469 done |
469 done |
470 |
470 |
471 |
471 |
472 (**** EXTEND/PROJECT PROPERTIES ****) |
472 (**** EXTEND/PROJECT PROPERTIES ****) |
473 |
473 |
474 lemma (in Extend) givenBy_o_eq_extend_set: |
474 context Extend |
|
475 begin |
|
476 |
|
477 lemma givenBy_o_eq_extend_set: |
475 "givenBy (v o f) = extend_set h ` (givenBy v)" |
478 "givenBy (v o f) = extend_set h ` (givenBy v)" |
476 apply (simp add: givenBy_eq_Collect) |
479 apply (simp add: givenBy_eq_Collect) |
477 apply (rule equalityI, best) |
480 apply (rule equalityI, best) |
478 apply blast |
481 apply blast |
479 done |
482 done |
480 |
483 |
481 lemma (in Extend) givenBy_eq_extend_set: "givenBy f = range (extend_set h)" |
484 lemma givenBy_eq_extend_set: "givenBy f = range (extend_set h)" |
482 by (simp add: givenBy_eq_Collect, best) |
485 by (simp add: givenBy_eq_Collect, best) |
483 |
486 |
484 lemma (in Extend) extend_set_givenBy_I: |
487 lemma extend_set_givenBy_I: |
485 "D : givenBy v ==> extend_set h D : givenBy (v o f)" |
488 "D : givenBy v ==> extend_set h D : givenBy (v o f)" |
486 apply (simp (no_asm_use) add: givenBy_eq_all, blast) |
489 apply (simp (no_asm_use) add: givenBy_eq_all, blast) |
487 done |
490 done |
488 |
491 |
489 lemma (in Extend) leadsETo_imp_extend_leadsETo: |
492 lemma leadsETo_imp_extend_leadsETo: |
490 "F : A leadsTo[CC] B |
493 "F : A leadsTo[CC] B |
491 ==> extend h F : (extend_set h A) leadsTo[extend_set h ` CC] |
494 ==> extend h F : (extend_set h A) leadsTo[extend_set h ` CC] |
492 (extend_set h B)" |
495 (extend_set h B)" |
493 apply (erule leadsETo_induct) |
496 apply (erule leadsETo_induct) |
494 apply (force intro: subset_imp_ensures |
497 apply (force intro: subset_imp_ensures |
498 done |
501 done |
499 |
502 |
500 |
503 |
501 (*This version's stronger in the "ensures" precondition |
504 (*This version's stronger in the "ensures" precondition |
502 BUT there's no ensures_weaken_L*) |
505 BUT there's no ensures_weaken_L*) |
503 lemma (in Extend) Join_project_ensures_strong: |
506 lemma Join_project_ensures_strong: |
504 "[| project h C G ~: transient (project_set h C Int (A-B)) | |
507 "[| project h C G ~: transient (project_set h C Int (A-B)) | |
505 project_set h C Int (A - B) = {}; |
508 project_set h C Int (A - B) = {}; |
506 extend h F\<squnion>G : stable C; |
509 extend h F\<squnion>G : stable C; |
507 F\<squnion>project h C G : (project_set h C Int A) ensures B |] |
510 F\<squnion>project h C G : (project_set h C Int A) ensures B |] |
508 ==> extend h F\<squnion>G : (C Int extend_set h A) ensures (extend_set h B)" |
511 ==> extend h F\<squnion>G : (C Int extend_set h A) ensures (extend_set h B)" |
510 apply (rule Join_project_ensures) |
513 apply (rule Join_project_ensures) |
511 apply (auto simp add: Int_Diff) |
514 apply (auto simp add: Int_Diff) |
512 done |
515 done |
513 |
516 |
514 (*NOT WORKING. MODIFY AS IN Project.thy |
517 (*NOT WORKING. MODIFY AS IN Project.thy |
515 lemma (in Extend) pld_lemma: |
518 lemma pld_lemma: |
516 "[| extend h F\<squnion>G : stable C; |
519 "[| extend h F\<squnion>G : stable C; |
517 F\<squnion>project h C G : (project_set h C Int A) leadsTo[(%D. project_set h C Int D)`givenBy v] B; |
520 F\<squnion>project h C G : (project_set h C Int A) leadsTo[(%D. project_set h C Int D)`givenBy v] B; |
518 G : preserves (v o f) |] |
521 G : preserves (v o f) |] |
519 ==> extend h F\<squnion>G : |
522 ==> extend h F\<squnion>G : |
520 (C Int extend_set h (project_set h C Int A)) |
523 (C Int extend_set h (project_set h C Int A)) |
533 apply (rule Join_project_ensures_strong) |
536 apply (rule Join_project_ensures_strong) |
534 apply (auto intro: project_stable_project_set simp add: Int_left_absorb) |
537 apply (auto intro: project_stable_project_set simp add: Int_left_absorb) |
535 apply (simp (no_asm_simp) add: stable_ensures_Int [THEN ensures_weaken_R] Int_lower2 project_stable_project_set extend_stable_project_set) |
538 apply (simp (no_asm_simp) add: stable_ensures_Int [THEN ensures_weaken_R] Int_lower2 project_stable_project_set extend_stable_project_set) |
536 done |
539 done |
537 |
540 |
538 lemma (in Extend) project_leadsETo_D_lemma: |
541 lemma project_leadsETo_D_lemma: |
539 "[| extend h F\<squnion>G : stable C; |
542 "[| extend h F\<squnion>G : stable C; |
540 F\<squnion>project h C G : |
543 F\<squnion>project h C G : |
541 (project_set h C Int A) |
544 (project_set h C Int A) |
542 leadsTo[(%D. project_set h C Int D)`givenBy v] B; |
545 leadsTo[(%D. project_set h C Int D)`givenBy v] B; |
543 G : preserves (v o f) |] |
546 G : preserves (v o f) |] |
545 leadsTo[(%D. C Int extend_set h D)`givenBy v] (extend_set h B)" |
548 leadsTo[(%D. C Int extend_set h D)`givenBy v] (extend_set h B)" |
546 apply (rule pld_lemma [THEN leadsETo_weaken]) |
549 apply (rule pld_lemma [THEN leadsETo_weaken]) |
547 apply (auto simp add: split_extended_all) |
550 apply (auto simp add: split_extended_all) |
548 done |
551 done |
549 |
552 |
550 lemma (in Extend) project_leadsETo_D: |
553 lemma project_leadsETo_D: |
551 "[| F\<squnion>project h UNIV G : A leadsTo[givenBy v] B; |
554 "[| F\<squnion>project h UNIV G : A leadsTo[givenBy v] B; |
552 G : preserves (v o f) |] |
555 G : preserves (v o f) |] |
553 ==> extend h F\<squnion>G : (extend_set h A) |
556 ==> extend h F\<squnion>G : (extend_set h A) |
554 leadsTo[givenBy (v o f)] (extend_set h B)" |
557 leadsTo[givenBy (v o f)] (extend_set h B)" |
555 apply (cut_tac project_leadsETo_D_lemma [of _ _ UNIV], auto) |
558 apply (cut_tac project_leadsETo_D_lemma [of _ _ UNIV], auto) |
556 apply (erule leadsETo_givenBy) |
559 apply (erule leadsETo_givenBy) |
557 apply (rule givenBy_o_eq_extend_set [THEN equalityD2]) |
560 apply (rule givenBy_o_eq_extend_set [THEN equalityD2]) |
558 done |
561 done |
559 |
562 |
560 lemma (in Extend) project_LeadsETo_D: |
563 lemma project_LeadsETo_D: |
561 "[| F\<squnion>project h (reachable (extend h F\<squnion>G)) G |
564 "[| F\<squnion>project h (reachable (extend h F\<squnion>G)) G |
562 : A LeadsTo[givenBy v] B; |
565 : A LeadsTo[givenBy v] B; |
563 G : preserves (v o f) |] |
566 G : preserves (v o f) |] |
564 ==> extend h F\<squnion>G : |
567 ==> extend h F\<squnion>G : |
565 (extend_set h A) LeadsTo[givenBy (v o f)] (extend_set h B)" |
568 (extend_set h A) LeadsTo[givenBy (v o f)] (extend_set h B)" |
568 apply (erule leadsETo_mono [THEN [2] rev_subsetD]) |
571 apply (erule leadsETo_mono [THEN [2] rev_subsetD]) |
569 apply (blast intro: extend_set_givenBy_I) |
572 apply (blast intro: extend_set_givenBy_I) |
570 apply (simp add: project_set_reachable_extend_eq [symmetric]) |
573 apply (simp add: project_set_reachable_extend_eq [symmetric]) |
571 done |
574 done |
572 |
575 |
573 lemma (in Extend) extending_leadsETo: |
576 lemma extending_leadsETo: |
574 "(ALL G. extend h F ok G --> G : preserves (v o f)) |
577 "(ALL G. extend h F ok G --> G : preserves (v o f)) |
575 ==> extending (%G. UNIV) h F |
578 ==> extending (%G. UNIV) h F |
576 (extend_set h A leadsTo[givenBy (v o f)] extend_set h B) |
579 (extend_set h A leadsTo[givenBy (v o f)] extend_set h B) |
577 (A leadsTo[givenBy v] B)" |
580 (A leadsTo[givenBy v] B)" |
578 apply (unfold extending_def) |
581 apply (unfold extending_def) |
579 apply (auto simp add: project_leadsETo_D) |
582 apply (auto simp add: project_leadsETo_D) |
580 done |
583 done |
581 |
584 |
582 lemma (in Extend) extending_LeadsETo: |
585 lemma extending_LeadsETo: |
583 "(ALL G. extend h F ok G --> G : preserves (v o f)) |
586 "(ALL G. extend h F ok G --> G : preserves (v o f)) |
584 ==> extending (%G. reachable (extend h F\<squnion>G)) h F |
587 ==> extending (%G. reachable (extend h F\<squnion>G)) h F |
585 (extend_set h A LeadsTo[givenBy (v o f)] extend_set h B) |
588 (extend_set h A LeadsTo[givenBy (v o f)] extend_set h B) |
586 (A LeadsTo[givenBy v] B)" |
589 (A LeadsTo[givenBy v] B)" |
587 apply (unfold extending_def) |
590 apply (unfold extending_def) |
591 |
594 |
592 |
595 |
593 (*** leadsETo in the precondition ***) |
596 (*** leadsETo in the precondition ***) |
594 |
597 |
595 (*Lemma for the Trans case*) |
598 (*Lemma for the Trans case*) |
596 lemma (in Extend) pli_lemma: |
599 lemma pli_lemma: |
597 "[| extend h F\<squnion>G : stable C; |
600 "[| extend h F\<squnion>G : stable C; |
598 F\<squnion>project h C G |
601 F\<squnion>project h C G |
599 : project_set h C Int project_set h A leadsTo project_set h B |] |
602 : project_set h C Int project_set h A leadsTo project_set h B |] |
600 ==> F\<squnion>project h C G |
603 ==> F\<squnion>project h C G |
601 : project_set h C Int project_set h A leadsTo |
604 : project_set h C Int project_set h A leadsTo |
602 project_set h C Int project_set h B" |
605 project_set h C Int project_set h B" |
603 apply (rule psp_stable2 [THEN leadsTo_weaken_L]) |
606 apply (rule psp_stable2 [THEN leadsTo_weaken_L]) |
604 apply (auto simp add: project_stable_project_set extend_stable_project_set) |
607 apply (auto simp add: project_stable_project_set extend_stable_project_set) |
605 done |
608 done |
606 |
609 |
607 lemma (in Extend) project_leadsETo_I_lemma: |
610 lemma project_leadsETo_I_lemma: |
608 "[| extend h F\<squnion>G : stable C; |
611 "[| extend h F\<squnion>G : stable C; |
609 extend h F\<squnion>G : |
612 extend h F\<squnion>G : |
610 (C Int A) leadsTo[(%D. C Int D)`givenBy f] B |] |
613 (C Int A) leadsTo[(%D. C Int D)`givenBy f] B |] |
611 ==> F\<squnion>project h C G |
614 ==> F\<squnion>project h C G |
612 : (project_set h C Int project_set h (C Int A)) leadsTo (project_set h B)" |
615 : (project_set h C Int project_set h (C Int A)) leadsTo (project_set h B)" |
618 apply (simp add: givenBy_eq_extend_set) |
621 apply (simp add: givenBy_eq_extend_set) |
619 apply (rule leadsTo_Basis) |
622 apply (rule leadsTo_Basis) |
620 apply (blast intro: ensures_extend_set_imp_project_ensures) |
623 apply (blast intro: ensures_extend_set_imp_project_ensures) |
621 done |
624 done |
622 |
625 |
623 lemma (in Extend) project_leadsETo_I: |
626 lemma project_leadsETo_I: |
624 "extend h F\<squnion>G : (extend_set h A) leadsTo[givenBy f] (extend_set h B) |
627 "extend h F\<squnion>G : (extend_set h A) leadsTo[givenBy f] (extend_set h B) |
625 ==> F\<squnion>project h UNIV G : A leadsTo B" |
628 ==> F\<squnion>project h UNIV G : A leadsTo B" |
626 apply (rule project_leadsETo_I_lemma [THEN leadsTo_weaken], auto) |
629 apply (rule project_leadsETo_I_lemma [THEN leadsTo_weaken], auto) |
627 done |
630 done |
628 |
631 |
629 lemma (in Extend) project_LeadsETo_I: |
632 lemma project_LeadsETo_I: |
630 "extend h F\<squnion>G : (extend_set h A) LeadsTo[givenBy f] (extend_set h B) |
633 "extend h F\<squnion>G : (extend_set h A) LeadsTo[givenBy f] (extend_set h B) |
631 ==> F\<squnion>project h (reachable (extend h F\<squnion>G)) G |
634 ==> F\<squnion>project h (reachable (extend h F\<squnion>G)) G |
632 : A LeadsTo B" |
635 : A LeadsTo B" |
633 apply (simp (no_asm_use) add: LeadsTo_def LeadsETo_def) |
636 apply (simp (no_asm_use) add: LeadsTo_def LeadsETo_def) |
634 apply (rule project_leadsETo_I_lemma [THEN leadsTo_weaken]) |
637 apply (rule project_leadsETo_I_lemma [THEN leadsTo_weaken]) |
635 apply (auto simp add: project_set_reachable_extend_eq [symmetric]) |
638 apply (auto simp add: project_set_reachable_extend_eq [symmetric]) |
636 done |
639 done |
637 |
640 |
638 lemma (in Extend) projecting_leadsTo: |
641 lemma projecting_leadsTo: |
639 "projecting (%G. UNIV) h F |
642 "projecting (%G. UNIV) h F |
640 (extend_set h A leadsTo[givenBy f] extend_set h B) |
643 (extend_set h A leadsTo[givenBy f] extend_set h B) |
641 (A leadsTo B)" |
644 (A leadsTo B)" |
642 apply (unfold projecting_def) |
645 apply (unfold projecting_def) |
643 apply (force dest: project_leadsETo_I) |
646 apply (force dest: project_leadsETo_I) |
644 done |
647 done |
645 |
648 |
646 lemma (in Extend) projecting_LeadsTo: |
649 lemma projecting_LeadsTo: |
647 "projecting (%G. reachable (extend h F\<squnion>G)) h F |
650 "projecting (%G. reachable (extend h F\<squnion>G)) h F |
648 (extend_set h A LeadsTo[givenBy f] extend_set h B) |
651 (extend_set h A LeadsTo[givenBy f] extend_set h B) |
649 (A LeadsTo B)" |
652 (A LeadsTo B)" |
650 apply (unfold projecting_def) |
653 apply (unfold projecting_def) |
651 apply (force dest: project_LeadsETo_I) |
654 apply (force dest: project_LeadsETo_I) |
652 done |
655 done |
653 |
656 |
654 end |
657 end |
|
658 |
|
659 end |