Theory UnwindingResults
theory UnwindingResults
imports AuxiliaryLemmas
begin
context Unwinding
begin
theorem unwinding_theorem_BSD:
"β¦ lrf ur; osc ur β§ βΉ BSD π± Trβ(induceES SES)β"
proof -
assume lrf_true: "lrf ur"
assume osc_true: "osc ur"
{
fix Ξ± Ξ² c
assume c_in_C: "c β Cβπ±β"
assume Ξ²cΞ±_in_Tr: "((Ξ² @ [c]) @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
from state_from_induceES_trace[OF Ξ²cΞ±_in_Tr] obtain s1'
where s1'_in_S: "s1' β SβSESβ"
and enabled_s1'_Ξ±: "enabled SES s1' Ξ±"
and s0_Ξ²c_s1': "s0βSESβ (Ξ² @ [c])βΉβSESβ s1'"
and reachable_s1': "reachable SES s1'"
by auto
from path_split_single2[OF s0_Ξ²c_s1'] obtain s1
where s1_in_S: "s1 β SβSESβ"
and s0_Ξ²_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and s1_c_s1': "s1 cβΆβSESβ s1'"
and reachable_s1: "reachable SES s1"
by auto
from s1_in_S s1'_in_S c_in_C reachable_s1 s1_c_s1' lrf_true
have s1'_ur_s1: "((s1', s1) β ur)"
by (simp add: lrf_def, auto)
from osc_property[OF osc_true s1_in_S s1'_in_S Ξ±_contains_no_c reachable_s1
reachable_s1' enabled_s1'_Ξ± s1'_ur_s1]
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1_Ξ±': "enabled SES s1 Ξ±'"
by auto
have Ξ²Ξ±'_in_Tr: "Ξ² @ Ξ±' β Trβ(induceES SES)β"
proof -
note s0_Ξ²_s1
moreover
from enabled_s1_Ξ±' obtain s2
where "s1 Ξ±'βΉβSESβ s2"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ (Ξ² @ Ξ±') βΉβSESβ s2"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ²Ξ±'_in_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c have
"βΞ±'. ((Ξ² @ Ξ±') β (Trβ(induceES SES)β) β§ (Ξ±' βΏ (Vβπ±β)) = (Ξ± βΏ Vβπ±β) β§ Ξ±' βΏ Cβπ±β = [])"
by auto
}
thus ?thesis
by (simp add: BSD_def)
qed
theorem unwinding_theorem_BSI:
"β¦ lrb ur; osc ur β§ βΉ BSI π± Trβ(induceES SES)β"
proof -
assume lrb_true: "lrb ur"
assume osc_true: "osc ur"
{
fix Ξ± Ξ² c
assume c_in_C: "c β Cβπ±β"
assume Ξ²Ξ±_in_ind_Tr: "(Ξ² @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
from state_from_induceES_trace[OF Ξ²Ξ±_in_ind_Tr] obtain s1
where s1_in_S : "s1 β SβSESβ"
and path_Ξ²_yields_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and enabled_s1_Ξ±: "enabled SES s1 Ξ±"
and reachable_s1: "reachable SES s1"
by auto
from reachable_s1 s1_in_S c_in_C lrb_true
have "βs1'β SβSESβ. s1 cβΆβSESβ s1' β§ (s1, s1') β ur"
by(simp add: lrb_def)
then obtain s1'
where s1'_in_S: "s1' β SβSESβ"
and s1_trans_c_s1': "s1 cβΆβSESβ s1'"
and s1_s1'_in_ur: "(s1, s1') β ur"
by auto
have reachable_s1': "reachable SES s1'"
proof -
from path_Ξ²_yields_s1 s1_trans_c_s1' have "s0βSESβ (Ξ² @ [c])βΉβSESβ s1'"
by (rule path_trans_single)
thus ?thesis by (simp add: reachable_def, auto)
qed
from osc_property[OF osc_true s1'_in_S s1_in_S Ξ±_contains_no_c
reachable_s1' reachable_s1 enabled_s1_Ξ± s1_s1'_in_ur]
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1'_Ξ±': "enabled SES s1' Ξ±'"
by auto
have Ξ²cΞ±'_in_ind_Tr: "Ξ² @ [c] @ Ξ±' β Trβ(induceES SES)β"
proof -
from path_Ξ²_yields_s1 s1_trans_c_s1' have "s0βSESβ (Ξ² @ [c])βΉβSESβ s1'"
by (rule path_trans_single)
moreover
from enabled_s1'_Ξ±' obtain s2
where "s1' Ξ±'βΉβSESβ s2"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ ((Ξ² @ [c]) @ Ξ±')βΉβSESβ s2"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ²cΞ±'_in_ind_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c
have "βΞ±'. Ξ² @ c # Ξ±' β Trβ(induceES SES)β β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
by auto
}
thus ?thesis
by(simp add: BSI_def)
qed
theorem unwinding_theorem_BSIA:
"β¦ lrbe Ο ur; osc ur β§ βΉ BSIA Ο π± Trβ(induceES SES)β"
proof -
assume lrbe_true: "lrbe Ο ur"
assume osc_true: "osc ur"
{
fix Ξ± Ξ² c
assume c_in_C: "c β Cβπ±β"
assume Ξ²Ξ±_in_ind_Tr: "(Ξ² @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
assume adm: "Adm π± Ο Trβ(induceES SES)β Ξ² c"
from state_from_induceES_trace[OF Ξ²Ξ±_in_ind_Tr]
obtain s1
where s1_in_S : "s1 β SβSESβ"
and s0_Ξ²_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and enabled_s1_Ξ±: "enabled SES s1 Ξ±"
and reachable_s1: "reachable SES s1"
by auto
have "βΞ±'. Ξ² @ [c] @ Ξ±' β Trβ(induceES SES)β β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
proof cases
assume en: "En Ο s1 c"
from reachable_s1 s1_in_S c_in_C en lrbe_true
have "βs1'β SβSESβ. s1 cβΆβSESβ s1' β§ (s1, s1') β ur"
by(simp add: lrbe_def)
then obtain s1'
where s1'_in_S: "s1' β SβSESβ"
and s1_trans_c_s1': "s1 cβΆβSESβ s1'"
and s1_s1'_in_ur: "(s1, s1') β ur"
by auto
have reachable_s1': "reachable SES s1'"
proof -
from s0_Ξ²_s1 s1_trans_c_s1' have "s0βSESβ (Ξ² @ [c])βΉβSESβ s1'"
by (rule path_trans_single)
thus ?thesis by (simp add: reachable_def, auto)
qed
from osc_property[OF osc_true s1'_in_S s1_in_S Ξ±_contains_no_c
reachable_s1' reachable_s1 enabled_s1_Ξ± s1_s1'_in_ur]
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1'_Ξ±': "enabled SES s1' Ξ±'"
by auto
have Ξ²cΞ±'_in_ind_Tr: "Ξ² @ [c] @ Ξ±' β Trβ(induceES SES)β"
proof -
from s0_Ξ²_s1 s1_trans_c_s1' have "s0βSESβ (Ξ² @ [c])βΉβSESβ s1'"
by (rule path_trans_single)
moreover
from enabled_s1'_Ξ±' obtain s2
where "s1' Ξ±'βΉβSESβ s2"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ ((Ξ² @ [c]) @ Ξ±')βΉβSESβ s2"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ²cΞ±'_in_ind_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c show ?thesis
by auto
next
assume not_en: "Β¬ En Ο s1 c"
let ?A = "(Adm π± Ο (Trβ(induceES SES)β) Ξ² c)"
let ?E = "βs β SβSESβ. (s0βSESβ Ξ²βΉβSESβ s β§ En Ο s c)"
{
assume adm: "?A"
from s0_Ξ²_s1 have Ξ²_in_Tr: "Ξ² β Trβ(induceES SES)β"
by (simp add: induceES_def possible_traces_def enabled_def)
from Ξ²_in_Tr adm have "?E"
by (rule Adm_to_En)
}
hence Adm_to_En_contr: "Β¬ ?E βΉ Β¬ ?A"
by blast
with s1_in_S s0_Ξ²_s1 not_en have not_adm: "Β¬ ?A"
by auto
with adm show ?thesis
by auto
qed
}
thus ?thesis
by (simp add: BSIA_def)
qed
theorem unwinding_theorem_FCD:
"β¦ fcrf Ξ ur; osc ur β§ βΉ FCD Ξ π± Trβ(induceES SES)β"
proof -
assume fcrf: "fcrf Ξ ur"
assume osc: "osc ur"
{
fix Ξ± Ξ² c v
assume c_in_C_inter_Y: "c β (Cβπ±β β© Ξ₯βΞβ)"
assume v_in_V_inter_Nabla: "v β (Vβπ±β β© ββΞβ)"
assume Ξ²cvΞ±_in_Tr: "((Ξ² @ [c] @ [v]) @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
from state_from_induceES_trace[OF Ξ²cvΞ±_in_Tr] obtain s1'
where s1'_in_S: "s1' β SβSESβ"
and s0_Ξ²cv_s1': "s0βSESβ (Ξ² @ ([c] @ [v]))βΉβSESβ s1'"
and enabled_s1'_Ξ±: "enabled SES s1' Ξ±"
and reachable_s1': "reachable SES s1'"
by auto
from path_split2[OF s0_Ξ²cv_s1'] obtain s1
where s1_in_S: "s1 β SβSESβ"
and s0_Ξ²_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and s1_cv_s1': "s1 ([c] @ [v])βΉβSESβ s1'"
and reachable_s1: "reachable SES s1"
by (auto)
from c_in_C_inter_Y v_in_V_inter_Nabla s1_in_S s1'_in_S reachable_s1 s1_cv_s1' fcrf
have "βs1'' β SβSESβ. βΞ΄. (βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ)) β§
s1 (Ξ΄ @ [v])βΉβSESβ s1'' β§ (s1', s1'') β ur"
by (simp add: fcrf_def)
then obtain s1'' Ξ΄
where s1''_in_S: "s1'' β SβSESβ"
and Ξ΄_in_N_inter_Delta_star: "(βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ))"
and s1_Ξ΄v_s1'': "s1 (Ξ΄ @ [v])βΉβSESβ s1''"
and s1'_ur_s1'': "(s1', s1'') β ur"
by auto
have reachable_s1'': "reachable SES s1''"
proof -
from s0_Ξ²_s1 s1_Ξ΄v_s1'' have "s0βSESβ (Ξ² @ (Ξ΄ @ [v]))βΉβSESβ s1''"
by (rule path_trans)
thus ?thesis
by (simp add: reachable_def, auto)
qed
from osc_property[OF osc s1''_in_S s1'_in_S Ξ±_contains_no_c
reachable_s1'' reachable_s1' enabled_s1'_Ξ± s1'_ur_s1'']
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1''_Ξ±': "enabled SES s1'' Ξ±'"
by auto
have Ξ²Ξ΄vΞ±'_in_Tr: "Ξ² @ Ξ΄ @ [v] @ Ξ±' β Trβ(induceES SES)β"
proof -
from s0_Ξ²_s1 s1_Ξ΄v_s1'' have "s0βSESβ (Ξ² @ Ξ΄ @ [v])βΉβSESβ s1''"
by (rule path_trans)
moreover
from enabled_s1''_Ξ±' obtain s2
where "s1'' Ξ±'βΉβSESβ s2"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ ((Ξ² @ Ξ΄ @ [v]) @ Ξ±')βΉβSESβ s2"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ΄_in_N_inter_Delta_star Ξ²Ξ΄vΞ±'_in_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c
have "βΞ±'. βΞ΄'. set Ξ΄' β (Nβπ±β β© ΞβΞβ) β§ Ξ² @ Ξ΄' @ [v] @ Ξ±' β Trβ(induceES SES)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
by auto
}
thus ?thesis
by (simp add: FCD_def)
qed
theorem unwinding_theorem_FCI:
"β¦ fcrb Ξ ur; osc ur β§ βΉ FCI Ξ π± Trβ(induceES SES)β"
proof -
assume fcrb: "fcrb Ξ ur"
assume osc: "osc ur"
{
fix Ξ± Ξ² c v
assume c_in_C_inter_Y: "c β (Cβπ±β β© Ξ₯βΞβ)"
assume v_in_V_inter_Nabla: "v β (Vβπ±β β© ββΞβ)"
assume Ξ²vΞ±_in_Tr: "((Ξ² @ [v]) @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
from state_from_induceES_trace[OF Ξ²vΞ±_in_Tr] obtain s1''
where s1''_in_S: "s1'' β SβSESβ"
and s0_Ξ²v_s1'': "s0βSESβ (Ξ² @ [v]) βΉβSESβ s1''"
and enabled_s1''_Ξ±: "enabled SES s1'' Ξ±"
and reachable_s1'': "reachable SES s1''"
by auto
from path_split_single2[OF s0_Ξ²v_s1''] obtain s1
where s1_in_S: "s1 β SβSESβ"
and s0_Ξ²_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and s1_v_s1'': "s1 vβΆβSESβ s1''"
and reachable_s1: "reachable SES s1"
by (auto)
from c_in_C_inter_Y v_in_V_inter_Nabla s1_in_S
s1''_in_S reachable_s1 s1_v_s1'' fcrb
have "βs1' β SβSESβ. βΞ΄. (βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ))
β§ s1 ([c] @ Ξ΄ @ [v])βΉβSESβ s1'
β§ (s1'', s1') β ur"
by (simp add: fcrb_def)
then obtain s1' Ξ΄
where s1'_in_S: "s1' β SβSESβ"
and Ξ΄_in_N_inter_Delta_star: "(βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ))"
and s1_cΞ΄v_s1': "s1 ([c] @ Ξ΄ @ [v])βΉβSESβ s1'"
and s1''_ur_s1': "(s1'', s1') β ur"
by auto
have reachable_s1': "reachable SES s1'"
proof -
from s0_Ξ²_s1 s1_cΞ΄v_s1' have "s0βSESβ (Ξ² @ ([c] @ Ξ΄ @ [v]))βΉβSESβ s1'"
by (rule path_trans)
thus ?thesis
by (simp add: reachable_def, auto)
qed
from osc_property[OF osc s1'_in_S s1''_in_S Ξ±_contains_no_c
reachable_s1' reachable_s1'' enabled_s1''_Ξ± s1''_ur_s1']
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1'_Ξ±': "enabled SES s1' Ξ±'"
by auto
have Ξ²cΞ΄vΞ±'_in_Tr: "Ξ² @ [c] @ Ξ΄ @ [v] @ Ξ±' β Trβ(induceES SES)β"
proof -
let ?l1 = "Ξ² @ [c] @ Ξ΄ @ [v]"
let ?l2 = "Ξ±'"
from s0_Ξ²_s1 s1_cΞ΄v_s1' have "s0βSESβ (?l1)βΉβSESβ s1'"
by (rule path_trans)
moreover
from enabled_s1'_Ξ±' obtain s1337 where "s1' ?l2 βΉβSESβ s1337"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ (?l1 @ ?l2)βΉβSESβ s1337"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ΄_in_N_inter_Delta_star Ξ²cΞ΄vΞ±'_in_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c
have "βΞ±' Ξ΄'.
set Ξ΄' β (Nβπ±β β© ΞβΞβ) β§ Ξ² @ [c] @ Ξ΄' @ [v] @ Ξ±' β Trβ(induceES SES)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
by auto
}
thus ?thesis
by(simp add: FCI_def)
qed
theorem unwinding_theorem_FCIA:
"β¦ fcrbe Ξ Ο ur; osc ur β§ βΉ FCIA Ο Ξ π± Trβ(induceES SES)β"
proof -
assume fcrbe: "fcrbe Ξ Ο ur"
assume osc: "osc ur"
{
fix Ξ± Ξ² c v
assume c_in_C_inter_Y: "c β (Cβπ±β β© Ξ₯βΞβ)"
assume v_in_V_inter_Nabla: "v β (Vβπ±β β© ββΞβ)"
assume Ξ²vΞ±_in_Tr: "((Ξ² @ [v]) @ Ξ±) β Trβ(induceES SES)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
assume adm: "Adm π± Ο Trβ(induceES SES)β Ξ² c"
from state_from_induceES_trace[OF Ξ²vΞ±_in_Tr] obtain s1''
where s1''_in_S: "s1'' β SβSESβ"
and s0_Ξ²v_s1'': "s0βSESβ (Ξ² @ [v])βΉβSESβ s1''"
and enabled_s1''_Ξ±: "enabled SES s1'' Ξ±"
and reachable_s1'': "reachable SES s1''"
by auto
from path_split_single2[OF s0_Ξ²v_s1''] obtain s1
where s1_in_S: "s1 β SβSESβ"
and s0_Ξ²_s1: "s0βSESβ Ξ²βΉβSESβ s1"
and s1_v_s1'': "s1 vβΆβSESβ s1''"
and reachable_s1: "reachable SES s1"
by (auto)
have "βΞ±' Ξ΄'.(set Ξ΄' β (Nβπ±β β© ΞβΞβ) β§ Ξ² @ [c] @ Ξ΄' @ [v] @ Ξ±' β Trβ(induceES SES)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
proof (cases)
assume en: "En Ο s1 c"
from c_in_C_inter_Y v_in_V_inter_Nabla s1_in_S s1''_in_S reachable_s1 s1_v_s1'' en fcrbe
have "βs1' β SβSESβ. βΞ΄. (βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ))
β§ s1 ([c] @ Ξ΄ @ [v]) βΉβSESβ s1'
β§ (s1'', s1') β ur"
by (simp add: fcrbe_def)
then obtain s1' Ξ΄
where s1'_in_S: "s1' β SβSESβ"
and Ξ΄_in_N_inter_Delta_star: "(βd β (set Ξ΄). d β (Nβπ±β β© ΞβΞβ))"
and s1_cΞ΄v_s1': "s1 ([c] @ Ξ΄ @ [v]) βΉβSESβ s1'"
and s1''_ur_s1': "(s1'', s1') β ur"
by (auto)
have reachable_s1': "reachable SES s1'"
proof -
from s0_Ξ²_s1 s1_cΞ΄v_s1' have "s0βSESβ (Ξ² @ ([c] @ Ξ΄ @ [v]))βΉβSESβ s1'"
by (rule path_trans)
thus ?thesis
by (simp add: reachable_def, auto)
qed
from osc_property[OF osc s1'_in_S s1''_in_S Ξ±_contains_no_c reachable_s1'
reachable_s1'' enabled_s1''_Ξ± s1''_ur_s1']
obtain Ξ±'
where Ξ±'_contains_no_c: "Ξ±' βΏ Cβπ±β = []"
and Ξ±'_V_is_Ξ±_V: "Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and enabled_s1'_Ξ±': "enabled SES s1' Ξ±'"
by auto
have Ξ²cΞ΄vΞ±'_in_Tr: "Ξ² @ [c] @ Ξ΄ @ [v] @ Ξ±' β Trβ(induceES SES)β"
proof -
let ?l1 = "Ξ² @ [c] @ Ξ΄ @ [v]"
let ?l2 = "Ξ±'"
from s0_Ξ²_s1 s1_cΞ΄v_s1' have "s0βSESβ (?l1)βΉβSESβ s1'"
by (rule path_trans)
moreover
from enabled_s1'_Ξ±' obtain s1337 where "s1' ?l2βΉβSESβ s1337"
by (simp add: enabled_def, auto)
ultimately have "s0βSESβ (?l1 @ ?l2)βΉβSESβ s1337"
by (rule path_trans)
thus ?thesis
by (simp add: induceES_def possible_traces_def enabled_def)
qed
from Ξ΄_in_N_inter_Delta_star Ξ²cΞ΄vΞ±'_in_Tr Ξ±'_V_is_Ξ±_V Ξ±'_contains_no_c
show ?thesis
by auto
next
assume not_en: "Β¬ En Ο s1 c"
let ?A = "(Adm π± Ο Trβ(induceES SES)β Ξ² c)"
let ?E = "βs β SβSESβ. (s0βSESβ Ξ²βΉβSESβ s β§ En Ο s c)"
{
assume adm: "?A"
from s0_Ξ²_s1 have Ξ²_in_Tr: "Ξ² β Trβ(induceES SES)β"
by (simp add: induceES_def possible_traces_def enabled_def)
from Ξ²_in_Tr adm have "?E"
by (rule Adm_to_En)
}
hence Adm_to_En_contr: "Β¬ ?E βΉ Β¬ ?A"
by blast
with s1_in_S s0_Ξ²_s1 not_en have not_adm: "Β¬ ?A"
by auto
with adm show ?thesis
by auto
qed
}
thus ?thesis
by (simp add: FCIA_def)
qed
theorem unwinding_theorem_SD:
"β¦ π±' = β¦ V = (Vβπ±β βͺ Nβπ±β), N = {}, C = Cβπ±β β¦;
Unwinding.lrf SES π±' ur; Unwinding.osc SES π±' ur β§
βΉ SD π± Trβ(induceES SES)β"
proof -
assume view'_def : "π±' = β¦V = (Vβπ±β βͺ Nβπ±β), N = {}, C = Cβπ±ββ¦"
assume lrf_view' : "Unwinding.lrf SES π±' ur"
assume osc_view' : "Unwinding.osc SES π±' ur"
interpret modified_view: Unwinding "SES" "π±'"
by (unfold_locales, rule validSES, simp add: view'_def modified_view_valid)
from lrf_view' osc_view' have BSD_view' : "BSD π±' Trβ(induceES SES)β"
by (rule_tac ur="ur" in modified_view.unwinding_theorem_BSD)
with view'_def BSD_implies_SD_for_modified_view show ?thesis
by auto
qed
theorem unwinding_theorem_SI:
"β¦ π±' = β¦ V = (Vβπ±β βͺ Nβπ±β), N = {}, C = Cβπ±β β¦;
Unwinding.lrb SES π±' ur; Unwinding.osc SES π±' ur β§
βΉ SI π± Trβ(induceES SES)β"
proof -
assume view'_def : "π±' = β¦V = Vβπ±β βͺ Nβπ±β, N = {}, C = Cβπ±ββ¦"
assume lrb_view' : "Unwinding.lrb SES π±' ur"
assume osc_view' : "Unwinding.osc SES π±' ur"
interpret modified_view: Unwinding "SES" "π±'"
by (unfold_locales, rule validSES, simp add: view'_def modified_view_valid)
from lrb_view' osc_view' have BSI_view' : "BSI π±' Trβ(induceES SES)β"
by (rule_tac ur="ur" in modified_view.unwinding_theorem_BSI)
with view'_def BSI_implies_SI_for_modified_view show ?thesis
by auto
qed
theorem unwinding_theorem_SIA:
"β¦ π±' = β¦ V = (Vβπ±β βͺ Nβπ±β), N = {}, C = Cβπ±β β¦; Ο π± = Ο π±';
Unwinding.lrbe SES π±' Ο ur; Unwinding.osc SES π±' ur β§
βΉ SIA Ο π± Trβ(induceES SES)β"
proof -
assume view'_def : "π±' = β¦V = Vβπ±β βͺ Nβπ±β, N = {}, C = Cβπ±ββ¦"
assume Ο_eq : "Ο π± = Ο π±'"
assume lrbe_view' : "Unwinding.lrbe SES π±' Ο ur"
assume osc_view' : "Unwinding.osc SES π±' ur"
interpret modified_view: Unwinding "SES" "π±'"
by (unfold_locales, rule validSES, simp add: view'_def modified_view_valid)
from lrbe_view' osc_view' have BSIA_view' : "BSIA Ο π±' Trβ(induceES SES)β"
by (rule_tac ur="ur" in modified_view.unwinding_theorem_BSIA)
with view'_def BSIA_implies_SIA_for_modified_view Ο_eq show ?thesis
by auto
qed
theorem unwinding_theorem_SR:
"β¦ π±' = β¦ V = (Vβπ±β βͺ Nβπ±β), N = {}, C = Cβπ±β β¦;
Unwinding.lrf SES π±' ur; Unwinding.osc SES π±' ur β§
βΉ SR π± Trβ(induceES SES)β"
proof -
assume view'_def : "π±' = β¦V = Vβπ±β βͺ Nβπ±β, N = {}, C = Cβπ±ββ¦"
assume lrf_view' : "Unwinding.lrf SES π±' ur"
assume osc_view' : "Unwinding.osc SES π±' ur"
from lrf_view' osc_view' view'_def have S_view : "SD π± Trβ(induceES SES)β"
by (rule_tac ur="ur" in unwinding_theorem_SD, auto)
with SD_implies_SR show ?thesis
by auto
qed
theorem unwinding_theorem_D:
"β¦ lrf ur; osc ur β§ βΉ D π± Trβ(induceES SES)β"
proof -
assume "lrf ur"
and "osc ur"
hence "BSD π± Trβ(induceES SES)β"
by (rule unwinding_theorem_BSD)
thus ?thesis
by (rule BSD_implies_D)
qed
theorem unwinding_theorem_I:
"β¦ lrb ur; osc ur β§ βΉ I π± Trβ(induceES SES)β"
proof -
assume "lrb ur"
and "osc ur"
hence "BSI π± Trβ(induceES SES)β"
by (rule unwinding_theorem_BSI)
thus ?thesis
by (rule BSI_implies_I)
qed
theorem unwinding_theorem_IA:
"β¦ lrbe Ο ur; osc ur β§ βΉ IA Ο π± Trβ(induceES SES)β"
proof -
assume "lrbe Ο ur"
and "osc ur"
hence "BSIA Ο π± Trβ(induceES SES)β"
by (rule unwinding_theorem_BSIA)
thus ?thesis
by (rule BSIA_implies_IA)
qed
theorem unwinding_theorem_R:
"β¦ lrf ur; osc ur β§ βΉ R π± (Trβ(induceES SES)β)"
proof -
assume "lrf ur"
and "osc ur"
hence "BSD π± Trβ(induceES SES)β"
by (rule unwinding_theorem_BSD)
hence "D π± Trβ(induceES SES)β"
by (rule BSD_implies_D)
thus ?thesis
by (rule D_implies_R)
qed
end
end