-rw-r--r--