Theory Operational_Semantics_CSP_PTick_Laws

(***********************************************************************************
 * Copyright (c) 2025 Université Paris-Saclay
 *
 * Author: Benoît Ballenghien, Université Paris-Saclay,
 *         CNRS, ENS Paris-Saclay, LMF
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, this
 *
 * * Redistributions in binary form must reproduce the above copyright notice,
 *   this list of conditions and the following disclaimer in the documentation
 *   and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 * SPDX-License-Identifier: BSD-2-Clause
 ***********************************************************************************)


(*<*)
theory Operational_Semantics_CSP_PTick_Laws
  imports After_CSP_PTick_Laws
    Non_Deterministic_CSP_PTick_Distributivity
    "HOL-CSP_OpSem"
begin
  (*>*)


section ‹Small Steps Transitions›

subsection ‹Extension of the After Operator›

subsection ‹Sequential Composition›

locale AfterExtDuplicated_same_events = AfterExtDuplicated Ψ⇩α Ω⇩α Ψ⇩β Ω⇩β
  for Ψ⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'r] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ψ⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 's] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k› 


sublocale AfterExtDuplicated_same_events ⊆ AfterDuplicated_same_events .
    ―‹Recovering @{thm [source] AfterDuplicated_same_events.After_Seq⇩p⇩t⇩i⇩c⇩k}›


context AfterExtDuplicated_same_events
begin 

notation After⇩t⇩i⇩c⇩k⇩α.After (infixl ‹after⇩α› 86)
notation After⇩t⇩i⇩c⇩k⇩β.After (infixl ‹after⇩β› 86)
notation After⇩t⇩i⇩c⇩k⇩α.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩α› 86)
notation After⇩t⇩i⇩c⇩k⇩β.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩β› 86)


lemma After⇩t⇩i⇩c⇩k_Seq⇩p⇩t⇩i⇩c⇩k : 
  ‹(P ❙;⇩✓ Q) after⇩✓⇩β e =
   (case e of ✓(r) ⇒ Ω⇩β (P ❙;⇩✓ Q) r
            | ev a ⇒
      if ∀r. ✓(r) ∈ P⇧0 ⟶ ev a ∉ (Q r)⇧0
    then   if ev a ∈ P⇧0
         then P after⇩✓⇩α ev a ❙;⇩✓ Q else Ψ⇩β (P ❙;⇩✓ Q) a
         else   if ev a ∈ P⇧0
              then (P after⇩✓⇩α ev a ❙;⇩✓ Q) ⊓
                   (⊓r∈{r. ✓(r) ∈ P⇧0 ∧ ev a ∈ (Q r)⇧0}. Q r after⇩✓⇩β ev a)
              else ⊓r∈{r. ✓(r) ∈ P⇧0 ∧ ev a ∈ (Q r)⇧0}. Q r after⇩✓⇩β ev a)›
  by (auto simp add: After⇩t⇩i⇩c⇩k⇩β.After⇩t⇩i⇩c⇩k_def After⇩t⇩i⇩c⇩k⇩α.After⇩t⇩i⇩c⇩k_def After_Seq⇩p⇩t⇩i⇩c⇩k split: event⇩p⇩t⇩i⇩c⇩k.split)

end



subsubsection ‹Synchronization Product›

locale AfterExt_Sync⇩p⇩t⇩i⇩c⇩k_locale = Sync⇩p⇩t⇩i⇩c⇩k_locale tick_join +
  AfterExt⇩l⇩h⇩s : AfterExt Ψ⇩l⇩h⇩s Ω⇩l⇩h⇩s +
  AfterExt⇩r⇩h⇩s : AfterExt Ψ⇩r⇩h⇩s Ω⇩r⇩h⇩s +
  AfterExt⇩p⇩t⇩i⇩c⇩k : AfterExt Ψ⇩p⇩t⇩i⇩c⇩k Ω⇩p⇩t⇩i⇩c⇩k
  for tick_join :: ‹'r ⇒ 's ⇒ 't option›
    and Ψ⇩l⇩h⇩s :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩l⇩h⇩s :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'r] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ψ⇩r⇩h⇩s :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩r⇩h⇩s :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 's] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ψ⇩p⇩t⇩i⇩c⇩k :: ‹[('a, 't) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 't) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩p⇩t⇩i⇩c⇩k :: ‹[('a, 't) process⇩p⇩t⇩i⇩c⇩k, 't] ⇒ ('a, 't) process⇩p⇩t⇩i⇩c⇩k›
begin

sublocale After_Sync⇩p⇩t⇩i⇩c⇩k_locale tick_join Ψ⇩l⇩h⇩s Ψ⇩r⇩h⇩s Ψ⇩p⇩t⇩i⇩c⇩k by unfold_locales

sublocale AfterExt_Sync⇩p⇩t⇩i⇩c⇩k_locale_sym :
  AfterExt_Sync⇩p⇩t⇩i⇩c⇩k_locale ‹λs r. tick_join r s› Ψ⇩r⇩h⇩s Ω⇩r⇩h⇩s Ψ⇩l⇩h⇩s Ω⇩l⇩h⇩s Ψ⇩p⇩t⇩i⇩c⇩k Ω⇩p⇩t⇩i⇩c⇩k
  by unfold_locales

(*
notation AfterExt⇩l⇩h⇩s.After (infixl ‹after⇩l⇩h⇩s› 86)
notation AfterExt⇩r⇩h⇩s.After (infixl ‹after⇩r⇩h⇩s› 86)
notation AfterExt⇩p⇩t⇩i⇩c⇩k.After (infixl ‹after⇩p⇩t⇩i⇩c⇩k› 86)
*)
notation AfterExt⇩l⇩h⇩s.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩l⇩h⇩s› 86)
notation AfterExt⇩r⇩h⇩s.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩r⇩h⇩s› 86)
notation AfterExt⇩p⇩t⇩i⇩c⇩k.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩p⇩t⇩i⇩c⇩k› 86)
  (* 
definition Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v :: ‹('a, 't) process⇩p⇩t⇩i⇩c⇩k ⇒ 't ⇒ ('a, 's × 'r) process⇩p⇩t⇩i⇩c⇩k›
  where ‹Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v P s_r ≡ TickSwap (Ω⇩p⇩t⇩i⇩c⇩k (TickSwap P) (case s_r of (s, r) ⇒ (r, s)))›

sublocale AfterExt⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v : AfterExt Ψ⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v .

notation AfterExt⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v.After⇩t⇩i⇩c⇩k (infixl ‹after⇩✓⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v› 86)

sublocale AfterExt⇩p⇩t⇩i⇩c⇩kDuplicated : AfterExtDuplicated Ψ⇩p⇩t⇩i⇩c⇩k Ω⇩p⇩t⇩i⇩c⇩k Ψ⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v .



lemma After⇩t⇩i⇩c⇩k_TickSwap :
  ‹TickSwap P after⇩✓⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v e =
   (case e of ✓(s_r) ⇒ Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v (TickSwap P) s_r
              | ev a ⇒  if P = ⊥ then ⊥
                       else   if ev a ∈ P⇧0
                            then TickSwap (P after⇩✓⇩p⇩t⇩i⇩c⇩k ev a)
                            else Ψ⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v (TickSwap P) a)›
  by (simp add: AfterExt⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v.After⇩t⇩i⇩c⇩k_def AfterExt⇩p⇩t⇩i⇩c⇩k.After⇩t⇩i⇩c⇩k_def
      After.After_BOT split: event⇩p⇩t⇩i⇩c⇩k.split)
      (simp add: After_TickSwap)


lemma TickSwap_After⇩t⇩i⇩c⇩k [simp] :
  ‹TickSwap (P after⇩✓⇩p⇩t⇩i⇩c⇩k e) = TickSwap P after⇩✓⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v tick_swap e›
  by (cases e) (auto simp add: AfterExt.After⇩t⇩i⇩c⇩k_def Ω⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v_def)

lemma TickSwap_is_After⇩t⇩i⇩c⇩k_iff [simp] :
  ‹TickSwap P = (Q after⇩✓⇩p⇩t⇩i⇩c⇩k e) ⟷ P = TickSwap Q after⇩✓⇩p⇩t⇩i⇩c⇩k⇩r⇩e⇩v tick_swap e›
  by (simp add: TickSwap_eq_iff_eq_TickSwap)
 *)

theorem After⇩t⇩i⇩c⇩k_Sync⇩p⇩t⇩i⇩c⇩k: 
  ‹(P ⟦S⟧⇩✓ Q) after⇩✓⇩p⇩t⇩i⇩c⇩k e =
   (case e of ✓(r_s) ⇒ Ω⇩p⇩t⇩i⇩c⇩k (P ⟦S⟧⇩✓ Q) r_s
            |  ev a ⇒ 
     if P = ⊥ ∨ Q = ⊥ then ⊥
    else   if ev a ∈ P⇧0 ∧ ev a ∈ Q⇧0
         then   if a ∈ S then P after⇩✓⇩l⇩h⇩s ev a ⟦S⟧⇩✓ Q after⇩✓⇩r⇩h⇩s ev a
              else (P after⇩✓⇩l⇩h⇩s ev a ⟦S⟧⇩✓ Q) ⊓ (P ⟦S⟧⇩✓ Q after⇩✓⇩r⇩h⇩s ev a)
         else   if ev a ∈ P⇧0 ∧ a ∉ S then P after⇩✓⇩l⇩h⇩s ev a ⟦S⟧⇩✓ Q
              else   if ev a ∈ Q⇧0 ∧ a ∉ S then P ⟦S⟧⇩✓ Q after⇩✓⇩r⇩h⇩s ev a
                   else Ψ⇩p⇩t⇩i⇩c⇩k (P ⟦S⟧⇩✓ Q) a)›
  by (cases e) (simp_all add: AfterExt.After⇩t⇩i⇩c⇩k_def After_Sync⇩p⇩t⇩i⇩c⇩k)

end



subsection ‹Generic Operational Semantics as Locales›

subsubsection ‹Sequential Composition›

locale OpSemTransitionsDuplicated_same_events =
  OpSemTransitionsDuplicated Ψ⇩α Ω⇩α τ_trans⇩α Ψ⇩β Ω⇩β τ_trans⇩β
  for Ψ⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'r] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, ('a, 'r) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩α↝⇩τ› 50)
    and Ψ⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 's] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, ('a, 's) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩β↝⇩τ› 50)

sublocale OpSemTransitionsDuplicated_same_events ⊆ AfterExtDuplicated_same_events
  by unfold_locales 

context OpSemTransitionsDuplicated_same_events begin

notation OpSemTransitions⇩α.ev_trans   (‹_ ⇩α↝⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩α.tick_trans (‹_ ⇩α↝⇩✓⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩β.ev_trans   (‹_ ⇩β↝⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩β.tick_trans (‹_ ⇩β↝⇩✓⇘_⇙ _› [50, 3, 51] 50)

lemma τ_trans_Seq⇩p⇩t⇩i⇩c⇩kR: ‹P ❙;⇩✓ Q ⇩β↝⇩τ Q'› if ‹P ⇩α↝⇩✓⇘r⇙ P'› and ‹Q r ⇩β↝⇩τ Q'›
proof -
  from that(1) have ‹P ⊑⇩F⇩D SKIP r› 
    by (meson OpSemTransitions⇩α.exists_tick_trans_is_initial_tick initial_tick_iff_FD_SKIP)
  with FD_iff_eq_Ndet have ‹P = P ⊓ SKIP r› ..
  hence ‹P ❙;⇩✓ Q = (P ❙;⇩✓ Q) ⊓ (SKIP r ❙;⇩✓ Q)› 
    by (metis Seq⇩p⇩t⇩i⇩c⇩k_distrib_Ndet_right)
  also have ‹… = (P ❙;⇩✓ Q) ⊓ Q r› by simp
  also have ‹… ⇩β↝⇩τ Q r› by (simp add: OpSemTransitions⇩β.τ_trans_NdetR)
  finally show ‹P ❙;⇩✓ Q ⇩β↝⇩τ Q'› by (rule OpSemTransitions⇩β.τ_trans_transitivity) (fact that(2))
qed

lemma ‹✓(r) ∈ P⇧0 ⟹ Q r ⇩β↝⇘e⇙ Q' ⟹ P ❙;⇩✓ Q ⇩β↝⇘e⇙ Q'› for P :: ‹('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
  by (meson OpSemTransitions⇩β.τ_trans_eq OpSemTransitions⇩β.τ_trans_ev_trans
            τ_trans_Seq⇩p⇩t⇩i⇩c⇩kR OpSemTransitions⇩α.exists_tick_trans_is_initial_tick)


end



locale OpSemTransitionsSeq⇩p⇩t⇩i⇩c⇩k =
  OpSemTransitionsDuplicated_same_events Ψ⇩α Ω⇩α τ_trans⇩α Ψ⇩β Ω⇩β τ_trans⇩β
  for Ψ⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'r] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩α :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, ('a, 'r) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩α↝⇩τ› 50)
    and Ψ⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 's] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩β :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, ('a, 's) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩β↝⇩τ› 50) +
  assumes τ_trans_Seq⇩p⇩t⇩i⇩c⇩kL : ‹P ⇩α↝⇩τ P' ⟹ P ❙;⇩✓ Q ⇩β↝⇩τ P' ❙;⇩✓ Q›
begin

lemma ev_trans_Seq⇩p⇩t⇩i⇩c⇩kL: ‹P ⇩α↝⇘e⇙ P' ⟹ P ❙;⇩✓ Q ⇩β↝⇘e⇙ P' ❙;⇩✓ Q›
  by (cases ‹P = ⊥›, solves ‹simp add: OpSemTransitions⇩β.BOT_ev_trans_anything›)
    (auto simp add: OpSemTransitions⇩β.ev_trans_def After⇩t⇩i⇩c⇩k_Seq⇩p⇩t⇩i⇩c⇩k initials_Seq⇩p⇩t⇩i⇩c⇩k
                    OpSemTransitions⇩α.ev_trans_def
             intro: OpSemTransitions⇩β.τ_trans_NdetL OpSemTransitions⇩β.τ_trans_transitivity τ_trans_Seq⇩p⇩t⇩i⇩c⇩kL)

lemmas Seq⇩p⇩t⇩i⇩c⇩k_OpSem_rules = τ_trans_Seq⇩p⇩t⇩i⇩c⇩kL ev_trans_Seq⇩p⇩t⇩i⇩c⇩kL τ_trans_Seq⇩p⇩t⇩i⇩c⇩kR


end


subsubsection ‹Synchronization Product›

locale OpSemTransitions_Sync⇩p⇩t⇩i⇩c⇩k_locale = Sync⇩p⇩t⇩i⇩c⇩k_locale ‹(⊗✓)› +
  OpSemTransitions⇩l⇩h⇩s  : OpSemTransitions Ψ⇩l⇩h⇩s   Ω⇩l⇩h⇩s   ‹(⇩l⇩h⇩s↝⇩τ)›  +
  OpSemTransitions⇩r⇩h⇩s  : OpSemTransitions Ψ⇩r⇩h⇩s   Ω⇩r⇩h⇩s   ‹(⇩r⇩h⇩s↝⇩τ)›  +
  OpSemTransitions⇩p⇩t⇩i⇩c⇩k : OpSemTransitions Ψ⇩p⇩t⇩i⇩c⇩k Ω⇩p⇩t⇩i⇩c⇩k ‹(⇩p⇩t⇩i⇩c⇩k↝⇩τ)›
  for tick_join :: ‹'r ⇒ 's ⇒ 't option› (infixl ‹⊗✓› 100)
    and Ψ⇩l⇩h⇩s :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩l⇩h⇩s :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, 'r] ⇒ ('a, 'r) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩l⇩h⇩s :: ‹[('a, 'r) process⇩p⇩t⇩i⇩c⇩k, ('a, 'r) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩l⇩h⇩s↝⇩τ› 50)
    and Ψ⇩r⇩h⇩s :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩r⇩h⇩s :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, 's] ⇒ ('a, 's) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩r⇩h⇩s :: ‹[('a, 's) process⇩p⇩t⇩i⇩c⇩k, ('a, 's) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩r⇩h⇩s↝⇩τ› 50)
    and Ψ⇩p⇩t⇩i⇩c⇩k :: ‹[('a, 't) process⇩p⇩t⇩i⇩c⇩k, 'a] ⇒ ('a, 't) process⇩p⇩t⇩i⇩c⇩k›
    and Ω⇩p⇩t⇩i⇩c⇩k :: ‹[('a, 't) process⇩p⇩t⇩i⇩c⇩k, 't] ⇒ ('a, 't) process⇩p⇩t⇩i⇩c⇩k›
    and τ_trans⇩p⇩t⇩i⇩c⇩k :: ‹[('a, 't) process⇩p⇩t⇩i⇩c⇩k, ('a, 't) process⇩p⇩t⇩i⇩c⇩k] ⇒ bool› (infixl ‹⇩p⇩t⇩i⇩c⇩k↝⇩τ› 50) +
  assumes τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL : ‹P ⇩l⇩h⇩s↝⇩τ P' ⟹ P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P' ⟦A⟧⇩✓ Q›
    and τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR : ‹Q ⇩r⇩h⇩s↝⇩τ Q' ⟹ P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P ⟦A⟧⇩✓ Q'›
begin

sublocale AfterExt_Sync⇩p⇩t⇩i⇩c⇩k_locale by unfold_locales


sublocale OpSemTransitions_Sync⇩p⇩t⇩i⇩c⇩k_locale_sym :
  OpSemTransitions_Sync⇩p⇩t⇩i⇩c⇩k_locale
  ‹λs r. r ⊗✓ s› Ψ⇩r⇩h⇩s Ω⇩r⇩h⇩s ‹(⇩r⇩h⇩s↝⇩τ)› Ψ⇩l⇩h⇩s Ω⇩l⇩h⇩s ‹(⇩l⇩h⇩s↝⇩τ)› Ψ⇩p⇩t⇩i⇩c⇩k Ω⇩p⇩t⇩i⇩c⇩k ‹(⇩p⇩t⇩i⇩c⇩k↝⇩τ)›
proof unfold_locales
  show ‹P ⇩r⇩h⇩s↝⇩τ P' ⟹ P ⟦A⟧⇩✓⇩s⇩y⇩m Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P' ⟦A⟧⇩✓⇩s⇩y⇩m Q› for P P' A Q
    by (simp add: Sync⇩p⇩t⇩i⇩c⇩k_sym τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR)
next
  show ‹Q ⇩l⇩h⇩s↝⇩τ Q' ⟹ P ⟦A⟧⇩✓⇩s⇩y⇩m Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P ⟦A⟧⇩✓⇩s⇩y⇩m Q'› for Q Q' A P
    by (simp add: Sync⇩p⇩t⇩i⇩c⇩k_sym τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL)
qed


notation OpSemTransitions⇩l⇩h⇩s.ev_trans (‹_ ⇩l⇩h⇩s↝⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩l⇩h⇩s.tick_trans (‹_ ⇩l⇩h⇩s↝⇩✓⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩r⇩h⇩s.ev_trans (‹_ ⇩r⇩h⇩s↝⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩r⇩h⇩s.tick_trans (‹_ ⇩r⇩h⇩s↝⇩✓⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩p⇩t⇩i⇩c⇩k.ev_trans (‹_ ⇩p⇩t⇩i⇩c⇩k↝⇘_⇙ _› [50, 3, 51] 50)
notation OpSemTransitions⇩p⇩t⇩i⇩c⇩k.tick_trans (‹_ ⇩p⇩t⇩i⇩c⇩k↝⇩✓⇘_⇙ _› [50, 3, 51] 50)


text ‹
We do not need the assumptions @{thm [source] τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR}
for the three following lemmas.
›

lemma τ_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩kL :
  ‹P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ SKIP r ⟦A⟧⇩✓ Q› if ‹P ⇩l⇩h⇩s↝⇩✓⇘r⇙ P'›
proof -
  from that have ‹P ⊑⇩F⇩D SKIP r›
    by (simp add: OpSemTransitions⇩l⇩h⇩s.tick_trans_def initial_tick_iff_FD_SKIP)
  with FD_iff_eq_Ndet have ‹P = P ⊓ SKIP r› ..
  hence ‹P ⟦A⟧⇩✓ Q = (P ⟦A⟧⇩✓ Q) ⊓ (SKIP r ⟦A⟧⇩✓ Q)›
    by (metis Sync⇩p⇩t⇩i⇩c⇩k_distrib_Ndet_right)
  also have ‹… ⇩p⇩t⇩i⇩c⇩k↝⇩τ SKIP r ⟦A⟧⇩✓ Q›
    by (fact OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_NdetR)
  finally show ‹P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ SKIP r ⟦A⟧⇩✓ Q› .
qed

lemma τ_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩kR :
  ‹P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P ⟦A⟧⇩✓ SKIP s› if ‹Q ⇩r⇩h⇩s↝⇩✓⇘s⇙ Q'›
proof -
  from that have ‹Q ⊑⇩F⇩D SKIP s›
    by (simp add: OpSemTransitions⇩r⇩h⇩s.tick_trans_def initial_tick_iff_FD_SKIP)
  with FD_iff_eq_Ndet have ‹Q = Q ⊓ SKIP s› ..
  hence ‹P ⟦A⟧⇩✓ Q = (P ⟦A⟧⇩✓ Q) ⊓ (P ⟦A⟧⇩✓ SKIP s)›
    by (metis Sync⇩p⇩t⇩i⇩c⇩k_distrib_Ndet_left)
  also have ‹… ⇩p⇩t⇩i⇩c⇩k↝⇩τ P ⟦A⟧⇩✓ SKIP s›
    by (fact OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_NdetR)
  finally show ‹P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇩τ P ⟦A⟧⇩✓ SKIP s› .
qed


lemma tick_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩k_SKIP:
  ‹r ⊗✓ s = Some r_s ⟹ SKIP r ⟦A⟧⇩✓ SKIP s ⇩p⇩t⇩i⇩c⇩k↝⇩✓⇘r_s⇙ Ω⇩p⇩t⇩i⇩c⇩k (SKIP r_s) r_s›
  by (simp add: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.SKIP_trans_tick_Ω_SKIP)


lemma ev_trans_Sync⇩p⇩t⇩i⇩c⇩kL :
  ‹a ∉ A ⟹ P ⇩l⇩h⇩s↝⇘a⇙ P' ⟹ P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇘a⇙ P' ⟦A⟧⇩✓ Q›
  by (auto simp add: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.ev_trans_def After⇩t⇩i⇩c⇩k_Sync⇩p⇩t⇩i⇩c⇩k
                     initials_Sync⇩p⇩t⇩i⇩c⇩k OpSemTransitions⇩l⇩h⇩s.ev_trans_def
              intro: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.BOT_τ_trans_anything OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_NdetL
                     OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_transitivity τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL)


lemma ev_trans_Sync⇩p⇩t⇩i⇩c⇩kR :
  ‹a ∉ A ⟹ Q ⇩r⇩h⇩s↝⇘a⇙ Q' ⟹ P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇘a⇙ P ⟦A⟧⇩✓ Q'›
  by (auto simp add: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.ev_trans_def After⇩t⇩i⇩c⇩k_Sync⇩p⇩t⇩i⇩c⇩k
                     initials_Sync⇩p⇩t⇩i⇩c⇩k OpSemTransitions⇩r⇩h⇩s.ev_trans_def
              intro: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.BOT_τ_trans_anything OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_NdetR
                     OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_transitivity τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR)

lemma ev_trans_Sync⇩p⇩t⇩i⇩c⇩kLR :
  ‹a ∈ A ⟹ P ⇩l⇩h⇩s↝⇘a⇙ P' ⟹ Q ⇩r⇩h⇩s↝⇘a⇙ Q' ⟹ P ⟦A⟧⇩✓ Q ⇩p⇩t⇩i⇩c⇩k↝⇘a⇙ P' ⟦A⟧⇩✓ Q'›
  by (auto simp add: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.ev_trans_def OpSemTransitions⇩l⇩h⇩s.ev_trans_def
                     OpSemTransitions⇩r⇩h⇩s.ev_trans_def After⇩t⇩i⇩c⇩k_Sync⇩p⇩t⇩i⇩c⇩k initials_Sync⇩p⇩t⇩i⇩c⇩k
              intro: OpSemTransitions⇩p⇩t⇩i⇩c⇩k.BOT_τ_trans_anything
                     OpSemTransitions⇩p⇩t⇩i⇩c⇩k.τ_trans_transitivity
                     τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR)


lemmas Sync⇩p⇩t⇩i⇩c⇩k_OpSem_rules = τ_trans_Sync⇩p⇩t⇩i⇩c⇩kL τ_trans_Sync⇩p⇩t⇩i⇩c⇩kR
  ev_trans_Sync⇩p⇩t⇩i⇩c⇩kL ev_trans_Sync⇩p⇩t⇩i⇩c⇩kR
  ev_trans_Sync⇩p⇩t⇩i⇩c⇩kLR
  τ_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩kL τ_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩kR
  tick_trans_SKIP_Sync⇩p⇩t⇩i⇩c⇩k_SKIP

end



(*<*)
end
  (*>*)