equal
deleted
inserted
replaced
44 |
44 |
45 ensures :: "['a set, 'a set] => 'a program set" (infixl "ensures" 60) |
45 ensures :: "['a set, 'a set] => 'a program set" (infixl "ensures" 60) |
46 "A ensures B == (A-B co A \<union> B) \<inter> transient (A-B)" |
46 "A ensures B == (A-B co A \<union> B) \<inter> transient (A-B)" |
47 |
47 |
48 |
48 |
49 consts |
49 inductive_set |
50 |
|
51 leads :: "'a program => ('a set * 'a set) set" |
50 leads :: "'a program => ('a set * 'a set) set" |
52 --{*LEADS-TO constant for the inductive definition*} |
51 --{*LEADS-TO constant for the inductive definition*} |
53 |
52 for F :: "'a program" |
54 |
53 where |
55 inductive "leads F" |
|
56 intros |
|
57 |
54 |
58 Basis: "F \<in> A ensures B ==> (A,B) \<in> leads F" |
55 Basis: "F \<in> A ensures B ==> (A,B) \<in> leads F" |
59 |
56 |
60 Trans: "[| (A,B) \<in> leads F; (B,C) \<in> leads F |] ==> (A,C) \<in> leads F" |
57 | Trans: "[| (A,B) \<in> leads F; (B,C) \<in> leads F |] ==> (A,C) \<in> leads F" |
61 |
58 |
62 Union: "\<forall>A \<in> S. (A,B) \<in> leads F ==> (Union S, B) \<in> leads F" |
59 | Union: "\<forall>A \<in> S. (A,B) \<in> leads F ==> (Union S, B) \<in> leads F" |
63 |
60 |
64 |
61 |
65 constdefs |
62 constdefs |
66 |
63 |
67 leadsTo :: "['a set, 'a set] => 'a program set" (infixl "leadsTo" 60) |
64 leadsTo :: "['a set, 'a set] => 'a program set" (infixl "leadsTo" 60) |