64 |
64 |
65 unchanged_def: "(s,t) |= unchanged v == (v t = v s)" |
65 unchanged_def: "(s,t) |= unchanged v == (v t = v s)" |
66 |
66 |
67 defs |
67 defs |
68 square_def: "ACT [A]_v == ACT (A | unchanged v)" |
68 square_def: "ACT [A]_v == ACT (A | unchanged v)" |
69 angle_def: "ACT <A>_v == ACT (A & ~ unchanged v)" |
69 angle_def: "ACT <A>_v == ACT (A & \<not> unchanged v)" |
70 |
70 |
71 enabled_def: "s |= Enabled A == EX u. (s,u) |= A" |
71 enabled_def: "s |= Enabled A == \<exists>u. (s,u) |= A" |
72 |
72 |
73 |
73 |
74 (* The following assertion specializes "intI" for any world type |
74 (* The following assertion specializes "intI" for any world type |
75 which is a pair, not just for "state * state". |
75 which is a pair, not just for "state * state". |
76 *) |
76 *) |
77 |
77 |
78 lemma actionI [intro!]: |
78 lemma actionI [intro!]: |
79 assumes "!!s t. (s,t) |= A" |
79 assumes "\<And>s t. (s,t) |= A" |
80 shows "|- A" |
80 shows "|- A" |
81 apply (rule assms intI prod.induct)+ |
81 apply (rule assms intI prod.induct)+ |
82 done |
82 done |
83 |
83 |
84 lemma actionD [dest]: "|- A ==> (s,t) |= A" |
84 lemma actionD [dest]: "|- A ==> (s,t) |= A" |
85 apply (erule intD) |
85 apply (erule intD) |
86 done |
86 done |
87 |
87 |
88 lemma pr_rews [int_rewrite]: |
88 lemma pr_rews [int_rewrite]: |
89 "|- (#c)` = #c" |
89 "|- (#c)` = #c" |
90 "!!f. |- f<x>` = f<x` >" |
90 "\<And>f. |- f<x>` = f<x` >" |
91 "!!f. |- f<x,y>` = f<x`,y` >" |
91 "\<And>f. |- f<x,y>` = f<x`,y` >" |
92 "!!f. |- f<x,y,z>` = f<x`,y`,z` >" |
92 "\<And>f. |- f<x,y,z>` = f<x`,y`,z` >" |
93 "|- (! x. P x)` = (! x. (P x)`)" |
93 "|- (\<forall>x. P x)` = (\<forall>x. (P x)`)" |
94 "|- (? x. P x)` = (? x. (P x)`)" |
94 "|- (\<exists>x. P x)` = (\<exists>x. (P x)`)" |
95 by (rule actionI, unfold unl_after intensional_rews, rule refl)+ |
95 by (rule actionI, unfold unl_after intensional_rews, rule refl)+ |
96 |
96 |
97 |
97 |
98 lemmas act_rews [simp] = unl_before unl_after unchanged_def pr_rews |
98 lemmas act_rews [simp] = unl_before unl_after unchanged_def pr_rews |
99 |
99 |
135 lemma idle_squareI: "(s,t) |= unchanged v ==> (s,t) |= [A]_v" |
135 lemma idle_squareI: "(s,t) |= unchanged v ==> (s,t) |= [A]_v" |
136 by (simp add: square_def) |
136 by (simp add: square_def) |
137 |
137 |
138 lemma busy_squareI: "(s,t) |= A ==> (s,t) |= [A]_v" |
138 lemma busy_squareI: "(s,t) |= A ==> (s,t) |= [A]_v" |
139 by (simp add: square_def) |
139 by (simp add: square_def) |
140 |
140 |
141 lemma squareE [elim]: |
141 lemma squareE [elim]: |
142 "[| (s,t) |= [A]_v; A (s,t) ==> B (s,t); v t = v s ==> B (s,t) |] ==> B (s,t)" |
142 "[| (s,t) |= [A]_v; A (s,t) ==> B (s,t); v t = v s ==> B (s,t) |] ==> B (s,t)" |
143 apply (unfold square_def action_rews) |
143 apply (unfold square_def action_rews) |
144 apply (erule disjE) |
144 apply (erule disjE) |
145 apply simp_all |
145 apply simp_all |
146 done |
146 done |
147 |
147 |
148 lemma squareCI [intro]: "[| v t ~= v s ==> A (s,t) |] ==> (s,t) |= [A]_v" |
148 lemma squareCI [intro]: "[| v t \<noteq> v s ==> A (s,t) |] ==> (s,t) |= [A]_v" |
149 apply (unfold square_def action_rews) |
149 apply (unfold square_def action_rews) |
150 apply (rule disjCI) |
150 apply (rule disjCI) |
151 apply (erule (1) meta_mp) |
151 apply (erule (1) meta_mp) |
152 done |
152 done |
153 |
153 |
154 lemma angleI [intro]: "!!s t. [| A (s,t); v t ~= v s |] ==> (s,t) |= <A>_v" |
154 lemma angleI [intro]: "\<And>s t. [| A (s,t); v t \<noteq> v s |] ==> (s,t) |= <A>_v" |
155 by (simp add: angle_def) |
155 by (simp add: angle_def) |
156 |
156 |
157 lemma angleE [elim]: "[| (s,t) |= <A>_v; [| A (s,t); v t ~= v s |] ==> R |] ==> R" |
157 lemma angleE [elim]: "[| (s,t) |= <A>_v; [| A (s,t); v t \<noteq> v s |] ==> R |] ==> R" |
158 apply (unfold angle_def action_rews) |
158 apply (unfold angle_def action_rews) |
159 apply (erule conjE) |
159 apply (erule conjE) |
160 apply simp |
160 apply simp |
161 done |
161 done |
162 |
162 |
163 lemma square_simulation: |
163 lemma square_simulation: |
164 "!!f. [| |- unchanged f & ~B --> unchanged g; |
164 "\<And>f. [| |- unchanged f & \<not>B --> unchanged g; |
165 |- A & ~unchanged g --> B |
165 |- A & \<not>unchanged g --> B |
166 |] ==> |- [A]_f --> [B]_g" |
166 |] ==> |- [A]_f --> [B]_g" |
167 apply clarsimp |
167 apply clarsimp |
168 apply (erule squareE) |
168 apply (erule squareE) |
169 apply (auto simp add: square_def) |
169 apply (auto simp add: square_def) |
170 done |
170 done |
171 |
171 |
172 lemma not_square: "|- (~ [A]_v) = <~A>_v" |
172 lemma not_square: "|- (\<not> [A]_v) = <\<not>A>_v" |
173 by (auto simp: square_def angle_def) |
173 by (auto simp: square_def angle_def) |
174 |
174 |
175 lemma not_angle: "|- (~ <A>_v) = [~A]_v" |
175 lemma not_angle: "|- (\<not> <A>_v) = [\<not>A]_v" |
176 by (auto simp: square_def angle_def) |
176 by (auto simp: square_def angle_def) |
177 |
177 |
178 |
178 |
179 (* ============================== Facts about ENABLED ============================== *) |
179 (* ============================== Facts about ENABLED ============================== *) |
180 |
180 |
181 lemma enabledI: "|- A --> $Enabled A" |
181 lemma enabledI: "|- A --> $Enabled A" |
182 by (auto simp add: enabled_def) |
182 by (auto simp add: enabled_def) |
183 |
183 |
184 lemma enabledE: "[| s |= Enabled A; !!u. A (s,u) ==> Q |] ==> Q" |
184 lemma enabledE: "[| s |= Enabled A; \<And>u. A (s,u) ==> Q |] ==> Q" |
185 apply (unfold enabled_def) |
185 apply (unfold enabled_def) |
186 apply (erule exE) |
186 apply (erule exE) |
187 apply simp |
187 apply simp |
188 done |
188 done |
189 |
189 |
190 lemma notEnabledD: "|- ~$Enabled G --> ~ G" |
190 lemma notEnabledD: "|- \<not>$Enabled G --> \<not> G" |
191 by (auto simp add: enabled_def) |
191 by (auto simp add: enabled_def) |
192 |
192 |
193 (* Monotonicity *) |
193 (* Monotonicity *) |
194 lemma enabled_mono: |
194 lemma enabled_mono: |
195 assumes min: "s |= Enabled F" |
195 assumes min: "s |= Enabled F" |
237 apply (rule iffI) |
237 apply (rule iffI) |
238 apply (erule enabled_disjD [action_use]) |
238 apply (erule enabled_disjD [action_use]) |
239 apply (erule disjE enabled_disj1 [action_use] enabled_disj2 [action_use])+ |
239 apply (erule disjE enabled_disj1 [action_use] enabled_disj2 [action_use])+ |
240 done |
240 done |
241 |
241 |
242 lemma enabled_ex: "|- Enabled (EX x. F x) = (EX x. Enabled (F x))" |
242 lemma enabled_ex: "|- Enabled (\<exists>x. F x) = (\<exists>x. Enabled (F x))" |
243 by (force simp add: enabled_def) |
243 by (force simp add: enabled_def) |
244 |
244 |
245 |
245 |
246 (* A rule that combines enabledI and baseE, but generates fewer instantiations *) |
246 (* A rule that combines enabledI and baseE, but generates fewer instantiations *) |
247 lemma base_enabled: |
247 lemma base_enabled: |
248 "[| basevars vs; EX c. ! u. vs u = c --> A(s,u) |] ==> s |= Enabled A" |
248 "[| basevars vs; \<exists>c. \<forall>u. vs u = c --> A(s,u) |] ==> s |= Enabled A" |
249 apply (erule exE) |
249 apply (erule exE) |
250 apply (erule baseE) |
250 apply (erule baseE) |
251 apply (rule enabledI [action_use]) |
251 apply (rule enabledI [action_use]) |
252 apply (erule allE) |
252 apply (erule allE) |
253 apply (erule mp) |
253 apply (erule mp) |