isabelle: src/HOLCF/IOA/Modelcheck/Cockpit.thy@e5911a25d094 (annotated)

6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	1
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	2	Cockpit = MuIOAOracle +
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	3
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	4	datatype 'a action = Alarm 'a \| Info 'a \| Ack 'a
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	5	datatype event = NONE \| PonR \| Eng \| Fue
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	6
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	7
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	8	(*This cockpit automaton is a deeply simplified version of the
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	9	control component of a helicopter alarm system considered in a study
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	10	of ESG. Some properties will be proved by using model checker
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	11	mucke.*)
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	12
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	13	automaton cockpit =
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	14	signature
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	15	actions event action
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	16	inputs "Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	17	outputs "Ack a","Info a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	18	states
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	19	APonR_incl :: bool
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	20	info :: event
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	21	initially "info=NONE & ~APonR_incl"
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	22	transitions
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	23	"Alarm a"
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	24	post info:="if (a=NONE) then info else a",
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	25	APonR_incl:="if (a=PonR) then True else APonR_incl"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	26	"Info a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	27	pre "(a=info)"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	28	"Ack a"
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	29	pre "(a=PonR --> APonR_incl) & (a=NONE --> ~APonR_incl)"
86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	30	post info:="NONE",APonR_incl:="if (a=PonR) then False else APonR_incl"
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	31
8733 3213613a775a renamed 'hide' to 'hide_action'; wenzelm parents: 7299 diff changeset	32	automaton cockpit_hide = hide_action "Info a" in cockpit
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	33
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	34
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	35	(*Subsequent automata express the properties to be proved, see also
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	36	Cockpit.ML*)
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	37
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	38	automaton Al_before_Ack =
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	39	signature
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	40	actions event action
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	41	inputs "Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	42	outputs "Ack a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	43	states
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	44	APonR_incl :: bool
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	45	initially "~APonR_incl"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	46	transitions
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	47	"Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	48	post APonR_incl:="if (a=PonR) then True else APonR_incl"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	49	"Ack a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	50	pre "(a=PonR --> APonR_incl)"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	51	post APonR_incl:="if (a=PonR) then False else APonR_incl"
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	52
08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	53	automaton Info_while_Al =
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	54	signature
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	55	actions event action
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	56	inputs "Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	57	outputs "Ack a", "Info i"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	58	states
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	59	info_at_Pon :: bool
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	60	initially "~info_at_Pon"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	61	transitions
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	62	"Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	63	post
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	64	info_at_Pon:="if (a=PonR) then True else (if (a=NONE) then info_at_Pon else False)"
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	65	"Info a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	66	pre "(a=PonR) --> info_at_Pon"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	67	"Ack a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	68	post info_at_Pon:="False"
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	69
08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	70	automaton Info_before_Al =
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	71	signature
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	72	actions event action
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	73	inputs "Alarm a"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	74	outputs "Ack a", "Info i"
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	75	states
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	76	info_at_NONE :: bool
86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	77	initially "info_at_NONE"
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	78	transitions
743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	79	"Alarm a"
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	80	post info_at_NONE:="if (a=NONE) then info_at_NONE else False"
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	81	"Info a"
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	82	pre "(a=NONE) --> info_at_NONE"
7299 743b22579a2f quite a lot of tuning and cleanup; wenzelm parents: 6471 diff changeset	83	"Ack a"
10127 86269867de34 renamed "None" to "NONE" (avoid clash with option type); wenzelm parents: 8733 diff changeset	84	post info_at_NONE:="True"
6471 08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	85
08d12ef5fc19 added translation from IOA to mucalculus and corresponding modelchecker examples; mueller parents: diff changeset	86	end

author	wenzelm
	Sat, 27 Oct 2001 00:07:19 +0200
changeset 11961	e5911a25d094
parent 10127	86269867de34
child 17244	0b2ff9541727
permissions	-rw-r--r--