Theory Combining_Synchronization_Product

(***********************************************************************************
 * Copyright (c) 2025 Université Paris-Saclay
 *
 * Author: Benoît Ballenghien, Université Paris-Saclay,
 *         CNRS, ENS Paris-Saclay, LMF
 * Author: Burkhart Wolff, Université Paris-Saclay,
 *         CNRS, ENS Paris-Saclay, LMF
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice, this
 *
 * * Redistributions in binary form must reproduce the above copyright notice,
 *   this list of conditions and the following disclaimer in the documentation
 *   and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 * SPDX-License-Identifier: BSD-2-Clause
 ***********************************************************************************)


chapter ‹Combining Automata for Synchronization Product›

(*<*)
theory Combining_Synchronization_Product
  imports Process_Normalization
begin
  (*>*)


section ‹Definitions›

subsection ‹General Patterns›

abbreviation combine_sets_Sync :: ‹'a set ⇒ 'a set ⇒ 'a set ⇒ 'a set›
  where ‹combine_sets_Sync S⇩0 E S⇩1 ≡ (S⇩0 - E - S⇩1) ∪ (S⇩1 - E - S⇩0) ∪ (S⇩0 ∩ S⇩1 - E) ∪ S⇩0 ∩ S⇩1 ∩ E›

definition combine_Sync_ε :: 
  ‹[('σ⇩0, 'e, 'σ⇩0', 'r⇩0, 'α⇩0) A_scheme, 'e set,
    ('σ⇩1, 'e, 'σ⇩1', 'r⇩1, 'α⇩1) A_scheme, 'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ] ⇒ 'e set›
  where ‹combine_Sync_ε A⇩0 E A⇩1 i⇩0 i⇩1 σs ≡ combine_sets_Sync (ε A⇩0 (i⇩0 σs)) E (ε A⇩1 (i⇩1 σs))›

lemma combine_Sync_ε_def_bis :
  ‹combine_Sync_ε A⇩0 E A⇩1 i⇩0 i⇩1 σs =
   ε A⇩0 (i⇩0 σs) ∪ ε A⇩1 (i⇩1 σs) - E ∪ ε A⇩0 (i⇩0 σs) ∩ ε A⇩1 (i⇩1 σs)›
  by (auto simp add: combine_Sync_ε_def)


fun combine⇩d_Sync_τ :: 
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩d_scheme,
    'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ] ⇒ ('σ, 'e) trans⇩d›
  and combine⇩n⇩d_Sync_τ ::
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩n⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩n⇩d_scheme,
     'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ] ⇒ ('σ, 'e) trans⇩n⇩d›
  where ‹combine⇩d_Sync_τ  A⇩0 E A⇩1 i⇩0 i⇩1 f σs e =
         (       if e ∈ ε A⇩0 (i⇩0 σs) ∩ ε A⇩1 (i⇩1 σs)
               then update_both  A⇩0 A⇩1 (i⇩0 σs) (i⇩1 σs) e (f_up_opt f)
          else   if e ∈ ε A⇩0 (i⇩0 σs) - E - ε A⇩1 (i⇩1 σs)
               then update_left  A⇩0    (i⇩0 σs) (i⇩1 σs) e (f_up_opt f) (λs. ⌊s⌋)
          else   if e ∈ ε A⇩1 (i⇩1 σs) - E - ε A⇩0 (i⇩0 σs)
               then update_right    A⇩1 (i⇩0 σs) (i⇩1 σs) e (f_up_opt f) (λs. ⌊s⌋)
          else      ◇)›
  |     ‹combine⇩n⇩d_Sync_τ  A⇩0 E A⇩1 i⇩0 i⇩1 f σs e = 
         (       if e ∈ ε A⇩0 (i⇩0 σs) ∩ ε A⇩1 (i⇩1 σs) ∩ E
               then update_both  A⇩0 A⇩1 (i⇩0 σs) (i⇩1 σs) e (f_up_set f)
          else   if e ∈ ε A⇩0 (i⇩0 σs) ∩ ε A⇩1 (i⇩1 σs) - E
               then update_left  A⇩0    (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λs. {s})
                  ∪ update_right    A⇩1 (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λs. {s})
          else   if e ∈ ε A⇩0 (i⇩0 σs) - E - ε A⇩1 (i⇩1 σs)
               then update_left  A⇩0    (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λs. {s})
          else   if e ∈ ε A⇩1 (i⇩1 σs) - E - ε A⇩0 (i⇩0 σs)
               then update_right    A⇩1 (i⇩0 σs) (i⇩1 σs) e (f_up_set f) (λs. {s})
          else      {})›

fun combine⇩d_Sync_ω :: 
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩d_scheme,
    'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'r⇩0 ⇒ 'r⇩1 ⇒ 'r option] ⇒ ('σ ⇒ 'r option)›
  and combine⇩n⇩d_Sync_ω ::
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩n⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩n⇩d_scheme,
     'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'r⇩0 ⇒ 'r⇩1 ⇒ 'r option] ⇒ ('σ ⇒ 'r set)›
  where ‹combine⇩d_Sync_ω A⇩0 E A⇩1 i⇩0 i⇩1 g σs =
         (case ω A⇩0 (i⇩0 σs)
            of ◇ ⇒ ◇ | ⌊r⇩0⌋ ⇒ (case ω A⇩1 (i⇩1 σs) of ◇ ⇒ ◇ | ⌊r⇩1⌋ ⇒ g r⇩0 r⇩1))›
  |     ‹combine⇩n⇩d_Sync_ω A⇩0 E A⇩1 i⇩0 i⇩1 g σs =
         {r |r r⇩0 r⇩1. g r⇩0 r⇩1 = ⌊r⌋ ∧ r⇩0 ∈ ω A⇩0 (i⇩0 σs) ∧ r⇩1 ∈ ω A⇩1 (i⇩1 σs)}›

fun combine⇩d_Sync :: 
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩d_scheme,
    'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ, 'r⇩0 ⇒ 'r⇩1 ⇒ 'r option] ⇒ ('σ, 'e, 'r) A⇩d›
  and combine⇩n⇩d_Sync ::
  ‹[('σ⇩0, 'e, 'r⇩0, 'α⇩0) A⇩n⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r⇩1, 'α⇩1) A⇩n⇩d_scheme,
     'σ ⇒ 'σ⇩0, 'σ ⇒ 'σ⇩1, 'σ⇩0 ⇒ 'σ⇩1 ⇒ 'σ, 'r⇩0 ⇒ 'r⇩1 ⇒ 'r option] ⇒ ('σ, 'e, 'r) A⇩n⇩d›
  where ‹combine⇩d_Sync A⇩0 E A⇩1 i⇩0 i⇩1 f g = 
         ⦇τ = combine⇩d_Sync_τ A⇩0 E A⇩1 i⇩0 i⇩1 f, ω = combine⇩d_Sync_ω A⇩0 E A⇩1 i⇩0 i⇩1 g⦈›
  |     ‹combine⇩n⇩d_Sync A⇩0 E A⇩1 i⇩0 i⇩1 f g = 
         ⦇τ = combine⇩n⇩d_Sync_τ A⇩0 E A⇩1 i⇩0 i⇩1 f, ω = combine⇩n⇩d_Sync_ω A⇩0 E A⇩1 i⇩0 i⇩1 g⦈›



subsection ‹Specializations›

definition combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync ::
  ‹[('σ, 'e, 'r, 'α) A⇩d_scheme, 'e set, ('σ, 'e, 'r, 'β) A⇩d_scheme] ⇒ ('σ list, 'e, 'r) A⇩d›
  where ‹combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync A⇩0 E A⇩1 ≡
         combine⇩d_Sync A⇩0 E A⇩1 hd (λσs. hd (tl σs)) (λs t. [s, t]) (λs t. if s = t then ⌊s⌋ else ◇)›
definition combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync ::
  ‹[('σ, 'e, 'r, 'α) A⇩n⇩d_scheme, 'e set, ('σ, 'e, 'r, 'β) A⇩n⇩d_scheme] ⇒ ('σ list, 'e, 'r) A⇩n⇩d›
  where ‹combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync A⇩0 E A⇩1 ≡
         combine⇩n⇩d_Sync A⇩0 E A⇩1 hd (λσs. hd (tl σs)) (λs t. [s, t]) (λs t. if s = t then ⌊s⌋ else ◇)›

definition combine⇩d⇩P⇩a⇩i⇩r_Sync ::
  ‹[('σ⇩0, 'e, 'r, 'α) A⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r, 'β) A⇩d_scheme] ⇒ ('σ⇩0 × 'σ⇩1, 'e, 'r) A⇩d›
  where ‹combine⇩d⇩P⇩a⇩i⇩r_Sync A⇩0 E A⇩1 ≡
         combine⇩d_Sync A⇩0 E A⇩1 fst snd Pair (λs t. if s = t then ⌊s⌋ else ◇)›
definition combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync ::
  ‹[('σ⇩0, 'e, 'r, 'α) A⇩n⇩d_scheme, 'e set, ('σ⇩1, 'e, 'r, 'β) A⇩n⇩d_scheme] ⇒ ('σ⇩0 × 'σ⇩1, 'e, 'r) A⇩n⇩d›
  where ‹combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync A⇩0 E A⇩1 ≡
         combine⇩n⇩d_Sync A⇩0 E A⇩1 fst snd Pair (λs t. if s = t then ⌊s⌋ else ◇)›

definition combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync ::
  ‹[('σ list, 'e, 'r, 'α) A⇩d_scheme, nat, 'e set, ('σ list, 'e, 'r, 'β) A⇩d_scheme] ⇒ ('σ list, 'e, 'r) A⇩d›
  where ‹combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync A⇩0 len⇩0 E A⇩1 ≡
         combine⇩d_Sync A⇩0 E A⇩1 (take len⇩0) (drop len⇩0) (@) (λs t. if s = t then ⌊s⌋ else ◇)›
definition combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync ::
  ‹[('σ list, 'e, 'r, 'α) A⇩n⇩d_scheme, nat, 'e set, ('σ list, 'e, 'r, 'β) A⇩n⇩d_scheme] ⇒ ('σ list, 'e, 'r) A⇩n⇩d›
  where ‹combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync A⇩0 len⇩0 E A⇩1 ≡
         combine⇩n⇩d_Sync A⇩0 E A⇩1 (take len⇩0) (drop len⇩0) (@) (λs t. if s = t then ⌊s⌋ else ◇)›

definition combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync ::
  ‹[('σ, 'e, 'r, 'α) A⇩d_scheme, 'e set, ('σ list, 'e, 'r, 'β) A⇩d_scheme]  ⇒ ('σ list, 'e, 'r) A⇩d›
  where ‹combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync A⇩0 E A⇩1 ≡
         combine⇩d_Sync A⇩0 E A⇩1 hd tl (#) (λs t. if s = t then ⌊s⌋ else ◇)›
definition combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync ::
  ‹[('σ, 'e, 'r, 'α) A⇩n⇩d_scheme, 'e set, ('σ list, 'e, 'r, 'β) A⇩n⇩d_scheme]  ⇒ ('σ list, 'e, 'r) A⇩n⇩d›
  where ‹combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync A⇩0 E A⇩1 ≡
         combine⇩n⇩d_Sync A⇩0 E A⇩1 hd tl (#) (λs t. if s = t then ⌊s⌋ else ◇)›

lemmas combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs = combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_def combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_def
  and combine⇩P⇩a⇩i⇩r_Sync_defs = combine⇩d⇩P⇩a⇩i⇩r_Sync_def combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync_def
  and combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs = combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_def combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_def
  and combine⇩R⇩l⇩i⇩s⇩t_Sync_defs = combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync_def combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync_def

lemmas combine_Sync_defs =
  combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs combine⇩P⇩a⇩i⇩r_Sync_defs combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs combine⇩R⇩l⇩i⇩s⇩t_Sync_defs


bundle combine⇩n⇩d_Sync_syntax begin

notation combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync (‹⟪_ ⇩d⊗⟦_⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t _⟫› [0, 0, 0])
notation combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync (‹⟪_ ⇩n⇩d⊗⟦_⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t _⟫› [0, 0, 0])
notation combine⇩d⇩P⇩a⇩i⇩r_Sync (‹⟪_ ⇩d⊗⟦_⟧⇩P⇩a⇩i⇩r _⟫› [0, 0, 0])
notation combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync (‹⟪_ ⇩n⇩d⊗⟦_⟧⇩P⇩a⇩i⇩r _⟫› [0, 0, 0])
notation combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync (‹⟪_ ⇩d⊗⟦_, _⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L _⟫› [0, 0, 0, 0])
notation combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync (‹⟪_ ⇩n⇩d⊗⟦_, _⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L _⟫› [0, 0, 0, 0])
notation combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync (‹⟪_ ⇩d⊗⟦_⟧⇩R⇩l⇩i⇩s⇩t _⟫› [0, 0, 0])
notation combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync (‹⟪_ ⇩n⇩d⊗⟦_⟧⇩R⇩l⇩i⇩s⇩t _⟫› [0, 0, 0])

end

unbundle combine⇩n⇩d_Sync_syntax



section ‹First Properties›

lemma finite_trans_combine⇩n⇩d_Sync_simps [simp] : 
  ‹finite_trans A⇩0 ⟹ finite_trans A⇩1 ⟹ finite_trans ⟪A⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫›
  ‹finite_trans B⇩0 ⟹ finite_trans B⇩1 ⟹ finite_trans ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r B⇩1⟫›
  ‹finite_trans C⇩0 ⟹ finite_trans C⇩1 ⟹ finite_trans ⟪C⇩0 ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L C⇩1⟫›
  ‹finite_trans D⇩0 ⟹ finite_trans D⇩1 ⟹ finite_trans ⟪D⇩0 ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t D⇩1⟫›
  unfolding combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_def combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync_def combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_def combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync_def 
  by (simp_all add: finite_trans_def finite_image_set2)

lemma ε_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync:
  ‹ε ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ σs = combine_Sync_ε A⇩0 E A⇩1 hd (hd ∘ tl) σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t B⇩1⟫ σs = combine_Sync_ε B⇩0 E B⇩1 hd (hd ∘ tl) σs›
  by (auto simp add: combine_Sync_ε_def_bis combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs ε_simps)

lemma ε_combine⇩P⇩a⇩i⇩r_Sync:
  ‹ε ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫ σs = combine_Sync_ε A⇩0 E A⇩1 fst snd σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r B⇩1⟫ σs = combine_Sync_ε B⇩0 E B⇩1 fst snd σs›
  by (auto simp add: combine_Sync_ε_def_bis combine⇩P⇩a⇩i⇩r_Sync_defs ε_simps)

lemma ε_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync: 
  ‹ε ⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ σs = combine_Sync_ε A⇩0 E A⇩1 (take len⇩0) (drop len⇩0) σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L B⇩1⟫ σs = combine_Sync_ε B⇩0 E B⇩1 (take len⇩0) (drop len⇩0) σs›
  by (auto simp add: combine_Sync_ε_def_bis combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs ε_simps)

lemma ε_combine⇩R⇩l⇩i⇩s⇩t_Sync:
  ‹ε ⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫ σs = combine_Sync_ε A⇩0 E A⇩1 hd tl σs›
  ‹ε ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t B⇩1⟫ σs = combine_Sync_ε B⇩0 E B⇩1 hd tl σs›
  by (auto simp add: combine_Sync_ε_def_bis combine⇩R⇩l⇩i⇩s⇩t_Sync_defs ε_simps)


lemma ρ_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync:
  ‹ρ ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ = {σs. hd σs ∈ ρ A⇩0 ∧ hd (tl σs) ∈ ρ A⇩1 ∧ ω A⇩0 (hd σs) = ω A⇩1 (hd (tl σs))}›
  ‹ρ ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t B⇩1⟫ = {σs. hd σs ∈ ρ B⇩0 ∧ hd (tl σs) ∈ ρ B⇩1 ∧ ω B⇩0 (hd σs) ∩ ω B⇩1 (hd (tl σs)) ≠ {}}›
  by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs ρ_simps split: option.split)

lemma ρ_combine⇩P⇩a⇩i⇩r_Sync:
  ‹ρ ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫ = {(σ⇩0, σ⇩1). σ⇩0 ∈ ρ A⇩0 ∧ σ⇩1 ∈ ρ A⇩1 ∧ ω A⇩0 σ⇩0 = ω A⇩1 σ⇩1}›
  ‹ρ ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r B⇩1⟫ = {(σ⇩0, σ⇩1). σ⇩0 ∈ ρ B⇩0 ∧ σ⇩1 ∈ ρ B⇩1 ∧ ω B⇩0 σ⇩0 ∩ ω B⇩1 σ⇩1 ≠ {}}›
  by (auto simp add: combine⇩P⇩a⇩i⇩r_Sync_defs ρ_simps split: option.split)

lemma ρ_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync: 
  ‹ρ ⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ =
   {σs. take len⇩0 σs ∈ ρ A⇩0 ∧ drop len⇩0 σs ∈ ρ A⇩1 ∧ ω A⇩0 (take len⇩0 σs) = ω A⇩1 (drop len⇩0 σs)}›
  ‹ρ ⟪B⇩0 ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L B⇩1⟫ =
   {σs. take len⇩0 σs ∈ ρ B⇩0 ∧ drop len⇩0 σs ∈ ρ B⇩1 ∧ ω B⇩0 (take len⇩0 σs) ∩ ω B⇩1 (drop len⇩0 σs) ≠ {}}›
  by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs ρ_simps split: option.split)

lemma ρ_combine⇩R⇩l⇩i⇩s⇩t_Sync:
  ‹ρ ⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫ =
   {σs. hd σs ∈ ρ A⇩0 ∧ tl σs ∈ ρ A⇩1 ∧ ω A⇩0 (hd σs) = ω A⇩1 (tl σs)}›
  ‹ρ ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t B⇩1⟫ =
   {σs. hd σs ∈ ρ B⇩0 ∧ tl σs ∈ ρ B⇩1 ∧ ω B⇩0 (hd σs) ∩ ω B⇩1 (tl σs) ≠ {}}›
  by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Sync_defs ρ_simps split: option.split)



lemma combine_Sync_τ [simp] :
  ‹combine⇩d_Sync_τ (A⇩0⦇ω := some_ω⇩0⦈) E (A⇩1⦇ω := some_ω⇩1⦈) = combine⇩d_Sync_τ A⇩0 E A⇩1›
  ‹combine⇩n⇩d_Sync_τ (B⇩0⦇ω := some_ω⇩0'⦈) E (B⇩1⦇ω := some_ω⇩1'⦈) = combine⇩n⇩d_Sync_τ B⇩0 E B⇩1›
  for A :: ‹('σ, 'a, 'σ option, 'r option, 'α) A_scheme›
    and B :: ‹('σ, 'a, 'σ set, 'r set, 'α) A_scheme›
  by (intro ext, simp)+





section ‹Reachability›

lemma ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_subset: 
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫ (s⇩0 @ s⇩1) ⊆ {t⇩0 @ t⇩1| t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩d A⇩1 s⇩1}› (is ‹?S⇩A ⊆ _›)
  if same_length_ℛ⇩d: ‹⋀t⇩0. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ⟹ length t⇩0 = len⇩0›
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = t⇩0 @ t⇩1 ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩d A⇩1 s⇩1› for t
    apply (induct rule: ℛ⇩d.induct, metis ℛ⇩d.init)
    by (simp_all add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs same_length_ℛ⇩d ε_simps split: if_splits)
      (metis (no_types, opaque_lifting) ℛ⇩d.simps)+
qed

lemma ℛ⇩n⇩d_combine⇩n⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_subset: 
  ‹ℛ⇩n⇩d ⟪B⇩0 ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L B⇩1⟫ (s⇩0 @ s⇩1) ⊆ {t⇩0 @ t⇩1| t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩n⇩d B⇩1 s⇩1}› (is ‹?S⇩B ⊆ _›)
  if same_length_ℛ⇩n⇩d: ‹⋀t⇩0. t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ⟹ length t⇩0 = len⇩0›
proof safe
  show ‹t ∈ ?S⇩B ⟹ ∃t⇩0 t⇩1. t = t⇩0 @ t⇩1 ∧ t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩n⇩d B⇩1 s⇩1› for t
    apply (induct rule: ℛ⇩n⇩d.induct, metis ℛ⇩n⇩d.init)
    by (simp_all add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs same_length_ℛ⇩n⇩d ε_simps split: if_splits)
      (metis (no_types, opaque_lifting) ℛ⇩n⇩d.simps)+
qed


lemma ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_subset:
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫ [s⇩0, s⇩1] ⊆ {[t⇩0, t⇩1]| t⇩0 t⇩1. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩d A⇩1 s⇩1}› (is ‹?S⇩A ⊆ _›)
  and ℛ⇩n⇩d_combine⇩n⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_subset:
  ‹ℛ⇩n⇩d ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t B⇩1⟫ [s⇩0, s⇩1] ⊆ {[t⇩0, t⇩1]| t⇩0 t⇩1. t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩n⇩d B⇩1 s⇩1}› (is ‹?S⇩B ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 t⇩1. t = [t⇩0, t⇩1] ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩d A⇩1 s⇩1› for t
    by (ℛ⇩d_subset_method defs: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs)
  show ‹t ∈ ?S⇩B ⟹ ∃t⇩0 t⇩1. t = [t⇩0, t⇩1] ∧ t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ t⇩1 ∈ ℛ⇩n⇩d B⇩1 s⇩1› for t
    by (ℛ⇩n⇩d_subset_method defs: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs)
qed

lemma ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Sync_subset:
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫ (s⇩0, s⇩1) ⊆ ℛ⇩d A⇩0 s⇩0 × ℛ⇩d A⇩1 s⇩1› (is ‹?S⇩A ⊆ _›)
  and ℛ⇩n⇩d_combine⇩n⇩d⇩P⇩a⇩i⇩r_Sync_subset:
  ‹ℛ⇩n⇩d ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r B⇩1⟫ (s⇩0, s⇩1) ⊆ ℛ⇩n⇩d B⇩0 s⇩0 × ℛ⇩n⇩d B⇩1 s⇩1› (is ‹?S⇩B ⊆ _›)
proof -
  have ‹t ∈ ?S⇩A ⟹ fst t ∈ ℛ⇩d A⇩0 s⇩0 ∧ snd t ∈ ℛ⇩d A⇩1 s⇩1› for t 
    by (ℛ⇩d_subset_method defs: combine⇩P⇩a⇩i⇩r_Sync_defs)
  thus ‹?S⇩A ⊆ ℛ⇩d A⇩0 s⇩0 × ℛ⇩d A⇩1 s⇩1› by force
next
  have ‹t ∈ ?S⇩B ⟹ fst t ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ snd t ∈ ℛ⇩n⇩d B⇩1 s⇩1› for t
    by (ℛ⇩n⇩d_subset_method defs: combine⇩P⇩a⇩i⇩r_Sync_defs)
  thus ‹?S⇩B ⊆ ℛ⇩n⇩d B⇩0 s⇩0 × ℛ⇩n⇩d B⇩1 s⇩1› by force
qed


lemma ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync_subset:
  ‹ℛ⇩d ⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫ (s⇩0 # σs) ⊆ {t⇩0 # σt| t⇩0 σt. t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ σt ∈ ℛ⇩d A⇩1 σs}› (is ‹?S⇩A ⊆ _›)
  and ℛ⇩n⇩d_combine⇩n⇩d⇩R⇩l⇩i⇩s⇩t_Sync_subset: 
  ‹ℛ⇩n⇩d ⟪B⇩0 ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t B⇩1⟫ (s⇩0 # σs) ⊆ {t⇩0 # σt| t⇩0 σt. t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ σt ∈ ℛ⇩n⇩d B⇩1 σs}› (is ‹?S⇩B ⊆ _›)
proof safe
  show ‹t ∈ ?S⇩A ⟹ ∃t⇩0 σt. t = t⇩0 # σt ∧ t⇩0 ∈ ℛ⇩d A⇩0 s⇩0 ∧ σt ∈ ℛ⇩d A⇩1 σs› for t
    by (ℛ⇩d_subset_method defs: combine⇩R⇩l⇩i⇩s⇩t_Sync_defs)
next
  show ‹t ∈ ?S⇩B ⟹ ∃t⇩0 σt. t = t⇩0 # σt ∧ t⇩0 ∈ ℛ⇩n⇩d B⇩0 s⇩0 ∧ σt ∈ ℛ⇩n⇩d B⇩1 σs› for t
    by (ℛ⇩n⇩d_subset_method defs: combine⇩R⇩l⇩i⇩s⇩t_Sync_defs)
qed



section ‹Normalization› 


lemma ω_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour:
  ‹ω ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d [s⇩0, s⇩1] = ω ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ [s⇩0, s⇩1]›
  by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs det_ndet_conv_defs option.case_eq_if)

lemma ω_combine⇩P⇩a⇩i⇩r_Sync_behaviour:
  ‹ω ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0, s⇩1) = ω ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (s⇩0, s⇩1)›
  by (auto simp add: combine⇩P⇩a⇩i⇩r_Sync_defs det_ndet_conv_defs option.case_eq_if)

lemma ω_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour:
  ‹ω ⟪⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d⇩↪⇩n⇩d (σs⇩0 @ σs⇩1) = ω ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (σs⇩0 @ σs⇩1)›
  by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs det_ndet_conv_defs option.case_eq_if)

lemma ω_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour:
  ‹ω ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0 # σs⇩1) = ω ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (s⇩0 # σs⇩1)›
  by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Sync_defs det_ndet_conv_defs option.case_eq_if)


lemma τ_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹ε A⇩0 s⇩0 ∩ ε A⇩1 s⇩1 ⊆ E ⟹
   τ ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d [s⇩0, s⇩1] e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ [s⇩0, s⇩1] e›
  by (auto simp add: combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_defs det_ndet_conv_defs option.case_eq_if ε_simps)

lemma τ_combine⇩P⇩a⇩i⇩r_Sync_behaviour_when_indep:
  ‹ε A⇩0 s⇩0 ∩ ε A⇩1 s⇩1 ⊆ E ⟹ 
   τ ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0, s⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (s⇩0, s⇩1) e›
  by (auto simp add: combine⇩P⇩a⇩i⇩r_Sync_defs det_ndet_conv_defs option.case_eq_if ε_simps)

lemma τ_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour_when_indep:
  ‹ε A⇩0 σs⇩0 ∩ ε A⇩1 σs⇩1 ⊆ E ⟹ length σs⇩0 = len⇩0 ⟹ 
   τ ⟪⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d⇩↪⇩n⇩d (σs⇩0 @ σs⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (σs⇩0 @ σs⇩1) e›
  by (auto simp add: combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_defs det_ndet_conv_defs option.case_eq_if ε_simps)

lemma τ_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹ε A⇩0 s⇩0 ∩ ε A⇩1 σs⇩1 ⊆ E ⟹
   τ ⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d⇩↪⇩n⇩d (s⇩0 # σs⇩1) e = τ ⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫ (s⇩0 # σs⇩1) e›
  by (auto simp add: combine⇩R⇩l⇩i⇩s⇩t_Sync_defs det_ndet_conv_defs option.case_eq_if ε_simps)



method P⇩S⇩K⇩I⇩P⇩S_when_indep_method uses R_d_subset = 
  fold P⇩S⇩K⇩I⇩P⇩S_nd_from_det_to_ndet_is_P⇩S⇩K⇩I⇩P⇩S_d,
  rule P⇩S⇩K⇩I⇩P⇩S_nd_eqI_strong_id,
  unfold ℛ⇩n⇩d_from_det_to_ndet,
  all ‹drule set_mp[OF R_d_subset, rotated]›


method P_when_indep_method uses R_d_subset =
  fold P_nd_from_det_to_ndet_is_P_d,
  rule P_nd_eqI_strong_id,
  unfold ℛ⇩n⇩d_from_det_to_ndet,
  all ‹drule set_mp[OF R_d_subset, rotated]›


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d [s⇩0, s⇩1] = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d [s⇩0, s⇩1]›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 s⇩1›
  by (P⇩S⇩K⇩I⇩P⇩S_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_subset, simp_all)
    (metis τ_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep indep_enablD that,
      metis ω_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour)

lemma P_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹P⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d [s⇩0, s⇩1] = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d [s⇩0, s⇩1]›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 s⇩1›
  by (P_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_subset, simp_all)
    (metis τ_combine⇩P⇩a⇩i⇩r⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep indep_enablD that)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩P⇩a⇩i⇩r_Sync_behaviour_when_indep:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d (s⇩0, s⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (s⇩0, s⇩1)›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 s⇩1›
  by (P⇩S⇩K⇩I⇩P⇩S_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Sync_subset, all ‹elim SigmaE›)
    (metis τ_combine⇩P⇩a⇩i⇩r_Sync_behaviour_when_indep indep_enablD that,
      auto simp add: ω_combine⇩P⇩a⇩i⇩r_Sync_behaviour option.case_eq_if)

lemma P_combine⇩P⇩a⇩i⇩r_Sync_behaviour_when_indep:
  ‹P⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r A⇩1⟫⟫⇩d (s⇩0, s⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩P⇩a⇩i⇩r ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (s⇩0, s⇩1)›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 s⇩1›
  by (P_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩P⇩a⇩i⇩r_Sync_subset, elim SigmaE)
    (metis τ_combine⇩P⇩a⇩i⇩r_Sync_behaviour_when_indep indep_enablD that)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour_when_indep:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d (σs⇩0 @ σs⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (σs⇩0 @ σs⇩1)› 
  if ‹indep_enabl A⇩0 σs⇩0 E A⇩1 σs⇩1› and ‹⋀σt⇩0. σt⇩0 ∈ ℛ⇩d A⇩0 σs⇩0 ⟹ length σt⇩0 = len⇩0›
  by (P⇩S⇩K⇩I⇩P⇩S_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_subset, simp_all add: that(2))
    (metis τ_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour_when_indep indep_enablD that,
      metis ω_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour)

lemma P_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour_when_indep:
  ‹P⟪⟪A⇩0 ⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L A⇩1⟫⟫⇩d (σs⇩0 @ σs⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦len⇩0, E⟧⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (σs⇩0 @ σs⇩1)›
  if ‹indep_enabl A⇩0 σs⇩0 E A⇩1 σs⇩1› and ‹⋀σt⇩0. σt⇩0 ∈ ℛ⇩d A⇩0 σs⇩0 ⟹ length σt⇩0 = len⇩0›
  by (P_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_subset, simp_all add: that(2))
    (metis τ_combine⇩L⇩i⇩s⇩t⇩s⇩l⇩e⇩n⇩L_Sync_behaviour_when_indep indep_enablD that)


lemma P⇩S⇩K⇩I⇩P⇩S_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹P⇩S⇩K⇩I⇩P⇩S⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d (s⇩0 # σs⇩1) = P⇩S⇩K⇩I⇩P⇩S⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (s⇩0 # σs⇩1)›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 σs⇩1›
  by (P⇩S⇩K⇩I⇩P⇩S_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync_subset, simp_all)
    (metis τ_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep indep_enablD that,
      metis ω_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour)

lemma P_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep:
  ‹P⟪⟪A⇩0 ⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t A⇩1⟫⟫⇩d (s⇩0 # σs⇩1) = P⟪⟪⟪A⇩0⟫⇩d⇩↪⇩n⇩d ⇩n⇩d⊗⟦E⟧⇩R⇩l⇩i⇩s⇩t ⟪A⇩1⟫⇩d⇩↪⇩n⇩d⟫⟫⇩n⇩d (s⇩0 # σs⇩1)›
  if ‹indep_enabl A⇩0 s⇩0 E A⇩1 σs⇩1›
  by (P_when_indep_method R_d_subset: ℛ⇩d_combine⇩d⇩R⇩l⇩i⇩s⇩t_Sync_subset, simp)
    (metis τ_combine⇩R⇩l⇩i⇩s⇩t_Sync_behaviour_when_indep indep_enablD that)


(*<*)
end
  (*>*)