(* Title: HOL/HOLCF/IOA/CompoTraces.thy Author: Olaf Müller *) section \Compositionality on Trace level\ theory CompoTraces imports CompoScheds ShortExecutions begin definition mksch :: "('a, 's) ioa \ ('a, 't) ioa \ 'a Seq \ 'a Seq \ 'a Seq \ 'a Seq" where "mksch A B = (fix \ (LAM h tr schA schB. case tr of nil \ nil | x ## xs \ (case x of UU \ UU | Def y \ (if y \ act A then (if y \ act B then ((Takewhile (\a. a \ int A) \ schA) @@ (Takewhile (\a. a \ int B) \ schB) @@ (y \ (h \ xs \ (TL \ (Dropwhile (\a. a \ int A) \ schA)) \ (TL \ (Dropwhile (\a. a \ int B) \ schB))))) else ((Takewhile (\a. a \ int A) \ schA) @@ (y \ (h \ xs \ (TL \ (Dropwhile (\a. a \ int A) \ schA)) \ schB)))) else (if y \ act B then ((Takewhile (\a. a \ int B) \ schB) @@ (y \ (h \ xs \ schA \ (TL \ (Dropwhile (\a. a \ int B) \ schB))))) else UU)))))" definition par_traces :: "'a trace_module \ 'a trace_module \ 'a trace_module" where "par_traces TracesA TracesB = (let trA = fst TracesA; sigA = snd TracesA; trB = fst TracesB; sigB = snd TracesB in ({tr. Filter (\a. a \ actions sigA) \ tr \ trA} \ {tr. Filter (\a. a \ actions sigB) \ tr \ trB} \ {tr. Forall (\x. x \ externals sigA \ externals sigB) tr}, asig_comp sigA sigB))" axiomatization where finiteR_mksch: "Finite (mksch A B \ tr \ x \ y) \ Finite tr" lemma finiteR_mksch': "\ Finite tr \ \ Finite (mksch A B \ tr \ x \ y)" by (blast intro: finiteR_mksch) declaration \fn _ => Simplifier.map_ss (Simplifier.set_mksym (K (K NONE)))\ subsection "mksch rewrite rules" lemma mksch_unfold: "mksch A B = (LAM tr schA schB. case tr of nil \ nil | x ## xs \ (case x of UU \ UU | Def y \ (if y \ act A then (if y \ act B then ((Takewhile (\a. a \ int A) \ schA) @@ (Takewhile (\a. a \ int B) \ schB) @@ (y \ (mksch A B \ xs \(TL \ (Dropwhile (\a. a \ int A) \ schA)) \(TL \ (Dropwhile (\a. a \ int B) \ schB))))) else ((Takewhile (\a. a \ int A) \ schA) @@ (y \ (mksch A B \ xs \ (TL \ (Dropwhile (\a. a \ int A) \ schA)) \ schB)))) else (if y \ act B then ((Takewhile (\a. a \ int B) \ schB) @@ (y \ (mksch A B \ xs \ schA \ (TL \ (Dropwhile (\a. a \ int B) \ schB))))) else UU))))" apply (rule trans) apply (rule fix_eq4) apply (rule mksch_def) apply (rule beta_cfun) apply simp done lemma mksch_UU: "mksch A B \ UU \ schA \ schB = UU" apply (subst mksch_unfold) apply simp done lemma mksch_nil: "mksch A B \ nil \ schA \ schB = nil" apply (subst mksch_unfold) apply simp done lemma mksch_cons1: "x \ act A \ x \ act B \ mksch A B \ (x \ tr) \ schA \ schB = (Takewhile (\a. a \ int A) \ schA) @@ (x \ (mksch A B \ tr \ (TL \ (Dropwhile (\a. a \ int A) \ schA)) \ schB))" apply (rule trans) apply (subst mksch_unfold) apply (simp add: Consq_def If_and_if) apply (simp add: Consq_def) done lemma mksch_cons2: "x \ act A \ x \ act B \ mksch A B \ (x \ tr) \ schA \ schB = (Takewhile (\a. a \ int B) \ schB) @@ (x \ (mksch A B \ tr \ schA \ (TL \ (Dropwhile (\a. a \ int B) \ schB))))" apply (rule trans) apply (subst mksch_unfold) apply (simp add: Consq_def If_and_if) apply (simp add: Consq_def) done lemma mksch_cons3: "x \ act A \ x \ act B \ mksch A B \ (x \ tr) \ schA \ schB = (Takewhile (\a. a \ int A) \ schA) @@ ((Takewhile (\a. a \ int B) \ schB) @@ (x \ (mksch A B \ tr \ (TL \ (Dropwhile (\a. a \ int A) \ schA)) \ (TL \ (Dropwhile (\a. a \ int B) \ schB)))))" apply (rule trans) apply (subst mksch_unfold) apply (simp add: Consq_def If_and_if) apply (simp add: Consq_def) done lemmas compotr_simps = mksch_UU mksch_nil mksch_cons1 mksch_cons2 mksch_cons3 declare compotr_simps [simp] subsection \COMPOSITIONALITY on TRACE Level\ subsubsection "Lemmata for \\\" text \ Consequence out of \ext1_ext2_is_not_act1(2)\, which in turn are consequences out of the compatibility of IOA, in particular out of the condition that internals are really hidden. \ lemma compatibility_consequence1: "(eB \ \ eA \ \ A) \ A \ (eA \ eB) \ eA \ A" by fast (* very similar to above, only the commutativity of | is used to make a slight change *) lemma compatibility_consequence2: "(eB \ \ eA \ \ A) \ A \ (eB \ eA) \ eA \ A" by fast subsubsection \Lemmata for \\\\ (* Lemma for substitution of looping assumption in another specific assumption *) lemma subst_lemma1: "f \ g x \ x = h x \ f \ g (h x)" by (erule subst) (* Lemma for substitution of looping assumption in another specific assumption *) lemma subst_lemma2: "(f x) = y \ g \ x = h x \ f (h x) = y \ g" by (erule subst) lemma ForallAorB_mksch [rule_format]: "compatible A B \ \schA schB. Forall (\x. x \ act (A \ B)) tr \ Forall (\x. x \ act (A \ B)) (mksch A B \ tr \ schA \ schB)" apply (Seq_induct tr simp: Forall_def sforall_def mksch_def) apply auto apply (simp add: actions_of_par) apply (case_tac "a \ act A") apply (case_tac "a \ act B") text \\a \ A\, \a \ B\\ apply simp apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) text \\a \ A\, \a \ B\\ apply simp apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) apply (case_tac "a\act B") text \\a \ A\, \a \ B\\ apply simp apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) text \\a \ A\, \a \ B\\ apply auto done lemma ForallBnAmksch [rule_format]: "compatible B A \ \schA schB. Forall (\x. x \ act B \ x \ act A) tr \ Forall (\x. x \ act B \ x \ act A) (mksch A B \ tr \ schA \ schB)" apply (Seq_induct tr simp: Forall_def sforall_def mksch_def) apply auto apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) done lemma ForallAnBmksch [rule_format]: "compatible A B \ \schA schB. Forall (\x. x \ act A \ x \ act B) tr \ Forall (\x. x \ act A \ x \ act B) (mksch A B \ tr \ schA \ schB)" apply (Seq_induct tr simp: Forall_def sforall_def mksch_def) apply auto apply (rule Forall_Conc_impl [THEN mp]) apply (simp add: intA_is_not_actB int_is_act) done (* safe_tac makes too many case distinctions with this lemma in the next proof *) declare FiniteConc [simp del] lemma FiniteL_mksch [rule_format]: "Finite tr \ is_asig (asig_of A) \ is_asig (asig_of B) \ \x y. Forall (\x. x \ act A) x \ Forall (\x. x \ act B) y \ Filter (\a. a \ ext A) \ x = Filter (\a. a \ act A) \ tr \ Filter (\a. a \ ext B) \ y = Filter (\a. a \ act B) \ tr \ Forall (\x. x \ ext (A \ B)) tr \ Finite (mksch A B \ tr \ x \ y)" apply (erule Seq_Finite_ind) apply simp text \main case\ apply simp apply auto text \\a \ act A\; \a \ act B\\ apply (frule sym [THEN eq_imp_below, THEN divide_Seq]) apply (frule sym [THEN eq_imp_below, THEN divide_Seq]) back apply (erule conjE)+ text \\Finite (tw iA x)\ and \Finite (tw iB y)\\ apply (simp add: not_ext_is_int_or_not_act FiniteConc) text \now for conclusion IH applicable, but assumptions have to be transformed\ apply (drule_tac x = "x" and g = "Filter (\a. a \ act A) \ s" in subst_lemma2) apply assumption apply (drule_tac x = "y" and g = "Filter (\a. a \ act B) \ s" in subst_lemma2) apply assumption text \IH\ apply (simp add: not_ext_is_int_or_not_act ForallTL ForallDropwhile) text \\a \ act B\; \a \ act A\\ apply (frule sym [THEN eq_imp_below, THEN divide_Seq]) apply (erule conjE)+ text \\Finite (tw iB y)\\ apply (simp add: not_ext_is_int_or_not_act FiniteConc) text \now for conclusion IH applicable, but assumptions have to be transformed\ apply (drule_tac x = "y" and g = "Filter (\a. a \ act B) \ s" in subst_lemma2) apply assumption text \IH\ apply (simp add: not_ext_is_int_or_not_act ForallTL ForallDropwhile) text \\a \ act B\; \a \ act A\\ apply (frule sym [THEN eq_imp_below, THEN divide_Seq]) apply (erule conjE)+ text \\Finite (tw iA x)\