section‹Semantics of Hierarchical Automata› theory HASem imports HA begin
subsection‹Definitions›
definition
RootExSem :: "[(('s,'e,'d)seqauto) set, 's ⇀ ('s,'e,'d)seqauto set, 's set] => bool"where "RootExSem F G C == (∃! S. S ∈ States (Root F G) ∧ S ∈ C)"
definition
UniqueSucStates :: "[(('s,'e,'d)seqauto) set, 's ⇀ ('s,'e,'d)seqauto set, 's set] ==> bool"where "UniqueSucStates F G C == ∀ S ∈ (∪(States ` F)). ∀ A ∈ the (G S). if (S ∈ C) then ∃! S' . S' ∈ States A ∧ S' ∈ C else ∀ S ∈ States A. S ∉ C"
definition
IsConfSet :: "[(('s,'e,'d)seqauto) set, 's ⇀ ('s,'e,'d)seqauto set, 's set] => bool"where "IsConfSet F G C == C ⊆ (∪(States ` F)) & RootExSem F G C & UniqueSucStates F G C"
definition
Status :: "[('s,'e,'d)hierauto, 's set, 'e set, 'd data] => bool"where "Status HA C E D == E ⊆ HAEvents HA ∧ IsConfSet (SAs HA) (CompFun HA) C ∧ Data.DataSpace (HAInitValue HA) = Data.DataSpace D"
subsubsection‹‹Status››
lemma Status_EmptySet: "(Abs_hierauto ((@ x . True), {Abs_seqauto ({ @ x . True}, (@ x . True), {}, {})}, {}, Map.empty(@ x . True ↦{})), {@x. True},{}, @x. True) ∈ {(HA,C,E,D) | HA C E D. Status HA C E D}" apply (unfold Status_def CompFun_def SAs_def) apply auto apply (subst Abs_hierauto_inverse) apply (subst hierauto_def) apply (rule HierAuto_EmptySet) apply (subst Abs_hierauto_inverse) apply (subst hierauto_def) apply (rule HierAuto_EmptySet) apply auto apply (unfold IsConfSet_def UniqueSucStates_def RootExSem_def) apply auto apply (unfold States_def) apply auto apply (unfold Root_def) apply (rule someI2) apply (rule conjI) apply fast apply (simp add: ran_def) apply simp apply (subst Abs_seqauto_inverse) apply (subst seqauto_def) apply (rule SeqAuto_EmptySet) apply simp apply (unfold HAInitValue_def) apply auto apply (subst Abs_hierauto_inverse) apply (subst hierauto_def) apply (rule HierAuto_EmptySet) apply simp done
definition "status = {(HA,C,E,D) | (HA::('s,'e,'d)hierauto) (C::('s set)) (E::('e set)) (D::'d data). Status HA C E D}"
typedef ('s,'e,'d) status = "status :: (('s,'e,'d)hierauto * 's set * 'e set * 'd data) set" unfolding status_def apply (rule exI) apply (rule Status_EmptySet) done
definition
HA :: "('s,'e,'d) status => ('s,'e,'d) hierauto"where "HA == fst o Rep_status"
definition
Conf :: "('s,'e,'d) status => 's set"where "Conf == fst o snd o Rep_status"
definition
Events :: "('s,'e,'d) status => 'e set"where "Events == fst o snd o snd o Rep_status"
definition Value :: "('s,'e,'d) status => 'd data"where "Value == snd o snd o snd o Rep_status"
definition
RootState :: "('s,'e,'d) status => 's"where "RootState ST == @ S. S ∈ Conf ST ∧ S ∈ States (HARoot (HA ST))"
definition
EnabledTrans :: "(('s,'e,'d)status * ('s,'e,'d)seqauto * ('s,'e,'d)trans) set"where "EnabledTrans == {(ST,SA,T) . SA ∈ SAs (HA ST) ∧ T ∈ Delta SA ∧ source T ∈ Conf ST ∧ (Conf ST, Events ST, Value ST) |= (label T) }"
definition
ET :: "('s,'e,'d) status => (('s,'e,'d) trans) set"where "ET ST == ∪ SA ∈ SAs (HA ST). (EnabledTrans `` {ST}) `` {SA}"
(* -------------------------------------------------------------- *) (* maximal non conflicting set of transitions *) (* -------------------------------------------------------------- *)
definition
MaxNonConflict :: "[('s,'e,'d)status, ('s,'e,'d)trans set] => bool"where "MaxNonConflict ST T == (T ⊆ ET ST) ∧ (∀ A ∈ SAs (HA ST). card (T Int Delta A) ≤ 1) ∧ (∀ t ∈ (ET ST). (t ∈ T) = (¬ (∃ t' ∈ ET ST. HigherPriority (HA ST) (t',t))))"
(* -------------------------------------------------------------- *) (* resolving the occurrence of racing with interleaving semantic *) (* for one set of transitions *) (* -------------------------------------------------------------- *)
definition
ResolveRacing :: "('s,'e,'d)trans set => ('d update set)"where "ResolveRacing TS == let U = PUpdate (Label TS) in SequentialRacing U"
(* -------------------------------------------------------------- *) (* HPT is a set, there can be more than one! If there are *) (* nondeterministic transitions t1, t2 in one SA : SAs A, then *) (* they are not in conflict wt higher priority. We have to chose *) (* one and get different sets. *) (* -------------------------------------------------------------- *)
definition
HPT :: "('s,'e,'d)status => (('s,'e,'d)trans set) set"where "HPT ST == { T. MaxNonConflict ST T}"
(* -------------------------------------------------------------- *) (* The initials status can be defined now for a given automaton. *) (* -------------------------------------------------------------- *)
(* -------------------------------------------------------------- *) (* The next status for a given status can be defined now by a *) (* step. *) (* -------------------------------------------------------------- *)
definition
StepActEvent :: "('s,'e,'d)trans set => 'e set"where "StepActEvent TS == Union (Actevent (Label TS))"
definition
StepStatus :: "[('s,'e,'d)status, ('s,'e,'d)trans set, 'd update] => ('s,'e,'d)status"where "StepStatus ST TS U = (let (A,C,E,D) = Rep_status ST; C' = StepConf A C TS; E' = StepActEvent TS; D' = U !!! D in Abs_status (A,C',E',D'))"
(* --------------------------------------------------------------- *) (* The Relation StepRel defines semantic transitions on statuses *) (* for given hierarchical automaton. *) (* --------------------------------------------------------------- *)
definition
StepRelSem :: "('s,'e,'d)hierauto => (('s,'e,'d)status * ('s,'e,'d)status) set"where "StepRelSem A == {(ST,ST'). (HA ST) = A ∧ ((HPT ST ≠ {}) ⟶ (∃TS ∈ HPT ST. ∃U ∈ ResolveRacing TS. ST' = StepStatus ST TS U)) & ((HPT ST = {}) ⟶ (ST' = StepStatus ST {} DefaultUpdate))}"
(* --------------------------------------------------------------- *) (* The Relation StepRel defines semantic transitions on statuses *) (* The set of all reachable stati can now be defined inductively *) (* as the set of statuses derived through applications of *) (* transitions starting from the initial status TInitStatus 0. *) (* --------------------------------------------------------------- *)
inductive_set
ReachStati :: "('s,'e,'d)hierauto => ('s,'e,'d) status set" for A :: "('s,'e,'d)hierauto" where
Status0 : "InitStatus A ∈ ReachStati A"
| StatusStep : "[ ST ∈ ReachStati A; TS ∈ HPT ST; U ∈ ResolveRacing TS ] ==> StepStatus ST TS U ∈ ReachStati A"
subsection‹Lemmas›
lemma Rep_status_tuple: "Rep_status ST = (HA ST, Conf ST, Events ST, Value ST)" by (unfold HA_def Conf_def Events_def Value_def, simp)
lemma Rep_status_select: "(HA ST, Conf ST, Events ST, Value ST) ∈ status" by (rule Rep_status_tuple [THEN subst], rule Rep_status)
lemma ET_Delta: "[ TS ⊆ ET ST; t ∈ TS; source t ∈ States A; A ∈ SAs (HA ST)]==> t ∈ Delta A" apply (unfold ET_def EnabledTrans_def) apply simp apply (erule subsetCE) apply auto apply (rename_tac SA) apply (case_tac "A = SA") apply auto apply (cut_tac HA="HA ST"in MutuallyDistinct_HA) apply (unfold MutuallyDistinct_def) apply force done
lemma ET_Delta_target: "[ TS ⊆ ET ST; t ∈ TS; target t ∈ States A; A ∈ SAs (HA ST) ]==> t ∈ Delta A" apply (unfold ET_def EnabledTrans_def) apply simp apply (erule subsetCE) apply auto apply (rename_tac SA) apply (case_tac "A = SA") apply auto apply (cut_tac HA="HA ST"in MutuallyDistinct_HA) apply (unfold MutuallyDistinct_def) apply force done
lemma ET_HADelta: " [ TS ⊆ ET ST; t ∈ TS ]==> t ∈ HADelta (HA ST)" apply (unfold HADelta_def) apply auto apply (unfold ET_def EnabledTrans_def Image_def) apply auto done
lemma HPT_HADelta: " [ TS ∈ HPT ST; t ∈ TS ]==> t ∈ HADelta (HA ST)" apply (rule ET_HADelta) apply (unfold HPT_def MaxNonConflict_def) apply auto done
lemma HPT_Delta: "[ TS ∈ HPT ST; t ∈ TS; source t ∈ States A; A ∈ SAs (HA ST)]==> t ∈ Delta A" apply (rule ET_Delta) apply auto apply (unfold HPT_def MaxNonConflict_def) apply fast done
lemma HPT_Delta_target: "[ TS ∈ HPT ST; t ∈ TS; target t ∈ States A; A ∈ SAs (HA ST)]==> t ∈ Delta A" apply (rule ET_Delta_target) apply auto apply (unfold HPT_def MaxNonConflict_def) apply fast done
lemma OneTrans_HPT_SA: "[ TS ∈ HPT ST; T ∈ TS; source T ∈ States SA; U ∈ TS; source U ∈ States SA; SA ∈ SAs (HA ST) ]==> T = U" apply (unfold HPT_def MaxNonConflict_def Source_def) apply auto apply (erule_tac x=SA in ballE) apply (case_tac "finite (TS ∩ Delta SA)") apply (frule_tac t=T in OneElement_Card) apply fast apply (frule_tac t=T and A=SA in ET_Delta) apply assumption+ apply fast apply (frule_tac t=U in OneElement_Card) apply fast apply (frule_tac t=U and A=SA in ET_Delta) apply auto done
lemma OneTrans_HPT_SA2: "[ TS ∈ HPT ST; T ∈ TS; target T ∈ States SA; U ∈ TS; target U ∈ States SA; SA ∈ SAs (HA ST) ]==> T = U" apply (unfold HPT_def MaxNonConflict_def Target_def) apply auto apply (erule_tac x=SA in ballE) apply (case_tac "finite (TS ∩ Delta SA)") apply (frule_tac t=T in OneElement_Card) apply fast apply (frule_tac t=T and A=SA in ET_Delta_target) apply assumption+ apply fast apply (frule_tac t=U in OneElement_Card) apply fast apply (frule_tac t=U and A=SA in ET_Delta_target) apply auto done
lemma OneState_HPT_Target: "[ TS ∈ HPT ST; S ∈ Target TS; T ∈ Target TS; S ∈ States SA; T ∈ States SA; SA ∈ SAs (HA ST) ] ==> S = T" apply (unfold Target_def) apply (auto dest: OneTrans_HPT_SA2[rotated -1]) done
subsubsection‹Source Transition Set›
lemma ET_Source_Conf: "TS ⊆ ET ST ==> (Source TS) ⊆ Conf ST" apply (unfold Source_def ET_def EnabledTrans_def) apply auto done
lemma ET_Source_Target [simp]: "[ SA ∈ SAs (HA ST); TS ⊆ ET ST; States SA ∩ Source TS = {} ]==> States SA ∩ Target TS = {}" apply (unfold ET_def EnabledTrans_def Source_def Target_def) apply auto apply (rename_tac Source Trigger Guard Action Update Target) apply (erule subsetCE) apply auto apply (rename_tac SAA) apply (unfold image_def source_def Int_def) apply auto apply (erule_tac x=Source in allE) apply auto apply (frule Delta_source_States) apply (unfold source_def) apply auto apply (case_tac "SA=SAA") apply auto apply (cut_tac HA="HA ST"in MutuallyDistinct_HA) apply (unfold MutuallyDistinct_def) apply (erule_tac x=SA in ballE) apply (erule_tac x=SAA in ballE) apply auto apply (frule Delta_target_States) apply (unfold target_def) apply force done
lemma HPT_Source_Target [simp]: "[ TS ∈ HPT ST; States SA ∩ Source TS = {}; SA ∈ SAs (HA ST) ]==> States SA ∩ Target TS = {}" apply (unfold HPT_def MaxNonConflict_def) apply auto done
lemma ET_target_source: "[ TS ⊆ ET ST; t ∈ TS; target t ∈ States A; A ∈ SAs (HA ST) ]==> source t ∈ States A" apply (frule ET_Delta_target) apply auto done
lemma ET_source_target: "[ TS ⊆ ET ST; t ∈ TS; source t ∈ States A; A ∈ SAs (HA ST) ]==> target t ∈ States A" apply (frule ET_Delta) apply auto done
lemma HPT_target_source: "[ TS ∈ HPT ST; t ∈ TS; target t ∈ States A; A ∈ SAs (HA ST)]==> source t ∈ States A" apply (rule ET_target_source) apply auto apply (unfold HPT_def MaxNonConflict_def) apply fast done
lemma HPT_source_target: "[ TS ∈ HPT ST; t ∈ TS; source t ∈ States A; A ∈ SAs (HA ST) ]==> target t ∈ States A" apply (rule ET_source_target) apply auto apply (unfold HPT_def MaxNonConflict_def) apply fast done
lemma HPT_source_target2 [simp]: "[ TS ∈HPT ST; (s,l,t) ∈ TS; s ∈ States A; A ∈ SAs (HA ST)]==> t ∈States A" apply (cut_tac ST=ST and TS=TS and t="(s,l,t)"in HPT_source_target) apply auto done
lemma ChiRel_ChiStar_Source_notmem: "[ TS ∈ HPT ST; (S, T) ∈ ChiRel (HA ST); S ∈ Conf ST; T ∉ ChiStar (HA ST) `` Source TS ]==> S ∉ ChiStar (HA ST) `` Source TS" apply auto apply (rename_tac U) apply (simp only: Image_def) apply auto apply (erule_tac x=U in ballE) apply (fast intro: ChiRel_ChiStar_trans)+ done
lemma RootState_notmem_ChiRel2 [simp]: "[ S ∈ States (HARoot (HA ST)) ]==> (x,S) ∉ (ChiRel (HA ST))" by (unfold ChiRel_def, auto)
lemma RootState_Conf_StepConf [simp]: "[ RootState ST ∉ Source TS ]==> RootState ST ∈ StepConf (HA ST) (Conf ST) TS" apply (unfold StepConf_def) apply auto apply (rename_tac S) apply (case_tac "S=RootState ST") apply fast apply auto apply (rename_tac S) apply (case_tac "S=RootState ST") apply fast apply auto done
lemma OneRootState_Conf [simp]: "[ S ∈ States (HARoot (HA ST)); S ∈ Conf ST ]==> S = RootState ST" apply (cut_tac ST=ST in IsConfSet_Status) apply (unfold IsConfSet_def RootExSem_def) apply (fold HARoot_def) apply auto done
lemma OneRootState_Source: "[ TS ∈ HPT ST; S ∈ Source TS; S ∈ States (HARoot (HA ST)) ]==> S = RootState ST" apply (cut_tac ST=ST and TS=TS in HPT_Source_Conf, assumption) apply (cut_tac ST=ST in OneRootState_Conf) apply fast+ done
lemma OneState_HPT_Target_Source: "[ TS ∈ HPT ST; S ∈ States SA; SA ∈ SAs (HA ST); States SA ∩ Source TS = {} ] ==> S ∉ Target TS" apply (unfold Target_def) apply auto apply (unfold Source_def Image_def Int_def) apply auto apply (frule HPT_target_source) apply auto done
lemma RootState_notmem_Target [simp]: "[ TS ∈ HPT ST; S ∈ States (HARoot (HA ST)); RootState ST ∉ Source TS ]==> S ∉Target TS" apply auto apply (frule OneState_HPT_Target_Source) prefer4 apply fast+ apply simp apply (unfold Int_def) apply auto apply (frule OneRootState_Source) apply fast+ done
subsubsection‹Configuration ‹Conf››
lemma Conf_HAStates: "Conf ST ⊆ HAStates (HA ST)" apply (cut_tac Rep_status_select) apply (unfold IsConfSet_def status_def Status_def HAStates_def) apply fast done
lemma Conf_HAStates2 [simp]: "S ∈ Conf ST ==> S ∈ HAStates (HA ST)" apply (cut_tac ST="ST"in Conf_HAStates) apply fast done
lemma OneState_Conf [intro]: "[ S ∈ Conf ST; T ∈ Conf ST; S ∈ States SA; T ∈ States SA; SA ∈ SAs (HA ST)]==> T = S" apply (cut_tac ST=ST in IsConfSet_Status) apply (unfold IsConfSet_def UniqueSucStates_def) apply (case_tac "SA = HARoot (HA ST)") apply (cut_tac ST=ST and S=S in OneRootState_Conf) apply fast+ apply (simp only:OneRootState_Conf) apply (erule conjE)+ apply (cut_tac HA="HA ST"in OneAncestor_HA) apply (unfold OneAncestor_def) apply (fold HARoot_def) apply (erule_tac x=SA in ballE) apply (drule ex1_implies_ex) apply (erule exE) apply (rename_tac U) apply (erule_tac x=U in ballE) apply (erule_tac x=SA in ballE) apply (case_tac "U ∈ Conf ST") apply simp apply safe apply fast+ apply simp apply fast done
lemma OneState_HPT_SA: "[ TS ∈ HPT ST; S ∈ Source TS; T ∈ Source TS; S ∈ States SA; T ∈ States SA; SA ∈ SAs (HA ST) ]==> S = T" apply (rule OneState_Conf) apply auto apply (frule HPT_Source_Conf, fast)+ done
lemma HPT_SAStates_Target_Source: "[TS ∈ HPT ST; A ∈ SAs (HA ST); S ∈ States A; T ∈ States A; S ∈ Conf ST; T ∈ Target TS ]==> S ∈ Source TS" apply (case_tac "States A ∩ Source TS ={}") apply (frule OneState_HPT_Target_Source) apply fast back apply simp+ apply auto apply (rename_tac U) apply (cut_tac ST=ST in HPT_Source_Conf) apply fast apply (frule_tac S=S and T=U in OneState_Conf) apply fast+ done
lemma HPT_Conf_Target_Source: "[TS ∈ HPT ST; S ∈ Conf ST; S ∈ Target TS ]==> S ∈ Source TS" apply (frule Conf_HAStates2) apply (unfold HAStates_def) apply auto apply (simp only:HPT_SAStates_Target_Source) done
lemma Conf_SA: "S ∈ Conf ST ==>∃ A ∈ SAs (HA ST). S ∈ States A" apply (cut_tac ST=ST in IsConfSet_Status) apply (unfold IsConfSet_def) apply fast done
lemma HPT_Source_HAStates [simp]: "[ TS ∈ HPT ST; S ∈ Source TS ]==> S ∈ HAStates (HA ST)" apply (frule HPT_Source_Conf) apply (rule Conf_HAStates2) apply fast done
lemma Conf_Ancestor: "[ S ∈ Conf ST; A ∈ the (CompFun (HA ST) S) ]==>∃! T ∈ States A. T ∈ Conf ST" apply (cut_tac ST=ST in IsConfSet_Status) apply (unfold IsConfSet_def UniqueSucStates_def) apply safe apply (erule_tac x=S in ballE) prefer2 apply blast apply (erule_tac x=A in ballE) prefer2 apply fast apply simp apply (fast intro: HAStates_CompFun_SAs_mem Conf_HAStates2)+ done
lemma Target_ChiRel_HAInit_StepConf: "[ S ∈ Target TS; (S,T) ∈ ChiRel A; T ∈ HAInitStates A ]==> T ∈ StepConf A C TS" apply (unfold StepConf_def) apply auto done
lemma StepConf_HAStates: "TS ∈ HPT ST ==> StepConf (HA ST) (Conf ST) TS ⊆ HAStates (HA ST)" apply (unfold StepConf_def) apply auto apply (frule tranclD2) apply auto done
lemma RootState_Conf_StepConf2 [simp]: "[ source T = RootState ST; T ∈ TS ]==> target T ∈ StepConf (HA ST) (Conf ST) TS" apply (unfold StepConf_def) apply auto done
lemma HPT_StepConf_HAStates [simp]: "[ TS ∈ HPT ST; S ∈ StepConf (HA ST) (Conf ST) TS ]==> S ∈ HAStates (HA ST)" apply (unfold StepConf_def) apply auto apply (frule tranclD2) apply auto done
lemma StepConf_Target_HAInitStates: "[ S ∈ StepConf (HA ST) (Conf ST) TS; S ∉ Target TS; S ∉ Conf ST]==> S ∈ HAInitStates (HA ST)" apply (unfold StepConf_def) apply auto apply (frule tranclD2) apply auto done
lemma UniqueSucState_Conf_Source_StepConf: "[ TS ∈ HPT ST; S ∈ StepConf (HA ST) (Conf ST) TS; A ∈ SAs (HA ST); A ∈ the (CompFun (HA ST) S); T ∈ States A; U ∈ States A; T ∈ StepConf (HA ST) (Conf ST) TS; T ≠ U; U ∈ Conf ST ]==> U ∈ ChiStar (HA ST) `` Source TS" apply (frule_tac ?S2.0=T in StepConf_HAStates [THEN subsetD, THEN CompFun_ChiRel]) apply fast+ apply (frule_tac ?S2.0=U in StepConf_HAStates [THEN subsetD, THEN CompFun_ChiRel]) apply fast+ apply (frule_tac S=S and T=U in Conf_ChiRel, fast) apply (case_tac "S ∈ ChiStar (HA ST) `` Source TS") apply (fast intro: ChiRel_ChiStar_trans) apply (case_tac "U ∈ Source TS") apply force apply (unfold StepConf_def) apply simp apply safe apply (fast intro: HPT_SAStates_Target_Source)+ apply (rename_tac V) apply (case_tac "V=S") apply (frule_tac S=S in HPT_Conf_Target_Source, fast+) apply (fast intro: ChiStar_Image ChiRel_OneAncestor)+ apply (rename_tac V W) apply (frule trancl_Int_mem, fold ChiPlus_def, safe) apply (cut_tac ST=ST and S=S in HPT_Conf_Target_Source_ChiPlus) apply fast+ apply (simp only:Image_def, safe) apply (case_tac "(V, T) ∉ ChiRel (HA ST)") apply (frule_tac S=V and T=T in ChiPlus_ChiRel_Ex) apply (fast, safe) apply (rename_tac X) apply (case_tac "X=S") apply (rule_tac x=W in bexI) prefer4 apply (case_tac "V=S") prefer2 apply simp apply (fast intro: ChiPlus_ChiRel ChiRel_ChiPlus_trans2 ChiRel_OneAncestor)+ done
lemma UniqueSucState_Target_StepConf: "[ TS ∈ HPT ST; S ∈ StepConf (HA ST) (Conf ST) TS; A ∈ SAs (HA ST); A ∈ the (CompFun (HA ST) S); T ∈ States A; U ∈ States A; T ∈ StepConf (HA ST) (Conf ST) TS; T ≠ U ]==> U ∉ Target TS" apply auto apply (frule_tac ST=ST in Target_StepConf) apply (subst (asm) (2) StepConf_def) apply simp apply safe apply (cut_tac TS=TS and ST=ST and S=S and T=U in UniqueSucState_Conf_Source_StepConf) apply fast+ apply (simp add: OneState_HPT_Target) apply (simp only:OneState_HPT_Target_ChiRel) apply (rename_tac V W) apply (frule_tac U=W and S=V and T=T in ChiRel_ChiPlus_trans2) apply (frule trancl_Int_mem, fold ChiPlus_def, force) apply (simp only:OneState_HPT_Target_ChiPlus) done
lemma UniqueSucState_Target_ChiRel_StepConf: "[ TS ∈ HPT ST; S ∈ StepConf (HA ST) (Conf ST) TS; A ∈ SAs (HA ST); A ∈ the (CompFun (HA ST) S); T ∈ States A; U ∈ States A; T ∈ StepConf (HA ST) (Conf ST) TS; T ≠ U; (V,U) ∈ ChiRel (HA ST); U ∈ HAInitStates (HA ST) ] ==> V ∉ Target TS" apply auto apply (frule_tac A="HA ST"and C="Conf ST"in Target_ChiRel_HAInit_StepConf) apply fast+ apply (subst (asm) (2) StepConf_def, safe) apply (fast intro:UniqueSucState_Conf_Source_StepConf) apply (simp only:OneState_HPT_Target_ChiRel) apply (fast intro:OneHAInitState_SAStates) apply (frule trancl_Int_mem, fold ChiPlus_def) apply (fast intro:OneHAInitState_SAStates) done
lemma UniqueSucState_Target_ChiPlus_StepConf [rule_format]: "[ TS ∈ HPT ST; (S,T) ∈ ChiRel (HA ST); (S,U) ∈ ChiRel (HA ST); V ∈ Target TS; (V,W) ∈ ChiRel (HA ST); T ∉ ChiStar (HA ST) `` Source TS; (W,U) ∈ (ChiRel (HA ST) ∩ HAInitStates (HA ST) × HAInitStates (HA ST))+; T ∈ Conf ST ]==> (S,U) ∈ ChiRel (HA ST) ⟶ T=U" apply (frule_tac S=S and T=T in Conf_ChiRel) apply fast apply (rule_tac a="W"and b="U"and r="ChiRel (HA ST) ∩ HAInitStates (HA ST) × HAInitStates (HA ST)"in trancl_induct) apply safe apply (rename_tac X) apply (case_tac "W=S") apply simp prefer2 apply (simp add: ChiRel_OneAncestor) prefer2 apply (rename_tac X Y) apply (case_tac "X=S") apply simp prefer2 apply (simp add: ChiRel_OneAncestor) prefer2 apply (frule_tac a=V in ChiRel_HAStates) apply (unfold HAStates_def) apply (simp,safe) apply (rename_tac Y) apply (case_tac "States Y ∩ Source TS = {}") apply (simp add:OneState_HPT_Target_Source) apply (subst (asm) Int_def, safe) apply (rename_tac Z) apply (frule_tac S=V and T=S in Conf_ChiRel) apply fast apply (frule HPT_Conf_Target_Source) prefer2 apply fast apply fast apply (frule_tac S=Z and T=V in OneState_HPT_SA) apply fast+ apply simp apply (fast intro: ChiPlus_ChiRel ChiRel_ChiPlus_trans ChiPlus_ChiStar) apply (simp add: Image_def) apply (frule trancl_Int_mem, fold ChiPlus_def, simp, safe) back apply (frule_tac T=W and S=S in Conf_ChiPlus) apply simp apply (frule_tac S=V and T=W in Conf_ChiRel) apply fast apply (frule_tac a=V in ChiRel_HAStates) apply (unfold HAStates_def) apply (simp, safe) apply (rename_tac Z) apply (case_tac "States Z ∩ Source TS = {}") apply (simp add:OneState_HPT_Target_Source) apply (subst (asm) Int_def, safe) apply (frule_tac S=V in HPT_Conf_Target_Source) apply fast+ apply (rename_tac P) apply (frule_tac S=P and T=V in OneState_HPT_SA) apply fast+ apply (frule_tac U=V and S=W and T=S in ChiRel_ChiPlus_trans2) apply fast+ apply (fast intro: ChiPlus_ChiRel ChiRel_ChiPlus_trans ChiPlus_ChiStar) apply (case_tac "T=S") apply (simp add: ChiRel_OneAncestor)+ done
lemma UniqueSucStates_SAStates_StepConf: "[ TS ∈ HPT ST; S ∈ StepConf (HA ST) (Conf ST) TS; A ∈ SAs (HA ST); A ∈ the (CompFun (HA ST) S); T ∈ States A; U ∈ States A; T ∈ StepConf (HA ST) (Conf ST) TS; T ≠ U ]==> U ∉ StepConf (HA ST) (Conf ST) TS" apply (subst StepConf_def) apply (simp, safe) apply (rule UniqueSucState_Conf_Source_StepConf) apply fast+ apply (frule_tac U=U in UniqueSucState_Target_StepConf) apply fast+ apply (frule_tac U=U in UniqueSucState_Target_ChiRel_StepConf) apply fast+ apply (rename_tac V W) apply (frule trancl_Int_mem, fold ChiPlus_def) apply (simp, safe) apply (frule_tac ?S2.0=T in StepConf_HAStates [THEN subsetD, THEN CompFun_ChiRel]) apply fast+ apply (frule_tac ?S2.0=U in StepConf_HAStates [THEN subsetD, THEN CompFun_ChiRel]) apply fast+ apply (subst (asm) (2) StepConf_def) apply (simp, safe) apply (fast intro: UniqueSucState_Target_ChiPlus_StepConf) apply (frule_tac U=W and T=U and S=T in OneState_HPT_Target_ChiPlus) apply (fast intro: ChiPlus_ChiRel ChiRel_ChiPlus_trans2 OneHAInitState_SAStates)+ apply (frule trancl_Int_mem, fold ChiPlus_def, simp, safe) apply (fast intro:OneHAInitState_SAStates) done
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
