Mercurial Mercurial > repos > isabelle / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/ZF/UNITY/Guar.thy
changeset 11479 697dcaaf478f
child 12195 ed2893765a08
equal deleted inserted replaced
11478:0f57375aafce 11479:697dcaaf478f 
       
     1 (*  Title:      ZF/UNITY/Guar.thy
 
       
     2     ID:         $Id$
 
       
     3     Author:     Sidi O Ehmety, Computer Laboratory
 
       
     4     Copyright   2001  University of Cambridge
 
       
     5 
       
     6 Guarantees, etc.
 
       
     7 
       
     8 From Chandy and Sanders, "Reasoning About Program Composition",
 
       
     9 Technical Report 2000-003, University of Florida, 2000.
 
       
    10 
       
    11 Revised by Sidi Ehmety on January 2001
 
       
    12 
       
    13 Added: Compatibility, weakest guarantees, etc.
 
       
    14 
       
    15 and Weakest existential property,
 
       
    16 from Charpentier and Chandy "Theorems about Composition",
 
       
    17 Fifth International Conference on Mathematics of Program, 2000.
 
       
    18 
       
    19 Theory ported from HOL.
 
       
    20 *)
 
       
    21 Guar = Comp +
 
       
    22 constdefs
 
       
    23 
       
    24   (*Existential and Universal properties.  I formalize the two-program
 
       
    25     case, proving equivalence with Chandy and Sanders's n-ary definitions*)
 
       
    26 
       
    27    ex_prop :: i =>o
 
       
    28    "ex_prop(X) == ALL F:program. ALL G:program.
 
       
    29                   F ok G --> F:X | G:X --> (F Join G):X"
 
       
    30 
       
    31   (* Equivalent definition of ex_prop given at the end of section 3*)
 
       
    32   ex_prop2 :: i =>o
 
       
    33  "ex_prop2(X) == ALL G:program. (G:X <-> (ALL H:program. (G component_of H) --> H:X))"
 
       
    34   
       
    35   strict_ex_prop  :: i => o
 
       
    36    "strict_ex_prop(X) == ALL F:program. ALL  G:program.
 
       
    37                           F ok G --> (F:X | G: X) <-> (F Join G : X)"
 
       
    38 
       
    39 
       
    40   uv_prop  :: i => o
 
       
    41    "uv_prop(X) == SKIP:X & (ALL F:program. ALL G:program.
 
       
    42 			    F ok G --> F:X & G:X --> (F Join G):X)"
 
       
    43   
       
    44  strict_uv_prop  :: i => o
 
       
    45    "strict_uv_prop(X) == SKIP:X &
 
       
    46       (ALL F:program. ALL G:program. F ok G -->(F:X & G:X) <-> (F Join G:X))"
 
       
    47 
       
    48   guar :: [i, i] => i (infixl "guarantees" 55)
 
       
    49               (*higher than membership, lower than Co*)
 
       
    50   "X guarantees Y == {F:program. ALL G:program. F ok G --> F Join G : X --> F Join G:Y}"
 
       
    51   
       
    52   (* Weakest guarantees *)
 
       
    53    wg :: [i,i] => i
 
       
    54   "wg(F,Y) == Union({X:Pow(program). F:(X guarantees Y)})"
 
       
    55 
       
    56   (* Weakest existential property stronger than X *)
 
       
    57    wx :: "i =>i"
 
       
    58    "wx(X) == Union({Y:Pow(program). Y<=X & ex_prop(Y)})"
 
       
    59 
       
    60   (*Ill-defined programs can arise through "Join"*)
 
       
    61   welldef :: i
 
       
    62   "welldef == {F:program. Init(F) ~= 0}"
 
       
    63   
       
    64   refines :: [i, i, i] => o ("(3_ refines _ wrt _)" [10,10,10] 10)
 
       
    65   "G refines F wrt X ==
 
       
    66    ALL H:program. (F ok H  & G ok H & F Join H:welldef Int X)
 
       
    67     --> (G Join H:welldef Int X)"
 
       
    68 
       
    69   iso_refines :: [i,i, i] => o  ("(3_ iso'_refines _ wrt _)" [10,10,10] 10)
 
       
    70   "G iso_refines F wrt X ==  F:welldef Int X --> G:welldef Int X"
 
       
    71 
       
    72 end
isabelle