Theory MLTL_Language_Partition_Proof
theory MLTL_Language_Partition_Proof
imports MLTL_Language_Partition_Algorithm
begin
section ‹ Properties of convert nnf ext ›
lemma convert_nnf_and_convert_nnf_ext:
shows "to_mltl (convert_nnf_ext φ) =
convert_nnf (to_mltl φ)"
proof (induct "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
have not: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl ψ)) ⟹
to_mltl (convert_nnf_ext φ) =
convert_nnf (to_mltl φ)) ⟹
φ = Not⇩c ψ ⟹
to_mltl (convert_nnf_ext (Not⇩c ψ)) =
convert_nnf (Not⇩m (to_mltl ψ))" for ψ
proof-
assume ih: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl ψ)) ⟹
to_mltl (convert_nnf_ext φ) =
convert_nnf (to_mltl φ))"
assume shape: "φ = Not⇩c ψ"
show ?thesis
using less ih shape by (induct ψ) simp_all
qed
show ?case using less not
by(cases φ) auto
qed
lemma convert_nnf_ext_to_mltl_commute:
shows "(convert_nnf (to_mltl φ)) = (to_mltl (convert_nnf_ext φ))"
proof(induct "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
then show ?case
proof (cases φ)
case True_mltl_ext
then show ?thesis
unfolding True_mltl_ext convert_nnf.simps convert_nnf_ext.simps to_mltl.simps semantic_equiv_def
by simp
next
case False_mltl_ext
then show ?thesis
unfolding False_mltl_ext convert_nnf.simps convert_nnf_ext.simps to_mltl.simps semantic_equiv_def
by simp
next
case (Prop_mltl_ext p)
then show ?thesis
unfolding Prop_mltl_ext convert_nnf.simps convert_nnf_ext.simps to_mltl.simps semantic_equiv_def
by simp
next
case (Not_mltl_ext F)
then have φ_is: "φ = Not⇩c F"
by blast
show ?thesis
proof(cases F)
case True_mltl_ext
then show ?thesis using φ_is less semantic_equiv_def by auto
next
case False_mltl_ext
then show ?thesis using φ_is less semantic_equiv_def by auto
next
case (Prop_mltl_ext p)
then show ?thesis using φ_is less semantic_equiv_def by auto
next
case (Not_mltl_ext F1)
then show ?thesis using φ_is less semantic_equiv_def by auto
next
case (And_mltl_ext F1 F2)
have r1: "Not⇩m (to_mltl F1) = to_mltl (Not⇩c F1)"
by simp
have r2: "Not⇩m (to_mltl F2) = to_mltl (Not⇩c F2)"
by simp
have rewrite: "(Or_mltl (convert_nnf (Not⇩m (to_mltl F1)))
(convert_nnf (Not⇩m (to_mltl F2)))) =
(Or_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2))))"
using r1 r2 by simp
have ih1: "(convert_nnf (to_mltl (Not⇩c F1))) =
(to_mltl (convert_nnf_ext (Not⇩c F1)))"
using less[of "Not⇩c F1"] unfolding And_mltl_ext φ_is by simp
have ih2: "(convert_nnf (to_mltl (Not⇩c F2))) =
(to_mltl (convert_nnf_ext (Not⇩c F2)))"
using less[of "Not⇩c F2"] unfolding And_mltl_ext φ_is by simp
have "(Or_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2))))
= (Or_mltl (to_mltl (convert_nnf_ext (Not⇩c F1)))
(to_mltl (convert_nnf_ext (Not⇩c F2))))"
using ih1 ih2 unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is And_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
by simp
next
case (Or_mltl_ext F1 F2)
have r1: "Not⇩m (to_mltl F1) = to_mltl (Not⇩c F1)"
by simp
have r2: "Not⇩m (to_mltl F2) = to_mltl (Not⇩c F2)"
by simp
have rewrite: "(Or_mltl (convert_nnf (Not⇩m (to_mltl F1)))
(convert_nnf (Not⇩m (to_mltl F2)))) =
(Or_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2))))"
using r1 r2 by simp
have ih1: "(convert_nnf (to_mltl (Not⇩c F1))) =
(to_mltl (convert_nnf_ext (Not⇩c F1)))"
using less[of "Not⇩c F1"] unfolding Or_mltl_ext φ_is by simp
have ih2: "(convert_nnf (to_mltl (Not⇩c F2))) =
(to_mltl (convert_nnf_ext (Not⇩c F2)))"
using less[of "Not⇩c F2"] unfolding Or_mltl_ext φ_is by simp
have "
(And_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2)))) =
(And_mltl (to_mltl (convert_nnf_ext (Not⇩c F1)))
(to_mltl (convert_nnf_ext (Not⇩c F2))))"
using ih1 ih2 unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is Or_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
by blast
next
case (Future_mltl_ext a b L F)
have r1: "Not⇩m (to_mltl F) = to_mltl (Not⇩c F)"
by simp
then have rewrite: "(Global_mltl a b (convert_nnf (Not⇩m (to_mltl F)))) =
(Global_mltl a b (convert_nnf (to_mltl (Not⇩c F))))"
by simp
have ih: "(convert_nnf (to_mltl (Not⇩c F))) =
(to_mltl (convert_nnf_ext (Not⇩c F)))"
using less[of "Not⇩c F"] φ_is unfolding Future_mltl_ext by simp
have "(Global_mltl a b (convert_nnf (to_mltl (Not⇩c F)))) =
(Global_mltl a b (to_mltl (convert_nnf_ext (Not⇩c F))))"
using ih unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is Future_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
using rewrite by blast
next
case (Global_mltl_ext a b L F)
have r1: "Not⇩m (to_mltl F) = to_mltl (Not⇩c F)"
by simp
then have rewrite: "(Global_mltl a b (convert_nnf (Not⇩m (to_mltl F)))) =
(Global_mltl a b (convert_nnf (to_mltl (Not⇩c F))))"
by simp
have ih: "(convert_nnf (to_mltl (Not⇩c F))) =
(to_mltl (convert_nnf_ext (Not⇩c F)))"
using less[of "Not⇩c F"] φ_is unfolding Global_mltl_ext by simp
have "(Future_mltl a b (convert_nnf (to_mltl (Not⇩c F)))) =
(Future_mltl a b (to_mltl (convert_nnf_ext (Not⇩c F))))"
using ih unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is Global_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
using rewrite by simp
next
case (Until_mltl_ext F1 a b L F2)
have r1: "Not⇩m (to_mltl F1) = to_mltl (Not⇩c F1)"
by simp
have r2: "Not⇩m (to_mltl F2) = to_mltl (Not⇩c F2)"
by simp
have rewrite: "(Or_mltl (convert_nnf (Not⇩m (to_mltl F1)))
(convert_nnf (Not⇩m (to_mltl F2)))) =
(Or_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2))))"
using r1 r2 by simp
have ih1: "(convert_nnf (to_mltl (Not⇩c F1))) =
(to_mltl (convert_nnf_ext (Not⇩c F1)))"
using less[of "Not⇩c F1"] unfolding Until_mltl_ext φ_is by simp
have ih2: "(convert_nnf (to_mltl (Not⇩c F2))) =
(to_mltl (convert_nnf_ext (Not⇩c F2)))"
using less[of "Not⇩c F2"] unfolding Until_mltl_ext φ_is by simp
have "
(Release_mltl (convert_nnf (to_mltl (Not⇩c F1))) a b
(convert_nnf (to_mltl (Not⇩c F2)))) =
(Release_mltl (to_mltl (convert_nnf_ext (Not⇩c F1))) a b
(to_mltl (convert_nnf_ext (Not⇩c F2))))"
using ih1 ih2 unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is Until_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
by blast
next
case (Release_mltl_ext F1 a b L F2)
have r1: "Not⇩m (to_mltl F1) = to_mltl (Not⇩c F1)"
by simp
have r2: "Not⇩m (to_mltl F2) = to_mltl (Not⇩c F2)"
by simp
have rewrite: "(Or_mltl (convert_nnf (Not⇩m (to_mltl F1)))
(convert_nnf (Not⇩m (to_mltl F2)))) =
(Or_mltl (convert_nnf (to_mltl (Not⇩c F1)))
(convert_nnf (to_mltl (Not⇩c F2))))"
using r1 r2 by simp
have ih1: "(convert_nnf (to_mltl (Not⇩c F1))) =
(to_mltl (convert_nnf_ext (Not⇩c F1)))"
using less[of "Not⇩c F1"] unfolding Release_mltl_ext φ_is by simp
have ih2: "(convert_nnf (to_mltl (Not⇩c F2))) =
(to_mltl (convert_nnf_ext (Not⇩c F2)))"
using less[of "Not⇩c F2"] unfolding Release_mltl_ext φ_is by simp
have "
(Until_mltl (convert_nnf (to_mltl (Not⇩c F1))) a b
(convert_nnf (to_mltl (Not⇩c F2)))) =
(Until_mltl (to_mltl (convert_nnf_ext (Not⇩c F1))) a b
(to_mltl (convert_nnf_ext (Not⇩c F2))))"
using ih1 ih2 unfolding semantic_equiv_def by auto
then show ?thesis
unfolding φ_is Release_mltl_ext to_mltl.simps convert_nnf.simps
unfolding convert_nnf_ext.simps to_mltl.simps
by blast
qed
next
case (And_mltl_ext F1 F2)
show ?thesis
unfolding And_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps semantic_equiv_def
using less[of F1] less[of F2] And_mltl_ext unfolding semantics_mltl.simps semantic_equiv_def by auto
next
case (Or_mltl_ext F1 F2)
then show ?thesis
unfolding Or_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps semantic_equiv_def
using less[of F1] less[of F2] Or_mltl_ext unfolding semantics_mltl.simps semantic_equiv_def by simp
next
case (Future_mltl_ext a b L F)
show ?thesis
unfolding Future_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps to_mltl.simps
using less[of F] Future_mltl_ext unfolding semantic_equiv_def semantics_mltl.simps by simp
next
case (Global_mltl_ext a b L F)
then show ?thesis
unfolding Global_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps to_mltl.simps
using less[of F] Global_mltl_ext unfolding semantic_equiv_def semantics_mltl.simps by simp
next
case (Until_mltl_ext F1 a b L F2)
then show ?thesis
unfolding Until_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps to_mltl.simps
using less[of F1] less[of F2] Until_mltl_ext unfolding semantic_equiv_def semantics_mltl.simps by simp
next
case (Release_mltl_ext F1 a b L F2)
then show ?thesis
unfolding Release_mltl_ext to_mltl.simps convert_nnf.simps convert_nnf_ext.simps to_mltl.simps
using less[of F1] less[of F2] Release_mltl_ext unfolding semantic_equiv_def semantics_mltl.simps by simp
qed
qed
lemma convert_nnf_ext_preserves_semantics:
assumes "intervals_welldef (to_mltl φ)"
shows "(convert_nnf_ext φ) ≡⇩c φ"
proof-
have "semantic_equiv (convert_nnf (to_mltl φ)) (to_mltl φ)"
using assms convert_nnf_preserves_semantics[of "(to_mltl φ)"]
unfolding semantic_equiv_ext_def semantic_equiv_def by blast
then show ?thesis
using convert_nnf_ext_to_mltl_commute
unfolding semantic_equiv_ext_def semantic_equiv_def by metis
qed
lemma convert_nnf_ext_convert_nnf_ext:
shows "convert_nnf_ext φ = convert_nnf_ext (convert_nnf_ext φ)"
proof(induction "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
have not_case: "(⋀F. depth_mltl (to_mltl F) <
Suc (depth_mltl (to_mltl G)) ⟹
convert_nnf_ext (convert_nnf_ext F) = convert_nnf_ext F) ⟹
φ = Not⇩c G ⟹
convert_nnf_ext (convert_nnf_ext (Not⇩c G)) =
convert_nnf_ext (Not⇩c G)" for "G"
proof -
assume ind_h: "(⋀F. depth_mltl (to_mltl F) <
Suc (depth_mltl (to_mltl G)) ⟹
convert_nnf_ext (convert_nnf_ext F) = convert_nnf_ext F)"
assume φ_is: "φ = Not⇩c G"
show ?thesis using less φ_is by (cases G) simp_all
qed
show ?case using less not_case
by (cases φ) fastforce+
qed
subsection ‹Cases where to mltl is bijective›
lemma to_mltl_true_bijective:
assumes "to_mltl φ = True⇩m"
shows "φ = True⇩c"
using assms by (cases φ) simp_all
lemma to_mltl_false_bijective:
assumes "to_mltl φ = False⇩m"
shows "φ = False⇩c"
using assms by (cases φ) simp_all
lemma to_mltl_prop_bijective:
assumes "to_mltl φ = Prop⇩m (p)"
shows "φ = Prop⇩c (p)"
using assms by (cases φ) simp_all
lemma to_mltl_not_prop_bijective:
assumes "to_mltl φ = Not⇩m (Prop⇩m (p))"
shows "φ = Not⇩c (Prop⇩c (p))"
using assms by (cases φ) (simp_all add: to_mltl_prop_bijective)
section ‹Lemmas about Integer Composition›
lemma composition_length_ub:
fixes n::"nat" and L::"nat list"
assumes "is_composition n L"
shows "length L ≤ n"
using assms unfolding is_composition_def
proof (induct L arbitrary: n)
case Nil
then show ?case by simp
next
case (Cons a L)
have listsum: "sum_list (a # L) = a + sum_list L"
by simp
then have ls_L: "sum_list L = n - a"
using Cons(2) by auto
then have Lprop: "(∀i. List.member L i ⟶ 0 < i) ∧ sum_list L = n - a "
using Cons(2)
by (meson member_rec(1))
then have len_leq: "length L ≤ n - a"
using Cons(1)[OF Lprop]
by auto
have "a > 0"
using Cons(2)
by (meson member_rec(1))
then show ?case using len_leq
using Cons.prems listsum by auto
qed
lemma composition_length_lb:
fixes n::"nat" and L::"nat list"
assumes "is_composition n L"
assumes "n > 0"
shows "0 < length L"
proof-
have "¬(0 < length L) ⟹ False"
proof-
assume "¬(0 < length L)"
then have "length L = 0"
by simp
then have "sum_list L = 0"
by simp
then show ?thesis
using assms unfolding is_composition_def
by simp
qed
then show ?thesis using assms by blast
qed
lemma interval_times_length:
fixes a::"nat" and L::"nat list"
shows "length (interval_times a L) = length L + 1"
unfolding interval_times_def by auto
lemma interval_times_first:
fixes a::"nat" and L::"nat list"
shows "(interval_times a L)!0 = a"
proof-
have "map (λi. a + partial_sum L i) [0..<length L + 1] ! 0 =
(λi. a + partial_sum L i) 0"
by (metis Nat.add_0_right add_gr_0 less_numeral_extra(1) nth_map_upt zero_less_diff)
then have "map (λi. a + partial_sum L i) [0..<length L + 1] ! 0 = a"
unfolding partial_sum_def by auto
then show ?thesis
unfolding interval_times_def by blast
qed
lemma interval_times_last:
fixes a b::"nat" and L::"nat list"
assumes int_welldef: "a ≤ b"
assumes composition: "is_composition (b-a+1) L"
shows "(interval_times a L)!(length L) = b+1"
proof -
have "partial_sum L (length L) = sum_list L"
unfolding partial_sum_def by auto
then have "a + partial_sum L (length L) = b+1"
using assms unfolding is_composition_def
by simp
then show ?thesis
unfolding interval_times_def
by (metis add_0 add_diff_cancel_left' less_add_one nth_map_upt)
qed
lemma interval_times_diff:
fixes a b i::"nat" and L::"nat list"
assumes int_welldef: "a ≤ b"
assumes composition: "is_composition (b-a+1) L"
assumes i_index: "i < length L"
assumes s_is: "s = interval_times a L"
shows "s!(i+1) - s!(i) = L!i"
proof-
have ip1: "s ! (i+1) = a + partial_sum L (i+1)"
using s_is i_index unfolding interval_times_def
by (metis (no_types, lifting) add_0 add_mono1 diff_zero nth_map_upt)
have i: "s ! i = a + partial_sum L i"
using s_is i_index unfolding interval_times_def
by (metis (no_types, lifting) add.commute add_0 add_strict_increasing diff_zero less_numeral_extra(1) less_or_eq_imp_le nth_map_upt)
have s_iat: "s ! (i+1) - s ! i = partial_sum L (i+1) - partial_sum L i"
using ip1 i
by auto
have take_is: "take (i+1) L = (take i L) @ [L ! i] "
by (simp add: i_index take_Suc_conv_app_nth)
have li: "foldr (+) [L ! i] 0 = L ! i"
by force
have "⋀a::nat. foldr (+) L a = a + foldr (+) L 0" for L::"nat list"
proof (induct L)
case Nil
then show ?case by auto
next
case (Cons h T)
then show ?case
by (metis add.left_commute foldr.simps(2) o_apply)
qed
then have "foldr (+) (take i L) (L!i) = L ! i + foldr (+) (take i L) 0"
by blast
then have "foldr (+) ((take i L) @ [L ! i]) 0 - foldr (+) (take i L) 0 = L ! i"
using foldr_append[of "(+)" "take i L" "[L ! i]" 0] li
by simp
then have "sum_list (take (i + 1) L) - sum_list (take i L) = L ! i"
using i_index take_is by simp
then show ?thesis
using i_index composition unfolding is_composition_def
partial_sum_def s_iat by blast
qed
lemma interval_times_diff_ge:
fixes a b i::"nat" and L::"nat list"
assumes int_welldef: "a ≤ b"
assumes composition: "is_composition (b-a+1) L"
assumes i_index: "i < length L"
assumes s_is: "s = interval_times a L"
shows "s!(i+1) > s!(i)"
proof-
have diff: "s!(i+1) - s!(i) = L!i"
using assms interval_times_diff by blast
have gap: "L!i > 0" using assms(2) unfolding is_composition_def
by (meson i_index in_set_member nth_mem)
show ?thesis using diff gap by simp
qed
lemma interval_times_diff_ge_general:
fixes a b i j::"nat" and L::"nat list"
assumes int_welldef: "a ≤ b"
assumes composition: "is_composition (b-a+1) L"
assumes j_index: "j ≤ length L"
assumes i_le_j: "i < j"
assumes s_is: "s = interval_times a L"
shows "s!j > s!i"
using assms
proof (induct "j-1" arbitrary: i j)
case 0
then have "i = 0" and "j = 1"
by simp_all
then show ?case
using interval_times_diff_ge 0 by fastforce
next
case (Suc x)
then have j_eq: "j = x+2"
by simp
have high: "s ! (x + 1) < s ! (x + 2)"
using interval_times_diff_ge[of a b L "x+1" s] Suc by simp
{
assume i_eq: "i = x+1"
then have ?case unfolding i_eq j_eq
using high by simp
} moreover {
assume i_eq: "i ≤ x"
then have "s ! i < s ! (x + 1)"
using Suc.hyps(1)[of "x+1" i] Suc by force
then have ?case using high i_eq j_eq by simp
}
ultimately show ?case using Suc j_eq by linarith
qed
lemma trivial_composition:
assumes "n > 0"
shows "is_composition n [n]"
proof-
have pos: "(∀i. List.member [n] i ⟶ 0 < i)"
unfolding List.member_def
by (simp add: assms)
have sum: " sum_list [n] = n"
by simp
show ?thesis unfolding is_composition_def
using pos sum by blast
qed
lemma sum_list_pos: "(⋀x. x ∈ set (xs::nat list) ⟹ 0 < x)
⟹ length xs > 0 ⟹ 0 < sum_list xs"
by (induction xs) auto
lemma take_prefix:
assumes "L = H@[t]"
assumes "k ≤ length L - 1"
shows "take k H = take k L"
using assms by auto
lemma take_interval_times:
assumes "length L ≥ k"
shows "take (k+1) (interval_times a L) = interval_times a (take k L)"
using assms
proof(induct "length L" arbitrary: L)
case 0
then show ?case
by (simp add: interval_times_length)
next
case (Suc x)
then obtain H t where L_eq: "L = H@[t]"
by (metis length_Suc_conv_rev)
have ih: "take (k + 1) (interval_times a H) = interval_times a (take k H)"
using Suc.hyps(1)[of H] Suc L_eq
by (metis Suc_eq_plus1 add_left_cancel interval_times_length le_SucE le_add1 length_append_singleton plus_1_eq_Suc take_all_iff)
have length_it: "length (interval_times a L) = length L + 1"
unfolding interval_times_def by auto
{
assume *: "k ≤ length L - 1"
then have eq1: "(take k H) = (take k L)"
by (simp add: L_eq)
have "(interval_times a H)@[a+(sum_list L)] = interval_times a L"
using L_eq unfolding interval_times_def partial_sum_def by auto
then have eq2: "take (k + 1) (interval_times a H) = take (k + 1) (interval_times a L)"
using take_prefix[of "interval_times a L" "interval_times a H" "a + sum_list L"]
by (metis Suc_eq_plus1 diff_Suc_1 eq1 ih interval_times_length not_less_eq_eq take_all)
have ?case using eq1 eq2 ih by argo
} moreover {
assume *: "k = length L"
then have ?case
by (simp add: length_it)
}
ultimately show ?case using Suc by linarith
qed
lemma index_list_index:
fixes k::"nat"
assumes "j < k"
shows "[0 ..< k] ! j = j"
using assms by simp
lemma interval_times_obtain_aux:
assumes "a ≤ b"
assumes "is_composition (b - a + 1) L"
assumes "s = interval_times a L"
assumes "(s ! 1) ≤ t ∧ t ≤ b"
shows "∃i. s ! i ≤ t ∧ t ≤ s ! (i + 1) - 1 ∧ 1 ≤ i ∧ i < length L"
proof-
have length_s: "length s = length L + 1"
using assms interval_times_length by auto
have first: "s!0 = a"
using interval_times_first assms by blast
have last: "s!(length L) = b+1"
using interval_times_last assms by blast
{
assume length_L: "length L = 0"
then have ?thesis using assms
by (metis first last less_add_one verit_comp_simplify1(3))
} moreover {
assume length_L: "length L ≥ 1"
have ?thesis using assms first last length_s length_L
proof(induct "length L - 1" arbitrary: s L a b t)
case 0
then show ?case by auto
next
case (Suc x)
then have length_L: "length L ≥ 2" by linarith
then have length_s: "length s ≥ 3" using Suc by linarith
{
assume *: "t < s!(length L-1)"
let ?L' = "take (length L-1) L"
let ?s' = "take (length L) s"
let ?b' = "b - (List.last L)"
have pos_L: "(∀i. List.member L i ⟶ 0 < i)" and
sum_L: "sum_list L = b - a + 1"
using Suc(4) unfolding is_composition_def by auto
have "List.member L (last L)" unfolding List.member_def
by (metis Suc.prems(8) last_in_set length_0_conv not_one_le_zero)
have sum_list_eq: "sum_list L = sum_list (take (length L-1) L) + last L"
using length_L
proof(induct "length L" arbitrary: L)
case 0
then show ?case by auto
next
case (Suc xa)
then obtain h T where L_eq: "L = h#T"
by (meson Suc_length_conv)
then have L_decomp: "sum_list L = sum_list T + h" by simp
{
assume "length L = 2"
then obtain x1 x2 where "L = [x1, x2]"
by (metis Suc_1 Suc_length_conv gen_length_code(1) gen_length_def impossible_Cons le_add2 list.exhaust plus_1_eq_Suc)
then have ?case by auto
} moreover {
assume length_L: "length L > 2"
then have last: "last T = last L"
using L_eq by auto
have *: "sum_list T = sum_list (take (length T - 1) T) + last T"
using Suc.hyps(1)[of T] L_decomp L_eq length_L
by (metis Suc.hyps(2) add_diff_cancel_left' length_Cons less_Suc_eq_le plus_1_eq_Suc)
have **: "h + sum_list (take (length T - 1) T) = sum_list (take (length L - 1) L)"
using L_eq
by (metis (no_types, opaque_lifting) Suc.prems Suc_1 Suc_eq_plus1 Suc_le_D add_diff_cancel_right' add_le_same_cancel2 length_Cons not_less_eq_eq sum_list.Cons take_Suc_Cons)
have ?case using * ** last
using L_decomp by presburger
}
ultimately show ?case using Suc.prems by fastforce
qed
have pos_preL: "(⋀x. x ∈ set (take (length L - 1) L) ⟹ 0 < x)"
using pos_L
by (metis in_set_member in_set_takeD)
have length_preL: "0 < length (take (length L - 1) L)"
using length_L by auto
have sum_preL_pos: "sum_list (take (length L-1) L) > 0"
using sum_list_pos[of "take (length L - 1) L"]
using pos_preL length_preL by blast
then have sum_last: "sum_list L > last L" using pos_L length_L
using sum_list_pos sum_list_eq by linarith
then have b_lastL: "b ≥ last L"
using sum_L by auto
then have ba_lastL: "last L ≤ b - a"
using sum_L sum_last by auto
have first: "s!0 = a"
using Suc interval_times_first by blast
have last: "s!(length L) = b+1"
using Suc interval_times_last by blast
have c1: "x = length (take (length L - 1) L) - 1"
using Suc by auto
have c2: "a ≤ b - last L"
using Suc(3) b_lastL ba_lastL by auto
have c3 :"is_composition (b - last L - a + 1) (take (length L - 1) L)"
using Suc.prems(2) unfolding is_composition_def
by (metis Suc_diff_1 Suc_eq_plus1 ‹0 < sum_list (take (length L - 1) L)› add_diff_cancel_right diff_right_commute in_set_member plus_1_eq_Suc pos_preL sum_list_eq)
have c4: "take (length L) s = interval_times a (take (length L - 1) L)"
unfolding Suc(5) using length_L take_interval_times
by (metis Suc.prems(8) diff_add diff_le_self)
have c5: "take (length L) s ! 1 ≤ t ∧ t ≤ b - last L"
proof-
have "s!(length L-1) = a + sum_list (take (length L-1) L)"
unfolding Suc(5) interval_times_def partial_sum_def
by (metis (no_types, lifting) Suc.prems(8) add.commute add_0 add_mono_thms_linordered_field(3) le_add_same_cancel2 less_numeral_extra(1) nth_map_upt ordered_cancel_comm_monoid_diff_class.add_diff_inverse zero_le)
then have part1: "(s ! (length L - 1))-1 ≤ b - last L"
using last sum_list_eq
by (metis (no_types, lifting) One_nat_def Suc_leI sum_preL_pos c2 c3 diff_add_inverse2 eq_imp_le is_composition_def order_eq_refl ordered_cancel_comm_monoid_diff_class.add_diff_inverse ordered_cancel_comm_monoid_diff_class.diff_add_assoc)
have part2: "take (length L) s ! 1 ≤ t"
using Suc.hyps(2) Suc.prems(4) by auto
then show ?thesis using * part1 part2
by linarith
qed
have c6: "take (length L) s ! 0 = a"
by (simp add: c4 interval_times_first)
have c7: "take (length L) s ! length (take (length L - 1) L) = b - last L + 1"
proof-
have idx: "length (take (length L - 1) L) = length L-1" by simp
have p1: "a + partial_sum L (length L-1) = b - last L + 1"
unfolding partial_sum_def
by (metis add.assoc c2 c3 is_composition_def ordered_cancel_comm_monoid_diff_class.add_diff_inverse)
have p2: "take (length L) (map (λi. a + partial_sum L i) [0..<length L + 1]) ! (length L - 1)
= (map (λi. a + partial_sum L i) [0..<length L + 1]) ! (length L - 1)"
by (meson Suc.prems(2) add_gr_0 composition_length_lb diff_less nth_take zero_less_one)
have p3: "(map (λi. a + partial_sum L i) [0..<length L + 1]) ! (length L - 1)
= a + partial_sum L (length L-1)"
proof-
have fact1: "map (λi. a + partial_sum L i) [0..<length L + 1] ! (length L - 1) =
a + partial_sum L ([0..<length L + 1] ! (length L - 1))"
using nth_map[of "(length L-1)" "[0..<length L + 1]" "(λi. a + partial_sum L i)"]
by simp
have "length L ≥ 0"
using Suc(2) by auto
then have fact2: "([(0::nat)..<length L + 1] ! (length L - 1)) = length L -1"
using index_list_index[of "length L-1" "length L + 1"] by simp
then show ?thesis using fact1 fact2 by argo
qed
then have "take (length L) s ! (length L-1) = b - last L + 1"
unfolding Suc(5) interval_times_def
using p1 p2 p3 by argo
then show ?thesis using idx by argo
qed
have c8: "length (take (length L) s) = length (take (length L - 1) L) + 1"
using c4 interval_times_length by presburger
have c9: "1 ≤ length (take (length L - 1) L)"
using length_preL by linarith
have ih: "∃i. take (length L) s ! i ≤ t ∧ t ≤ take (length L) s ! (i + 1) - 1
∧ 1 ≤ i ∧ i < length (take (length L - 1) L)"
using Suc(1)[of "(take (length L - 1) L)" a "b - last L" "take (length L) s" t,
OF c1 c2 c3 c4 c5 c6 c7 c8 c9] by blast
then obtain i where t_bound: "take (length L) s ! i ≤ t ∧ t ≤ take (length L) s ! (i + 1) - 1"
and i_bound: "1 ≤ i ∧ i < length (take (length L - 1) L)"
by blast
have i_bound_L: "1 ≤ i ∧ i < length L"
using i_bound by auto
then have t_bound_L: "s ! i ≤ t ∧ t ≤ s ! (i + 1) - 1"
using t_bound
by (metis Suc.hyps(2) c1 c9 i_bound le_add_diff_inverse less_diff_conv nth_take plus_1_eq_Suc)
then have ?case using i_bound_L t_bound by auto
} moreover {
assume *: "t ≥ s!(length L-1)"
then have ?case
by (metis Suc.hyps(2) Suc.prems(4) Suc.prems(6) Suc.prems(8) add_diff_cancel_right' diff_less le_add1 le_add_diff_inverse2 less_numeral_extra(1) order_less_le_trans plus_1_eq_Suc)
}
ultimately show ?case by fastforce
qed
}
ultimately show ?thesis
by (meson less_one verit_comp_simplify1(3))
qed
lemma interval_times_obtain:
assumes "a ≤ b"
assumes "is_composition (b - a + 1) L"
assumes "s = interval_times a L"
assumes "a ≤ t ∧ t ≤ b"
shows "∃i. s ! i ≤ t ∧ t ≤ s ! (i + 1) - 1 ∧ 0 ≤ i ∧ i < length L"
proof-
{
assume *: "(s ! 1) ≤ t"
from interval_times_obtain_aux[OF assms(1-3), of "t"] * assms(4)
obtain i where "s ! i ≤ t ∧ t ≤ s ! (i + 1) - 1 ∧ 1 ≤ i ∧ i < length L"
by auto
then have ?thesis by blast
} moreover {
assume *: "t < s!1"
have sfirst: "s!0 = a"
using interval_times_first unfolding assms by auto
have length_L: "0 < length L"
using composition_length_lb[OF assms(2)] using assms by auto
have "t ≤ s ! 1 - 1"
using * by simp
then have "s ! 0 ≤ t ∧ t ≤ s ! 1 - 1 ∧ 0 ≤ (0::nat) ∧ 0 < length L"
using * assms unfolding sfirst using length_L by blast
then have ?thesis by auto
}
ultimately show ?thesis by force
qed
lemma list_allones:
assumes "∀i<length L. L!i = 1"
shows "L = map (λi. 1) [0 ..< length L]"
using assms
proof(induct L)
case Nil
then show ?case by simp
next
case (Cons a L)
then show ?case
by (metis (no_types, lifting) length_map list_eq_iff_nth_eq map_nth nth_map)
qed
lemma sum_list_constants:
fixes L::"nat list" and k::"nat"
assumes "∀i<length L. L ! i = k"
shows "sum_list L = k*(length L)"
using assms by(induct L) force+
lemma length_is_composition_allones:
assumes "is_composition_allones n L"
shows "length L = n"
using assms unfolding is_composition_allones_def is_composition_def
by (metis mult_1 sum_list_constants)
lemma partial_sum_allones:
assumes "(∀i<length L. L ! i = 1)"
assumes "i ≤ length L"
shows "partial_sum L i = i"
using assms
proof(induct "length L" arbitrary: i L)
case 0
then have i0: "i = 0" by auto
have L_empty: "L = []" using 0 by auto
show ?case using L_empty i0
unfolding partial_sum_def by simp
next
case (Suc x)
then obtain H t where L_is: "L = H@[t]"
by (metis length_Suc_conv_rev)
have L_ones: "L = map (λi. 1) [0..<length L]"
using list_allones Suc by blast
{
assume *: "i = length L"
then have takeall: "take i L = L"
using take_all[of L i] by simp
have ?case unfolding takeall partial_sum_def
using Suc(3) * sum_list_constants[of L 1] by simp
} moreover {
assume *: "i < length L"
have cond1: "x = length H"
using Suc L_is by simp
have cond2: "∀i<length H. H ! i = 1"
using Suc(3) unfolding L_is
by (metis L_is Suc.hyps(2) Suc_lessD Suc_mono butlast_snoc cond1 nth_butlast)
have cond3: "i ≤ length H"
using * L_is by auto
then have ?case
using Suc(1)[of H i, OF cond1 cond2 cond3]
unfolding partial_sum_def L_is by simp
}
ultimately show ?case using L_is Suc by fastforce
qed
lemma interval_times_allones:
assumes "a ≤ b"
assumes "is_composition_allones (b - a + 1) L"
assumes "i < length (interval_times a L)"
shows "(interval_times a L)!i = a+i"
proof-
have *: "map (λi. a + partial_sum L i) [0..<length L + 1] ! i = a + partial_sum L i"
using assms
by (metis interval_times_def length_map length_upt nth_map_upt plus_nat.add_0)
have allones: "∀i<length L. L!i = 1"
using assms(2) unfolding is_composition_allones_def
by blast
have "length (interval_times a L) = length L + 1"
using interval_times_length by simp
then have "partial_sum L i = i"
using partial_sum_allones[of L i]
using allones assms by simp
then have "a + partial_sum L i = a + i"
by auto
then show ?thesis
unfolding interval_times_def
using * by auto
qed
lemma allones_implies_is_composition:
assumes "is_composition_allones n L"
shows "is_composition n L"
using assms unfolding is_composition_allones_def by blast
lemma allones_implies_is_composition_MLTL:
assumes "is_composition_MLTL_allones φ"
shows "is_composition_MLTL φ"
using assms allones_implies_is_composition
by (induct φ) simp_all
section ‹MLTL Decomposition Lemmas›
lemma LP_mltl_nnf:
fixes φ::"'a mltl_ext" and ψ::"'a mltl" and k::"nat"
assumes ψ_coformula: "ψ ∈ set (LP_mltl φ k)"
shows "∃ψ_init. ψ = convert_nnf ψ_init"
proof-
obtain ψ_init where "ψ = to_mltl (convert_nnf_ext ψ_init)"
using assms unfolding LP_mltl.simps by auto
then have "ψ = convert_nnf (to_mltl ψ_init)"
using convert_nnf_ext_to_mltl_commute by metis
then show ?thesis
by blast
qed
lemma LP_mltl_element:
fixes ψ::"'a mltl" and φ::"'a mltl_ext"
shows "ψ ∈ set (LP_mltl φ k) ⟷
(∃ψ_ext ∈ set (LP_mltl_aux (convert_nnf_ext φ) k).
ψ = to_mltl (convert_nnf_ext ψ_ext))"
unfolding LP_mltl.simps by auto
section ‹Lemmas for MLTL operators that operate over lists of mltl formulas›
lemma pairs_alt:
shows "set (pairs L1 (h2#T2)) =
set ((map (λx. (x, h2)) L1) @ (pairs L1 T2))"
proof(induct L1 arbitrary: h2 T2)
case Nil
then show ?case by simp
next
case (Cons a L1)
have pairs_fact: "set (pairs (a#L1) (h2#T2)) = set (map (Pair a) (h2 # T2) @ pairs L1 (h2 # T2))"
unfolding pairs.simps by auto
have ih: "set (pairs L1 (h2 # T2)) = set (map (λx. (x, h2)) L1 @ pairs L1 T2)"
using Cons.hyps[of h2 T2] by simp
have *: "set (pairs (a#L1) (h2#T2)) =
set (map (Pair a) (h2 # T2)) ∪ set (map (λx. (x, h2)) L1 @ pairs L1 T2)"
using pairs_fact ih by auto
have **: "set (pairs (a # L1) T2) = set (map (Pair a) T2 @ pairs L1 T2)"
using pairs.simps by simp
then show ?case using * ** by auto
qed
lemma list_concat_set_union:
shows "set(A@B) = set A ∪ set B"
by simp
lemma pairs_empty_list:
shows "pairs A [] = []"
proof(induct A)
case Nil
then show ?case by simp
next
case (Cons a A)
then show ?case by auto
qed
subsection ‹Forward Direction Proofs›
lemma pairs_member_fst_forward:
assumes "List.member (pairs A B) x"
shows "List.member A (fst x)"
using assms
proof(induct A)
case Nil
then have "pairs [] B = []" unfolding pairs.simps by simp
then show ?case using member_rec(2)
by (metis Nil)
next
case (Cons a A)
{assume fst_x_is_a: "fst x = a"
then have ?case
using Cons member_rec(1) by metis
} moreover {
assume fst_x_not_a: "fst x ≠ a"
then have "¬(List.member (map (Pair a) B) x)"
using in_set_member by force
then have "List.member (pairs A B) x"
using Cons(2) unfolding pairs.simps List.member_def by auto
then have ih: "List.member A (fst x)"
using Cons.hyps by blast
then have "List.member (a # A) (fst x)"
unfolding List.member_def by simp
then have ?case
using ih by blast
}
ultimately show ?case by blast
qed
lemma pairs_member_snd_forward:
assumes "List.member (pairs A B) x"
shows "List.member B (snd x)"
using assms
proof(induct B)
case Nil
have "pairs A [] = []"
using pairs_empty_list by blast
then show ?case
by (metis local.Nil member_rec(2))
next
case (Cons b B)
have pairs_rec: "set (pairs A (b # B)) = set (map (λx. (x, b)) A @ pairs A B)"
using pairs_alt[of A b B] by blast
{assume snd_x_is_b: "snd x = b"
then have ?case
using Cons member_rec(1) by metis
} moreover {
assume snd_x_not_b: "snd x ≠ b"
then have "¬(List.member (map (λx. (x, b)) A) x)"
using in_set_member pairs_rec by force
then have "List.member (pairs A B) x"
using Cons(2) unfolding pairs_rec List.member_def by simp
then have ih: "List.member B (snd x)"
using Cons.hyps by blast
then have "List.member (b # B) (snd x)"
unfolding List.member_def by simp
then have ?case
using ih by blast
}
ultimately show ?case by blast
qed
lemma pairs_member_forward:
assumes "List.member (pairs A B) x"
shows "List.member A (fst x) ∧ List.member B (snd x)"
using assms pairs_member_fst_forward pairs_member_snd_forward by blast
lemma And_mltl_list_member_forward:
assumes "List.member (And_mltl_list D_x D_y) ψ"
shows "∃ψ1 ψ2. ψ = And_mltl_ext ψ1 ψ2
∧ List.member D_x ψ1 ∧ List.member D_y ψ2"
proof-
obtain x where "ψ = And_mltl_ext (fst x) (snd x) ∧ x ∈ set (pairs D_x D_y)"
using assms unfolding And_mltl_list.simps List.member_def by auto
then show ?thesis
using pairs_member_forward[of D_x D_y x]
by (simp add: in_set_member)
qed
subsection ‹Converse Direction Proofs›
lemma pairs_member_converse:
assumes "List.member A (fst x)"
assumes "List.member B (snd x)"
shows "List.member (pairs A B) x"
using assms
proof(induct A)
case Nil
then show ?case unfolding List.member_def by simp
next
case (Cons a A)
{assume *: "fst x = a"
then have ?case using Cons
unfolding pairs.simps List.member_def by force
} moreover {
assume *: "fst x ∈ set A"
then have "List.member (pairs A B) x"
using Cons.hyps Cons(3) unfolding List.member_def by simp
then have ?case unfolding pairs.simps List.member_def by simp
}
ultimately show ?case using Cons(2) unfolding List.member_def by force
qed
lemma And_mltl_list_member_converse:
assumes "∃ψ1 ψ2. ψ = And_mltl_ext ψ1 ψ2
∧ List.member D_x ψ1 ∧ List.member D_y ψ2"
shows "List.member (And_mltl_list D_x D_y) ψ"
proof-
from assms obtain ψ1 ψ2 where "ψ = And_mltl_ext ψ1 ψ2 ∧ List.member D_x ψ1 ∧ List.member D_y ψ2"
by blast
then show ?thesis using pairs_member_converse
unfolding And_mltl_list.simps List.member_def by force
qed
subsection ‹Biconditional Lemmas›
lemma pairs_member:
shows "(List.member A (fst x) ∧ List.member B (snd x)) ⟷
List.member (pairs A B) x"
using pairs_member_forward pairs_member_converse by blast
lemma And_mltl_list_member:
shows "(∃ψ1 ψ2. ψ = And_mltl_ext ψ1 ψ2
∧ List.member D_x ψ1 ∧ List.member D_y ψ2) ⟷
List.member (And_mltl_list D_x D_y) ψ"
using And_mltl_list_member_forward And_mltl_list_member_converse by blast
section ‹MLTL Decomposition Top Level Correctness›
fun wpd_mltl:: "'a mltl ⇒ nat"
where "wpd_mltl False⇩m = 1"
| "wpd_mltl True⇩m = 1"
| "wpd_mltl (Prop⇩m (p)) = 1"
| "wpd_mltl (Not⇩m φ) = wpd_mltl φ"
| "wpd_mltl (φ And⇩m ψ) = max (wpd_mltl φ) (wpd_mltl ψ)"
| "wpd_mltl (φ Or⇩m ψ) = max (wpd_mltl φ) (wpd_mltl ψ)"
| "wpd_mltl (G⇩m[a,b] φ) = b + (wpd_mltl φ)"
| "wpd_mltl (F⇩m[a,b] φ) = b + (wpd_mltl φ)"
| "wpd_mltl (φ R⇩m [a,b] ψ) = b + (max ((wpd_mltl φ)) (wpd_mltl ψ))"
| "wpd_mltl (φ U⇩m [a,b] ψ) = b + (max ((wpd_mltl φ)) (wpd_mltl ψ))"
subsection ‹Helper Lemmas›
lemma wpd_geq_one:
shows "wpd_mltl φ ≥ 1"
by (induct φ) simp_all
lemma wpd_convert_nnf:
fixes φ::"'a mltl"
shows "wpd_mltl (convert_nnf φ) = wpd_mltl φ"
proof(induction "depth_mltl φ" arbitrary: φ rule: less_induct)
case less
have not: "(⋀φ. depth_mltl φ < Suc (depth_mltl p) ⟹
wpd_mltl (convert_nnf φ) = wpd_mltl φ) ⟹
φ = Not⇩m p ⟹
wpd_mltl (convert_nnf (Not⇩m p)) = wpd_mltl p" for p
proof-
assume ih: "⋀φ. depth_mltl φ < Suc (depth_mltl p) ⟹
wpd_mltl (convert_nnf φ) = wpd_mltl φ"
assume notcase: "φ = Not⇩m p"
show ?thesis using ih notcase less by (induct p) simp_all
qed
show ?case using less not by (cases φ) auto
qed
lemma convert_nnf_ext_preserves_wpd:
shows "wpd_mltl (to_mltl (convert_nnf_ext φ)) =
wpd_mltl (to_mltl φ)"
proof(induction "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
have not: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl x)) ⟹
wpd_mltl (to_mltl (convert_nnf_ext φ)) =
wpd_mltl (to_mltl φ)) ⟹
φ = Not⇩c x ⟹
wpd_mltl (to_mltl (convert_nnf_ext (Not⇩c x))) =
wpd_mltl (to_mltl x)" for x
proof-
assume ih: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl x)) ⟹
wpd_mltl (to_mltl (convert_nnf_ext φ)) =
wpd_mltl (to_mltl φ))"
assume shape: "φ = Not⇩c x"
show ?thesis using ih shape less by (induct x) simp_all
qed
show ?case using less not
by (cases φ) auto
qed
lemma nnf_intervals_welldef:
assumes "intervals_welldef F1"
shows "intervals_welldef (convert_nnf F1)"
using assms
proof (induct "depth_mltl F1" arbitrary: F1 rule: less_induct)
case less
have iwd: "intervals_welldef F2 ⟹
F1 = Not⇩m F2 ⟹
intervals_welldef (convert_nnf (Not⇩m F2))"
for F2 using less by (cases F2) simp_all
then show ?case using less by (cases F1) simp_all
qed
lemma is_composition_convert_nnf_ext:
fixes φ::"'a mltl_ext"
assumes "intervals_welldef (to_mltl φ)"
assumes "is_composition_MLTL φ"
shows "is_composition_MLTL (convert_nnf_ext φ)"
using assms
proof(induct "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
have not_case: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl x4)) ⟹
intervals_welldef (to_mltl φ) ⟹
is_composition_MLTL φ ⟹
is_composition_MLTL (convert_nnf_ext φ)) ⟹
intervals_welldef (to_mltl x4) ⟹
is_composition_MLTL x4 ⟹
φ = Not⇩c x4 ⟹
is_composition_MLTL (convert_nnf_ext (Not⇩c x4))" for x4
using less by (induct x4) simp_all
show ?case using less not_case by (cases φ) auto
qed
lemma is_composition_allones_convert_nnf_ext:
fixes φ::"'a mltl_ext"
assumes "intervals_welldef (to_mltl φ)"
assumes "is_composition_MLTL_allones φ"
shows "is_composition_MLTL_allones (convert_nnf_ext φ)"
using assms
proof(induct "depth_mltl (to_mltl φ)" arbitrary: φ rule: less_induct)
case less
have not_case: "(⋀φ. depth_mltl (to_mltl φ)
< Suc (depth_mltl (to_mltl x4)) ⟹
intervals_welldef (to_mltl φ) ⟹
is_composition_MLTL_allones φ ⟹
is_composition_MLTL_allones (convert_nnf_ext φ)) ⟹
intervals_welldef (to_mltl x4) ⟹
is_composition_MLTL_allones x4 ⟹
φ = Not⇩c x4 ⟹
is_composition_MLTL_allones (convert_nnf_ext (Not⇩c x4))" for x4
using less by (induct x4) simp_all
show ?case using less not_case
by (cases φ) auto
qed
function Ands_mltl_ext:: "'a mltl_ext list ⇒ 'a mltl_ext"
where "Ands_mltl_ext [] = True_mltl_ext"
| "Ands_mltl_ext (H@[t]) = (if (length H = 0) then t
else (And_mltl_ext (Ands_mltl_ext H) t))"
using rev_exhaust by auto
termination by (relation "measure (λL. length L)") auto
lemma Ands_mltl_semantics:
assumes "length X ≥ 1"
shows "semantics_mltl_ext π (Ands_mltl_ext X) ⟷
(∀x ∈ set X. semantics_mltl_ext π x)"
using assms
proof(induct "length X-1" arbitrary: X)
case 0
then obtain x where X_is: "X = [x]"
by (metis butlast_snoc diff_is_0_eq le_antisym length_0_conv length_butlast list.exhaust rotate1.simps(2) rotate1_length01 zero_neq_one)
then show ?case unfolding X_is
using Ands_mltl_ext.simps(2)[of "[]" x] by simp
next
case (Suc n)
then obtain H t where X_is: "X = H@[t]"
by (metis Ands_mltl_ext.cases One_nat_def Suc_n_not_le_n gen_length_code(1) length_code)
then have length_H: "length H = n+1" using Suc by auto
then have cond1: "n = length H - 1" by simp
have cond2: "length H ≥ 1" using length_H by simp
have semantics_H: "semantics_mltl_ext π (Ands_mltl_ext H) =
(∀x. x ∈ set H ⟶ semantics_mltl_ext π x)"
using Suc(1)[OF cond1 cond2] unfolding Ball_def by simp
have "(semantics_mltl_ext π (Ands_mltl_ext H) ∧
semantics_mltl_ext π t) ⟷
(∀x. x ∈ set (H @ [t]) ⟶ semantics_mltl_ext π x)"
using semantics_H by auto
then have "semantics_mltl_ext π (And_mltl_ext (Ands_mltl_ext H) t) =
(∀x. x ∈ set (H @ [t]) ⟶ semantics_mltl_ext π x)"
unfolding semantics_mltl_ext_def to_mltl.simps by simp
then show ?case unfolding Ball_def X_is Ands_mltl_ext.simps
using length_H by simp
qed
lemma in_Global_mltl_decomp:
assumes "length D_φ > 1"
assumes "ψ ∈ set (Global_mltl_decomp D_φ a n L)"
shows "∃X. ((ψ = Ands_mltl_ext X ∧
(∀x. List.member X x ⟶
(∃y ∈ set D_φ. (∃k. a ≤ k ∧ k ≤ (a+n) ∧ x = Global_mltl_ext k k [1] y)))) ∧
(length X = Suc n))"
using assms
proof(induct n arbitrary: D_φ ψ a)
case 0
then obtain x where x_in: "x ∈ set D_φ" and
ψ_is: "ψ = Global_mltl_ext a a [1] x"
unfolding Global_mltl_decomp.simps Global_mltl_list.simps by auto
then have "ψ = Ands_mltl_ext [Global_mltl_ext a a [1] x]"
using Ands_mltl_ext.simps(2)[of "[]" "Global_mltl_ext a a [1] x"] by auto
then show ?case
by (metis add.right_neutral length_Cons list.size(3) member_rec(1) member_rec(2) order_refl x_in)
next
case (Suc x)
then have "ψ ∈ set (And_mltl_list (Global_mltl_decomp D_φ a x L)
(Global_mltl_list D_φ (a + Suc x) (a + Suc x) [1]))"
unfolding Global_mltl_decomp.simps by force
then obtain first second where ψ_is: "ψ = And_mltl_ext first second"
and first_in: "first ∈ set (Global_mltl_decomp D_φ a x L)"
and second_in: "second ∈ set (Global_mltl_list D_φ (a + Suc x) (a + Suc x) [1])"
using And_mltl_list_member by (metis in_set_member)
from Suc.hyps[OF Suc.prems(1) first_in] obtain X where
X1: "first = Ands_mltl_ext X" and
X2: "(∀xa. List.member X xa ⟶
(∃y∈set D_φ. ∃k≥a. k ≤ a + x ∧ xa = Global_mltl_ext k k [1] y))" and
X3: "length X = (Suc x)"
by blast
from second_in obtain x_second where
second_is: "second = Global_mltl_ext (a + Suc x) (a + Suc x) [1] x_second"
and x_second_in: "x_second ∈ set D_φ" by auto
have prop1: "ψ = Ands_mltl_ext (X@[second])" using ψ_is X1
unfolding Ands_mltl_ext.simps using X3 by auto
have prop2: "(∃y∈set D_φ. ∃k≥a. k ≤ a + Suc x ∧ xa = Global_mltl_ext k k [1] y)"
if prem: "List.member (X@[second]) xa" for xa
using X2 second_is
proof-
have split: "(List.member X xa) ∨ xa = second"
using prem
by (metis in_set_member member_rec(1) rotate1.simps(2) set_rotate1)
{assume in_X: "List.member X xa"
have ?thesis using X2 in_X by force
} moreover {
assume in_second: "xa = second"
have ?thesis using in_second second_is
by (simp add: x_second_in)
}
ultimately show ?thesis using split by blast
qed
have prop3: "length (X@[second]) = Suc (Suc x)"
using X3 by simp
then show ?case
using prop1 prop2 prop3 by blast
qed
lemma in_Global_mltl_decomp_exact_forward:
assumes "length D_φ > 1"
assumes "ψ ∈ set (Global_mltl_decomp D_φ a n L)"
shows "∃X. ((ψ = Ands_mltl_ext X ∧
(∀i < length X. (∃y ∈ set D_φ. (X!i) = Global_mltl_ext (a+i) (a+i) [1] y)))) ∧
(length X = Suc n)"
using assms
proof(induct n arbitrary: D_φ ψ a)
case 0
then obtain x where x_in: "x ∈ set D_φ" and
ψ_is: "ψ = Global_mltl_ext a a [1] x"
unfolding Global_mltl_decomp.simps Global_mltl_list.simps by auto
then have "ψ = Ands_mltl_ext [Global_mltl_ext a a [1] x]"
using Ands_mltl_ext.simps(2)[of "[]" "Global_mltl_ext a a [1] x"] by auto
then show ?case
using x_in by auto
next
case (Suc n)
obtain H t where ψ_is: "ψ = And_mltl_ext H t"
and H_in: "H ∈ set (Global_mltl_decomp D_φ a n L)"
and t_in: "t ∈ set (Global_mltl_list D_φ (a + Suc n) (a + Suc n) [1])"
using Suc(3) unfolding Global_mltl_decomp.simps
using And_mltl_list_member unfolding List.member_def
by (metis add_diff_cancel_left' plus_1_eq_Suc)
obtain x where t_is: "t = Global_mltl_ext (a+Suc n) (a+Suc n) [1] x"
and x_in: "x ∈ set D_φ"
using t_in unfolding Global_mltl_list.simps by auto
have "∃X. (H = Ands_mltl_ext X ∧
(∀i<length X. ∃y∈set D_φ. X ! i = Global_mltl_ext (a + i) (a + i) [1] y)) ∧
length X = Suc n"
using Suc.hyps[of D_φ H a] Suc.prems H_in by blast
then obtain X where H_is: "H = Ands_mltl_ext X"
and X_prop: "∀i<length X. ∃y∈set D_φ. X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and length_X: "length X = Suc n"
by blast
have ψ_is: "ψ = Ands_mltl_ext (X@[t])"
unfolding Ands_mltl_ext.simps using length_X ψ_is
by (simp add: H_is)
have property: "∃y∈set D_φ. (X@[t]) ! i = Global_mltl_ext (a + i) (a + i) [1] y"
if i_bound: "i<length (X@[t])" for i
proof-
{
assume *: "i < length X"
then have "X ! i = (X@[t])!i" using length_X
by (simp add: nth_append)
then have ?thesis using X_prop length_X * by metis
} moreover {
assume *: "i = length X"
have "(X@[t])!i = t"
using length_X *
by (metis nth_append_length)
then have ?thesis using t_is * length_X
by (simp add: x_in)
}
ultimately show ?thesis using i_bound by fastforce
qed
have len: "length (X@[t]) = Suc (Suc n)"
using length_X by auto
then show ?case
using ψ_is property len by blast
qed
lemma in_Global_mltl_decomp_exact_converse:
fixes n::"nat" and X::"'a mltl_ext list"
assumes "length D_φ > 1"
assumes "ψ = Ands_mltl_ext X"
assumes "(∀i < length X. (∃y ∈ set D_φ.
(X!i) = Global_mltl_ext (a+i) (a+i) [1] y))"
assumes "length X = n+1"
shows "ψ ∈ set (Global_mltl_decomp D_φ a n L)"
using assms
proof(induct n arbitrary: X ψ a)
case 0
then have length_X: "length X = 1" by auto
then have "∃x. X = [x]"
by (metis Suc_eq_plus1 add_cancel_right_left length_Cons list.size(3) neq_Nil_conv zero_eq_add_iff_both_eq_0 zero_neq_one)
then obtain x where X_is: "X = [x]" by blast
then obtain y where x_is: "x = Global_mltl_ext a a [1] y"
and y_in: "y ∈ set D_φ"
using 0 by auto
then show ?case unfolding 0(2) X_is
using Ands_mltl_ext.simps(2)[of "[]" x] by simp
next
case (Suc n)
then have length_X: "length X = n+2" by simp
then obtain H t where X_is: "X = H@[t]"
by (metis Suc.prems(4) Suc_eq_plus1 length_Suc_conv_rev)
have length_H: "length H = n+1" using length_X X_is by auto
have ψ_is: "ψ = And_mltl_ext (Ands_mltl_ext H) t"
using Suc(3) unfolding X_is Ands_mltl_ext.simps
using length_H by simp
have H_prop: "∃y∈set D_φ. H ! i = Global_mltl_ext (a + i) (a + i) [1] y"
if i_bound: "i<length H" for i
proof-
have index: "(H @ [t]) ! i = H!i"
using i_bound by (simp add: nth_append)
then have "∃y∈set D_φ. (H @ [t]) ! i = Global_mltl_ext (a + i) (a + i) [1] y"
using i_bound Suc(4) unfolding X_is
by (metis Suc.prems(4) Suc_eq_plus1 X_is length_H plus_1_eq_Suc trans_less_add2)
then show ?thesis
using index by auto
qed
then have H_prop: "∀i<length H.
∃y∈set D_φ. H ! i = Global_mltl_ext (a + i) (a + i) [1] y"
by blast
have H_in: "Ands_mltl_ext H ∈ set (Global_mltl_decomp D_φ a n L)"
using Suc(1)[OF Suc(2) _ H_prop, of "(Ands_mltl_ext H)"]
using length_H by blast
have t_is: "∃y∈set D_φ. t = Global_mltl_ext (a + n + 1) (a + n + 1) [1] y"
using Suc(4) unfolding X_is using length_X
by (metis X_is add.assoc length_H less_add_one nth_append_length one_add_one)
then obtain y where t_is: "t = Global_mltl_ext (a + n + 1) (a + n + 1) [1] y"
and y_in: "y ∈ set D_φ"
by blast
have t_in: "t ∈ set (Global_mltl_list D_φ (a + Suc n) (a + Suc n) [1])"
using y_in t_is by simp
show ?case unfolding ψ_is Global_mltl_decomp.simps
using t_in H_in And_mltl_list_member[of ψ "(Global_mltl_decomp D_φ a n) L" "(Global_mltl_list D_φ (a + Suc n) (a + Suc n) [1])"]
unfolding List.member_def ψ_is by auto
qed
lemma case_split_helper:
assumes "x ∈ A ∪ B ∪ C"
assumes "x ∈ A ⟹ P x" and "x ∈ B ⟹ P x" and "x ∈ C ⟹ P x"
shows "P x"
using assms by blast
lemma LP_mltl_aux_intervals_welldef:
fixes φ ψ::"'a mltl_ext"
assumes "intervals_welldef (to_mltl φ)"
assumes "ψ ∈ set (LP_mltl_aux (convert_nnf_ext φ) k)"
assumes "is_composition_MLTL φ"
shows "intervals_welldef (to_mltl ψ)"
using assms
proof(induct k arbitrary: φ ψ)
case 0
then show ?case unfolding LP_mltl_aux.simps
by (simp add: convert_nnf_and_convert_nnf_ext nnf_intervals_welldef)
next
case (Suc k)
then show ?case
proof(cases "convert_nnf_ext φ")
case True_mltl_ext
then show ?thesis using Suc by simp
next
case False_mltl_ext
then show ?thesis using Suc by simp
next
case (Prop_mltl_ext p)
then show ?thesis using Suc by simp
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by auto
then show ?thesis using Suc
by (simp add: Not_mltl_ext)
next
case (And_mltl_ext α β)
obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set (LP_mltl_aux (convert_nnf_ext α) k)"
and y_in: "y ∈ set (LP_mltl_aux (convert_nnf_ext β) k)"
using Suc(3) unfolding And_mltl_ext LP_mltl_aux.simps
by (meson And_mltl_list_member in_set_member)
then show ?thesis unfolding ψ_is to_mltl.simps intervals_welldef.simps
using Suc.hyps x_in y_in
by (metis And_mltl_ext Suc.prems(1) Suc.prems(3) convert_nnf_ext_to_mltl_commute intervals_welldef.simps(5) nnf_intervals_welldef is_composition_MLTL.simps(1) is_composition_convert_nnf_ext to_mltl.simps(5))
next
case (Or_mltl_ext α β)
let ?Dx = "LP_mltl_aux (convert_nnf_ext α) k"
let ?Dy = "LP_mltl_aux (convert_nnf_ext β) k"
{assume *: "ψ ∈ set (And_mltl_list ?Dx ?Dy)"
then obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set ?Dx" and y_in: "y ∈ set ?Dy"
using Suc(3) LP_mltl_aux.simps
by (meson And_mltl_list_member in_set_member)
then have ?thesis unfolding Or_mltl_ext
by (metis Or_mltl_ext Suc.hyps Suc.prems(1) Suc.prems(3) convert_nnf_ext_to_mltl_commute intervals_welldef.simps(5) intervals_welldef.simps(6) nnf_intervals_welldef is_composition_MLTL.simps(2) is_composition_convert_nnf_ext to_mltl.simps(5) to_mltl.simps(6))
} moreover {
assume *: "ψ ∈ set (And_mltl_list [Not⇩c α] ?Dy)"
then obtain y where ψ_is: "ψ = And_mltl_ext (Not⇩c α) y"
and y_in: "y ∈ set ?Dy"
using Suc(3)
using And_mltl_list_member[of ψ ?Dy "[Not⇩c α]"] by auto
have lhs_welldef: "intervals_welldef (to_mltl α)"
by (metis Or_mltl_ext Suc.prems(1) convert_nnf_ext_to_mltl_commute intervals_welldef.simps(6) nnf_intervals_welldef to_mltl.simps(6))
have rhs_welldef: "intervals_welldef (to_mltl y)"
using y_in Suc.prems unfolding Or_mltl_ext
by (metis Or_mltl_ext Suc.hyps convert_nnf_ext_to_mltl_commute intervals_welldef.simps(6) nnf_intervals_welldef is_composition_MLTL.simps(2) is_composition_convert_nnf_ext to_mltl.simps(6))
then have ?thesis
unfolding ψ_is to_mltl.simps intervals_welldef.simps
using lhs_welldef rhs_welldef by blast
} moreover {
assume *: "ψ ∈ set (And_mltl_list ?Dx [Not⇩c β])"
then obtain x where ψ_is: "ψ = And_mltl_ext x (Not⇩c β)"
and x_in: "x ∈ set ?Dx"
using Suc(3) And_mltl_list_member[of ψ ?Dx "[Not⇩c β]"]
by (metis in_set_member member_rec(1) member_rec(2))
have lhs_welldef: "intervals_welldef (to_mltl β)"
by (metis Or_mltl_ext Suc.prems(1) convert_nnf_ext_to_mltl_commute intervals_welldef.simps(6) nnf_intervals_welldef to_mltl.simps(6))
have rhs_welldef: "intervals_welldef (to_mltl x)"
using x_in Suc.prems unfolding Or_mltl_ext
by (metis Or_mltl_ext Suc.hyps convert_nnf_ext_to_mltl_commute intervals_welldef.simps(6) nnf_intervals_welldef is_composition_MLTL.simps(2) is_composition_convert_nnf_ext to_mltl.simps(6))
then have ?thesis
unfolding ψ_is to_mltl.simps intervals_welldef.simps
using lhs_welldef rhs_welldef by blast
}
ultimately show ?thesis
using Suc(3) unfolding Or_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
by (metis UnE)
next
case (Future_mltl_ext a b L α)
let ?D = "LP_mltl_aux (convert_nnf_ext α) k"
let ?s = "interval_times a L"
have "convert_nnf (to_mltl φ) = Future_mltl a b (to_mltl α)"
using Future_mltl_ext convert_nnf_and_convert_nnf_ext
by (simp add: convert_nnf_ext_to_mltl_commute)
then have a_leq_b: "a ≤ b"
using Suc (2) Future_mltl_ext nnf_intervals_welldef
by fastforce
from is_composition_convert_nnf_ext[OF Suc(2) Suc(4)]
have "is_composition_MLTL (convert_nnf_ext φ)"
.
then have is_comp: "is_composition (b-a+1) L"
unfolding Future_mltl_ext is_composition_MLTL.simps by blast
{assume *: "ψ ∈ set (Future_mltl_list ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
then obtain x where ψ_is: "ψ = Future_mltl_ext (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] x"
and x_in: "x ∈ set ?D"
unfolding Future_mltl_list.simps by fastforce
from is_comp have welldef: "?s ! 0 ≤ ?s ! 1 -1"
using interval_times_diff_ge[OF a_leq_b is_comp _ , of 0 ?s]
by (metis a_leq_b add_0 add_le_imp_le_diff gr_zeroI interval_times_first interval_times_last less_iff_succ_less_eq order_less_irrefl)
have ih: "intervals_welldef (to_mltl x)"
using Suc x_in
by (metis Future_mltl_ext convert_nnf_ext_to_mltl_commute intervals_welldef.simps(7) nnf_intervals_welldef is_composition_MLTL.simps(5) is_composition_convert_nnf_ext to_mltl.simps(7))
then have ?thesis
unfolding ψ_is to_mltl.simps intervals_welldef.simps
using welldef ih by blast
} moreover {
assume *: "ψ ∈ set (concat (map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i-?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
then obtain i where ψ_is: "ψ ∈ set ((And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i-?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])
))"
and i_in: "i ∈ {1..<length L}"
by force
then obtain x where ψ_is: "ψ = ((And_mltl_ext
(Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i-?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i] x)))"
and x_in: "x ∈ set ?D"
by auto
from is_comp have welldef1: "interval_times a L ! 0 ≤ interval_times a L ! i - 1"
using i_in
using interval_times_diff_ge_general[OF a_leq_b is_comp _ , of i 0 ?s]
by force
have welldef2: "interval_times a L ! i ≤ interval_times a L ! (i + 1) - 1 "
using i_in
by (metis a_leq_b add.commute add_le_imp_le_diff atLeastLessThan_iff interval_times_diff_ge is_comp less_eq_Suc_le plus_1_eq_Suc)
have ih1: "intervals_welldef (to_mltl α)"
using Suc x_in
by (metis ‹convert_nnf (to_mltl φ) = Future_mltl a b (to_mltl α)› intervals_welldef.simps(7) nnf_intervals_welldef)
have ih2: "intervals_welldef (to_mltl x)"
using Suc
by (metis Future_mltl_ext ‹is_composition_MLTL (convert_nnf_ext φ)› ih1 is_composition_MLTL.simps(5) x_in)
have ?thesis unfolding ψ_is to_mltl.simps intervals_welldef.simps
using ih1 ih2 welldef1 welldef2
by auto
}
ultimately show ?thesis
using Suc(3) unfolding Future_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
by (metis (no_types, lifting) Un_iff)
next
case (Global_mltl_ext a b L α)
let ?D_φ = "LP_mltl_aux (convert_nnf_ext α) k"
have nnf_φ: "convert_nnf (to_mltl φ) = Global_mltl a b (to_mltl α)"
using Global_mltl_ext convert_nnf_and_convert_nnf_ext
by (simp add: convert_nnf_ext_to_mltl_commute)
then have a_leq_b: "a ≤ b"
using Suc (2) Global_mltl_ext nnf_intervals_welldef
by fastforce
have α_composition: "is_composition_MLTL α"
using Suc(4) Global_mltl_ext Suc.prems(1) is_composition_convert_nnf_ext by fastforce
have L_composition: "is_composition (b-a+1) L"
by (metis Global_mltl_ext Suc.prems(1) Suc.prems(3) is_composition_MLTL.simps(3) is_composition_convert_nnf_ext)
{assume *: "length ?D_φ ≤ 1"
then have ψ: "ψ = Global_mltl_ext a b L α"
using Suc(3)
unfolding Global_mltl_ext LP_mltl_aux.simps
by simp
have ih1: "intervals_welldef (to_mltl α)"
using Suc nnf_φ
by (metis intervals_welldef.simps(8) nnf_intervals_welldef)
then have ?thesis
using a_leq_b unfolding ψ to_mltl.simps
intervals_welldef.simps by auto
} moreover {assume *: "length ?D_φ > 1"
then have ψ_in: "ψ ∈ set (Global_mltl_decomp ?D_φ a (b - a) L)"
using Suc(3)
unfolding Global_mltl_ext LP_mltl_aux.simps
by simp
then obtain X where ψ_is: "ψ = Ands_mltl_ext X" and
X_fact: "(∀x ∈ set X.
(∃y∈set (LP_mltl_aux (convert_nnf_ext α) k).
∃k≥a. k ≤ a + (b - a) ∧ x = Global_mltl_ext k k [1] y))"
and length_X: "length X = Suc (b - a)"
using in_Global_mltl_decomp[OF * ψ_in]
unfolding List.member_def by blast
have X_ih: "intervals_welldef (to_mltl x)"
if x_in: "x ∈ set X" for x
proof-
obtain y k where y_in: "y ∈ set ?D_φ"
and k_bound: "a ≤ k ∧ k ≤ b"
and x_is: "x = Global_mltl_ext k k [1] y"
using X_fact a_leq_b x_in by fastforce
show ?thesis using y_in Suc
unfolding x_is to_mltl.simps intervals_welldef.simps
by (metis Global_mltl_ext intervals_welldef.simps(8) is_composition_MLTL.simps(3) is_composition_convert_nnf_ext nnf_φ nnf_intervals_welldef order_refl)
qed
have ?thesis
using ψ_is X_ih length_X
proof(induct "b-a" arbitrary: b a ψ X)
case 0
then obtain x where X_is: "X = [x]"
by (metis length_0_conv length_Suc_conv)
have "ψ = x"
using Ands_mltl_ext.simps(2) 0
by (metis X_is append_self_conv2 length_0_conv)
then show ?case using 0(3)[of x] unfolding X_is by auto
next
case (Suc n)
then have "length X = n + 2" by linarith
then obtain H t where X_is: "X = H@[t]" and length_H: "length H = length X-1"
by (metis Suc.prems(3) diff_Suc_1 length_Suc_conv_rev)
have ψ_is: "ψ = And_mltl_ext (Ands_mltl_ext H) t"
using Suc(3) unfolding X_is Ands_mltl_ext.simps using length_H
by (metis One_nat_def Suc.hyps(2) Suc.prems(3) diff_Suc_1' nat.distinct(1))
have t_ih: "intervals_welldef (to_mltl t)"
using X_is Suc by force
have "(⋀x. x ∈ set H ⟹ intervals_welldef (to_mltl x))"
using Suc.prems unfolding X_is by auto
then have H_ih: "intervals_welldef (to_mltl (Ands_mltl_ext H))"
using Suc.hyps(1)[of _ _ "Ands_mltl_ext H" H]
by (metis Suc.hyps(2) Suc.prems(3) diff_Suc_1 length_H)
show ?case unfolding ψ_is to_mltl.simps
using t_ih H_ih by simp
qed
}
ultimately show ?thesis
by linarith
next
case (Until_mltl_ext α a b L β)
let ?D_β = "LP_mltl_aux (convert_nnf_ext β) k"
let ?s = "interval_times a L"
have a_leq_b: "a ≤ b" using Suc(2)
by (metis Until_mltl_ext convert_nnf_ext_to_mltl_commute intervals_welldef.simps(9) to_mltl.simps(9) nnf_intervals_welldef)
have composition: "is_composition_MLTL (Until_mltl_ext α a b L β)"
using Suc(4) Until_mltl_ext
by (metis Suc.prems(1) is_composition_convert_nnf_ext)
have interval_composition: "is_composition (b - a + 1) L"
using composition by simp
have length_L: "0 < length L"
using interval_composition
by (meson add_gr_0 composition_length_lb less_numeral_extra(1))
have α_ih: "intervals_welldef (to_mltl α)"
using Suc Until_mltl_ext convert_nnf_ext_to_mltl_commute
by (metis intervals_welldef.simps(9) to_mltl.simps(9) nnf_intervals_welldef)
have β_ih: "intervals_welldef (to_mltl β)"
using Suc(2) Until_mltl_ext
by (metis convert_nnf_ext_to_mltl_commute intervals_welldef.simps(9) to_mltl.simps(9) nnf_intervals_welldef)
{assume *: "ψ ∈ set (Until_mltl_list α ?D_β (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
then obtain x where ψ_is: "ψ = Until_mltl_ext α (?s!0) (?s!1-1) [?s!1-?s!0] x"
and x_in: "x ∈ set (?D_β)"
by auto
have fact1: "interval_times a L ! 0 ≤ interval_times a L ! 1 - 1"
unfolding is_composition_def
using interval_times_diff_ge[OF a_leq_b interval_composition length_L, of ?s]
by auto
have x_ih: "intervals_welldef (to_mltl x)"
using x_in Suc.hyps[of β x] Suc.prems
using β_ih composition is_composition_MLTL.simps(6) by blast
have ?thesis unfolding ψ_is unfolding to_mltl.simps
unfolding intervals_welldef.simps
using fact1 α_ih x_ih by blast
} moreover {
assume *: "ψ ∈ set (concat
(map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D_β (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
then obtain i x where
ψ_is: "ψ = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i-1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i) (?s!(i+1)-1) [(?s!(i+1)) - (?s!i)] x)"
and i_bound: "1 ≤ i ∧ i < length L"
and x_in: "x ∈ set ?D_β"
by auto
have fact1: "interval_times a L ! 0 ≤ interval_times a L ! i - 1"
using i_bound a_leq_b
using interval_times_diff_ge_general[OF a_leq_b interval_composition, of i 0 ?s]
by force
have fact2: "interval_times a L ! i ≤ interval_times a L ! (i + 1) - 1"
using i_bound
using interval_times_diff_ge[OF a_leq_b interval_composition, of i ?s]
by auto
have x_ih: "intervals_welldef (to_mltl x)"
using Suc.hyps β_ih composition is_composition_MLTL.simps(6) x_in by blast
have ?thesis unfolding ψ_is to_mltl.simps
unfolding intervals_welldef.simps
using fact1 fact2 α_ih β_ih x_ih by blast
}
ultimately show ?thesis using Suc(3) list_concat_set_union
unfolding Until_mltl_ext LP_mltl_aux.simps
by (metis (mono_tags, lifting) UnE)
next
case (Release_mltl_ext α a b L β)
let ?D = "LP_mltl_aux (convert_nnf_ext α) k"
let ?s = "interval_times a L"
have α_ih: "intervals_welldef (to_mltl α)"
using Suc(2) Release_mltl_ext convert_nnf_ext_to_mltl_commute
by (metis intervals_welldef.simps(10) to_mltl.simps(10) nnf_intervals_welldef)
have β_ih: "intervals_welldef (to_mltl β)"
using Suc(2) Release_mltl_ext convert_nnf_ext_to_mltl_commute
by (metis intervals_welldef.simps(10) to_mltl.simps(10) nnf_intervals_welldef)
have a_leq_b: "a ≤ b" using Suc(2) Release_mltl_ext
by (metis convert_nnf_ext_to_mltl_commute intervals_welldef.simps(10) to_mltl.simps(10) nnf_intervals_welldef)
have composition: "is_composition_MLTL (Release_mltl_ext α a b L β)"
using Suc.prems(3) Release_mltl_ext
by (metis Suc.prems(1) is_composition_convert_nnf_ext)
then have composition_L: "is_composition (b-a+1) L"
and composition_α: "is_composition_MLTL α"
and composition_β: "is_composition_MLTL β"
unfolding is_composition_MLTL.simps by simp_all
have length_L: "length L > 0"
using composition_length_lb composition_L by auto
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b composition_L] by blast
let ?front = "set [Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)]"
let ?middle = "set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have split: "ψ ∈ ?front ∪ ?middle ∪ ?back"
using Suc(3) unfolding Release_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
by (metis append.assoc)
{
assume *: "ψ ∈ ?front"
then have ψ_is: "ψ = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have ?thesis unfolding ψ_is to_mltl.simps intervals_welldef.simps
using α_ih β_ih a_leq_b by blast
} moreover {
assume *: "ψ ∈ ?middle"
then obtain x where ψ_is: "ψ = Mighty_Release_mltl_ext x β
(interval_times a L ! 0) (interval_times a L ! 1 - 1)
[interval_times a L ! 1 - interval_times a L ! 0]"
and x_in: "x ∈ set ?D"
by auto
have x_ih: "intervals_welldef (to_mltl x)"
using Suc(1)[OF α_ih x_in composition_α] by blast
have welldef: "interval_times a L ! 0 ≤ interval_times a L ! 1 - 1"
using interval_times_diff_ge[OF a_leq_b composition_L, of 0 ?s]
using length_L by auto
then have ?thesis unfolding ψ_is to_mltl.simps Mighty_Release_mltl_ext.simps intervals_welldef.simps
using x_ih α_ih β_ih by blast
} moreover {
assume *: "ψ ∈ ?back"
then obtain i x where ψ_is: "ψ = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x β
(interval_times a L ! i)
(interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) -
interval_times a L ! i])"
and x_in: "x ∈ set ?D"
and i_bound: "1 ≤ i ∧ i < length L"
by auto
have lb: "a < ?s!i"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of i 0 ?s]
using sfirst i_bound by simp
have welldef: "(interval_times a L ! i) < (interval_times a L ! (i + 1))"
using interval_times_diff_ge[OF a_leq_b composition_L, of i ?s]
using i_bound by simp
have ub: "?s!(i+1) ≤ b+1"
using slast i_bound
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" "i+1" ?s]
by (metis Orderings.order_eq_iff less_iff_succ_less_eq order_le_imp_less_or_eq order_less_imp_le)
have x_ih: "intervals_welldef (to_mltl x)"
using Suc(1)
using α_ih composition_α x_in by blast
have ?thesis unfolding ψ_is to_mltl.simps intervals_welldef.simps Mighty_Release_mltl_ext.simps
using x_ih α_ih β_ih ub lb welldef
by (simp add: add_le_imp_le_diff sfirst)
}
ultimately show ?thesis
using Suc(3) unfolding Release_mltl_ext LP_mltl_aux.simps
using split by blast
qed
qed
lemma LP_mltl_aux_wpd:
assumes "∃φ_init. φ = convert_nnf_ext φ_init"
assumes "intervals_welldef (to_mltl φ)"
assumes "ψ ∈ set (LP_mltl_aux φ k)"
assumes "is_composition_MLTL φ"
shows "wpd_mltl (to_mltl ψ) ≤ wpd_mltl (to_mltl φ)"
using assms
proof(induct k arbitrary: φ ψ)
case 0
then show ?case by auto
next
case (Suc k)
then show ?case
proof(cases φ)
case True_mltl_ext
then show ?thesis using Suc by auto
next
case False_mltl_ext
then show ?thesis using Suc by auto
next
case (Prop_mltl_ext p)
then show ?thesis using Suc by auto
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop Suc
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by blast
then show ?thesis
using Not_mltl_ext Suc.prems(3) by fastforce
next
case (And_mltl_ext α β)
obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set (LP_mltl_aux α k)"
and y_in: "y ∈ set (LP_mltl_aux β k)"
using Suc unfolding And_mltl_ext LP_mltl_aux.simps
by (metis And_mltl_list_member convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext in_set_member mltl_ext.inject(3))
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(3) unfolding And_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(5) unfolding And_mltl_ext is_composition_MLTL.simps by simp_all
have x_ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc.hyps[of α x, OF α_nnf α_welldef x_in α_composition] by blast
have y_ih: "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl β)"
using Suc.hyps[of β y, OF β_nnf β_welldef y_in β_composition] by blast
show ?thesis
unfolding And_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
using x_ih y_ih by linarith
next
case (Or_mltl_ext α β)
let ?Dx = "LP_mltl_aux α k"
let ?Dy = "LP_mltl_aux β k"
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(3) unfolding Or_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(5) unfolding Or_mltl_ext is_composition_MLTL.simps by simp_all
{
assume *: "ψ ∈ set (And_mltl_list ?Dx ?Dy)"
then obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set ?Dx" and y_in: "y ∈ set ?Dy"
using And_mltl_list_member[of ψ ?Dx ?Dy]
by (metis in_set_member)
have x_ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc.hyps[of α x, OF α_nnf α_welldef x_in α_composition] by blast
have y_ih: "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl β)"
using Suc.hyps[of β y, OF β_nnf β_welldef y_in β_composition] by blast
have ?thesis
unfolding Or_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
using x_ih y_ih by linarith
} moreover {
assume *: "ψ ∈ set (And_mltl_list [Not⇩c α] ?Dy)"
then obtain y where ψ_is: "ψ = And_mltl_ext (Not⇩c α) y"
and y_in: "y ∈ set ?Dy"
using And_mltl_list_member[of ψ "[Not⇩c α]" ?Dy]
by auto
have y_ih: "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl β)"
using Suc.hyps[of β y, OF β_nnf β_welldef y_in β_composition] by blast
have ?thesis
unfolding Or_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
using y_ih by auto
} moreover {
assume *: "ψ ∈ set (And_mltl_list ?Dx [Not⇩c β])"
then obtain x where ψ_is: "ψ = And_mltl_ext x (Not⇩c β)"
and x_in: "x ∈ set ?Dx"
using And_mltl_list_member[of ψ ?Dx "[Not⇩c β]"]
by (metis in_set_member member_rec(1) member_rec(2))
have x_ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc.hyps[of α x, OF α_nnf α_welldef x_in α_composition] by blast
have ?thesis
unfolding Or_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
using x_ih by auto
}
ultimately show ?thesis
using Suc unfolding Or_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
by (metis UnE α_nnf β_nnf convert_nnf_ext_convert_nnf_ext)
next
case (Future_mltl_ext a b L α)
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
let ?front = "(Future_mltl_list ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "(concat (map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have a_leq_b: "a ≤ b" using Suc(3)
unfolding Future_mltl_ext to_mltl.simps intervals_welldef.simps
by blast
have composition_L: "is_composition (b-a+1) L" and
composition_α: "is_composition_MLTL α" using Suc(5)
unfolding Future_mltl_ext is_composition_MLTL.simps by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(3) unfolding Future_mltl_ext by simp
have nnf: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have slast: "interval_times a L ! (length L) = b+1"
using interval_times_last[OF a_leq_b composition_L] by blast
then have split: "ψ ∈ (set ?front) ∪ (set ?back)"
using Suc(4) unfolding Future_mltl_ext LP_mltl_aux.simps nnf
using list_concat_set_union[of ?front ?back] by metis
{
assume *: "ψ ∈ set ?front"
then obtain x where ψ_is: "ψ = Future_mltl_ext (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] x"
and x_in: "x ∈ set ?D"
unfolding Future_mltl_list.simps by fastforce
have length_s: "1 < length ?s" using ψ_is
by (metis One_nat_def add.commute add_gr_0 add_less_cancel_right composition_L composition_length_lb interval_times_length plus_1_eq_Suc zero_less_one)
then have length_L: "1 ≤ length L"
unfolding interval_times_def
by (simp add: less_eq_iff_succ_less)
have "interval_times a L ! 1 ≤ interval_times a L ! (length L)"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" 1 ?s]
using length_L by force
then have bound: "interval_times a L ! 1 - 1 ≤ b"
using slast by auto
have ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc(1)[OF α_nnf α_welldef x_in composition_α] by blast
have ?thesis
unfolding ψ_is Future_mltl_ext to_mltl.simps wpd_mltl.simps
using bound ih by simp
} moreover {
assume *: "ψ ∈ set ?back"
then obtain i where ψ_is: "ψ ∈ set ((And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])
))"
and i_in: "i ∈ {1..<length L}"
by force
then obtain x where ψ_is: "ψ = ((And_mltl_ext
(Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i] x)))"
and x_in: "x ∈ set ?D"
by auto
have ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc.hyps(1)[OF α_nnf α_welldef x_in composition_α] by blast
have bound: "interval_times a L ! i < interval_times a L ! (i + 1)"
using interval_times_diff_ge[OF a_leq_b composition_L, of i ?s]
using i_in by simp
have "(interval_times a L ! (i + 1) - 1) ≤ b" using slast
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" "i+1" ?s] i_in
by (metis Suc_eq_plus1 atLeastLessThan_iff le_Suc_eq le_diff_conv linorder_not_less order_less_imp_le verit_comp_simplify1(2))
then have ?thesis
unfolding ψ_is Future_mltl_ext to_mltl.simps wpd_mltl.simps
using ih bound by linarith
}
ultimately show ?thesis using split by blast
next
case (Global_mltl_ext a b L α)
let ?D_α = "LP_mltl_aux α k"
have a_leq_b: "a ≤ b" and α_welldef: "intervals_welldef (to_mltl α)"
using Suc(3)
unfolding Global_mltl_ext to_mltl.simps intervals_welldef.simps
by simp_all
have composition_α: "is_composition_MLTL α" using Suc(5)
unfolding Global_mltl_ext is_composition_MLTL.simps by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(3) unfolding Global_mltl_ext by simp
have nnf: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
{
assume *: "length ?D_α ≤ 1"
then have ψ_is: "ψ = Global_mltl_ext a b L α"
using Suc unfolding Global_mltl_ext LP_mltl_aux.simps
using nnf by fastforce
have ?thesis unfolding ψ_is Global_mltl_ext by simp
} moreover {
assume *: "length ?D_α > 1"
then have ψ_in: "ψ ∈ set (Global_mltl_decomp ?D_α a (b - a) L)"
using Suc nnf unfolding Global_mltl_ext LP_mltl_aux.simps
by simp
then obtain X where ψ_is: "ψ = Ands_mltl_ext X"
and X_fact: "∀i<length X. ∃y∈set (LP_mltl_aux α k).
X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and length_X: "length X = Suc (b - a)"
using in_Global_mltl_decomp_exact_forward[OF * ψ_in] nnf a_leq_b
unfolding List.member_def by blast
have X_ih: "wpd_mltl (to_mltl (X!i)) ≤ b+wpd_mltl (to_mltl α)"
if i_bound: "i < length X" for i
proof-
obtain x where x_in: "x ∈ set ?D_α"
and Xi_is: "X!i = Global_mltl_ext (a+i) (a+i) [1] x"
using X_fact a_leq_b i_bound by blast
have "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc.hyps[OF α_nnf α_welldef x_in composition_α] by simp
then show ?thesis unfolding Xi_is to_mltl.simps wpd_mltl.simps
using a_leq_b length_X i_bound by auto
qed
have ?thesis
unfolding ψ_is Global_mltl_ext to_mltl.simps wpd_mltl.simps
using X_ih length_X X_fact Suc(1)
proof(induct "b-a" arbitrary:X a b)
case 0
then have "length X = 1"
by simp
then obtain x where X_is: "X = [x]"
by (metis One_nat_def Suc_length_conv length_0_conv)
show ?case using 0(2)[of 0] unfolding X_is
using Ands_mltl_ext.simps(2)
by (metis X_is ‹length X = 1› length_0_conv less_one nth_Cons' self_append_conv2)
next
case (Suc n)
then have length_X: "length X = n + 2" by linarith
then obtain H t where X_is: "X = H@[t]" and length_H: "length H = length X-1"
by (metis Suc.prems(2) diff_Suc_1 length_Suc_conv_rev)
have Ands: "Ands_mltl_ext X = And_mltl_ext (Ands_mltl_ext H) t"
unfolding X_is Ands_mltl_ext.simps using length_H length_X by simp
have t_bound: "(wpd_mltl (to_mltl t)) ≤ b + wpd_mltl (to_mltl α)"
using Suc(3)[of "length X-1"] unfolding X_is by auto
have cond1: "n = b - 1 - a" using Suc by auto
have cond2: "wpd_mltl (to_mltl (H ! i))
≤ b + wpd_mltl (to_mltl α)-1"
if i_bound: "i < length H" for i
proof-
have Hi_is: "H!i = X!i" using X_is i_bound
by (simp add: nth_append)
have "∃y∈set (LP_mltl_aux α k). X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
using Suc(3)[of i] Suc(5) i_bound
by (metis Suc.prems(2) add_diff_cancel_left' length_H less_Suc_eq plus_1_eq_Suc)
then obtain y where Xi_is: "X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and y_in: "y ∈ set (LP_mltl_aux α k)"
by auto
have ih: "wpd_mltl (to_mltl (X ! i)) ≤ b + wpd_mltl (to_mltl α)"
using i_bound Suc(3)[of i] X_is by auto
have bound: "a+i < b"
using i_bound length_H length_X
by (simp add: Suc.prems(2))
have "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl α)"
using Suc(6)[OF α_nnf α_welldef y_in composition_α] by blast
then show ?thesis unfolding Hi_is Xi_is to_mltl.simps wpd_mltl.simps
using bound by simp
qed
have cond3: "length H = Suc (b - 1 - a)"
using length_H length_X Suc.hyps(2) by simp
have cond4: "∃y∈set (LP_mltl_aux α k). H ! i = Global_mltl_ext (a + i) (a + i) [1] y"
if i_bound: "i<length H" for i
proof-
have "∃y∈set (LP_mltl_aux α k). X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
using Suc(5) i_bound length_H by auto
then obtain y where y_in: "y∈set (LP_mltl_aux α k)" and
Xi_is: "X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
by blast
then have Hi_is: "H!i = X!i" using i_bound length_H
by (metis X_is nth_append)
then show ?thesis unfolding Xi_is using y_in by blast
qed
have ih: "wpd_mltl (to_mltl (Ands_mltl_ext H))
≤ b - 1 + wpd_mltl (to_mltl α)"
using Suc.hyps(1)[of "b-1" a H, OF cond1 _ cond3] cond2 cond4 Suc.prems(4)
by force
show ?case unfolding Ands wpd_mltl.simps to_mltl.simps
using t_bound ih by simp
qed
}
ultimately show ?thesis by linarith
next
case (Until_mltl_ext α a b L β)
let ?D_α = "LP_mltl_aux α k"
let ?D_β = "LP_mltl_aux β k"
let ?s = "interval_times a L"
have a_leq_b: "a ≤ b" and α_welldef: "intervals_welldef (to_mltl α)"
and β_weldef: "intervals_welldef (to_mltl α)"
using Suc(3)
unfolding Until_mltl_ext to_mltl.simps intervals_welldef.simps
by simp_all
have composition_α: "is_composition_MLTL α" and
composition_β: "is_composition_MLTL β" and
composition_L: "is_composition (b-a+1) L" using Suc(5)
unfolding Until_mltl_ext is_composition_MLTL.simps by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(3) unfolding Until_mltl_ext by simp_all
have convert_α: "convert_nnf_ext α = α"
by (metis α_nnf convert_nnf_ext_convert_nnf_ext)
have convert_β: "convert_nnf_ext β = β"
by (metis Suc.prems(1) Until_mltl_ext convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have slast: "interval_times a L ! (length L) = b+1"
using interval_times_last[OF a_leq_b composition_L] by blast
let ?front = "(Until_mltl_list α ?D_β (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "(concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D_β (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])) [1..<length L]))"
have split: "ψ ∈ (set ?front) ∪ (set ?back)"
using Suc(4) unfolding Until_mltl_ext LP_mltl_aux.simps
using convert_α convert_β list_concat_set_union by metis
{
assume *: "ψ ∈ set ?front"
then obtain y where ψ_is: "ψ = Until_mltl_ext α (interval_times a L ! 0)
(interval_times a L ! 1 - 1) [interval_times a L ! 1 - interval_times a L ! 0] y"
and y_in: "y ∈ set ?D_β"
by auto
have length_s: "1 < length ?s" using ψ_is
by (metis One_nat_def add.commute add_gr_0 add_less_cancel_right composition_L composition_length_lb interval_times_length plus_1_eq_Suc zero_less_one)
then have length_L: "1 ≤ length L"
unfolding interval_times_def
by (simp add: less_eq_iff_succ_less)
have "interval_times a L ! 1 ≤ interval_times a L ! (length L)"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" 1 ?s]
using length_L by force
then have bound: "interval_times a L ! 1 - 1 ≤ b"
using slast by auto
have β_ih: "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl β)"
using Suc.hyps(1)[OF β_nnf β_welldef y_in composition_β] by blast
have ?thesis
unfolding ψ_is Until_mltl_ext to_mltl.simps wpd_mltl.simps
using β_ih bound by linarith
} moreover {
assume *: "ψ ∈ set ?back"
then obtain i y where
ψ_is: "ψ = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i-1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i) (?s!(i+1)-1) [(?s!(i+1)) - (?s!i)] y)"
and i_bound: "1 ≤ i ∧ i < length L"
and y_in: "y ∈ set ?D_β"
by auto
have bound1: "interval_times a L ! i < interval_times a L ! (i+1)"
using interval_times_diff_ge[OF a_leq_b composition_L, of i ?s]
using i_bound by blast
have "interval_times a L ! (i + 1) ≤ interval_times a L ! (length L)"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" "i+1" ?s]
using i_bound by (metis less_iff_succ_less_eq order_le_less)
then have bound2: "interval_times a L ! (i+1) ≤ b+1"
using slast by simp
have β_ih: "wpd_mltl (to_mltl y) ≤ wpd_mltl (to_mltl β)"
using Suc.hyps(1)[OF β_nnf β_welldef y_in composition_β] by blast
have "interval_times a L ! i > interval_times a L ! 0"
using i_bound interval_times_diff_ge_general[OF a_leq_b composition_L, of i 0 ?s]
by auto
then have "interval_times a L ! i > 0"
unfolding interval_times_def by simp
then have "b > interval_times a L ! i - 1"
using bound1 bound2 by simp
then have case1: "(interval_times a L ! i - 1 +
max (wpd_mltl (to_mltl α))
(wpd_mltl (to_mltl β))) ≤
b + max (wpd_mltl (to_mltl α))
(wpd_mltl (to_mltl β))"
using bound1 bound2 β_ih by linarith
have case2: "(interval_times a L ! (i + 1) - 1 +
max (wpd_mltl (to_mltl α))
(wpd_mltl (to_mltl y))) ≤
b + max (wpd_mltl (to_mltl α))
(wpd_mltl (to_mltl β))"
using bound1 bound2 β_ih by linarith
have ?thesis
unfolding Until_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
using case1 case2
by presburger
}
ultimately show ?thesis using split by blast
next
case (Release_mltl_ext α a b L β)
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have a_leq_b: "a ≤ b" and α_welldef: "intervals_welldef (to_mltl α)"
and β_weldef: "intervals_welldef (to_mltl α)"
using Suc(3)
unfolding Release_mltl_ext to_mltl.simps intervals_welldef.simps
by simp_all
have composition_α: "is_composition_MLTL α" and
composition_β: "is_composition_MLTL β" and
composition_L: "is_composition (b-a+1) L" using Suc(5)
unfolding Release_mltl_ext is_composition_MLTL.simps by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have β_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl α)"
using Suc(3) unfolding Release_mltl_ext by simp_all
have convert_α: "convert_nnf_ext α = α"
by (metis α_nnf convert_nnf_ext_convert_nnf_ext)
have convert_β: "convert_nnf_ext β = β"
by (metis Suc.prems(1) Release_mltl_ext convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have slast: "interval_times a L ! (length L) = b+1"
using interval_times_last[OF a_leq_b composition_L] by blast
have sfirst: "?s!0 = a"
using interval_times_first by blast
have length_L: "length L > 0"
using composition_length_lb composition_L by simp
let ?front = "set [Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)]"
let ?middle = "set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0])"
let ?back = "set (concat
(map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have split: "ψ ∈ ?front ∪ ?middle ∪ ?back"
using Suc(4) unfolding Release_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
by (metis append.assoc convert_α)
{
assume *: "ψ ∈ ?front"
then have ψ_is: "ψ = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by simp
have ?thesis unfolding Release_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps
by linarith
} moreover {
assume *: "ψ ∈ ?middle"
then obtain x where ψ_is: "ψ = Mighty_Release_mltl_ext x β (interval_times a L ! 0)
(interval_times a L ! 1 - 1)
[interval_times a L ! 1 - interval_times a L ! 0]"
and x_in: "x ∈ set ?D"
by auto
have ub: "interval_times a L ! 1 - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" 1 ?s]
using slast length_L
by (metis diff_add_inverse2 diff_le_self dual_order.strict_iff_order dual_order.trans less_eq_iff_succ_less zero_less_diff)
have x_ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc(1)[OF α_nnf α_welldef x_in composition_α]
by blast
then have ?thesis unfolding ψ_is Release_mltl_ext to_mltl.simps wpd_mltl.simps Mighty_Release_mltl_ext.simps
using ub by auto
} moreover {
assume *: "ψ ∈ ?back"
then obtain x i where ψ_is: "ψ = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x β
(interval_times a L ! i)
(interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) -
interval_times a L ! i])"
and x_in: "x ∈ set ?D"
and i_bound: "1 ≤ i ∧ i < length L"
by auto
have x_ih: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl α)"
using Suc(1)[OF α_nnf α_welldef x_in composition_α] by blast
have lb: "a < ?s!i"
using interval_times_diff_ge_general sfirst
by (smt (verit, ccfv_SIG) a_leq_b composition_L i_bound less_or_eq_imp_le order_less_le_trans zero_less_one)
have welldef: "?s!i < ?s!(i+1)"
using interval_times_diff_ge[OF a_leq_b composition_L]
using i_bound length_L by blast
have ub: "?s!(i+1) ≤ b+1"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" "i+1" ?s]
using i_bound slast
by (metis less_iff_succ_less_eq order_le_imp_less_or_eq order_less_imp_le order_refl)
have ?thesis unfolding Release_mltl_ext ψ_is to_mltl.simps wpd_mltl.simps Mighty_Release_mltl_ext.simps
using lb welldef ub x_ih by auto
}
ultimately show ?thesis
using split by blast
qed
qed
lemma And_mltl_list_nonempty:
assumes "A ≠ []" and "B ≠ []"
shows "And_mltl_list A B ≠ []"
proof-
have "length A > 0"
using assms by blast
then obtain ha Ta where A: "A = ha#Ta"
using list.exhaust by auto
have "length B > 0"
using assms by blast
then obtain hb Tb where B: "B = hb#Tb"
using list.exhaust by auto
show ?thesis
using assms unfolding And_mltl_list.simps A B pairs.simps
by blast
qed
lemma Global_mltl_decomp_nonempty:
assumes "D ≠ []"
shows "Global_mltl_decomp D a n L ≠ []"
using assms
proof(induct n)
case 0
then show ?case by simp
next
case (Suc n)
then show ?case unfolding Global_mltl_decomp.simps Global_mltl_list.simps
using And_mltl_list_nonempty by auto
qed
lemma LP_mltl_aux_nonempty:
assumes "∃φ_init. φ = convert_nnf_ext φ_init"
assumes "intervals_welldef (to_mltl φ)"
assumes "is_composition_MLTL φ"
shows "LP_mltl_aux φ k ≠ []"
using assms
proof(induct k arbitrary: φ)
case 0
then show ?case by simp
next
case (Suc k)
then show ?case
proof(cases φ)
case True_mltl_ext
then show ?thesis by simp
next
case False_mltl_ext
then show ?thesis by simp
next
case (Prop_mltl_ext p)
then show ?thesis by simp
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop Suc
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by blast
then show ?thesis
unfolding Not_mltl_ext by simp
next
case (And_mltl_ext α β)
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(3) unfolding And_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding And_mltl_ext is_composition_MLTL.simps
by simp_all
have α_ih: "LP_mltl_aux α k ≠ []"
using Suc(1)[OF α_nnf α_welldef α_composition] by simp
have β_ih: "LP_mltl_aux β k ≠ []"
using Suc(1)[OF β_nnf β_welldef β_composition] by simp
show ?thesis
unfolding And_mltl_ext LP_mltl_aux.simps And_mltl_list.simps
using pairs.simps(2) α_ih β_ih
by (metis (no_types, lifting) α_nnf β_nnf append_is_Nil_conv convert_nnf_ext_convert_nnf_ext list.map_disc_iff pairs.elims)
next
case (Or_mltl_ext α β)
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(3) unfolding Or_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding Or_mltl_ext is_composition_MLTL.simps
by simp_all
have α_ih: "LP_mltl_aux α k ≠ []"
using Suc(1)[OF α_nnf α_welldef α_composition] by simp
have β_ih: "LP_mltl_aux β k ≠ []"
using Suc(1)[OF β_nnf β_welldef β_composition] by simp
then show ?thesis
unfolding Or_mltl_ext LP_mltl_aux.simps And_mltl_list.simps
by (metis (no_types, lifting) α_ih α_nnf concat.simps(1) concat_eq_append_conv convert_nnf_ext_convert_nnf_ext list.map_disc_iff not_Cons_self2 pairs.elims)
next
case (Future_mltl_ext a b L α)
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(3) unfolding Future_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α"
using Suc(4) unfolding Future_mltl_ext is_composition_MLTL.simps
by simp_all
have α_ih: "LP_mltl_aux α k ≠ []"
using Suc(1)[OF α_nnf α_welldef α_composition] by simp
then show ?thesis
unfolding Future_mltl_ext LP_mltl_aux.simps And_mltl_list.simps
by (metis (no_types, lifting) Future_mltl_list.elims α_nnf append_is_Nil_conv convert_nnf_ext_convert_nnf_ext map_is_Nil_conv)
next
case (Global_mltl_ext a b L α)
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
then have α_convert: "convert_nnf_ext α = α"
using convert_nnf_ext_convert_nnf_ext by metis
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(3) unfolding Global_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α"
using Suc(4) unfolding Global_mltl_ext is_composition_MLTL.simps
by simp_all
have α_ih: "LP_mltl_aux α k ≠ []"
using Suc(1)[OF α_nnf α_welldef α_composition] by simp
let ?D = "LP_mltl_aux α k"
{
assume *: "length ?D ≤ 1"
then have ?thesis unfolding Global_mltl_ext LP_mltl_aux.simps
using α_ih α_convert by simp
} moreover {
assume *: "length ?D > 1"
have D_is: "LP_mltl_aux φ (Suc k) = Global_mltl_decomp ?D a (b - a) L"
unfolding Global_mltl_ext LP_mltl_aux.simps
using * α_convert by auto
have ?thesis unfolding D_is
using Global_mltl_decomp_nonempty α_ih by blast
}
ultimately show ?thesis by linarith
next
case (Until_mltl_ext α a b L β)
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(2) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(2) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)" and
a_leq_b: "a ≤ b"
using Suc(3) unfolding Until_mltl_ext by simp_all
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β" and
L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Until_mltl_ext is_composition_MLTL.simps
by simp_all
have α_ih: "LP_mltl_aux α k ≠ []"
using Suc(1)[OF α_nnf α_welldef α_composition] by simp
have β_ih: "LP_mltl_aux β k ≠ []"
using Suc(1)[OF β_nnf β_welldef β_composition] by simp
show ?thesis unfolding Until_mltl_ext LP_mltl_aux.simps
using α_ih β_ih
by (metis (no_types, lifting) Until_mltl_list.elims β_nnf append_is_Nil_conv convert_nnf_ext_convert_nnf_ext map_is_Nil_conv)
next
case (Release_mltl_ext α a b L β)
show ?thesis unfolding LP_mltl_aux.simps Release_mltl_ext
by (meson append_is_Nil_conv not_Cons_self2)
qed
qed
subsection ‹Union Theorem›
paragraph ‹Forward Direction›
lemma exist_first:
fixes lb i::"nat"
assumes lowerbound: "lb ≤ i" and iprop: "(P i)"
shows "∃j. (lb ≤ j ∧ j ≤ i ∧ (P j)
∧ (∀l. (lb ≤ l ∧ l < j) ⟶ ¬(P l)))"
using lowerbound iprop
proof(induct "i-lb" arbitrary: i rule: less_induct)
case less
{
assume *: "∀l≥lb. l < i ⟶ ¬(P l)"
then have ?case
using less by blast
} moreover {
assume *: "∃i'≥lb. i' < i ∧ (P i')"
then obtain i' where "lb ≤ i' ∧ i' < i ∧ P i'"
by blast
then have ?case
using less.hyps(1)[of i'] by fastforce
}
ultimately show ?case by blast
qed
lemma exist_bound_split:
fixes a m b::"nat"
assumes "a ≤ b"
assumes "∃i. a ≤ i ∧ i ≤ b ∧ P i"
shows "(∃i. a ≤ i ∧ i ≤ m-1 ∧ P i) ∨
(∃i. m ≤ i ∧ i ≤ b ∧ P i ∧ ¬(∃j. a ≤ j ∧ j < m ∧ P j))"
using assms by fastforce
lemma Global_mltl_ext_obtain:
fixes D::"'a mltl_ext list" and π::"'a set list"
and α::"'a mltl_ext" and a b k::"nat"
assumes a_leq_b: "a ≤ b"
assumes length_π: "length π ≥ b + wpd_mltl (to_mltl α)"
assumes semantics: "semantics_mltl_ext π (Global_mltl_ext a b L α)"
assumes ih: "⋀trace. semantics_mltl_ext trace α ⟹
wpd_mltl (to_mltl α) ≤ length trace ⟹
∃x∈set D. semantics_mltl_ext trace x"
shows "∃X. (length X = b-a+1) ∧
(∀i<length X. (X!i ∈ set D) ∧ semantics_mltl_ext (drop (a+i) π) (X!i))"
proof-
have semantics: "⋀i. a ≤ i ∧ i ≤ b ⟹ semantics_mltl_ext (drop i π) α"
using semantics length_π a_leq_b
unfolding semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by (metis add_diff_cancel_left' wpd_geq_one diff_add_zero le_less_Suc_eq le_trans less_add_Suc1 not_one_le_zero)
have ih: "∃x∈set D. semantics_mltl_ext (drop i π) x"
if i_bound: "a ≤ i ∧ i ≤ b" for i
proof-
have cond1: "semantics_mltl_ext (drop i π) α"
using semantics[of i] i_bound by blast
have cond2: "wpd_mltl (to_mltl α) ≤ length (drop i π)"
using length_π a_leq_b i_bound by auto
show ?thesis
using ih[OF cond1 cond2] by blast
qed
show ?thesis using ih a_leq_b
proof(induct "b-a" arbitrary: a b)
case 0
then have aeqb: "a = b" by simp
then obtain x where semantics_x: "semantics_mltl_ext (drop a π) x"
and x_in: "x ∈ set D"
using 0(2)[of a] by blast
let ?X = "[x]"
have length_X: "length ?X = b - a + 1" using aeqb by simp
have "?X ! i ∈ set D ∧ semantics_mltl_ext (drop (a+i) π) (?X ! i)"
if i_bound: "i<length ?X" for i
using semantics_x that x_in by force
then show ?case using length_X by blast
next
case (Suc n)
then have n_eq: "n = b - 1 - a" by simp
have "∃X. length X = b - 1 - a + 1 ∧
(∀i<length X.
X ! i ∈ set D ∧ semantics_mltl_ext (drop (a + i) π) (X ! i))"
using Suc(1)[OF n_eq] unfolding Bex_def
using Suc.hyps(2) Suc.prems(1) diff_diff_left diff_le_self plus_1_eq_Suc by fastforce
then obtain X where length_X: "length X = b-a" and
X_prop: "∀i<length X. X ! i ∈ set D ∧ semantics_mltl_ext (drop (a + i) π) (X ! i)"
by (metis Suc.hyps(2) Suc_eq_plus1 n_eq)
obtain x where x_in: "x ∈ set D"
and semantics_x: "semantics_mltl_ext (drop b π) x"
using Suc(3)[of b] unfolding Bex_def using Suc(4) by blast
let ?L = "X@[x]"
have length_L: "length ?L = b - a + 1"
using length_X by simp
have "?L ! i ∈ set D ∧ semantics_mltl_ext (drop (a + i) π) (?L ! i)"
if i_bound: "i < length ?L" for i
proof-
{
assume *: "i < b-a"
have ?thesis
using X_prop length_X
by (metis "*" nth_append)
} moreover {
assume *: "i = b-a"
then have x_is: "(X @ [x]) ! i = x"
using length_L by (metis length_X nth_append_length)
have ?thesis unfolding x_is
using x_in Suc semantics_x unfolding * by simp
}
ultimately show ?thesis using i_bound length_L by fastforce
qed
then show ?case using length_L by blast
qed
qed
lemma Release_semantics_split:
assumes "(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl β)) ∨
(∃j≥a. j ≤ b - 1 ∧ semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
shows "((∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl β))
∧(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (Not⇩m (to_mltl α))))
∨ (∃j≥a. j ≤ b ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
proof-
{assume *: "(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl β)) ∧
¬(∃j≥a. j ≤ b - 1 ∧ semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
then have semantics: "∀j. a ≤ j ∧ j ≤ b-1 ⟶ ¬semantics_mltl (drop j π) (to_mltl α) ∨
¬(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β))"
by blast
then have "¬semantics_mltl (drop j π) (to_mltl α)"
if j_bound: "a ≤ j ∧ j ≤ b-1" for j
proof-
have "semantics_mltl (drop k π) (to_mltl β)"
if k_bound: " a ≤ k ∧ k ≤ j" for k
using k_bound j_bound * by auto
then show ?thesis using semantics j_bound by blast
qed
then have ?thesis using *
by (metis dual_order.trans semantics_mltl.simps(4))
} moreover {
assume "(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl β)) ∧
(∃j≥a. j ≤ b - 1 ∧ semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
then have ?thesis
by (meson diff_le_self le_trans)
} moreover {
assume "(∃j≥a. j ≤ b - 1 ∧ semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
then have ?thesis
by (meson diff_le_self le_trans)
}
ultimately show ?thesis using assms
by blast
qed
theorem LP_mltl_aux_language_union_forward:
fixes φ::"'a mltl_ext" and k::"nat" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition: "is_composition_MLTL φ"
assumes D_is: "D = LP_mltl_aux φ k"
assumes semantics: "semantics_mltl_ext π φ"
assumes trace_length: "length π ≥ wpd_mltl (to_mltl φ)"
shows "∃ψ ∈ set D. semantics_mltl_ext π ψ"
using assms
proof(induct k arbitrary: φ D π)
case 0
then show ?case by auto
next
case (Suc k)
then show ?case
proof(cases φ)
case True_mltl_ext
then show ?thesis using Suc by simp
next
case False_mltl_ext
then show ?thesis using Suc by simp
next
case (Prop_mltl_ext x3)
then show ?thesis using Suc by simp
next
case (Not_mltl_ext x4)
then have "∃p. x4 = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop Suc(3)
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then show ?thesis using Suc
by (metis LP_mltl_aux.simps(5) ListMem_iff Not_mltl_ext elem)
next
case (And_mltl_ext α β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding And_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
by (metis And_mltl_ext Suc.prems(2) convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding And_mltl_ext is_composition_MLTL.simps
by simp_all
have α_semantics: "semantics_mltl_ext π α" and
β_semantics: "semantics_mltl_ext π β"
using Suc(6) unfolding And_mltl_ext semantics_mltl_ext_def
by simp_all
have α_wpd: "wpd_mltl (to_mltl α) ≤ length π" and
β_wpd: "wpd_mltl (to_mltl β) ≤ length π"
using Suc(7) unfolding And_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
have α_ih: "∃xa∈set (LP_mltl_aux α k). semantics_mltl_ext π xa"
using Suc(1)[OF α_welldef α_nnf α_composition _ α_semantics α_wpd] by blast
have β_ih: "∃xb∈set (LP_mltl_aux β k). semantics_mltl_ext π xb"
using Suc(1)[OF β_welldef β_nnf β_composition _ β_semantics β_wpd] by blast
then obtain xa where xa_in: "xa ∈ set (LP_mltl_aux α k)" and xa_semantics: "semantics_mltl_ext π xa"
using α_ih by blast
then obtain xb where xb_in: "xb ∈ set (LP_mltl_aux β k)" and xb_semantics: "semantics_mltl_ext π xb"
using β_ih by blast
have xab_in: "And_mltl_ext xa xb ∈ set D"
unfolding Suc(5) And_mltl_ext LP_mltl_aux.simps
using xa_in xb_in And_mltl_list_member
by (metis α_nnf β_nnf convert_nnf_ext_convert_nnf_ext in_set_member)
have xab_semantics: "semantics_mltl_ext π (And_mltl_ext xa xb)"
using xa_semantics xb_semantics unfolding semantics_mltl_ext_def
by simp
show ?thesis using xab_in xab_semantics by blast
next
case (Or_mltl_ext α β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding Or_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
by (metis Or_mltl_ext Suc.prems(2) convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding Or_mltl_ext is_composition_MLTL.simps
by simp_all
have α_wpd: "wpd_mltl (to_mltl α) ≤ length π" and
β_wpd: "wpd_mltl (to_mltl β) ≤ length π"
using Suc(7) unfolding Or_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
have αβ_semantics: "semantics_mltl_ext π α ∨ semantics_mltl_ext π β"
using Suc(6) unfolding Or_mltl_ext semantics_mltl_ext_def
by simp
let ?D_α = "LP_mltl_aux α k" and ?D_β = "LP_mltl_aux β k"
{
assume *: "semantics_mltl_ext π α ∧ ¬semantics_mltl_ext π β"
have α_ih: "∃xa∈set (LP_mltl_aux α k). semantics_mltl_ext π xa"
using * Suc(1)[OF α_welldef α_nnf α_composition _ _ α_wpd] by blast
then obtain xa where xa_in: "xa ∈ set ?D_α" and xa_semantics: "semantics_mltl_ext π xa"
using α_ih by blast
let ?ψ = "And_mltl_ext xa (Not⇩c β)"
have xaβ_in: "?ψ ∈ set (And_mltl_list ?D_α [Not⇩c β])"
using xa_in And_mltl_list_member unfolding List.member_def
by (metis list.set_intros(1))
then have xaβ_in: "?ψ ∈ set D"
unfolding Suc(5) Or_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
[of "And_mltl_list ?D_α ?D_β @ And_mltl_list [Not⇩c α] ?D_β"
"And_mltl_list (LP_mltl_aux α k) [Not⇩c β]"]
by (metis UnCI α_nnf β_nnf append_assoc convert_nnf_ext_convert_nnf_ext)
have xaβ_semantics: "semantics_mltl_ext π ?ψ" using * xa_semantics
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by simp
have ?thesis using xaβ_in xaβ_semantics by blast
} moreover {
assume *: "¬semantics_mltl_ext π α ∧ semantics_mltl_ext π β"
have β_ih: "∃xb∈set (LP_mltl_aux β k). semantics_mltl_ext π xb"
using * Suc(1)[OF β_welldef β_nnf β_composition _ _ β_wpd] by blast
then obtain xb where xa_in: "xb ∈ set ?D_β" and xa_semantics: "semantics_mltl_ext π xb"
using β_ih by blast
let ?ψ = "And_mltl_ext (Not⇩c α) xb"
have αxb_in: "?ψ ∈ set (And_mltl_list [Not⇩c α] ?D_β)"
using xa_in And_mltl_list_member unfolding List.member_def
by (metis list.set_intros(1))
then have αxb_in: "?ψ ∈ set (And_mltl_list ?D_α ?D_β @ And_mltl_list [Not⇩c α] ?D_β)"
using list_concat_set_union[of "And_mltl_list ?D_α ?D_β" "And_mltl_list [Not⇩c α] ?D_β"]
by blast
then have αxb_in: "?ψ ∈ set D"
unfolding Suc(5) Or_mltl_ext LP_mltl_aux.simps
using list_concat_set_union
[of "And_mltl_list ?D_α ?D_β @ And_mltl_list [Not⇩c α] ?D_β"
"And_mltl_list (LP_mltl_aux α k) [Not⇩c β]"]
by (metis UnCI α_nnf β_nnf append_assoc convert_nnf_ext_convert_nnf_ext)
have αxb_semantics: "semantics_mltl_ext π ?ψ" using * xa_semantics
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by simp
have ?thesis using αxb_in αxb_semantics by blast
} moreover {
assume *: "semantics_mltl_ext π α ∧ semantics_mltl_ext π β"
have α_ih: "∃xa∈set (LP_mltl_aux α k). semantics_mltl_ext π xa"
using * Suc(1)[OF α_welldef α_nnf α_composition _ _ α_wpd] by blast
have β_ih: "∃xb∈set (LP_mltl_aux β k). semantics_mltl_ext π xb"
using * Suc(1)[OF β_welldef β_nnf β_composition _ _ β_wpd] by blast
then obtain xa where xa_in: "xa ∈ set (LP_mltl_aux α k)" and xa_semantics: "semantics_mltl_ext π xa"
using α_ih by blast
then obtain xb where xb_in: "xb ∈ set (LP_mltl_aux β k)" and xb_semantics: "semantics_mltl_ext π xb"
using β_ih by blast
have xab_in: "And_mltl_ext xa xb ∈ set D"
unfolding Suc(5) Or_mltl_ext LP_mltl_aux.simps
using xa_in xb_in And_mltl_list_member list_concat_set_union
unfolding List.member_def
by (metis UnCI α_nnf β_nnf convert_nnf_ext_convert_nnf_ext)
have xab_semantics: "semantics_mltl_ext π (And_mltl_ext xa xb)"
using xa_semantics xb_semantics unfolding semantics_mltl_ext_def
by simp
have ?thesis using xab_in xab_semantics by blast
}
ultimately show ?thesis using αβ_semantics by blast
next
case (Future_mltl_ext a b L α)
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(2) unfolding Future_mltl_ext by auto
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_composition: "is_composition_MLTL α"
using Suc(4) unfolding Future_mltl_ext is_composition_MLTL.simps by blast
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using Suc(7) unfolding Future_mltl_ext to_mltl.simps wpd_mltl.simps
by simp
have a_leq_b: "a ≤ b" and length_π_geq_b: "b < length π" and length_π_ge_a: "a < length π"
and semantics: "∃i. (a ≤ i ∧ i ≤ b) ∧ semantics_mltl (drop i π) (to_mltl α)"
using Suc(6) α_wpd
unfolding Future_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using wpd_geq_one[of "(to_mltl α)"]
by simp_all
have composition_L: "is_composition (b - a + 1) L"
using Suc(4) unfolding Future_mltl_ext is_composition_MLTL.simps by blast
then have s0: "(interval_times a L ! 0) = a"
using interval_times_first by auto
have slast: "interval_times a L ! (length L) = b+1"
using interval_times_last[OF a_leq_b composition_L] by blast
have length_L: "length L ≥ 0"
using composition_L composition_length_lb by blast
let ?s = "interval_times a L"
let ?D_α = "LP_mltl_aux α k"
let ?decomp = "(concat(map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D_α (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
{
assume *: "∃i. (a ≤ i ∧ i ≤ (?s!1-1)) ∧ semantics_mltl (drop i π) (to_mltl α)"
then obtain i where i_bounds: "a ≤ i ∧ i ≤ (?s!1-1)" and
semantics: "semantics_mltl (drop i π) (to_mltl α)" by blast
have length_s: "length ?s ≥ 2"
using i_bounds
by (metis a_leq_b add_less_same_cancel2 antisym_conv3 interval_times_first interval_times_length less_eq_iff_succ_less less_iff_succ_less_eq less_nat_zero_code one_add_one slast verit_comp_simplify1(1))
have dropi_length: "wpd_mltl (to_mltl α) ≤ length (drop i π)"
proof-
have "1 ≤ length L"
using length_s unfolding interval_times_def by simp
then have "interval_times a L ! 1 ≤ interval_times a L ! length L"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" 1 ?s]
by fastforce
then have "interval_times a L ! 1 - 1 ≤ b"
using slast by auto
then show ?thesis
using α_wpd i_bounds by force
qed
have "∃x∈set (LP_mltl_aux α k). semantics_mltl_ext (drop i π) x"
using Suc(1)[OF α_welldef α_nnf α_composition, of ?D_α "drop i π"] semantics
using semantics_mltl_ext_def α_wpd dropi_length by blast
then obtain x where x_in: "x∈set (LP_mltl_aux α k)" and
x_semantics: "semantics_mltl_ext (drop i π) x"
by blast
let ?ψ = "Future_mltl_ext (?s!0) (?s!1-1) [?s!1 - ?s!0] x"
have ψ_in: "?ψ ∈ set (Future_mltl_list ?D_α (?s!0) (?s!1-1) [?s!1 - ?s!0])"
unfolding Future_mltl_list.simps using x_in by simp
then have ψ_in: "?ψ ∈ set ((Future_mltl_list ?D_α (?s!0) (?s!1-1) [?s!1 - ?s!0]) @
(concat
(map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D_α (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L])))"
by force
have ψ_semantics: "semantics_mltl_ext π ?ψ"
using x_semantics unfolding s0 semantics_mltl_ext_def
unfolding semantics_mltl.simps to_mltl.simps
using i_bounds length_π_geq_b length_π_ge_a by auto
have ?thesis unfolding Suc(5) Future_mltl_ext LP_mltl_aux.simps
using ψ_in ψ_semantics
proof -
have "convert_nnf_ext α = α"
by (metis (full_types) α_nnf convert_nnf_ext_convert_nnf_ext)
then have "Future_mltl_ext (interval_times a L ! 0)
(interval_times a L ! 1 - 1) [interval_times a L ! 1 - interval_times a L ! 0] x ∈
set (Future_mltl_list (LP_mltl_aux (convert_nnf_ext α) k)
(interval_times a L ! 0) (interval_times a L ! 1 - 1)
[interval_times a L ! 1 - interval_times a L ! 0] @
concat (map (λn. And_mltl_list [Global_mltl_ext
(interval_times a L ! 0) (interval_times a L ! n - 1) [?s!n - ?s!0] (Not⇩c α)]
(Future_mltl_list (LP_mltl_aux (convert_nnf_ext α) k)
(interval_times a L ! n) (interval_times a L ! (n + 1) - 1)
[interval_times a L ! (n + 1) - interval_times a L ! n])) [1..<length L]))"
using ψ_in by presburger
then show "∃m∈set (let ms = LP_mltl_aux (convert_nnf_ext α) k; ns = interval_times a L in Future_mltl_list ms (ns ! 0) (ns ! 1 - 1) [ns ! 1 - ns ! 0] @ concat (map (λn. And_mltl_list [Global_mltl_ext (ns ! 0) (ns ! n - 1) [ns!n - ns!0] (Not⇩c α)] (Future_mltl_list ms (ns ! n) (ns ! (n + 1) - 1) [ns ! (n + 1) - ns ! n])) [1..<length L])). semantics_mltl_ext π m"
by (meson ψ_semantics)
qed
} moreover {
assume *: "∃i. ((?s!1) ≤ i ∧ i ≤ b) ∧ semantics_mltl (drop i π) (to_mltl α) ∧
¬(∃i. (a ≤ i ∧ i ≤ (?s!1-1)) ∧ semantics_mltl (drop i π) (to_mltl α))"
obtain t' where t'_facts: "((?s!1) ≤ t' ∧ t' ≤ b) ∧ semantics_mltl (drop t' π) (to_mltl α)"
using * by blast
then have "∃j. (interval_times a L ! 1 ≤ j ∧ j ≤ t') ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀l. (interval_times a L ! 1 ≤ l ∧ l < j) ⟶
¬ semantics_mltl (drop l π) (to_mltl α))"
using exist_first[of "(?s!1)" t' "λi. semantics_mltl (drop i π) (to_mltl α)"]
by simp
then obtain t where
t_bounds: "(interval_times a L ! 1 ≤ t ∧ t ≤ t')" and
t_semantics: "semantics_mltl (drop t π) (to_mltl α)" and
t_minimal: "(∀l. (interval_times a L ! 1 ≤ l ∧ l < t) ⟶
¬ semantics_mltl (drop l π) (to_mltl α))" by auto
have dropt_length: "wpd_mltl (to_mltl α) ≤ length (drop t π)"
proof-
have "t' ≤ b"
using t'_facts by blast
then show ?thesis
using α_wpd t_bounds by auto
qed
have "∃i. interval_times a L ! i ≤ t ∧
t ≤ interval_times a L ! (i + 1) - 1 ∧ 1 ≤ i ∧ i < length L"
using interval_times_obtain_aux[of a b L ?s t]
using a_leq_b composition_L t_bounds t_semantics
using le_trans t'_facts by blast
then obtain i where t_bound: "interval_times a L ! i ≤ t ∧ t ≤ interval_times a L ! (i + 1) - 1"
and i_bound: "1 ≤ i ∧ i < length L"
by blast
have "∃x∈set (LP_mltl_aux α k). semantics_mltl_ext (drop t π) x"
using Suc(1)[OF α_welldef α_nnf α_composition, of ?D_α "drop t π"]
using semantics_mltl_ext_def t_semantics dropt_length by blast
then obtain x where x_in: "x∈set (LP_mltl_aux α k)" and
x_semantics: "semantics_mltl_ext (drop t π) x"
by blast
let ?ψ = "And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i] x)"
have "?ψ ∈ set ?decomp"
proof-
have "?ψ ∈ set (And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D_α (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))"
using x_in unfolding Future_mltl_list.simps by auto
then have "?ψ ∈ set ((map (λi. And_mltl_list
[Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list (LP_mltl_aux α k)
(interval_times a L ! i)
(interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) -
interval_times a L ! i]))
[1..<length L])!(i-1))" using i_bound by auto
then show ?thesis
using set_concat i_bound by fastforce
qed
then have ψ_in: "?ψ ∈ set (Future_mltl_list ?D_α (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] @
concat(map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0)
(?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D_α (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
by simp
have ψ_semantics: "semantics_mltl_ext π ?ψ"
proof-
have bound: "interval_times a L ! 0 ≤ interval_times a L ! i - 1"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of _ 0] length_L i_bound
by (simp add: add_le_imp_le_diff less_iff_succ_less_eq)
have not_semantics: "¬ semantics_mltl (drop ia π) (to_mltl α)"
if ia_bound: "(interval_times a L ! 0 ≤ ia ∧ ia ≤ interval_times a L ! i - 1)" for ia
proof-
{
assume ia_location: "ia ≤ interval_times a L ! 1 - 1"
have ?thesis using * ia_bound
using ia_location s0 by auto
} moreover {
assume ia_location: "ia > interval_times a L ! 1 - 1"
have "interval_times a L ! i - 1 < interval_times a L ! i"
using interval_times_diff_ge[OF a_leq_b composition_L, of "i-1" ?s]
using i_bound by fastforce
then have "ia < t"
using t_bound ia_bound by auto
then have ia_cond: "interval_times a L ! 1 ≤ ia ∧ ia < t"
using ia_location by simp
then have ?thesis using t_minimal by blast
}
ultimately show ?thesis by linarith
qed
then have global_not: "semantics_mltl_ext π
(Global_mltl_ext (interval_times a L ! 0) (interval_times a L ! i - 1) [?s!i - ?s!0] (Not⇩c α))"
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using bound not_semantics by blast
have future: "semantics_mltl_ext π (Future_mltl_ext (interval_times a L ! i)
(interval_times a L ! (i + 1) - 1) [interval_times a L ! (i + 1) - interval_times a L ! i] x)"
proof-
have "interval_times a L ! i ≤ b"
using interval_times_diff_ge_general[OF a_leq_b composition_L, of "length L" i ?s]
unfolding slast using i_bound by auto
then have trace_length: "interval_times a L ! i < length π"
using length_π_geq_b by auto
have semantics: "(∃ia. (interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1) ∧
semantics_mltl (drop ia π) (to_mltl x))"
using x_semantics t_bound semantics_mltl_ext_def
by auto
have "interval_times a L ! i ≤ interval_times a L ! (i + 1) - 1"
using interval_times_diff_ge[OF a_leq_b composition_L, of i ?s]
using i_bound by simp
then show ?thesis unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using trace_length semantics by blast
qed
show ?thesis using global_not future
unfolding semantics_mltl_ext_def semantics_mltl.simps by simp
qed
have ?thesis
unfolding Suc(5) Future_mltl_ext LP_mltl_aux.simps
using ψ_in ψ_semantics
proof -
have "convert_nnf_ext α = α"
by (metis α_nnf convert_nnf_ext_convert_nnf_ext)
then have "And_mltl_ext (Global_mltl_ext (interval_times a L ! 0) (interval_times a L ! i - 1) [?s!i - ?s!0] (Not⇩c α))
(Future_mltl_ext (interval_times a L ! i) (interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) - interval_times a L ! i] x) ∈
set (Future_mltl_list (LP_mltl_aux (convert_nnf_ext α) k) (interval_times a L ! 0) (interval_times a L ! 1 - 1)
[interval_times a L ! 1 - interval_times a L ! 0]
@ concat (map (λn. And_mltl_list [Global_mltl_ext (interval_times a L ! 0) (interval_times a L ! n - 1) [?s!n - ?s!0] (Not⇩c α)]
(Future_mltl_list (LP_mltl_aux (convert_nnf_ext α) k) (interval_times a L ! n) (interval_times a L ! (n + 1) - 1) [interval_times a L ! (n + 1) - interval_times a L ! n])) [1..<length L]))"
using ψ_in by presburger
then show "∃m∈set (let ms = LP_mltl_aux (convert_nnf_ext α) k;
ns = interval_times a L in Future_mltl_list ms (ns ! 0) (ns ! 1 - 1)
[ns ! 1 - ns ! 0] @ concat (map (λn. And_mltl_list
[Global_mltl_ext (ns ! 0) (ns ! n - 1) [ns!n - ns!0] (Not⇩c α)] (Future_mltl_list ms (ns ! n) (ns ! (n + 1) - 1) [ns ! (n + 1) - ns ! n])) [1..<length L])). semantics_mltl_ext π m"
by (meson ψ_semantics)
qed
}
ultimately show ?thesis using semantics by force
next
case (Global_mltl_ext a b L α)
have α_welldef: "intervals_welldef (to_mltl α)"
using Suc(2) unfolding Global_mltl_ext by auto
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
have α_composition: "is_composition_MLTL α"
using Suc(4) unfolding Global_mltl_ext is_composition_MLTL.simps by blast
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using Suc(7) unfolding Global_mltl_ext to_mltl.simps wpd_mltl.simps
by simp
have a_leq_b: "a ≤ b"
using Suc(6) α_wpd unfolding Global_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have length_π_geq_b: "b < length π"
and semantics: "∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl α)"
using Suc(6) α_wpd unfolding Global_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using wpd_geq_one[of "(to_mltl α)"] by auto
let ?D_α = "LP_mltl_aux α k"
{
assume *: "length ?D_α ≤ 1"
let ?ψ = "Global_mltl_ext a b L α"
have semantics: "semantics_mltl π (to_mltl ?ψ)"
using Suc(6) unfolding Global_mltl_ext semantics_mltl_ext_def
by blast
have ψ_in: "?ψ ∈ set D" using Suc(5) *
unfolding Global_mltl_ext LP_mltl_aux.simps
by (metis (full_types) α_nnf convert_nnf_ext_convert_nnf_ext list.set_intros(1))
have ?thesis
using semantics ψ_in Global_mltl_ext Suc.prems(5) by auto
} moreover {
assume *: "length ?D_α > 1"
then have D_is: "D = Global_mltl_decomp ?D_α a (b - a) L"
using Suc(5) * unfolding Global_mltl_ext LP_mltl_aux.simps
by (metis (full_types) α_nnf convert_nnf_ext_convert_nnf_ext leD)
have semantics_global: "semantics_mltl_ext π (Global_mltl_ext a b L α)"
using Suc(6) unfolding Global_mltl_ext by blast
have length_π: "length π ≥ b + wpd_mltl (to_mltl α)"
using Suc(6) α_wpd unfolding Global_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using wpd_geq_one[of "(to_mltl α)"] by blast
have ih: "⋀trace. semantics_mltl_ext trace α ⟹
wpd_mltl (to_mltl α) ≤ length trace ⟹
∃a∈set (LP_mltl_aux α k). semantics_mltl_ext trace a"
using Suc(1)[OF α_welldef α_nnf α_composition, of ?D_α] by blast
have "∃X. length X = b - a + 1 ∧
(∀i<length X. X ! i ∈ set (LP_mltl_aux α k) ∧
semantics_mltl_ext (drop (a+i) π) (X ! i))"
using Global_mltl_ext_obtain[OF a_leq_b length_π semantics_global ih]
by blast
then obtain Y where length_Y: "length Y = b - a + 1"
and Y_prop: "∀i<length Y. Y!i ∈ set ?D_α ∧
semantics_mltl_ext (drop (a+i) π) (Y ! i)"
by blast
let ?X = "map (λi. Global_mltl_ext (a+i) (a+i) [1] (Y!i)) [0..<length Y]"
let ?ψ = "Ands_mltl_ext ?X"
have cond1: "?ψ = ?ψ" by auto
have length_X: "length ?X = b-a+1"
using length_Y by simp
have cond2: "∀i<length ?X.
∃y∈set ?D_α. ?X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
using Y_prop by simp
have ψ_in: "?ψ ∈ set D"
using in_Global_mltl_decomp_exact_converse[OF * cond1 cond2 length_X]
unfolding D_is by blast
have ψ_semantics: "semantics_mltl_ext π ?ψ"
proof-
have cond1: "length ?X ≥ 1" using length_X by simp
have "semantics_mltl_ext π (?X!i)"
if i_bound: "i < length ?X" for i
proof-
have Xi_is: "?X!i = Global_mltl_ext (a + i) (a + i) [1] (Y ! i)"
using i_bound by auto
show ?thesis unfolding Xi_is
using Y_prop i_bound unfolding semantics_mltl_ext_def
unfolding semantics_mltl.simps by auto
qed
then have "(∀x∈set ?X. semantics_mltl_ext π x)"
by auto
then show ?thesis
using Ands_mltl_semantics[of ?X π, OF cond1] by blast
qed
have ?thesis using D_is ψ_in ψ_semantics by blast
}
ultimately show ?thesis by linarith
next
case (Until_mltl_ext α a b L β)
have α_welldef: "intervals_welldef (to_mltl α)"
and β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding Until_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α"
and β_composition: "is_composition_MLTL β"
and L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Until_mltl_ext is_composition_MLTL.simps
by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α)-1 ≤ length π"
and β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using Suc(7) unfolding Until_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
have a_leq_b: "a ≤ b" and length_π_ge_b: "b < length π"
and semantics: "(∃i. (a ≤ i ∧ i ≤ b) ∧
semantics_mltl (drop i π) (to_mltl β) ∧
(∀j. a ≤ j ∧ j < i ⟶
semantics_mltl (drop j π) (to_mltl α)))"
using Suc(6) α_wpd unfolding Until_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using wpd_geq_one[of "to_mltl β"] β_wpd
by simp_all
let ?D_β = "LP_mltl_aux β k"
let ?s = "interval_times a L"
have sfirst: "?s!0 = a"
using interval_times_first by auto
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by auto
have length_L: "length L ≥ 1"
using composition_length_lb[OF L_composition] by linarith
have s_second_lb: "a ≤ interval_times a L ! 1 - 1"
using sfirst interval_times_diff_ge[OF a_leq_b L_composition, of 0 ?s]
using length_L by force
have s_second_ub: "interval_times a L ! 1 - 1 ≤ b"
using slast length_L
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
by force
let ?front = "(Until_mltl_list α ?D_β (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "(concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D_β (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])) [1..<length L]))"
have D_union: "set D = (set ?front) ∪ (set ?back)"
unfolding Suc(5) Until_mltl_ext LP_mltl_aux.simps
using α_convert β_convert list_concat_set_union by metis
let ?P = "λi. semantics_mltl (drop i π) (to_mltl β) ∧
(∀j. a ≤ j ∧ j < i ⟶ semantics_mltl (drop j π) (to_mltl α))"
{
assume *: "∃i. (a ≤ i) ∧ (i ≤ (?s!1)-1) ∧ ?P i"
then obtain i where i_bound: "(a ≤ i ∧ i ≤ (?s!1)-1)" and
semantics: "semantics_mltl (drop i π) (to_mltl β) ∧
(∀j. a ≤ j ∧ j < i ⟶ semantics_mltl (drop j π) (to_mltl α))"
by blast
have semantics_dropi: "semantics_mltl_ext (drop i π) β"
using semantics unfolding semantics_mltl_ext_def by blast
have length_dropi: "wpd_mltl (to_mltl β) ≤ length (drop i π)"
using β_wpd length_π_ge_b i_bound a_leq_b s_second_ub by auto
obtain x where x_semantics: "semantics_mltl_ext (drop i π) x"
and x_in: "x ∈ set ?D_β"
using Suc(1)[OF β_welldef β_nnf β_composition _ semantics_dropi length_dropi, of ?D_β]
by blast
let ?ψ = "(Until_mltl_ext α a ((?s!1)-1) [(?s!1) - a] x)"
have ψ_semantics: "semantics_mltl_ext π ?ψ"
using semantics length_π_ge_b a_leq_b i_bound x_semantics
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by auto
have "?ψ ∈ set ?front"
using x_in unfolding Until_mltl_list.simps sfirst by auto
then have ψ_in: "?ψ ∈ set D"
unfolding D_union by blast
have ?thesis
using ψ_semantics ψ_in by blast
} moreover {
assume *: "∃i. ((?s!1) ≤ i) ∧ (i ≤ b) ∧ ?P i ∧
¬(∃j. a ≤ j ∧ j < (?s!1) ∧ ?P j)"
then obtain t' where t'_bound: "((?s!1) ≤ t') ∧ (t' ≤ b)" and
semantics: "?P t'" and not_semantics: "¬(∃j. a ≤ j ∧ j < (?s!1) ∧ ?P j)"
by blast
have "∃j≥interval_times a L ! 1. j ≤ t' ∧
?P j ∧ (∀l. interval_times a L ! 1 ≤ l ∧ l < j ⟶ ¬ ?P l)"
proof-
have cond1: "interval_times a L ! 1 ≤ t'"
using t'_bound by auto
show ?thesis
using exist_first[of "?s!1" t' ?P, OF cond1 semantics] by blast
qed
then obtain t where
t_bound: "interval_times a L ! 1 ≤ t ∧ t ≤ t'" and
t_semantics: "?P t" and
t_minimal: "∀l. interval_times a L ! 1 ≤ l ∧ l < t ⟶ ¬ ?P l"
by blast
have "∃i. interval_times a L ! i ≤ t ∧
t ≤ interval_times a L ! (i + 1) - 1 ∧ 1 ≤ i ∧ i < length L"
using interval_times_obtain_aux[OF a_leq_b L_composition, of ?s t]
using t_bound t'_bound by simp
then obtain i where t_bound: "interval_times a L ! i ≤ t
∧ t ≤ interval_times a L ! (i + 1) - 1"
and i_bound: "1 ≤ i ∧ i < length L"
by blast
have bound1: "interval_times a L ! i < interval_times a L ! (i+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of i ?s]
using i_bound by blast
have bound2: "a ≤ interval_times a L ! i - 1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i" 0 ?s]
using i_bound sfirst by simp
have positive_i: "interval_times a L ! i > 0"
using i_bound sfirst
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i" 0 ?s]
by auto
have global_α: "semantics_mltl_ext π (Global_mltl_ext a (?s ! i - 1) [?s!i - ?s!0] α)"
proof-
have "semantics_mltl (drop ia π) (to_mltl α)"
if ia_bound: "a ≤ ia ∧ ia ≤ interval_times a L ! i - 1" for ia
proof-
have "a ≤ ia ∧ ia < t"
using ia_bound t_bound positive_i by auto
then show ?thesis
using t_semantics by blast
qed
then show ?thesis
using bound2
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by blast
qed
have global_not_β: "semantics_mltl_ext π (Global_mltl_ext a (?s ! i - 1) [?s!i - ?s!0] (Not⇩c β))"
proof-
have "¬ semantics_mltl (drop ia π) (to_mltl β)"
if ia_bound: "a ≤ ia ∧ ia ≤ interval_times a L ! i - 1" for ia
proof-
have globally: "(∀j. a ≤ j ∧ j < ia ⟶
semantics_mltl (drop j π) (to_mltl α))"
using global_α unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using length_π_ge_b a_leq_b
using antisym dual_order.trans that by auto
have "a ≤ ia ∧ ia < t"
using ia_bound t_bound positive_i by auto
then show ?thesis
using t_minimal globally
by (meson linorder_le_less_linear not_semantics)
qed
then show ?thesis
unfolding semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using bound2 by blast
qed
let ?ψ1 = "Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))"
have ψ1_semantics: "semantics_mltl_ext π ?ψ1"
proof-
have p1: "semantics_mltl π (Global_mltl (?s ! 0) (?s ! i - 1) (to_mltl α))"
using global_α unfolding semantics_mltl_ext_def to_mltl.simps sfirst by blast
have p2: "semantics_mltl π (Global_mltl (?s ! 0) (?s ! i - 1) (Not⇩m (to_mltl β)))"
using global_not_β unfolding semantics_mltl_ext_def to_mltl.simps sfirst by blast
show ?thesis unfolding semantics_mltl_ext_def to_mltl.simps
using p1 p2 global_and_distribute by auto
qed
have "interval_times a L ! (i + 1) ≤ ?s!(length L)"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i+1" ?s]
using i_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have "interval_times a L ! (i + 1)-1 ≤ b"
using slast by auto
then have "t ≤ b"
using t_bound by simp
then have "wpd_mltl (to_mltl β) ≤ length (drop t π)"
using β_wpd by simp
then obtain x where x_semantics: "semantics_mltl_ext (drop t π) x"
and x_in: "x ∈ set ?D_β"
using t_semantics
using Suc(1)[OF β_welldef β_nnf β_composition, of ?D_β "(drop t π)"]
unfolding semantics_mltl_ext_def by blast
let ?ψ2 = "Until_mltl_ext α (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i] x"
have ψ2_semantics: "semantics_mltl_ext π ?ψ2"
proof-
have "(∀j. interval_times a L ! i ≤ j ∧ j < t ⟶
semantics_mltl (drop j π) (to_mltl α))"
using t_minimal not_semantics
by (metis bound2 diff_less dual_order.strict_trans1 dual_order.strict_trans2 less_numeral_extra(1) nless_le positive_i t_semantics)
then have "semantics_mltl (drop t π) (to_mltl x) ∧
(∀j. interval_times a L ! i ≤ j ∧ j < t ⟶
semantics_mltl (drop j π) (to_mltl α))"
using x_semantics unfolding semantics_mltl_ext_def by blast
then have "(∃ia. (interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1) ∧
semantics_mltl (drop ia π) (to_mltl x) ∧
(∀j. interval_times a L ! i ≤ j ∧ j < ia ⟶
semantics_mltl (drop j π) (to_mltl α)))"
using t_bound by blast
then show ?thesis
unfolding semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using bound1
by (smt (verit) ‹interval_times a L ! (i + 1) - 1 ≤ b› le_antisym le_neq_implies_less le_trans length_π_ge_b less_or_eq_imp_le)
qed
let ?ψ = "And_mltl_ext ?ψ1 ?ψ2"
have ψ_semantics: "semantics_mltl_ext π ?ψ"
using ψ1_semantics ψ2_semantics unfolding semantics_mltl_ext_def by simp
have "?ψ ∈ set ?back"
using x_in i_bound
unfolding Until_mltl_list.simps by auto
then have ψ_in: "?ψ ∈ set D"
using D_union by blast
have ?thesis using ψ_semantics ψ_in by auto
}
ultimately show ?thesis
using exist_bound_split[OF a_leq_b, of ?P "?s!1"] semantics by blast
next
case (Release_mltl_ext α a b L β)
have α_welldef: "intervals_welldef (to_mltl α)"
and β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding Release_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α"
and β_composition: "is_composition_MLTL β"
and L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Release_mltl_ext is_composition_MLTL.simps
by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
and β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using Suc(7) unfolding Release_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
have length_π_ge_b: "b < length π"
using wpd_geq_one[of "to_mltl β"] β_wpd
by auto
have a_leq_b: "a ≤ b"
using Suc(6) α_wpd unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have semantics: "(∀i. a ≤ i ∧ i ≤ b ⟶
semantics_mltl (drop i π) (to_mltl β)) ∨
(∃j≥a. j ≤ b - 1 ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
using Suc(6) unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using length_π_ge_b by auto
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have sfirst: "?s!0 = a"
using interval_times_first by auto
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by auto
let ?front = "set [Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)]"
let ?middle = "set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
let ?P = "λj. (semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
have D_is: "set D = ?front ∪ ?middle ∪ ?back"
unfolding Suc(5) Release_mltl_ext LP_mltl_aux.simps
using α_convert list_concat_set_union
by (metis append_assoc)
{
assume *: "(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (to_mltl β))
∧(∀i. a ≤ i ∧ i ≤ b ⟶ semantics_mltl (drop i π) (Not⇩m (to_mltl α)))"
let ?ψ = "Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
have ψ_in: "?ψ ∈ set D"
using D_is by auto
have "semantics_mltl_ext π ?ψ"
unfolding semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b * by auto
then have ?thesis using ψ_in by blast
} moreover {
assume *: "∃i. a ≤ i ∧ i ≤ b ∧ ?P i"
then obtain t' where t'_semantics: "?P t'"
and t'_bound: "a ≤ t' ∧ t' ≤ b"
by blast
then obtain t where t_semantics: "?P t"
and t_bound: "a ≤ t ∧ t ≤ t'"
and t_minimal: "∀j. (a ≤ j ∧ j < t) ⟶ ¬ ?P j"
using exist_first[of a t' ?P] by blast
have globally_notα: "∀i. (a ≤ i ∧ i < t) ⟶
¬ (semantics_mltl_ext (drop i π) α)"
using t_minimal t_semantics unfolding semantics_mltl_ext_def by auto
have α_semantics: "semantics_mltl_ext (drop t π) α"
using t_semantics unfolding semantics_mltl_ext_def by blast
have globally_β: "∀i. (a ≤ i ∧ i ≤ t) ⟶ (semantics_mltl_ext (drop i π) β)"
using t_semantics unfolding semantics_mltl_ext_def by blast
obtain i where t_bound: "?s!i ≤ t ∧ t ≤ ?s!(i+1)-1"
and i_bound: "0 ≤ i ∧ i < length L"
using interval_times_obtain[OF a_leq_b L_composition, of ?s t]
using t_bound t'_bound by auto
have lb: "a ≤ ?s!i"
using i_bound sfirst interval_times_diff_ge_general[OF a_leq_b L_composition, of i 0 ?s]
by force
have welldef: "?s!i < ?s!(i+1)"
using i_bound
using interval_times_diff_ge[OF a_leq_b L_composition, of i ?s]
by blast
have ub: "?s!(i+1) ≤ b+1"
using i_bound slast interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i+1" ?s]
by (metis Orderings.order_eq_iff less_iff_succ_less_eq order_le_imp_less_or_eq order_less_imp_le)
have "wpd_mltl (to_mltl α) ≤ length (drop t π)"
using α_wpd t_bound i_bound sfirst welldef ub by auto
then obtain x where x_semantics: "semantics_mltl_ext (drop t π) x"
and x_in: "x ∈ set (LP_mltl_aux α k)"
using Suc(1)[OF α_welldef α_nnf α_composition _ α_semantics, of ?D]
by blast
{
assume i_bound: "i = 0"
let ?ψ = "Mighty_Release_mltl_ext x β a (interval_times a L ! 1 - 1) [interval_times a L ! 1 - a]"
have ψ_in: "?ψ ∈ ?middle" using x_in unfolding sfirst by auto
then have ψ_in: "?ψ ∈ set D" using D_is by blast
have "semantics_mltl_ext π ?ψ"
proof-
have sem1: "(∀i. a ≤ i ∧ i ≤ interval_times a L ! 1 - 1 ⟶
semantics_mltl (drop i π) (to_mltl β)) ∨
(∃j≥a. j ≤ interval_times a L ! 1 - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
proof-
{
assume t_loc: "t = ?s ! (i + 1) - 1"
then have ?thesis
using globally_β
by (simp add: i_bound t_semantics)
} moreover {
assume t_loc: "?s ! i ≤ t ∧ t ≤ ?s ! (i + 1) - 1 -1"
then have ?thesis
using t_semantics i_bound globally_β
by (metis add_cancel_right_left semantics_mltl_ext_def sfirst x_semantics)
}
ultimately show ?thesis using t_bound by fastforce
qed
have sem2: "(∃i. (a ≤ i ∧ i ≤ interval_times a L ! 1 - 1) ∧
semantics_mltl (drop i π) (to_mltl x))"
using x_semantics t_bound ub lb welldef unfolding semantics_mltl_ext_def
using i_bound sfirst by auto
show ?thesis unfolding Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using welldef i_bound sem1 sem2 length_π_ge_b a_leq_b by auto
qed
then have ?thesis
using ψ_in by auto
} moreover {
assume i_bound: "0 < i ∧ i < length L"
have lb: "a < ?s!i"
using i_bound sfirst interval_times_diff_ge_general[OF a_leq_b L_composition, of i 0 ?s]
by force
let ?ψ = "And_mltl_ext
(Global_mltl_ext
a (interval_times a L ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x β
(interval_times a L ! i) (interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) - interval_times a L ! i])"
have "?ψ ∈ ?back"
using x_in i_bound sfirst by auto
then have ψ_in: "?ψ ∈ set D" using D_is by blast
have "semantics_mltl_ext π ?ψ"
proof-
have p1: "(∀ia. a ≤ ia ∧ ia ≤ interval_times a L ! i - 1 ⟶
¬ semantics_mltl (drop ia π) (to_mltl α) ∧
semantics_mltl (drop ia π) (to_mltl β))"
using globally_notα globally_β t_bound lb ub welldef
unfolding semantics_mltl_ext_def by auto
have p2: "(∀ia. interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1 ⟶
semantics_mltl (drop ia π) (to_mltl β)) ∨
(∃j≥interval_times a L ! i.
j ≤ interval_times a L ! (i + 1) - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. interval_times a L ! i ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
proof-
{
assume t_loc: "t = interval_times a L ! (i + 1) - 1"
then have ?thesis
using globally_β t_bound ub lb welldef
by (metis le_trans less_or_eq_imp_le t_semantics)
} moreover {
assume t_loc: "t ≤ interval_times a L ! (i + 1) - 1-1"
then have ?thesis
using x_semantics globally_β t_bound ub lb welldef
by (meson le_trans less_imp_le_nat semantics_mltl_ext_def)
}
ultimately show ?thesis using t_bound by fastforce
qed
have p3: "(∃ia. (interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1) ∧
semantics_mltl (drop ia π) (to_mltl x))"
using x_semantics i_bound lb ub welldef
unfolding semantics_mltl_ext_def
using t_bound by auto
have tracelen: "interval_times a L ! i < length π"
using length_π_ge_b ub welldef by simp
then show ?thesis unfolding semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
using lb ub welldef p1 p2 p3 by auto
qed
then have ?thesis
using ψ_in by auto
}
ultimately have ?thesis using i_bound by blast
}
ultimately show ?thesis using semantics Release_semantics_split
by blast
qed
qed
paragraph ‹Converse Direction›
lemma LP_mltl_aux_language_union_converse:
fixes φ::"'a mltl_ext" and k::"nat" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition: "is_composition_MLTL φ"
assumes trace_length: "length π ≥ wpd_mltl (to_mltl φ)"
assumes D_is: "D = LP_mltl_aux φ k"
assumes "∃ψ ∈ set D. semantics_mltl_ext π ψ"
shows "semantics_mltl_ext π φ"
using assms
proof(induct k arbitrary: D φ π)
case 0
then show ?case by simp
next
case (Suc k)
then show ?case
proof(cases φ)
case True_mltl_ext
then show ?thesis unfolding semantics_mltl_ext_def by simp
next
case False_mltl_ext
then show ?thesis using assms unfolding semantics_mltl_ext_def
by (metis LP_mltl_aux.simps(3) Suc.prems(5) Suc.prems(6) empty_iff empty_set semantics_mltl_ext_def set_ConsD)
next
case (Prop_mltl_ext p)
then show ?thesis using Suc
unfolding semantics_mltl_ext_def by simp
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop Suc
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by blast
then show ?thesis
using Not_mltl_ext Suc by simp
next
case (And_mltl_ext α β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding And_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding And_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ wpd_mltl (to_mltl α)" and
β_wpd: "length π ≥ wpd_mltl (to_mltl β)"
using Suc(5) unfolding And_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?Da = "LP_mltl_aux α k"
let ?Db = "LP_mltl_aux β k"
obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set ?Da"
and y_in: "y ∈ set ?Db"
using ψ_in unfolding Suc(6) And_mltl_ext LP_mltl_aux.simps
using And_mltl_list_member unfolding List.member_def
using α_convert β_convert by metis
have x_semantics: "semantics_mltl_ext π x" and
y_semantics: "semantics_mltl_ext π y"
using ψ_semantics unfolding semantics_mltl_ext_def ψ_is to_mltl.simps
by simp_all
have α_ih: "semantics_mltl_ext π α"
using Suc(1)[OF α_welldef α_nnf α_composition α_wpd, of ?Da]
using x_in x_semantics by blast
have β_ih: "semantics_mltl_ext π β"
using Suc(1)[OF β_welldef β_nnf β_composition β_wpd, of ?Db]
using y_in y_semantics by blast
show ?thesis
using α_ih β_ih unfolding And_mltl_ext semantics_mltl_ext_def by auto
next
case (Or_mltl_ext α β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding Or_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β"
using Suc(4) unfolding Or_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ wpd_mltl (to_mltl α)" and
β_wpd: "length π ≥ wpd_mltl (to_mltl β)"
using Suc(5) unfolding Or_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?Da = "LP_mltl_aux α k"
let ?Db = "LP_mltl_aux β k"
let ?front = "And_mltl_list ?Da ?Db"
let ?middle = "And_mltl_list [Not⇩c α] ?Db"
let ?back = "And_mltl_list ?Da [Not⇩c β]"
have cases: "ψ ∈ (set ?front) ∪ (set ?middle) ∪ (set ?back)"
using Suc(6) unfolding Or_mltl_ext LP_mltl_aux.simps using ψ_in
by (metis α_convert β_convert boolean_algebra_cancel.sup1 set_append)
{
assume *: "ψ ∈ set ?front"
obtain x y where ψ_is: "ψ = And_mltl_ext x y"
and x_in: "x ∈ set ?Da"
and y_in: "y ∈ set ?Db"
using ψ_in * unfolding Or_mltl_ext LP_mltl_aux.simps
using And_mltl_list_member unfolding List.member_def
using α_convert β_convert by metis
have x_semantics: "semantics_mltl_ext π x" and
y_semantics: "semantics_mltl_ext π y"
using ψ_semantics unfolding semantics_mltl_ext_def ψ_is to_mltl.simps
by simp_all
have α_ih: "semantics_mltl_ext π α"
using Suc(1)[OF α_welldef α_nnf α_composition α_wpd, of ?Da]
using x_in x_semantics by blast
have β_ih: "semantics_mltl_ext π β"
using Suc(1)[OF β_welldef β_nnf β_composition β_wpd, of ?Db]
using y_in y_semantics by blast
have ?thesis
using α_ih β_ih unfolding Or_mltl_ext semantics_mltl_ext_def by auto
} moreover {
assume *: "ψ ∈ set ?middle"
obtain y where ψ_is: "ψ = And_mltl_ext (Not⇩c α) y"
and y_in: "y ∈ set ?Db"
using ψ_in * unfolding Or_mltl_ext LP_mltl_aux.simps
using And_mltl_list_member unfolding List.member_def
using α_convert β_convert by auto
have x_semantics: "semantics_mltl_ext π (Not⇩c α)" and
y_semantics: "semantics_mltl_ext π y"
using ψ_semantics unfolding semantics_mltl_ext_def ψ_is to_mltl.simps
by simp_all
have β_ih: "semantics_mltl_ext π β"
using Suc(1)[OF β_welldef β_nnf β_composition β_wpd, of ?Db]
using y_in y_semantics by blast
have ?thesis
using β_ih unfolding Or_mltl_ext semantics_mltl_ext_def by auto
} moreover {
assume *: "ψ ∈ set ?back"
obtain x where ψ_is: "ψ = And_mltl_ext x (Not⇩c β)"
and x_in: "x ∈ set ?Da"
using ψ_in * unfolding Or_mltl_ext LP_mltl_aux.simps
using And_mltl_list_member unfolding List.member_def
using α_convert β_convert
by (metis empty_iff empty_set set_ConsD)
have x_semantics: "semantics_mltl_ext π x" and
y_semantics: "semantics_mltl_ext π (Not⇩c β)"
using ψ_semantics unfolding semantics_mltl_ext_def ψ_is to_mltl.simps
by simp_all
have α_ih: "semantics_mltl_ext π α"
using Suc(1)[OF α_welldef α_nnf α_composition α_wpd, of ?Da]
using x_in x_semantics by blast
have ?thesis
using α_ih unfolding Or_mltl_ext semantics_mltl_ext_def by auto
}
ultimately show ?thesis using cases by blast
next
case (Future_mltl_ext a b L α)
have α_welldef: "intervals_welldef (to_mltl α)" and
a_leq_b: "a ≤ b"
using Suc(2) unfolding Future_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_composition: "is_composition_MLTL α" and
L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Future_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ b + wpd_mltl (to_mltl α)"
using Suc(5) unfolding Future_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
then have length_π_ge_b: "length π > b"
using wpd_geq_one[of "to_mltl α"] by auto
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by blast
let ?front = "(Future_mltl_list ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "(concat (map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have cases: "ψ ∈ (set ?front) ∪ (set ?back)"
using ψ_in using Suc(6) unfolding Future_mltl_ext LP_mltl_aux.simps
using list_concat_set_union[of ?front ?back] α_convert by metis
{
assume *: "ψ ∈ set ?front"
then obtain x where ψ_is: "ψ = Future_mltl_ext (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] x"
and x_in: "x ∈ set ?D"
unfolding Future_mltl_list.simps by fastforce
obtain l where x_semantics: "semantics_mltl (drop l π) (to_mltl x)" and
l_bound: "a ≤ l ∧ l ≤ interval_times a L ! 1 - 1"
using ψ_semantics
unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps sfirst
by blast
have bound: "interval_times a L ! 1 - 1 ≤ b"
using slast length_L l_bound
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
by force
then have "wpd_mltl (to_mltl α) ≤ length (drop l π)"
using α_wpd l_bound by auto
then have α_ih: "semantics_mltl_ext (drop l π) α"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop l π" ?D]
using x_in x_semantics semantics_mltl_ext_def by auto
then have ?thesis unfolding Future_mltl_ext semantics_mltl_ext_def
unfolding to_mltl.simps semantics_mltl.simps
using length_π_ge_b a_leq_b l_bound bound by auto
} moreover {
assume *: "ψ ∈ set ?back"
then obtain i where ψ_is: "ψ ∈ set (And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))"
and i_bound: "1 ≤ i ∧ i < length L"
by force
obtain x where ψ_is: "ψ = And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i] x)"
and x_in: "x ∈ set ?D"
using ψ_is unfolding Future_mltl_list.simps by auto
obtain l where x_semantics: "semantics_mltl (drop l π) (to_mltl x)" and
l_bound: "?s ! i ≤ l ∧ l ≤ ?s ! (i + 1) - 1"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have "interval_times a L ! (i + 1) ≤ interval_times a L ! length L"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i+1" ?s]
using i_bound
by (metis less_iff_succ_less_eq order_le_less)
then have bound: "interval_times a L ! (i + 1) ≤ b+1"
unfolding slast by blast
then have "l ≤ b"
using l_bound slast by auto
then have "wpd_mltl (to_mltl α) ≤ length (drop l π)"
using l_bound α_wpd by simp
then have α_ih: "semantics_mltl_ext (drop l π) α"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop l π" ?D]
using x_in x_semantics semantics_mltl_ext_def by blast
have lb: "a ≤ interval_times a L ! i"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i 0 ?s]
using sfirst i_bound by auto
have ?thesis unfolding Future_mltl_ext semantics_mltl_ext_def
unfolding to_mltl.simps semantics_mltl.simps
using length_π_ge_b a_leq_b l_bound α_ih lb bound unfolding semantics_mltl_ext_def
by (metis ‹l ≤ b› dual_order.trans order_le_less_trans)
}
ultimately show ?thesis using cases by blast
next
case (Global_mltl_ext a b L α)
have α_welldef: "intervals_welldef (to_mltl α)" and
a_leq_b: "a ≤ b"
using Suc(2) unfolding Global_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
have α_composition: "is_composition_MLTL α"
using Suc(4) unfolding Global_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ b + wpd_mltl (to_mltl α)"
using Suc(5) unfolding Global_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
then have length_π_ge_b: "length π > b"
using wpd_geq_one[of "to_mltl α"] by auto
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?D = "LP_mltl_aux α k"
{
assume *: "length ?D ≤ 1"
have "D = [Global_mltl_ext a b L α]"
using Suc(6) unfolding Global_mltl_ext LP_mltl_aux.simps
using * α_convert by auto
then have ?thesis using Suc
by (simp add: Global_mltl_ext)
} moreover {
assume *: "length ?D > 1"
then have D_is: "D = (Global_mltl_decomp ?D a (b - a) L)"
using Suc α_nnf α_convert unfolding Global_mltl_ext LP_mltl_aux.simps
by simp
obtain ψ where ψ_in: "ψ ∈ set (Global_mltl_decomp ?D a (b - a) L)"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) unfolding D_is by blast
then obtain X where ψ_is: "ψ = Ands_mltl_ext X"
and X_fact: "∀i<length X. ∃y∈set (LP_mltl_aux α k).
X ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and length_X: "length X = Suc (b - a)"
using in_Global_mltl_decomp_exact_forward[OF * ψ_in] by blast
have "semantics_mltl (drop i π) (to_mltl α)"
if i_bound: "a ≤ i ∧ i ≤ b" for i
proof-
have "i-a < length X"
using i_bound length_X a_leq_b by linarith
then obtain y where y_in: "y ∈ set ?D"
and Xi_is: "X!(i-a) = Global_mltl_ext (a+i-a) (a+i-a) [1] y"
using X_fact i_bound by auto
have "semantics_mltl_ext (drop i π) y"
proof-
have i_length_trace: "i< length π"
using i_bound length_π_ge_b by auto
have Ands_semantics: "(∀x∈set X. semantics_mltl_ext π x)"
using ψ_semantics unfolding ψ_is
using Ands_mltl_semantics[of X π] length_X by auto
have "(Global_mltl_ext i i [1] y) ∈ set X"
using Xi_is i_bound ‹i - a < length X› nth_mem by fastforce
then have "semantics_mltl_ext π (Global_mltl_ext i i [1] y)"
using Ands_semantics by blast
then show ?thesis unfolding semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i_length_trace by simp
qed
then have semantics: "∃a∈set ?D. semantics_mltl_ext (drop i π) a"
using y_in by blast
have wpd: "wpd_mltl (to_mltl α) ≤ length (drop i π)"
using length_π_ge_b α_wpd i_bound by auto
show ?thesis
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop i π" ?D]
using wpd semantics unfolding semantics_mltl_ext_def by blast
qed
then have ?thesis unfolding Global_mltl_ext semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using a_leq_b length_π_ge_b by blast
}
ultimately show ?thesis by linarith
next
case (Until_mltl_ext α a b L β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)" and
a_leq_b: "a ≤ b"
using Suc(2) unfolding Until_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β" and
L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Until_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ b+wpd_mltl (to_mltl α)-1" and
β_wpd: "length π ≥ b+wpd_mltl (to_mltl β)"
using Suc(5) unfolding Until_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
then have length_π_ge_b: "length π > b"
using wpd_geq_one[of "to_mltl β"] by auto
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?D = "LP_mltl_aux β k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by blast
let ?front = "(Until_mltl_list α ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "(concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])) [1..<length L]))"
have D_union: "set D = (set ?front) ∪ (set ?back)"
using Suc(6) unfolding Until_mltl_ext LP_mltl_aux.simps
using α_convert β_convert list_concat_set_union by metis
obtain ψ where ψ_in: "ψ ∈ set D" and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
{
assume *: "ψ ∈ set ?front"
then obtain y where ψ_is: "ψ = Until_mltl_ext α (interval_times a L ! 0)
(interval_times a L ! 1 - 1) [interval_times a L ! 1 - interval_times a L ! 0] y"
and y_in: "y ∈ set ?D"
by auto
have length_s: "1 < length ?s" using ψ_is
by (metis One_nat_def add.commute add_gr_0 add_less_cancel_right L_composition composition_length_lb interval_times_length plus_1_eq_Suc zero_less_one)
then have length_L: "1 ≤ length L"
unfolding interval_times_def
by (simp add: less_eq_iff_succ_less)
have "interval_times a L ! 1 ≤ interval_times a L ! (length L)"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
using length_L by force
then have ub: "interval_times a L ! 1 - 1 ≤ b"
using slast by auto
obtain l where y_semantics: "semantics_mltl_ext (drop l π) y"
and α_global: "(∀j. interval_times a L ! 0 ≤ j ∧ j < l ⟶
semantics_mltl (drop j π) (to_mltl α))"
and l_bound: "?s ! 0 ≤ l ∧ l ≤ ?s ! 1 - 1"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have l_ab: "a ≤ l ∧ l ≤ b"
using l_bound sfirst ub by simp
have sem: "∃a∈set (LP_mltl_aux β k). semantics_mltl_ext (drop l π) a"
using y_in y_semantics by blast
have "wpd_mltl (to_mltl β) ≤ length (drop l π)"
using l_bound length_π_ge_b β_wpd ub by auto
then have ih: "semantics_mltl_ext (drop l π) β"
using Suc(1)[OF β_welldef β_nnf β_composition, of "drop l π" ?D]
using sem by blast
have "semantics_mltl (drop j π) (to_mltl α)"
if j_bound: "a ≤ j ∧ j < l" for j
using α_global unfolding sfirst using j_bound l_bound ub by blast
then have "(∃i. (a ≤ i ∧ i ≤ b) ∧
semantics_mltl (drop i π) (to_mltl β) ∧
(∀j. a ≤ j ∧ j < i ⟶
semantics_mltl (drop j π) (to_mltl α)))"
using ih l_ab unfolding semantics_mltl_ext_def by blast
then have ?thesis unfolding Until_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b length_π_ge_b by simp
} moreover {
assume *: "ψ ∈ set ?back"
then obtain i y where
ψ_is: "ψ = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i-1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i) (?s!(i+1)-1) [(?s!(i+1)) - (?s!i)] y)"
and i_bound: "1 ≤ i ∧ i < length L"
and y_in: "y ∈ set ?D"
by auto
have bound1: "interval_times a L ! i < interval_times a L ! (i+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of i ?s]
using i_bound by blast
have "interval_times a L ! (i + 1) ≤ interval_times a L ! (length L)"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i+1" ?s]
using i_bound by (metis less_iff_succ_less_eq order_le_less)
then have bound2: "interval_times a L ! (i+1) ≤ b+1"
using slast by simp
have "interval_times a L ! i > interval_times a L ! 0"
using i_bound interval_times_diff_ge_general[OF a_leq_b L_composition, of i 0 ?s]
by auto
then have "interval_times a L ! i > 0"
unfolding interval_times_def by simp
then have "interval_times a L ! i ≤ b"
using bound1 bound2 by simp
have αβ_global: "(∀ia. a ≤ ia ∧ ia ≤ interval_times a L ! i - 1 ⟶
semantics_mltl (drop ia π) (to_mltl α) ∧
¬ semantics_mltl (drop ia π) (to_mltl β))"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst by auto
have until: "(∃ia. (interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1) ∧
semantics_mltl (drop ia π) (to_mltl y) ∧
(∀j. interval_times a L ! i ≤ j ∧ j < ia ⟶
semantics_mltl (drop j π) (to_mltl α)))"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst by auto
obtain l where y_semantics: "semantics_mltl_ext (drop l π) y"
and α_global: "(∀j. ?s ! i ≤ j ∧ j < l ⟶
semantics_mltl (drop j π) (to_mltl α))"
and l_bound: "?s ! i ≤ l ∧ l ≤ ?s ! (i+1) - 1"
using until unfolding semantics_mltl_ext_def by blast
have ub: "?s ! (i+1) - 1 ≤ b"
using i_bound bound2 by auto
have lb: "a < ?s!i"
using i_bound interval_times_diff_ge_general[OF a_leq_b L_composition, of "i" 0 ?s]
using sfirst by auto
have l_ab: "a ≤ l ∧ l ≤ b"
using l_bound using ub lb by simp
have sem: "∃a∈set (LP_mltl_aux β k). semantics_mltl_ext (drop l π) a"
using y_in y_semantics by blast
have "wpd_mltl (to_mltl β) ≤ length (drop l π)"
using β_wpd l_bound length_π_ge_b ub by auto
then have ih: "semantics_mltl_ext (drop l π) β"
using Suc(1)[OF β_welldef β_nnf β_composition _ _ sem] by blast
have l_ab: "a ≤ l ∧ l ≤ b"
using l_bound lb ub by simp
have "semantics_mltl (drop j π) (to_mltl α)"
if j_bound: "a ≤ j ∧ j < l" for j
proof-
have case1: "∀ia. a ≤ ia ∧ ia ≤ ?s ! i - 1 ⟶
semantics_mltl (drop ia π) (to_mltl α)"
using αβ_global by blast
{
assume *: "a ≤ j ∧ j ≤ ?s ! i - 1"
then have ?thesis
using case1 by blast
} moreover {
assume *: "?s!i ≤ j ∧ j < l"
then have ?thesis
using α_global by blast
}
ultimately show ?thesis using j_bound by linarith
qed
then have "(∃i. (a ≤ i ∧ i ≤ b) ∧
semantics_mltl (drop i π) (to_mltl β) ∧
(∀j. a ≤ j ∧ j < i ⟶
semantics_mltl (drop j π) (to_mltl α)))"
using ih l_ab semantics_mltl_ext_def by auto
then have ?thesis unfolding Until_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b length_π_ge_b by simp
}
ultimately show ?thesis using D_union ψ_in by blast
next
case (Release_mltl_ext α a b L β)
have α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)" and
a_leq_b: "a ≤ b"
using Suc(2) unfolding Release_mltl_ext by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β" and
L_composition: "is_composition (b-a+1) L"
using Suc(4) unfolding Release_mltl_ext is_composition_MLTL.simps by simp_all
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_wpd: "length π ≥ b+wpd_mltl (to_mltl α)" and
β_wpd: "length π ≥ b+wpd_mltl (to_mltl β)"
using Suc(5) unfolding Release_mltl_ext to_mltl.simps wpd_mltl.simps
by simp_all
then have length_π_ge_b: "length π > b"
using wpd_geq_one[of "to_mltl β"] by auto
obtain ψ where ψ_in: "ψ ∈ set D"
and ψ_semantics: "semantics_mltl_ext π ψ"
using Suc(7) by blast
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by blast
let ?front = "set [Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)]"
let ?middle = "set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
let ?P = "λj. (semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
have D_is: "set D = ?front ∪ ?middle ∪ ?back"
unfolding Suc(6) Release_mltl_ext LP_mltl_aux.simps
using α_convert list_concat_set_union
by (metis append_assoc)
have split: "ψ ∈ ?front ∪ ?middle ∪ ?back"
using ψ_in D_is by blast
{
assume *: "ψ ∈ ?front"
then have ψ_is: "ψ = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
then have ?thesis using ψ_semantics unfolding ψ_is
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
} moreover {
assume *: "ψ ∈ ?middle"
then obtain x where ψ_is: "ψ = Mighty_Release_mltl_ext x β a (?s ! 1 - 1) [?s ! 1 - a]"
and x_in: "x ∈ set ?D"
using sfirst by auto
have welldef: "a < ?s!1" using sfirst
using interval_times_diff_ge[OF a_leq_b L_composition, of 0 ?s]
using length_L by force
have ub: "?s!1 ≤ b+1"
using length_L slast
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
by force
obtain i where i_bound: "a ≤ i ∧ i ≤ interval_times a L ! 1 - 1"
and x_semantics: "semantics_mltl (drop i π) (to_mltl x)"
using ψ_semantics unfolding ψ_is Mighty_Release_mltl_ext.simps
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have "wpd_mltl (to_mltl α) ≤ length (drop i π)"
using α_wpd i_bound ub by auto
then have α_semantics: "semantics_mltl_ext (drop i π) α"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop i π" ?D]
using x_in x_semantics unfolding semantics_mltl_ext_def by blast
let ?globally_β = "(∀i. a ≤ i ∧ i ≤ interval_times a L ! 1 - 1 ⟶
semantics_mltl (drop i π) (to_mltl β))"
let ?release = "(∃j≥a. j ≤ interval_times a L ! 1 - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
have eo: "?globally_β ∨ ?release"
using ψ_semantics unfolding ψ_is Mighty_Release_mltl_ext.simps
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
{
assume **: "?globally_β"
{
assume "interval_times a L ! 1 - 1 = b"
then have ?thesis unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using ** a_leq_b by simp
} moreover {
assume s1_bound: "interval_times a L ! 1 - 1 < b"
have "semantics_mltl (drop k π) (to_mltl β)"
if k_bound: "a ≤ k ∧ k ≤ i" for k
using ** k_bound i_bound s1_bound by auto
then have ?thesis using ** α_semantics i_bound ub a_leq_b
unfolding semantics_mltl_ext_def Release_mltl_ext to_mltl.simps semantics_mltl.simps
using s1_bound by force
}
ultimately have ?thesis using ub by linarith
} moreover {
assume **: "?release"
have bound: "interval_times a L ! 1 - 1 - 1 ≤ b-1"
using ub by simp
then obtain j where sem: "a ≤ j ∧ j ≤ interval_times a L ! 1 - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β))"
using ** by blast
have "wpd_mltl (to_mltl α) ≤ length (drop j π)"
using α_wpd sem ub by auto
then have "semantics_mltl (drop j π) (to_mltl α)"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop j π" ?D]
using sem x_in unfolding semantics_mltl_ext_def by blast
then have "(∃j≥a. j ≤ b - 1 ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
using sem ub by auto
then have ?thesis
unfolding semantics_mltl_ext_def Release_mltl_ext to_mltl.simps semantics_mltl.simps
using a_leq_b by blast
}
ultimately have ?thesis using eo by blast
} moreover {
assume *: "ψ ∈ ?back"
then obtain i x where ψ_is: "ψ = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x β
(interval_times a L ! i)
(interval_times a L ! (i + 1) - 1)
[interval_times a L ! (i + 1) -
interval_times a L ! i])"
and x_in: "x ∈ set ?D"
and i_bound: "1 ≤ i ∧ i < length L"
by auto
have lb: "a < ?s!i"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i 0 ?s]
using sfirst i_bound by simp
have welldef: "(interval_times a L ! i) < (interval_times a L ! (i + 1))"
using interval_times_diff_ge[OF a_leq_b L_composition, of i ?s]
using i_bound by simp
have ub: "?s!(i+1) ≤ b+1"
using slast i_bound
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i+1" ?s]
by (metis Orderings.order_eq_iff less_iff_succ_less_eq order_le_imp_less_or_eq order_less_imp_le)
have globally_before: "∀ia. interval_times a L ! 0 ≤ ia ∧ ia ≤ interval_times a L ! i - 1 ⟶
¬ semantics_mltl (drop ia π) (to_mltl α) ∧
semantics_mltl (drop ia π) (to_mltl β)"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps Mighty_Release_mltl_ext.simps
using length_π_ge_b a_leq_b sfirst by auto
have release: "(∀ia. interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1 ⟶
semantics_mltl (drop ia π) (to_mltl β)) ∨
(∃j≥interval_times a L ! i.
j ≤ interval_times a L ! (i + 1) - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. interval_times a L ! i ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps Mighty_Release_mltl_ext.simps
by auto
obtain ia where ia_bound: "interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1"
and x_semantics: "semantics_mltl (drop ia π) (to_mltl x)"
using ψ_semantics unfolding ψ_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps Mighty_Release_mltl_ext.simps
by blast
have "wpd_mltl (to_mltl α) ≤ length (drop ia π)"
using α_wpd ia_bound ub by auto
then have α_semantics: "semantics_mltl (drop ia π) (to_mltl α)"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop ia π" ?D]
using x_semantics x_in unfolding semantics_mltl_ext_def by blast
{
assume global_β: "(∀ia. interval_times a L ! i ≤ ia ∧
ia ≤ interval_times a L ! (i + 1) - 1 ⟶
semantics_mltl (drop ia π) (to_mltl β))"
{
assume eq: "interval_times a L ! (i + 1) - 1 = b"
have "semantics_mltl (drop j π) (to_mltl β)"
if j_bound: "a ≤ j ∧ j ≤ b" for j
proof-
have 1: "j ≤ interval_times a L ! i - 1 ⟹ ?thesis"
using globally_before j_bound unfolding sfirst by blast
have 2: "j ≥ interval_times a L ! i ⟹ ?thesis"
using global_β j_bound eq by blast
show ?thesis
using 1 2 by linarith
qed
then have ?thesis
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b by blast
} moreover {
assume le: "interval_times a L ! (i + 1) - 1 < b"
have 1: "semantics_mltl (drop k π) (to_mltl β)"
if k_bound: "a ≤ k ∧ k ≤ ia" for k
proof-
have 1: "k ≤ interval_times a L ! i - 1 ⟹ ?thesis"
using globally_before k_bound sfirst ia_bound by auto
have 2: "k ≥ interval_times a L ! i ⟹ ?thesis"
using global_β ia_bound k_bound by auto
show ?thesis
using 1 2 by linarith
qed
have 2: "a ≤ ia ∧ ia ≤ b - 1"
using ia_bound ub lb le by auto
then have "(∃j≥a. j ≤ b - 1 ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
using α_semantics ia_bound le ub lb welldef 1 2 by blast
then have ?thesis
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b by auto
}
ultimately have ?thesis using ub by linarith
} moreover {
assume "(∃j≥interval_times a L ! i.
j ≤ interval_times a L ! (i + 1) - 1 - 1 ∧
semantics_mltl (drop j π) (to_mltl x) ∧
(∀k. interval_times a L ! i ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
then obtain j where j_bound: "interval_times a L ! i ≤ j ∧ j ≤ interval_times a L ! (i + 1) - 1 - 1"
and x_semantics: "semantics_mltl (drop j π) (to_mltl x)"
and global: "∀k. interval_times a L ! i ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)"
by blast
have "wpd_mltl (to_mltl α) ≤ length (drop j π)"
using α_wpd j_bound ub by auto
then have α_semantics: "semantics_mltl (drop j π) (to_mltl α)"
using Suc(1)[OF α_welldef α_nnf α_composition, of "drop j π" ?D]
using x_in x_semantics unfolding semantics_mltl_ext_def by blast
have g: "semantics_mltl (drop k π) (to_mltl β)"
if k_bound: "a ≤ k ∧ k ≤ j" for k
proof-
have 1: "k ≤ interval_times a L ! i - 1 ⟹ ?thesis"
using globally_before k_bound sfirst ia_bound by auto
have 2: "k ≥ interval_times a L ! i ⟹ ?thesis"
using global ia_bound k_bound by auto
show ?thesis
using 1 2 by linarith
qed
have "a ≤ j ∧ j ≤ b - 1"
using j_bound ub lb by auto
then have "(∃j≥a. j ≤ b - 1 ∧
semantics_mltl (drop j π) (to_mltl α) ∧
(∀k. a ≤ k ∧ k ≤ j ⟶
semantics_mltl (drop k π) (to_mltl β)))"
using α_semantics g by blast
then have ?thesis
unfolding Release_mltl_ext semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b by blast
}
ultimately have ?thesis using release by blast
}
ultimately show ?thesis using split by blast
qed
qed
paragraph ‹Top Level Union Theorem›
lemma LP_mltl_aux_language_union:
fixes φ::"'a mltl_ext" and k::"nat" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes trace_length: "length π ≥ wpd_mltl (to_mltl φ)"
assumes composition: "is_composition_MLTL φ"
assumes D_is: "D = LP_mltl_aux φ k"
shows "semantics_mltl_ext π φ ⟷
(∃ψ ∈ set D. semantics_mltl_ext π ψ)"
using assms
using LP_mltl_aux_language_union_converse
using LP_mltl_aux_language_union_forward by fast
theorem LP_mltl_language_union_explicit:
fixes φ::"'a mltl_ext" and k::"nat" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes composition: "is_composition_MLTL φ"
assumes D_is: "D = set (LP_mltl φ k)"
assumes trace_length: "length π ≥ wpd_mltl (to_mltl φ)"
shows "semantics_mltl_ext π φ ⟷ (∃ψ∈D. semantics_mltl π ψ)"
proof-
have "D = set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k)))"
using D_is unfolding LP_mltl.simps by blast
let ?D_aux = "LP_mltl_aux (convert_nnf_ext φ) k"
let ?φ_nnf = "convert_nnf_ext φ"
have wpd_decomp: "wpd_mltl ψ ≤ wpd_mltl (to_mltl φ)"
if ψ_in : "ψ ∈ D" for ψ
proof-
obtain x where ψ_is: "ψ = to_mltl (convert_nnf_ext x)"
and x_in: "x ∈ set (LP_mltl_aux (convert_nnf_ext φ) k)"
using ψ_in unfolding D_is LP_mltl.simps by auto
have xphi: "wpd_mltl (to_mltl x) ≤ wpd_mltl (to_mltl φ)"
using LP_mltl_aux_wpd[of "(convert_nnf_ext φ)" x k]
by (metis composition convert_nnf_ext_to_mltl_commute intervals_welldef is_composition_convert_nnf_ext nnf_intervals_welldef wpd_convert_nnf x_in)
have "wpd_mltl (to_mltl x) = wpd_mltl ψ"
unfolding ψ_is using convert_nnf_ext_to_mltl_commute
by (metis wpd_convert_nnf)
then show ?thesis using xphi by auto
qed
have len_biconditional: "⋀π. length π ≥ wpd_mltl (to_mltl φ) ⟹
(semantics_mltl π (to_mltl φ) ⟷ (∃ψ∈D. semantics_mltl π ψ))"
proof-
fix π::"'a set list"
assume *: "length π ≥ wpd_mltl (to_mltl φ)"
let ?thesis = "semantics_mltl π (to_mltl φ) ⟷
(∃ψ∈D. semantics_mltl π ψ)"
have "intervals_welldef (convert_nnf (to_mltl φ))"
using intervals_welldef nnf_intervals_welldef by blast
then have cond1: "intervals_welldef (to_mltl (convert_nnf_ext φ))"
by (simp add: convert_nnf_ext_to_mltl_commute)
have "?φ_nnf = convert_nnf_ext (?φ_nnf)"
using convert_nnf_ext_convert_nnf_ext by blast
then have cond2: "∃φ_init. convert_nnf_ext φ = convert_nnf_ext φ_init"
by blast
have cond3: "wpd_mltl (to_mltl (convert_nnf_ext φ)) ≤ length π"
proof-
have "wpd_mltl (convert_nnf (to_mltl φ)) ≤ length π"
using * by (simp add: wpd_convert_nnf)
then show ?thesis
using convert_nnf_ext_to_mltl_commute by metis
qed
have cond4: "is_composition_MLTL (convert_nnf_ext φ)"
using composition intervals_welldef is_composition_convert_nnf_ext
by blast
have aux_fact: "semantics_mltl_ext π (convert_nnf_ext φ) =
(∃ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k). semantics_mltl_ext π ψ)"
using LP_mltl_aux_language_union[OF cond1 cond2 cond3 cond4] by blast
have forward: "(∃ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k).
semantics_mltl π (to_mltl ψ)) ⟹
(∃ψ∈set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k))).
semantics_mltl π ψ)"
proof-
assume "∃ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k).
semantics_mltl π (to_mltl ψ)"
then obtain ψ where *: "ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k)" and
**: "semantics_mltl π (to_mltl ψ)"
by blast
have in_set: "(to_mltl (convert_nnf_ext ψ)) ∈ set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k)))"
using * by auto
have "intervals_welldef (to_mltl ψ)"
using intervals_welldef *
using LP_mltl_aux_intervals_welldef
using composition by auto
then have "semantics_mltl π (convert_nnf (to_mltl ψ))"
using ** convert_nnf_preserves_semantics[of "to_mltl ψ" π]
by blast
then have semantics: "semantics_mltl π (to_mltl (convert_nnf_ext ψ))"
by (simp add: convert_nnf_ext_to_mltl_commute)
show ?thesis using in_set semantics by blast
qed
have converse: "(∃ψ∈set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k))).
semantics_mltl π ψ) ⟹ (∃ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k).
semantics_mltl π (to_mltl ψ))"
proof-
assume "∃ψ∈set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k))).
semantics_mltl π ψ"
then obtain ψ where *: "ψ∈set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k)))"
and **: "semantics_mltl π ψ"
by blast
obtain ψ_aux where aux_in: "ψ_aux ∈ set (LP_mltl_aux (convert_nnf_ext φ) k)" and
is_aux: "ψ = to_mltl (convert_nnf_ext ψ_aux)"
using "*" D_is LP_mltl_element ‹D = set (map to_mltl (map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k)))› by blast
have semantics: "semantics_mltl π (to_mltl ψ_aux)"
using ** unfolding is_aux
by (metis LP_mltl_aux_intervals_welldef aux_in composition convert_nnf_ext_to_mltl_commute convert_nnf_preserves_semantics intervals_welldef)
show ?thesis using aux_in semantics by blast
qed
have "(∃ψ∈set (LP_mltl_aux (convert_nnf_ext φ) k).
semantics_mltl π (to_mltl ψ)) =
(∃ψ∈set (map to_mltl
(map convert_nnf_ext (LP_mltl_aux (convert_nnf_ext φ) k))).
semantics_mltl π ψ)"
using forward converse by blast
then show ?thesis
unfolding D_is LP_mltl.simps semantics_mltl_ext_def
using aux_fact convert_nnf_ext_to_mltl_commute convert_nnf_preserves_semantics
by (metis intervals_welldef semantics_mltl_ext_def)
qed
show ?thesis
using len_biconditional[of π] assms(4)
unfolding semantics_mltl_ext_def by blast
qed
theorem LP_mltl_language_union:
fixes φ::"'a mltl_ext" and k::"nat"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes composition: "is_composition_MLTL φ"
assumes D_is: "D = set (LP_mltl φ k)"
assumes r: "r = wpd_mltl (to_mltl φ)"
shows "language_mltl_r (to_mltl φ) r
= (⋃ ψ∈D. language_mltl_r ψ r)"
proof-
have "π ∈ language_mltl_r (to_mltl φ) r ⟷
π ∈ (⋃ψ∈D. language_mltl_r ψ r)"
if length: "length π ≥ r" for π
proof-
have equiv: "(∃ψ∈D. semantics_mltl π ψ) ⟷ π ∈ (⋃ψ∈D. language_mltl_r ψ r)"
unfolding language_mltl_r_def using length by blast
have "semantics_mltl_ext π φ = (∃ψ∈D. semantics_mltl π ψ)"
using LP_mltl_language_union_explicit[of φ D k π]
using assms length by blast
then show ?thesis
using equiv length
unfolding language_mltl_r_def semantics_mltl_ext_def by blast
qed
then show ?thesis unfolding language_mltl_r_def
by blast
qed
subsection ‹Disjointedness Theorem›
lemma LP_mltl_language_disjoint_aux_helper:
fixes φ ψ1 ψ2::"'a mltl_ext" and k::"nat" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition_allones: "is_composition_MLTL_allones φ"
assumes tracelen: "length π ≥ wpd_mltl (to_mltl φ)"
assumes D_decomp: "D = set (LP_mltl_aux φ k)"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes sat1: "semantics_mltl_ext π ψ1"
assumes sat2: "semantics_mltl_ext π ψ2"
shows "False"
using assms
proof(induction k arbitrary: D φ ψ1 ψ2 π)
case 0
then show ?case unfolding LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (Suc k)
then show ?case
proof(cases φ)
case True_mltl_ext
then show ?thesis using Suc
unfolding True_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case False_mltl_ext
then show ?thesis using Suc
unfolding False_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (Prop_mltl_ext p)
then show ?thesis using Suc
unfolding Prop_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop Suc
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by blast
then show ?thesis
using Suc unfolding Not_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (And_mltl_ext α β)
let ?Dx = "LP_mltl_aux α k"
let ?Dy = "LP_mltl_aux β k"
obtain x1 y1 where ψ1_is: "ψ1 = And_mltl_ext x1 y1"
and x1_in: "x1 ∈ set ?Dx" and y1_in: "y1 ∈ set ?Dy"
using And_mltl_list_member Suc.prems
by (metis (no_types, lifting) And_mltl_ext LP_mltl_aux.simps(6) convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext in_set_member mltl_ext.inject(3))
obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2_in: "x2 ∈ set ?Dx" and y2_in: "y2 ∈ set ?Dy"
using And_mltl_list_member Suc.prems
by (metis (no_types, lifting) And_mltl_ext LP_mltl_aux.simps(6) convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext in_set_member mltl_ext.inject(3))
have eo: "x1 ≠ x2 ∨ y1 ≠ y2"
using Suc(7) ψ1_is ψ2_is by blast
have αiwd: "intervals_welldef (to_mltl α)" and
βiwd: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding And_mltl_ext by simp_all
have αnnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have βnnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding And_mltl_ext
by (metis convert_nnf_ext.simps(4) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(3))
have αis_comp_allones: "is_composition_MLTL_allones α" and
βis_comp_allones: "is_composition_MLTL_allones β"
using Suc(4) unfolding And_mltl_ext is_composition_MLTL_allones.simps by simp_all
have αis_comp: "is_composition_MLTL α"
using αis_comp_allones allones_implies_is_composition_MLTL
by blast
have βis_comp: "is_composition_MLTL β"
using βis_comp_allones allones_implies_is_composition_MLTL
by blast
have αwpd: "wpd_mltl (to_mltl α) ≤ length π" and
βwpd: "wpd_mltl (to_mltl β) ≤ length π"
using Suc(5) unfolding And_mltl_ext by simp_all
let ?r = "wpd_mltl (to_mltl α)"
{
assume xs_neq: "x1 ≠ x2"
have x1_semantics: "semantics_mltl_ext π x1"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def by simp
have x2_semantics: "semantics_mltl_ext π x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def by simp
have ?thesis
using Suc(1)[OF αiwd αnnf αis_comp_allones αwpd, of "set ?Dx" x1 x2]
using αwpd xs_neq x1_in x2_in x1_semantics x2_semantics by blast
} moreover {
assume ys_neq: "y1 ≠ y2"
have y1_semantics: "semantics_mltl_ext π y1"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def by simp
have y2_semantics: "semantics_mltl_ext π y2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def by simp
have ?thesis
using Suc(1)[OF βiwd βnnf βis_comp_allones βwpd, of "set ?Dy" y1 y2]
using βwpd ys_neq y1_in y2_in y1_semantics y2_semantics by blast
}
ultimately show ?thesis
using eo by argo
next
case (Or_mltl_ext α β)
let ?Dx = "LP_mltl_aux (convert_nnf_ext α) k"
let ?Dy = "LP_mltl_aux (convert_nnf_ext β) k"
have D_is: "D = set ( And_mltl_list ?Dx ?Dy @
And_mltl_list [Not⇩c α] ?Dy @
And_mltl_list ?Dx [Not⇩c β])"
using Suc(6) unfolding Or_mltl_ext LP_mltl_aux.simps
by metis
then have ψ1_eo: "List.member (And_mltl_list ?Dx ?Dy) ψ1 ∨
List.member (And_mltl_list [Not⇩c α] ?Dy) ψ1 ∨
List.member (And_mltl_list ?Dx [Not⇩c β]) ψ1"
using Suc(7) by (simp add: member_def)
have ψ2_eo: "List.member (And_mltl_list ?Dx ?Dy) ψ2 ∨
List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2 ∨
List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
using D_is Suc(7) by (simp add: member_def)
have α_iwd: "intervals_welldef (to_mltl α)"
using Suc(2) unfolding Or_mltl_ext by simp
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_is_comp: "is_composition_MLTL_allones α"
using Suc(4) unfolding Or_mltl_ext by simp
have α_wpd: "wpd_mltl (to_mltl α) ≤ length π"
using Suc(5) unfolding Or_mltl_ext by simp
have α_conv_same: "set (LP_mltl_aux (convert_nnf_ext α) k) = set (LP_mltl_aux α k)"
by (metis α_nnf convert_nnf_ext_convert_nnf_ext)
have β_iwd: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding Or_mltl_ext
by simp
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_is_comp: "is_composition_MLTL_allones β"
using Suc(4) unfolding Or_mltl_ext
by simp
have β_wpd: "wpd_mltl (to_mltl β) ≤ length π"
using Suc(5) unfolding Or_mltl_ext by simp
have β_conv_same: "set (LP_mltl_aux (convert_nnf_ext β) k) = set (LP_mltl_aux β k)"
by (metis β_nnf convert_nnf_ext_convert_nnf_ext)
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ1 "
then obtain x1 y1 where ψ1_is: "ψ1 = And_mltl_ext x1 y1"
and x1y1: "(x1 ∈ set ?Dx ∧ y1 ∈ set ?Dy) "
using And_mltl_list_member
by (metis in_set_member)
have x1_semantics: "semantics_mltl_ext π x1" and
y1_semantics: "semantics_mltl_ext π y1"
using Suc(8) unfolding semantics_mltl_ext_def ψ1_is by simp_all
have α_semantics: "semantics_mltl_ext π α" using LP_mltl_aux_language_union_converse
by (metis α_wpd α_is_comp α_iwd α_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x1_semantics x1y1)
have β_semantics: "semantics_mltl_ext π β" using LP_mltl_aux_language_union_converse
by (metis β_wpd β_is_comp β_iwd β_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x1y1 y1_semantics)
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2 "
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 ∈ set ?Dy) "
using And_mltl_list_member
by (metis in_set_member)
have x2_semantics: "semantics_mltl_ext π x2" and
y2_semantics: "semantics_mltl_ext π y2"
using Suc(9) unfolding semantics_mltl_ext_def ψ2_is by simp_all
have xs_ys_eo: "x1 ≠ x2 ∨ y1 ≠ y2"
using x1y1 x2y2 Suc(7) ψ1_is ψ2_is by blast
have xs_neq: "x1 ≠ x2 ⟹ False"
using Suc(1)[OF α_iwd α_nnf α_is_comp α_wpd α_conv_same, of x1 x2]
using x1y1 x2y2 x1_semantics x2_semantics by blast
have ys_neq: "y1 ≠ y2 ⟹ False"
using Suc(1)[OF β_iwd β_nnf β_is_comp β_wpd β_conv_same, of y1 y2]
using x1y1 x2y2 y1_semantics y2_semantics by blast
have ?thesis
using xs_neq ys_neq xs_ys_eo by blast
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 = Not⇩c α ∧ y2 ∈ set ?Dy)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have x2_is: "x2 = Not⇩c α"
using x2y2 by auto
have x2_semantics: "semantics_mltl_ext π x2" and
y2_semantics: "semantics_mltl_ext π y2"
using Suc(9) unfolding semantics_mltl_ext_def ψ2_is by simp_all
have xs_ys_eo: "x1 ≠ x2 ∨ y1 ≠ y2"
using x1y1 x2y2 Suc(7) ψ1_is ψ2_is by blast
have ?thesis
using α_semantics x2_semantics unfolding x2_is semantics_mltl_ext_def
by simp
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 = Not⇩c β)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have y2_is: "y2 = Not⇩c β"
using x2y2 by auto
have x2_semantics: "semantics_mltl_ext π x2" and
y2_semantics: "semantics_mltl_ext π y2"
using Suc(9) unfolding semantics_mltl_ext_def ψ2_is by simp_all
have xs_ys_eo: "x1 ≠ x2 ∨ y1 ≠ y2"
using x1y1 x2y2 Suc(7) ψ1_is ψ2_is by blast
have ?thesis
using β_semantics y2_semantics unfolding y2_is semantics_mltl_ext_def
by simp
}
ultimately have ?thesis
using ψ2_eo by argo
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ1"
then obtain x1 y1 where ψ1_is: "ψ1 = And_mltl_ext x1 y1"
and x1y1: "(x1 = Not⇩c α ∧ y1 ∈ set ?Dy)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have x1_semantics: "semantics_mltl_ext π x1" and
y1_semantics: "semantics_mltl_ext π y1"
using Suc(8) unfolding semantics_mltl_ext_def ψ1_is by simp_all
have x1_is: "x1 = Not⇩c α"
using x1y1 by auto
have not_α_semantics: "¬semantics_mltl_ext π α"
using x1y1 x1_semantics unfolding semantics_mltl_ext_def by auto
have β_semantics: "semantics_mltl_ext π β" using LP_mltl_aux_language_union_converse
by (metis β_wpd β_is_comp β_iwd β_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x1y1 y1_semantics)
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2 "
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 ∈ set ?Dy) "
using And_mltl_list_member
by (metis in_set_member)
have x1_semantics: "semantics_mltl_ext π x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by simp
have "semantics_mltl_ext π α"
using LP_mltl_aux_language_union_converse
by (metis α_wpd α_is_comp α_iwd α_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x1_semantics x2y2)
then have ?thesis using not_α_semantics by blast
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 = Not⇩c α ∧ y2 ∈ set ?Dy)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have y2_semantics: "semantics_mltl_ext π y2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by simp
have ys_neq: "y1 ≠ y2"
using x1y1 x2y2 Suc(7) ψ1_is ψ2_is by blast
then have ?thesis
using Suc(1)
using β_wpd β_conv_same β_is_comp β_iwd β_nnf x1y1 x2y2 y1_semantics y2_semantics by blast
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 = Not⇩c β)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by simp
have ?thesis
by (metis LP_mltl_aux_language_union_converse α_wpd α_is_comp α_iwd α_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext not_α_semantics x2_semantics x2y2)
}
ultimately have ?thesis
using ψ2_eo by argo
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ1"
then obtain x1 y1 where ψ1_is: "ψ1 = And_mltl_ext x1 y1"
and x1y1: "(x1 ∈ set ?Dx ∧ y1 = Not⇩c β)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have x1_semantics: "semantics_mltl_ext π x1" and
y1_semantics: "semantics_mltl_ext π y1"
using Suc(8) unfolding semantics_mltl_ext_def ψ1_is by simp_all
have x1_is: "y1 = Not⇩c β"
using x1y1 by auto
have not_β_semantics: "¬semantics_mltl_ext π β"
using x1y1 y1_semantics unfolding semantics_mltl_ext_def by auto
have α_semantics: "semantics_mltl_ext π α" using LP_mltl_aux_language_union_converse
by (metis α_wpd α_is_comp α_iwd α_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x1_semantics x1y1)
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 ∈ set ?Dy) "
using And_mltl_list_member
by (metis in_set_member)
have "semantics_mltl_ext π y2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by auto
then have β_semantics: "semantics_mltl_ext π β"
using LP_mltl_aux_language_union_converse
by (metis β_wpd β_is_comp β_iwd β_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x2y2)
then have ?thesis
by (simp add: not_β_semantics)
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 = Not⇩c α ∧ y2 ∈ set ?Dy)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have "semantics_mltl_ext π y2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by auto
then have β_semantics: "semantics_mltl_ext π β"
using LP_mltl_aux_language_union_converse
by (metis β_wpd β_is_comp β_iwd β_nnf allones_implies_is_composition_MLTL convert_nnf_ext_convert_nnf_ext x2y2)
then have ?thesis
by (simp add: not_β_semantics)
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then obtain x2 y2 where ψ2_is: "ψ2 = And_mltl_ext x2 y2"
and x2y2: "(x2 ∈ set ?Dx ∧ y2 = Not⇩c β)"
using And_mltl_list_member
by (metis member_def member_rec(1) member_rec(2))
have "semantics_mltl_ext π x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps by auto
then have ?thesis
using Suc.IH Suc.prems(6) α_wpd α_conv_same α_is_comp α_iwd α_nnf ψ1_is ψ2_is x1_semantics x1y1 x2y2 by blast
}
ultimately have ?thesis
using ψ2_eo by argo
}
ultimately show ?thesis
using ψ1_eo by argo
next
case (Future_mltl_ext a b L α)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)"
using Suc(2) unfolding intervals_welldef.simps Future_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition_allones: "is_composition_MLTL_allones α" and
L_composition_allones: "is_composition_allones (b-a+1) L"
using Future_mltl_ext Suc.prems(3) by simp_all
have α_composition: "is_composition_MLTL α"
using Future_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL by auto
have L_composition: "is_composition (b-a+1) L"
using Future_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL is_composition_MLTL.simps(5) by blast
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using Suc(5) unfolding Future_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have length_L_allones: "length L = b-a+1"
using L_composition_allones
by (simp add: length_is_composition_allones)
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
let ?front = "set (Future_mltl_list ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have D_is: "D = ?front ∪ ?back"
using Suc(6) unfolding Future_mltl_ext LP_mltl_aux.simps to_mltl.simps
using α_convert list_concat_set_union by metis
have s1: "?s!1 = a+1"
using interval_times_allones[OF a_leq_b L_composition_allones] length_s length_L
by force
have dropa_wpd: "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by simp
{
assume *: "ψ1 ∈ ?front"
obtain x1 where ψ1_is: "ψ1 = Future_mltl_ext a a [1] x1"
and x1_in: "x1 ∈ set ?D"
using * unfolding sfirst s1 Future_mltl_list.simps by auto
have x1_semantics: "semantics_mltl_ext (drop a π) x1"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have α_semantics: "semantics_mltl_ext (drop a π) α"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition dropa_wpd, of ?D k]
using x1_semantics x1_in by blast
{
assume **: "ψ2 ∈ ?front"
obtain x2 where ψ2_is: "ψ2 = Future_mltl_ext a a [1] x2"
and x2_in: "x2 ∈ set ?D"
using ** unfolding sfirst s1 Future_mltl_list.simps by auto
have x2_semantics: "semantics_mltl_ext (drop a π) x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have xs_neq: "x1 ≠ x2"
using Suc(7) unfolding ψ1_is ψ2_is by blast
have ?thesis using dropa_wpd
using Suc(1)[OF α_welldef α_nnf α_composition_allones, of "drop a π" "set ?D" x1 x2]
using xs_neq x1_in x2_in x1_semantics x2_semantics by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i where ψ2_is: "ψ2 ∈ set ((And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i])))"
and i_bound: "1 ≤ i ∧ i < length L"
by force
have si: "?s!i = a+i"
using interval_times_allones
using L_composition_allones a_leq_b i_bound length_s by auto
have si1: "?s!(i+1) = a+i+1"
using interval_times_allones
using L_composition_allones a_leq_b i_bound length_s by auto
obtain x2 where ψ2_is: "ψ2 = And_mltl_ext (Global_mltl_ext a (a+i-1) [i] (Not⇩c α))
(Future_mltl_ext (a+i) (a+i) [1] x2)"
and x2_in: "x2 ∈ set ?D"
using ψ2_is si si1 sfirst by auto
then have ?thesis using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i_bound α_wpd
by (metis α_semantics wpd_geq_one drop_eq_Nil2 dropa_wpd eq_imp_le le_neq_implies_less length_0_conv less_nat_zero_code not_one_le_zero semantics_mltl_ext_def)
}
ultimately have ?thesis
using Suc(7) D_is by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 where ψ1_is: "ψ1 ∈ set ((And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i1 - 1) [?s!i1 - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i1) (?s ! (i1 + 1) - 1) [?s ! (i1 + 1) - ?s ! i1])))"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
by force
have si1: "?s!i1 = a+i1"
using interval_times_allones
using L_composition_allones a_leq_b i1_bound length_s by auto
have si'1: "?s!(i1+1) = a+i1+1"
using interval_times_allones
using L_composition_allones a_leq_b i1_bound length_s by auto
obtain x1 where ψ1_is: "ψ1 = And_mltl_ext (Global_mltl_ext a (a+i1-1) [?s!i1 - ?s!0] (Not⇩c α))
(Future_mltl_ext (a+i1) (a+i1) [1] x1)"
and x1_in: "x1 ∈ set ?D"
using ψ1_is si1 si'1 sfirst by auto
have not_α_semantics: "¬semantics_mltl_ext (drop a π) α"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
{
assume **: "ψ2 ∈ ?front"
obtain x2 where ψ2_is: "ψ2 = Future_mltl_ext a a [1] x2"
and x2_in: "x2 ∈ set ?D"
using ** unfolding sfirst s1 Future_mltl_list.simps by auto
have x2_semantics: "semantics_mltl_ext (drop a π) x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have α_semantics: "semantics_mltl_ext (drop a π) α"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition dropa_wpd, of ?D k]
using x2_semantics x2_in by blast
then have ?thesis using not_α_semantics by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2_is: "ψ2 ∈ set ((And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i2 - 1) [?s!i2 - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i2) (?s ! (i2 + 1) - 1) [?s ! (i2 + 1) - ?s ! i2])))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
have si2: "?s!i2 = a+i2"
using interval_times_allones
using L_composition_allones a_leq_b i2_bound length_s by auto
have si'2: "?s!(i2+1) = a+i2+1"
using interval_times_allones
using L_composition_allones a_leq_b i2_bound length_s by auto
obtain x2 where ψ2_is: "ψ2 = And_mltl_ext (Global_mltl_ext a (a+i2-1) [?s!i2 - ?s!0] (Not⇩c α))
(Future_mltl_ext (a+i2) (a+i2) [1] x2)"
and x2_in: "x2 ∈ set ?D"
using ψ2_is si2 si'2 sfirst by auto
have x1_semantics: "semantics_mltl_ext (drop (a+i1) π) x1"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i1_bound α_wpd by auto
have "wpd_mltl (to_mltl α) ≤ length (drop (a + i1) π)"
using i1_bound unfolding length_L_allones
using a_leq_b α_wpd by auto
then have α_semantics: "semantics_mltl_ext (drop (a+i1) π) α"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a+i1) π" ?D k]
using x1_semantics x1_in by blast
have x2_semantics: "semantics_mltl_ext (drop (a+i2) π) x2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i2_bound α_wpd by auto
have "wpd_mltl (to_mltl α) ≤ length (drop (a + i2) π)"
using i2_bound unfolding length_L_allones
using a_leq_b α_wpd by auto
then have α_semantics2: "semantics_mltl_ext (drop (a+i2) π) α"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a+i2) π" ?D k]
using x2_semantics x2_in by blast
{
assume i1_eq_i2: "i1 = i2"
have wpd: "wpd_mltl (to_mltl α) ≤ length (drop (a + i1) π)"
using i1_bound α_wpd a_leq_b unfolding length_L_allones by auto
have "x1 ≠ x2"
using i1_eq_i2 ψ1_is ψ2_is Suc(7) by blast
then have ?thesis
using Suc(1)[OF α_welldef α_nnf α_composition_allones, of "drop (a+i1) π" "set ?D" x1 x2]
using x1_in x1_semantics x2_in x2_semantics wpd i1_eq_i2 by blast
} moreover {
assume i1_le_i2: "i1 < i2"
then have "a ≤ a+i1 ∧ a+i1 ≤ a + i2 - 1"
by simp
then have x1_semantics: "¬semantics_mltl_ext (drop (a+i1) π) α"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i2_bound α_wpd a_leq_b by auto
then have ?thesis using α_semantics by blast
} moreover {
assume i1_ge_i2: "i1 > i2"
then have "a ≤ a+i2 ∧ a+i2 ≤ a + i1 - 1"
by simp
then have x2_semantics: "¬semantics_mltl_ext (drop (a+i2) π) α"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i1_bound α_wpd a_leq_b by auto
then have ?thesis using α_semantics2 by blast
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis
using Suc(7) D_is by blast
}
ultimately show ?thesis
using Suc(7) D_is by blast
next
case (Global_mltl_ext a b L α)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)"
using Suc(2) unfolding intervals_welldef.simps Global_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition_allones: "is_composition_MLTL_allones α"
using Global_mltl_ext Suc.prems(3) by simp_all
have α_composition: "is_composition_MLTL α"
using Global_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL by auto
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using Suc(5) unfolding Global_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?D = "LP_mltl_aux α k"
{
assume *: "length ?D ≤ 1"
then have D_is: "D = {Global_mltl_ext a b L α}"
using Suc(6) unfolding Global_mltl_ext LP_mltl_aux.simps
using α_convert by auto
then have ?thesis
using Suc(7) by blast
} moreover {
assume *: "length ?D > 1"
then have D_is: "D = set (Global_mltl_decomp ?D a (b - a) L)"
using Suc(6) unfolding Global_mltl_ext LP_mltl_aux.simps
using α_convert by auto
obtain X1 where ψ1_is: "ψ1 = Ands_mltl_ext X1"
and X1_fact: "∀i<length X1. ∃y∈set (LP_mltl_aux α k).
X1 ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and length_X1: "length X1 = Suc (b - a)"
using in_Global_mltl_decomp_exact_forward[OF *]
using Suc(7) D_is by blast
obtain X2 where ψ2_is: "ψ2 = Ands_mltl_ext X2"
and X2_fact: "∀i<length X2. ∃y∈set (LP_mltl_aux α k).
X2 ! i = Global_mltl_ext (a + i) (a + i) [1] y"
and length_X2: "length X2 = Suc (b - a)"
using in_Global_mltl_decomp_exact_forward[OF *]
using Suc(7) D_is by blast
have X1_neq_X2: "X1 ≠ X2"
using Suc(7) ψ1_is ψ2_is by blast
then have "∃i < b-a+1. X1!i ≠ X2!i"
using length_X1 length_X2
by (metis add.commute nth_equalityI plus_1_eq_Suc)
then obtain i where i_bound: "i < b-a+1"
and X1i_neq_X2i: "X1!i ≠ X2!i" by blast
obtain y1 where X1i_is: "X1!i = Global_mltl_ext (a + i) (a + i) [1] y1"
and y1_in: "y1 ∈ set ?D"
using X1_fact i_bound length_X1 by auto
obtain y2 where X2i_is: "X2!i = Global_mltl_ext (a + i) (a + i) [1] y2"
and y2_in: "y2 ∈ set ?D"
using X2_fact i_bound length_X2 by auto
have y1_neq_y2: "y1 ≠ y2"
using X1i_is X2i_is X1i_neq_X2i by simp
have "semantics_mltl_ext π (X1!i)"
using Ands_mltl_semantics[of X1 π] Suc(8) unfolding ψ1_is
by (metis Suc_eq_plus1 i_bound le_add2 length_X1 nth_mem)
then have y1_semantics: "semantics_mltl_ext (drop (a+i) π) y1"
unfolding X1i_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i_bound α_wpd a_leq_b
by (metis Nat.add_diff_assoc Nat.le_diff_conv2 add_leD1 wpd_geq_one diff_add_inverse diff_add_inverse2 less_eq_iff_succ_less not_add_less1 order_refl)
have "semantics_mltl_ext π (X2!i)"
using Ands_mltl_semantics[of X2 π] Suc(9) unfolding ψ2_is
by (metis Suc_eq_plus1 i_bound le_add2 length_X2 nth_mem)
then have y2_semantics: "semantics_mltl_ext (drop (a+i) π) y2"
unfolding X2i_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i_bound α_wpd a_leq_b
by (metis Nat.add_diff_assoc Nat.le_diff_conv2 add_leD1 wpd_geq_one diff_add_inverse diff_add_inverse2 less_eq_iff_succ_less not_add_less1 order_refl)
have wpd: "wpd_mltl (to_mltl α) ≤ length (drop (a+i) π)"
using α_wpd i_bound a_leq_b by auto
have ?thesis
using Suc(1)[OF α_welldef α_nnf α_composition_allones wpd, of "set ?D" y1 y2]
using y1_in y2_in y1_semantics y2_semantics y1_neq_y2 by simp
}
ultimately show ?thesis by linarith
next
case (Until_mltl_ext α a b L β)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding intervals_welldef.simps Until_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition_allones: "is_composition_MLTL_allones α" and
β_composition_allones: "is_composition_MLTL_allones β" and
L_composition_allones: "is_composition_allones (b-a+1) L"
using Until_mltl_ext Suc.prems(3) by simp_all
have α_composition: "is_composition_MLTL α"
using Until_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL by auto
have β_composition: "is_composition_MLTL β"
using Until_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL is_composition_MLTL.simps(5)
by force
have L_composition: "is_composition (b-a+1) L"
using L_composition_allones allones_implies_is_composition by auto
have α_wpd: "b + wpd_mltl (to_mltl α)-1 ≤ length π" and
β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using Suc(5) unfolding Until_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?D = "LP_mltl_aux β k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have length_L_allones: "length L = b-a+1"
using L_composition_allones
by (simp add: length_is_composition_allones)
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition]
by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
have s1: "?s ! 1 = a+1"
using interval_times_allones
by (metis L_composition_allones a_leq_b length_L length_s less_eq_iff_succ_less)
let ?front = "set (Until_mltl_list α ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i])) [1..<length L]))"
have split: "D = ?front ∪ ?back"
using Suc(6) unfolding Until_mltl_ext LP_mltl_aux.simps
using α_convert β_convert list_concat_set_union
by metis
{
assume *: "ψ1 ∈ ?front"
then obtain x1 where ψ1_is: "ψ1 = Until_mltl_ext α a a [1] x1"
and x1_in: "x1 ∈ set ?D"
unfolding sfirst s1 by auto
have x1_semantics: "semantics_mltl (drop a π) (to_mltl x1)"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have wpd_dropa: "wpd_mltl (to_mltl β) ≤ length (drop a π)"
using β_wpd a_leq_b by simp
then have β_semantics: "semantics_mltl_ext (drop a π) β"
unfolding semantics_mltl_ext_def
using LP_mltl_aux_language_union_converse[OF β_welldef β_nnf β_composition, of "drop a π" ?D k]
using x1_semantics x1_in unfolding semantics_mltl_ext_def by blast
{
assume **: "ψ2 ∈ ?front"
then obtain x2 where ψ2_is: "ψ2 = Until_mltl_ext α a a [1] x2"
and x2_in: "x2 ∈ set ?D"
unfolding sfirst s1 by auto
have x2_semantics: "semantics_mltl (drop a π) (to_mltl x2)"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have x1_neq_x2: "x1 ≠ x2"
using Suc(7) ψ1_is ψ2_is by simp
have ?thesis
using Suc(1)[OF β_welldef β_nnf β_composition_allones, of "drop a π" "set ?D" x1 x2]
using x1_semantics x1_in x2_semantics x2_in x1_neq_x2
using semantics_mltl_ext_def wpd_dropa by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i y2 where
ψ2_is: "ψ2 = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i-1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i) (?s!(i+1)-1) [(?s!(i+1)) - (?s!i)] y2)"
and i_bound: "1 ≤ i ∧ i < length L"
and y2_in: "y2 ∈ set ?D"
by auto
have p: "¬semantics_mltl_ext (drop a π) β"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using i_bound length_L_allones
by (metis wpd_dropa wpd_geq_one drop_all eq_imp_le le_neq_implies_less length_0_conv less_nat_zero_code not_one_le_zero sfirst)
have ?thesis using β_semantics p
by metis
}
ultimately have ?thesis using Suc(7) split by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 y1 where
ψ1_is: "ψ1 = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i1-1) [?s!i1 - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i1) (?s!(i1+1)-1) [(?s!(i1+1)) - (?s!i1)] y1)"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
and y1_in: "y1 ∈ set ?D"
by auto
have si1: "?s!i1 = a + i1"
using interval_times_allones
using L_composition_allones a_leq_b i1_bound length_s by auto
have si1': "?s!(i1+1) = a+i1+1"
using interval_times_allones
using L_composition_allones a_leq_b i1_bound length_s by auto
have ψ1_is: "ψ1 = And_mltl_ext (Global_mltl_ext a (a+i1-1) [i1] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (a+i1) (a+i1) [1] y1)"
using si1 si1' sfirst ψ1_is by auto
have y1_semantics: "semantics_mltl_ext (drop (a+i1) π) y1"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have "wpd_mltl (to_mltl β) ≤ length (drop (a + i1) π)"
using β_wpd i1_bound length_L_allones by auto
then have β_semantics1: "semantics_mltl_ext (drop (a+i1) π) β"
using LP_mltl_aux_language_union_converse[OF β_welldef β_nnf β_composition, of "drop (a+i1) π" ?D k]
using y1_semantics y1_in by blast
{
assume **: "ψ2 ∈ ?front"
then obtain x2 where ψ2_is: "ψ2 = Until_mltl_ext α a a [1] x2"
and x2_in: "x2 ∈ set ?D"
unfolding sfirst s1 by auto
have x2_semantics: "semantics_mltl (drop a π) (to_mltl x2)"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have "wpd_mltl (to_mltl β) ≤ length (drop a π)"
using β_wpd a_leq_b by auto
then have β_semantics2: "semantics_mltl (drop a π) (to_mltl β)"
using LP_mltl_aux_language_union_converse[OF β_welldef β_nnf β_composition, of "drop a π" ?D k]
using x2_semantics x2_in unfolding semantics_mltl_ext_def
by blast
then have ?thesis
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 y2 where
ψ2_is: "ψ2 = And_mltl_ext (Global_mltl_ext (?s!0) (?s!i2-1) [?s!i2 - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s!i2) (?s!(i2+1)-1) [(?s!(i2+1)) - (?s!i2)] y2)"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
and y2_in: "y2 ∈ set ?D"
by auto
have si2: "?s!i2 = a + i2"
using interval_times_allones
using L_composition_allones a_leq_b i2_bound length_s by auto
have si2': "?s!(i2+1) = a+i2+1"
using interval_times_allones
using L_composition_allones a_leq_b i2_bound length_s by auto
have ψ2_is: "ψ2 = And_mltl_ext (Global_mltl_ext a (a+i2-1) [i2] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (a+i2) (a+i2) [1] y2)"
using si2 si2' sfirst ψ2_is by auto
have y2_semantics: "semantics_mltl_ext (drop (a+i2) π) y2"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
have wpd_dropi2: "wpd_mltl (to_mltl β) ≤ length (drop (a + i2) π)"
using β_wpd i2_bound length_L_allones by auto
then have β_semantics2: "semantics_mltl_ext (drop (a+i2) π) β"
using LP_mltl_aux_language_union_converse[OF β_welldef β_nnf β_composition, of "drop (a+i2) π" ?D k]
using y2_semantics y2_in by blast
{
assume i1_eq_i2: "i1 = i2"
then have y1_neq_y2: "y1 ≠ y2"
using ψ1_is ψ2_is Suc(7) by blast
then have ?thesis
using Suc(1)[OF β_welldef β_nnf β_composition_allones, of "drop (a+i1) π" "set ?D" y1 y2]
using wpd_dropi2 i1_eq_i2 y1_semantics y1_in y2_semantics y2_in
by blast
} moreover {
assume i1_le_i2: "i1 < i2"
then have "¬semantics_mltl_ext (drop (a + i1) π) β"
using Suc(9) unfolding ψ2_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using add.assoc add_le_imp_le_diff by force
then have ?thesis
using β_semantics1 by blast
} moreover {
assume i1_ge_i2: "i1 > i2"
then have "¬semantics_mltl_ext (drop (a + i2) π) β"
using Suc(8) unfolding ψ1_is semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using add.assoc add_le_imp_le_diff by force
then have ?thesis
using β_semantics2 by blast
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis
using split Suc(7) by blast
}
ultimately show ?thesis
using split Suc(7) by blast
next
case (Release_mltl_ext α a b L β)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using Suc(2) unfolding intervals_welldef.simps Release_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using Suc(3) unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition_allones: "is_composition_MLTL_allones α" and
β_composition_allones: "is_composition_MLTL_allones β" and
L_composition_allones: "is_composition_allones (b-a+1) L"
using Release_mltl_ext Suc.prems(3) by simp_all
have α_composition: "is_composition_MLTL α"
using Release_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL by auto
have β_composition: "is_composition_MLTL β"
using Release_mltl_ext Suc.prems(3) allones_implies_is_composition_MLTL is_composition_MLTL.simps(5)
by force
have L_composition: "is_composition (b-a+1) L"
using L_composition_allones allones_implies_is_composition by auto
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π" and
β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using Suc(5) unfolding Release_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?D = "LP_mltl_aux α k"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have length_L_allones: "length L = b-a+1"
using L_composition_allones
by (simp add: length_is_composition_allones)
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition]
by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
have length_L: "length L = b-a+1"
using length_is_composition_allones[OF L_composition_allones]
by blast
have s1: "?s ! 1 = a+1"
using interval_times_allones
using L_composition L_composition_allones a_leq_b add_gr_0 composition_length_lb length_s by auto
have length_π_ge_b: "length π > b"
using α_wpd wpd_geq_one
by (metis One_nat_def Suc_n_not_le_n add_diff_cancel_left' add_leD1 diff_is_0_eq' le_neq_implies_less)
let ?front = "set [Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)]"
let ?middle = "set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0])"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
have D_is: "D = ?front ∪ ?middle ∪ ?back"
using Suc(6) unfolding Release_mltl_ext LP_mltl_aux.simps
using α_convert list_concat_set_union
by (metis append_assoc)
{
assume *: "ψ1 ∈ ?front"
then have ψ1: "ψ1 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
{
assume **: "ψ2 ∈ ?front"
have ?thesis using * ** Suc(7) by auto
} moreover {
assume **: "ψ2 ∈ ?middle"
then obtain x where ψ2: "ψ2 = Mighty_Release_mltl_ext x β
a (?s ! 1 - 1) [?s ! 1 - a]"
and x_in: "x ∈ set ?D"
using sfirst by auto
have ψ2: "ψ2 = Mighty_Release_mltl_ext x β a a [1]"
using s1 ψ2 by simp
have x_semantics: "semantics_mltl (drop a π) (to_mltl x)"
using Suc(9) unfolding ψ1 ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by auto
then have "semantics_mltl (drop a π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop a π" ?D k]
using x_semantics x_in unfolding semantics_mltl_ext_def by blast
then have ?thesis
using Suc(8) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
using length_π_ge_b by auto
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2_in: "ψ2 ∈ set (And_mltl_list
[Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list (LP_mltl_aux α k) β
(interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) -
interval_times a L ! i2]))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
have si2: "?s!i2 = a+i2"
using interval_times_allones[OF a_leq_b L_composition_allones, of i2]
using i2_bound length_L length_s by auto
have si2': "?s!(i2+1) = a+i2+1"
using interval_times_allones[OF a_leq_b L_composition_allones, of "i2+1"]
using i2_bound length_L length_s by auto
obtain x2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext a (a + i2 - 1) [i2] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x2 β (a+ i2) (a+ i2) [1])"
and x2_in: "x2 ∈ set ?D"
using ψ2_in sfirst si2 si2' by auto
have x2_semantics: "semantics_mltl (drop (a + i2) π) (to_mltl x2)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have "wpd_mltl (to_mltl α) ≤ length (drop (a + i2) π)"
using α_wpd a_leq_b i2_bound length_L by auto
then have "semantics_mltl (drop (a + i2) π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a + i2) π" ?D k]
using x2_semantics x2_in unfolding semantics_mltl_ext_def by blast
then have ?thesis
using Suc(8) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
using length_π_ge_b i2_bound length_L by auto
}
ultimately have ?thesis using Suc(7) D_is by blast
} moreover {
assume *: "ψ1 ∈ ?middle"
then obtain x1 where ψ1: "ψ1 = Mighty_Release_mltl_ext x1 β
a (?s ! 1 - 1) [?s ! 1 - a]"
and x1_in: "x1 ∈ set ?D"
using sfirst by auto
have ψ1: "ψ1 = Mighty_Release_mltl_ext x1 β a a [1]"
using s1 ψ1 by simp
have x1_semantics: "semantics_mltl (drop a π) (to_mltl x1)"
using Suc(8) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by auto
then have α_semantics: "semantics_mltl (drop a π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop a π" ?D k]
using x1_semantics x1_in unfolding semantics_mltl_ext_def by blast
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have ?thesis
using α_semantics using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using a_leq_b length_π_ge_b by simp
} moreover {
assume **: "ψ2 ∈ ?middle"
then obtain x2 where ψ2: "ψ2 = Mighty_Release_mltl_ext x2 β
a (?s ! 1 - 1) [?s ! 1 - a]"
and x2_in: "x2 ∈ set ?D"
using sfirst by auto
have ψ2: "ψ2 = Mighty_Release_mltl_ext x2 β a a [1]"
using s1 ψ2 by simp
have x2_semantics: "semantics_mltl (drop a π) (to_mltl x2)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have x1_neq_x2: "x1 ≠ x2"
using Suc(7) ψ1 ψ2 by blast
have "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by simp
then have ?thesis
using Suc(1)[OF α_welldef α_nnf α_composition_allones, of "drop a π" "set ?D" x1 x2]
using x1_neq_x2 x1_semantics x2_semantics x1_in x2_in
unfolding semantics_mltl_ext_def by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2_in: "ψ2 ∈ set (And_mltl_list
[Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list (LP_mltl_aux α k) β
(interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) -
interval_times a L ! i2]))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
have si2: "?s!i2 = a+i2"
using interval_times_allones[OF a_leq_b L_composition_allones, of i2]
using i2_bound length_L length_s by auto
have si2': "?s!(i2+1) = a+i2+1"
using interval_times_allones[OF a_leq_b L_composition_allones, of "i2+1"]
using i2_bound length_L length_s by auto
obtain x2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext a (a + i2 - 1) [i2] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x2 β (a+ i2) (a+ i2) [1])"
and x2_in: "x2 ∈ set ?D"
using ψ2_in sfirst si2 si2' by auto
have x2_semantics: "semantics_mltl (drop (a + i2) π) (to_mltl x2)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have "wpd_mltl (to_mltl α) ≤ length (drop (a + i2) π)"
using α_wpd a_leq_b i2_bound length_L by auto
then have "semantics_mltl (drop (a + i2) π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a + i2) π" ?D k]
using x2_semantics x2_in unfolding semantics_mltl_ext_def by blast
have ?thesis using α_semantics
using Suc(9) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by auto
}
ultimately have ?thesis using Suc(7) D_is by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 where ψ1_in: "ψ1 ∈ set (And_mltl_list
[Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i1 - 1) [?s!i1 - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list (LP_mltl_aux α k) β
(interval_times a L ! i1)
(interval_times a L ! (i1 + 1) - 1)
[interval_times a L ! (i1 + 1) -
interval_times a L ! i1]))"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
by force
have si1: "?s!i1 = a+i1"
using interval_times_allones[OF a_leq_b L_composition_allones, of i1]
using i1_bound length_L length_s by auto
have si1': "?s!(i1+1) = a+i1+1"
using interval_times_allones[OF a_leq_b L_composition_allones, of "i1+1"]
using i1_bound length_L length_s by auto
obtain x1 where ψ1: "ψ1 = And_mltl_ext
(Global_mltl_ext a (a + i1 - 1) [i1] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x1 β (a+ i1) (a+ i1) [1])"
and x1_in: "x1 ∈ set ?D"
using ψ1_in sfirst si1 si1' by auto
have x1_semantics: "semantics_mltl (drop (a + i1) π) (to_mltl x1)"
using Suc(8) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have complen1: "wpd_mltl (to_mltl α) ≤ length (drop (a + i1) π)"
using α_wpd a_leq_b i1_bound length_L by auto
then have α_semantics1: "semantics_mltl (drop (a + i1) π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a + i1) π" ?D k]
using x1_semantics x1_in unfolding semantics_mltl_ext_def by blast
{
assume *: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have ?thesis
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
using length_π_ge_b i1_bound length_L
by (smt (verit, best) ‹semantics_mltl (drop (a + i1) π) (to_mltl α)› diff_add_inverse diff_le_mono le_antisym le_trans less_eq_iff_succ_less less_irrefl_nat less_or_eq_imp_le nat_le_iff_add nat_le_linear)
} moreover {
assume *: "ψ2 ∈ ?middle"
then obtain x2 where ψ2: "ψ2 = Mighty_Release_mltl_ext x2 β
a (?s ! 1 - 1) [?s ! 1 - a]"
and x2_in: "x2 ∈ set ?D"
using sfirst by auto
have ψ2: "ψ2 = Mighty_Release_mltl_ext x2 β a a [1]"
using s1 ψ2 by simp
have x2_semantics: "semantics_mltl (drop a π) (to_mltl x2)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by auto
then have α_semantics: "semantics_mltl (drop a π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop a π" ?D k]
using x2_semantics x2_in unfolding semantics_mltl_ext_def by blast
have ?thesis
using Suc(8) unfolding ψ1 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_semantics by auto
} moreover {
assume *: "ψ2 ∈ ?back"
then obtain i2 where ψ2_in: "ψ2 ∈ set (And_mltl_list
[Global_mltl_ext
(interval_times a L ! 0)
(interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list (LP_mltl_aux α k) β
(interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) -
interval_times a L ! i2]))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
have si2: "?s!i2 = a+i2"
using interval_times_allones[OF a_leq_b L_composition_allones, of i2]
using i2_bound length_L length_s by auto
have si2': "?s!(i2+1) = a+i2+1"
using interval_times_allones[OF a_leq_b L_composition_allones, of "i2+1"]
using i2_bound length_L length_s by auto
obtain x2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext a (a + i2 - 1) [i2] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext x2 β (a+ i2) (a+ i2) [1])"
and x2_in: "x2 ∈ set ?D"
using ψ2_in sfirst si2 si2' by auto
have x2_semantics: "semantics_mltl (drop (a + i2) π) (to_mltl x2)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps Mighty_Release_mltl_ext.simps semantics_mltl.simps
by force
have complen2: "wpd_mltl (to_mltl α) ≤ length (drop (a + i2) π)"
using α_wpd a_leq_b i2_bound length_L by auto
then have α_semantics2: "semantics_mltl (drop (a + i2) π) (to_mltl α)"
using LP_mltl_aux_language_union_converse[OF α_welldef α_nnf α_composition, of "drop (a + i2) π" ?D k]
using x2_semantics x2_in unfolding semantics_mltl_ext_def by blast
{
assume eq: "i1 = i2"
then have x1_neq_x2: "x1 ≠ x2"
using Suc(7) ψ1 ψ2 by blast
have ?thesis using eq
using Suc(1)[OF α_welldef α_nnf α_composition_allones complen1, of "set ?D" x1 x2]
using x1_in x2_in x1_semantics x2_semantics x1_neq_x2 unfolding semantics_mltl_ext_def
by blast
} moreover {
assume le: "i1 < i2"
then have "¬semantics_mltl (drop (a + i1) π) (to_mltl α)"
using Suc(9) unfolding ψ2 semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using length_π_ge_b a_leq_b by simp
then have ?thesis
using α_semantics1 by blast
} moreover {
assume ge: "i1 > i2"
then have "¬semantics_mltl (drop (a + i2) π) (to_mltl α)"
using Suc(8) unfolding ψ1 semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
using length_π_ge_b a_leq_b by simp
then have ?thesis
using α_semantics2 by blast
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis using Suc(7) D_is by blast
}
ultimately show ?thesis using Suc(7) D_is by blast
qed
qed
lemma LP_mltl_language_disjoint_aux:
fixes φ::"'a mltl_ext" and ψ1 ψ2::"'a mltl_ext" and k::"nat"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition: "is_composition_MLTL_allones φ"
assumes D_decomp: "D = set (LP_mltl_aux φ k)"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes r_wpd: "r ≥ wpd_mltl (to_mltl φ)"
shows "(language_mltl_r (to_mltl ψ1) r)
∩ (language_mltl_r (to_mltl ψ2) r) = {}"
proof-
{
assume contra: "(language_mltl_r (to_mltl ψ1) r)
∩ (language_mltl_r (to_mltl ψ2) r) ≠ {}"
then have "∃π. π ∈ (language_mltl_r (to_mltl ψ1) r) ∧
π ∈ (language_mltl_r (to_mltl ψ2) r)"
by auto
then obtain π where in1: "π ∈ (language_mltl_r (to_mltl ψ1) r)"
and in2: "π ∈ (language_mltl_r (to_mltl ψ2) r)"
by blast
have sem1: "semantics_mltl_ext π ψ1" and
sem2: "semantics_mltl_ext π ψ2" and
len: "length π ≥ wpd_mltl (to_mltl φ)"
using in1 in2 assms(6)
unfolding language_mltl_r_def semantics_mltl_ext_def
by simp_all
have "False"
using LP_mltl_language_disjoint_aux_helper[OF assms(1-3) len assms(4, 5) sem1 sem2]
by simp
}
then show ?thesis by blast
qed
theorem LP_mltl_language_disjoint:
fixes φ::"'a mltl_ext" and ψ1 ψ2::"'a mltl" and k::"nat"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes composition: "is_composition_MLTL_allones φ"
assumes D_decomp: "D = set (LP_mltl φ k)"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes r_wpd: "r ≥ wpd_mltl (to_mltl φ)"
shows "(language_mltl_r ψ1 r) ∩ (language_mltl_r ψ2 r) = {}"
proof-
let ?D = "LP_mltl_aux (convert_nnf_ext φ) k"
let ?φ = "convert_nnf_ext φ"
have cond1: "intervals_welldef (to_mltl (convert_nnf_ext φ))"
using intervals_welldef
by (metis convert_nnf_ext_to_mltl_commute nnf_intervals_welldef)
have cond2: "∃φ_init. convert_nnf_ext φ = convert_nnf_ext φ_init"
by blast
have cond3: "is_composition_MLTL_allones (convert_nnf_ext φ)"
using composition
by (simp add: intervals_welldef is_composition_allones_convert_nnf_ext)
have cond4: "set (LP_mltl_aux (convert_nnf_ext φ) k) =
set (LP_mltl_aux (convert_nnf_ext φ) k)"
by blast
obtain ψ1' ψ2' where ψ1: "ψ1 = to_mltl (convert_nnf_ext ψ1')"
and ψ1'_in: "ψ1' ∈ set ?D"
and ψ2: "ψ2 = to_mltl (convert_nnf_ext ψ2')"
and ψ2'_in: "ψ2' ∈ set ?D"
using D_decomp unfolding LP_mltl.simps
using diff_formulas by auto
have ψ's_neq: "ψ1' ≠ ψ2'"
using diff_formulas ψ1 ψ2 by blast
have ψ1_welldef: "intervals_welldef ψ1"
using assms(4) D_decomp unfolding LP_mltl.simps
using LP_mltl_aux_intervals_welldef
by (metis ψ1 ψ1'_in allones_implies_is_composition_MLTL composition convert_nnf_ext_to_mltl_commute intervals_welldef nnf_intervals_welldef)
then have ψ1'_welldef: "intervals_welldef (to_mltl ψ1')"
using ψ1
using LP_mltl_aux_intervals_welldef ψ1'_in allones_implies_is_composition_MLTL composition intervals_welldef by auto
have ψ2_welldef: "intervals_welldef ψ2"
using assms(4) D_decomp unfolding LP_mltl.simps
using LP_mltl_aux_intervals_welldef
by (metis ψ2 ψ2'_in allones_implies_is_composition_MLTL composition convert_nnf_ext_to_mltl_commute intervals_welldef nnf_intervals_welldef)
then have ψ2'_welldef: "intervals_welldef (to_mltl ψ2')"
using ψ2
using LP_mltl_aux_intervals_welldef ψ2'_in allones_implies_is_composition_MLTL composition intervals_welldef by auto
have intersect: "language_mltl_r (to_mltl ψ1') r ∩
language_mltl_r (to_mltl ψ2') r = {}"
using LP_mltl_language_disjoint_aux[OF cond1 cond2 cond3 cond4, of ψ1' ψ2' r]
using ψ1'_in ψ2'_in ψ's_neq r_wpd
by (metis convert_nnf_ext_preserves_wpd)
have "semantics_mltl π (to_mltl (convert_nnf_ext φ)) =
semantics_mltl π (to_mltl φ)"
if "intervals_welldef (to_mltl φ)"
for φ::"'a mltl_ext" and π
using that unfolding semantic_equiv_ext_def
by (metis convert_nnf_ext_to_mltl_commute convert_nnf_preserves_semantics)
then show ?thesis using intersect
unfolding language_mltl_r_def ψ1 ψ2
using ψ1'_welldef ψ2'_welldef
by auto
qed
subsection ‹Disjointedness Theorem (special case of k=1)›
lemma LP_mltl_language_disjoint_aux_helper_k1:
fixes φ ψ1 ψ2::"'a mltl_ext" and π::"'a set list"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition: "is_composition_MLTL φ"
assumes tracelen: "length π ≥ wpd_mltl (to_mltl φ)"
assumes D_decomp: "D = set (LP_mltl_aux φ (Suc 0))"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes sat1: "semantics_mltl_ext π ψ1"
assumes sat2: "semantics_mltl_ext π ψ2"
shows "False"
proof(cases φ)
case True_mltl_ext
then show ?thesis using assms
unfolding True_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case False_mltl_ext
then show ?thesis using assms
unfolding False_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (Prop_mltl_ext p)
then show ?thesis using assms
unfolding Prop_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (Not_mltl_ext q)
then have "∃p. q = Prop_mltl_ext p"
using convert_nnf_form_Not_Implies_Prop assms
by (metis convert_nnf_ext_to_mltl_commute to_mltl.simps(4) to_mltl_prop_bijective)
then obtain p where "q = Prop_mltl_ext p" by blast
then show ?thesis
using assms unfolding Not_mltl_ext LP_mltl.simps LP_mltl_aux.simps
by auto
next
case (And_mltl_ext α β)
show ?thesis
using assms(5) unfolding And_mltl_ext LP_mltl_aux.simps
using assms(6) by auto
next
case (Or_mltl_ext α β)
let ?Dx = "[convert_nnf_ext α]"
let ?Dy = "[convert_nnf_ext β]"
have D_is: "D = set ( And_mltl_list ?Dx ?Dy @
And_mltl_list [Not⇩c α] ?Dy @
And_mltl_list ?Dx [Not⇩c β])"
using assms(5) unfolding Or_mltl_ext LP_mltl_aux.simps
by metis
then have ψ1_eo: "List.member (And_mltl_list ?Dx ?Dy) ψ1 ∨
List.member (And_mltl_list [Not⇩c α] ?Dy) ψ1 ∨
List.member (And_mltl_list ?Dx [Not⇩c β]) ψ1"
using assms(6) by (simp add: member_def)
have ψ2_eo: "List.member (And_mltl_list ?Dx ?Dy) ψ2 ∨
List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2 ∨
List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
using D_is assms(6) by (simp add: member_def)
have α_iwd: "intervals_welldef (to_mltl α)"
using assms(1) unfolding Or_mltl_ext by simp
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using assms(2) unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have α_is_comp: "is_composition_MLTL α"
using assms unfolding Or_mltl_ext by simp
have α_wpd: "wpd_mltl (to_mltl α) ≤ length π"
using assms unfolding Or_mltl_ext by simp
have α_conv_same: "set (LP_mltl_aux (convert_nnf_ext α) 1) = set (LP_mltl_aux α 1)"
by (metis α_nnf convert_nnf_ext_convert_nnf_ext)
have β_iwd: "intervals_welldef (to_mltl β)"
using assms unfolding Or_mltl_ext
by simp
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using assms unfolding Or_mltl_ext
by (metis convert_nnf_ext.simps(5) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(4))
have β_is_comp: "is_composition_MLTL β"
using assms unfolding Or_mltl_ext
by simp
have β_wpd: "wpd_mltl (to_mltl β) ≤ length π"
using assms unfolding Or_mltl_ext by simp
have β_conv_same: "set (LP_mltl_aux (convert_nnf_ext β) k) = set (LP_mltl_aux β k)"
by (metis β_nnf convert_nnf_ext_convert_nnf_ext)
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ1 "
then have ψ1_is: "ψ1 = And_mltl_ext α β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [convert_nnf_ext β]) ψ1› member_rec(1) member_rec(2))
have x1_semantics: "semantics_mltl_ext π α" and
y1_semantics: "semantics_mltl_ext π β"
using assms(7) unfolding ψ1_is semantics_mltl_ext_def by simp_all
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2 "
then have ψ2_is: "ψ2 = And_mltl_ext α β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member_forward ‹List.member (And_mltl_list [convert_nnf_ext α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
then have ?thesis
using ψ1_is assms by blast
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext (Not⇩c α) β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [Not⇩c α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π (Not⇩c α)" and
y2_semantics: "semantics_mltl_ext π β"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using x1_semantics unfolding semantics_mltl_ext_def by simp
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext α (Not⇩c β)"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [Not⇩c β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π α" and
y2_semantics: "semantics_mltl_ext π (Not⇩c β)"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using y1_semantics unfolding semantics_mltl_ext_def by simp
}
ultimately have ?thesis
using ψ2_eo by argo
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ1"
then have ψ1_is: "ψ1 = And_mltl_ext (Not⇩c α) (β)"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [Not⇩c α] [convert_nnf_ext β]) ψ1› member_rec(1) member_rec(2))
have x1_semantics: "semantics_mltl_ext π (Not⇩c α)" and
y1_semantics: "semantics_mltl_ext π (β)"
using assms unfolding semantics_mltl_ext_def ψ1_is by simp_all
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2 "
then have ψ2_is: "ψ2 = And_mltl_ext α β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
have ?thesis
using assms(7,8) unfolding ψ1_is ψ2_is semantics_mltl_ext_def by auto
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext (Not⇩c α) β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [Not⇩c α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π (Not⇩c α)" and
y2_semantics: "semantics_mltl_ext π β"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using ψ1_is ψ2_is assms by blast
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext α (Not⇩c β)"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [Not⇩c β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π α" and
y2_semantics: "semantics_mltl_ext π (Not⇩c β)"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using y1_semantics unfolding semantics_mltl_ext_def by simp
}
ultimately have ?thesis
using ψ2_eo by argo
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ1"
then have ψ1_is: "ψ1 = And_mltl_ext α (Not⇩c β)"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [Not⇩c β]) ψ1› member_rec(1) member_rec(2))
have x1_semantics: "semantics_mltl_ext π α" and
y1_semantics: "semantics_mltl_ext π (Not⇩c β)"
using assms unfolding semantics_mltl_ext_def ψ1_is by simp_all
{
assume "List.member (And_mltl_list ?Dx ?Dy) ψ2 "
then have ψ2_is: "ψ2 = And_mltl_ext α β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member_forward ‹List.member (And_mltl_list [convert_nnf_ext α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
have ?thesis
using assms(7,8) unfolding ψ1_is ψ2_is semantics_mltl_ext_def by auto
} moreover {
assume " List.member (And_mltl_list [Not⇩c α] ?Dy) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext (Not⇩c α) β"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [Not⇩c α] [convert_nnf_ext β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π (Not⇩c α)" and
y2_semantics: "semantics_mltl_ext π β"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using x1_semantics x2_semantics unfolding semantics_mltl_ext_def by auto
} moreover {
assume "List.member (And_mltl_list ?Dx [Not⇩c β]) ψ2"
then have ψ2_is: "ψ2 = And_mltl_ext α (Not⇩c β)"
unfolding List.member_def
using α_nnf β_nnf convert_nnf_ext_convert_nnf_ext
by (metis And_mltl_list_member ‹List.member (And_mltl_list [convert_nnf_ext α] [Not⇩c β]) ψ2› member_rec(1) member_rec(2))
have x2_semantics: "semantics_mltl_ext π α" and
y2_semantics: "semantics_mltl_ext π (Not⇩c β)"
using assms unfolding semantics_mltl_ext_def ψ2_is by simp_all
then have ?thesis
using ψ1_is ψ2_is assms by blast
}
ultimately have ?thesis
using ψ2_eo by argo
}
ultimately show ?thesis
using ψ1_eo by argo
next
case (Future_mltl_ext a b L α)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)"
using assms unfolding intervals_welldef.simps Future_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using assms unfolding Future_mltl_ext
by (metis convert_nnf_ext.simps(6) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(5))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α" and
L_composition: "is_composition (b-a+1) L"
using Future_mltl_ext assms by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using assms unfolding Future_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?D = "[α]"
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition] by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
let ?front = "set [Future_mltl_ext (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] α]"
let ?back = "set (concat (map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
[Future_mltl_ext (?s ! i) (?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i] α])
[1..<length L]))"
have front_eq: "set (Future_mltl_list ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0]) = ?front"
by simp
have back_eq: "?back = set (concat
(map (λi. And_mltl_list
[Global_mltl_ext (?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (Not⇩c α)]
(Future_mltl_list ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
by auto
have D_is: "D = ?front ∪ ?back"
using assms(5) unfolding Future_mltl_ext LP_mltl_aux.simps to_mltl.simps
using list_concat_set_union unfolding α_convert
using front_eq back_eq
by (metis (no_types, lifting))
have dropa_wpd: "wpd_mltl (to_mltl α) ≤ length (drop a π)"
using α_wpd a_leq_b by simp
{
assume *: "ψ1 ∈ ?front"
then have ψ1: "ψ1 = Future_mltl_ext (?s!0) (?s!1-1) [?s!1 - ?s!0] α"
by auto
obtain j1 where α_semantics1: "semantics_mltl_ext (drop j1 π) α"
and j1_bound: "a ≤ j1 ∧ j1 ≤ ?s!1-1"
using assms(7) unfolding sfirst ψ1 semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by blast
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Future_mltl_ext (?s!0) (?s!1-1) [?s!1 - ?s!0] α"
by auto
obtain j2 where α_semantics_2: "semantics_mltl_ext (drop j2 π) α"
and j2_bound: "a ≤ j2 ∧ j2 ≤ ?s!1-1"
using assms(8) unfolding sfirst ψ2 semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by blast
have ?thesis
using assms(6) ψ1 ψ2 by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = (And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i2 - 1) [?s!i2 - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i2) (?s ! (i2 + 1) - 1) [?s ! (i2 + 1) - ?s ! i2] α))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
obtain j2 where α_semantics2: "semantics_mltl_ext (drop j2 π) α"
and j2_bound: "?s!i2 ≤ j2 ∧ j2 ≤ ?s!(i2+1)-1"
and global_before2: "∀i. a ≤ i ∧ i ≤ ?s ! i2 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α)"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd a_leq_b by auto
have bound1: "interval_times a L ! 1 ≤ interval_times a L ! i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 1 ?s]
using i2_bound by force
have ?thesis using bound1
using α_semantics1 global_before2 j1_bound unfolding semantics_mltl_ext_def
by auto
}
ultimately have ?thesis
using assms(6) D_is by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 where ψ1: "ψ1 = (And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i1 - 1) [?s!i1 - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i1) (?s ! (i1 + 1) - 1) [?s ! (i1 + 1) - ?s ! i1] α))"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
by force
have lb1: "a ≤ ?s!i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 0 ?s]
unfolding sfirst using i1_bound by simp
have welldef1: "?s!i1 < ?s!(i1+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i1" ?s]
using i1_bound by blast
have ub1: "?s!(i1+1)-1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i1+1" ?s]
using slast i1_bound
by (metis le_diff_conv le_eq_less_or_eq less_iff_succ_less_eq)
obtain j1 where α_semantics1: "semantics_mltl_ext (drop j1 π) α"
and j1_bound: "?s!i1 ≤ j1 ∧ j1 ≤ ?s!(i1+1)-1"
and global_before1: "∀i. a ≤ i ∧ i ≤ ?s ! i1 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α)"
using assms(7) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd a_leq_b by auto
have bound1: "interval_times a L ! 1 ≤ interval_times a L ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 1 ?s]
using i1_bound by force
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Future_mltl_ext (?s!0) (?s!1-1) [?s!1 - ?s!0] α"
by auto
obtain j2 where α_semantics2: "semantics_mltl_ext (drop j2 π) α"
and j2_bound: "a ≤ j2 ∧ j2 ≤ ?s!1-1"
using assms(8) unfolding sfirst ψ2 semantics_mltl_ext_def semantics_mltl.simps to_mltl.simps
by blast
then have ?thesis
using global_before1 α_semantics2 bound1
unfolding semantics_mltl_ext_def by auto
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = (And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i2 - 1) [?s!i2 - ?s!0] (Not⇩c α))
(Future_mltl_ext (?s ! i2) (?s ! (i2 + 1) - 1) [?s ! (i2 + 1) - ?s ! i2] α))"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by force
obtain j2 where α_semantics2: "semantics_mltl_ext (drop j2 π) α"
and j2_bound: "?s!i2 ≤ j2 ∧ j2 ≤ ?s!(i2+1)-1"
and global_before2: "∀i. a ≤ i ∧ i ≤ ?s ! i2 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α)"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd a_leq_b by auto
have lb2: "a ≤ ?s!i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 0 ?s]
unfolding sfirst using i2_bound by simp
have welldef2: "?s!i2 < ?s!(i2+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i2" ?s]
using i2_bound by blast
have ub2: "?s!(i2+1)-1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i2+1" ?s]
using slast i2_bound
by (metis le_diff_conv le_eq_less_or_eq less_iff_succ_less_eq)
{
assume i1_eq_i2: "i1 = i2"
then have ?thesis
using assms(6) ψ1 ψ2 by blast
} moreover {
assume i1_le_i2: "i1 < i2"
then have "?s ! (i1 + 1) ≤ ?s ! i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i2 "i1+1" ?s]
using i1_bound i2_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have "j1 ≤ interval_times a L ! i2 - 1"
using j1_bound by auto
then have ?thesis
using α_semantics1 global_before2 j1_bound lb1
unfolding semantics_mltl_ext_def by simp
} moreover {
assume i1_ge_i2: "i1 > i2"
then have "?s ! (i2 + 1) ≤ ?s ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i1 "i2+1" ?s]
using i2_bound i1_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have "j2 ≤ interval_times a L ! i1 - 1"
using j2_bound by auto
then have ?thesis
using α_semantics2 global_before1 j2_bound lb2
unfolding semantics_mltl_ext_def by simp
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis
using assms(6) D_is by blast
}
ultimately show ?thesis
using assms(6) D_is by blast
next
case (Global_mltl_ext a b L α)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)"
using assms unfolding intervals_welldef.simps Global_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using assms unfolding Global_mltl_ext
by (metis convert_nnf_ext.simps(7) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(6))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α"
using Global_mltl_ext assms by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π"
using assms unfolding Global_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
have D_is: "D = {Global_mltl_ext a b L α}"
using assms(5) unfolding Global_mltl_ext LP_mltl_aux.simps α_convert
by auto
then show ?thesis
using assms by blast
next
case (Until_mltl_ext α a b L β)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using assms unfolding intervals_welldef.simps Until_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using assms unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using assms unfolding Until_mltl_ext
by (metis convert_nnf_ext.simps(8) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(7))
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β" and
L_composition: "is_composition (b-a+1) L"
using Until_mltl_ext assms by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π" and
β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using assms unfolding Until_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition]
by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
let ?D = "[β]"
let ?front = "{Until_mltl_ext α (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] β}"
let ?back = "set (map (λi. And_mltl_ext
(Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i] β)) [1..<length L])"
have front_eq: "?front = set (Until_mltl_list α ?D (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
by simp
have back_eq: "?back = set (concat
(map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext α (Not⇩c β))]
(Until_mltl_list α ?D (?s ! i) (?s ! (i + 1) - 1)
[?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
by simp
have D_is: "D = ?front ∪ ?back"
using assms(5) unfolding Until_mltl_ext LP_mltl_aux.simps
using α_convert β_convert list_concat_set_union using front_eq back_eq
by (smt (verit) map_eq_conv)
{
assume *: "ψ1 ∈ ?front"
then have ψ1: "ψ1 = Until_mltl_ext α (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] β"
by blast
obtain j1 where j1_bound: "?s!0 ≤ j1 ∧ j1 ≤ ?s!1-1"
and β_semantics1: "semantics_mltl_ext (drop j1 π) β"
and α_semantics1: "∀j. (?s!0 ≤ j ∧ j < j1) ⟶ (semantics_mltl_ext (drop j π) α)"
using assms(7) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Until_mltl_ext α (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] β"
by blast
obtain j2 where j2_bound: "?s!0 ≤ j2 ∧ j2 ≤ ?s!1-1"
and β_semantics2: "semantics_mltl_ext (drop j2 π) β"
and α_semantics2: "∀j. (?s!0 ≤ j ∧ j < j2) ⟶ (semantics_mltl_ext (drop j2 π) α)"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using ψ1 ψ2 diff_formulas by blast
have ?thesis
using ψ1 ψ2 diff_formulas by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s ! i2) (?s ! (i2 + 1) - 1) [?s ! (i2 + 1) - ?s ! i2] β)"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by auto
obtain j2 where j2_bound: "(?s ! i2) ≤ j2 ∧ j2 ≤ (?s ! (i2 + 1) - 1)"
and β_semantics2: "semantics_mltl (drop j2 π) (to_mltl β)"
and α_semantics2: "(∀j. interval_times a L ! i2 ≤ j ∧ j < j2 ⟶
semantics_mltl (drop j π) (to_mltl α))"
and global_before2: "∀i. ?s ! 0 ≤ i ∧ i ≤ ?s ! i2 - 1 ⟶
semantics_mltl (drop i π) (to_mltl α) ∧
¬ semantics_mltl (drop i π) (to_mltl β)"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd by auto
have bound1: "?s ! 1 ≤ ?s ! i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i2 1 ?s]
using i2_bound by force
then have ?thesis
using β_semantics1 global_before2 j1_bound unfolding sfirst
unfolding semantics_mltl_ext_def by auto
}
ultimately have ?thesis using D_is assms by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 where ψ1: "ψ1 = And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i1 - 1) [?s!i1 - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s ! i1) (?s ! (i1 + 1) - 1) [?s ! (i1 + 1) - ?s ! i1] β)"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
by auto
have lb1: "a ≤ ?s!i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 0 ?s]
unfolding sfirst using i1_bound by simp
have welldef1: "?s!i1 < ?s!(i1+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i1" ?s]
using i1_bound by blast
have ub1: "?s!(i1+1)-1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i1+1" ?s]
using slast i1_bound
by (metis le_diff_conv le_eq_less_or_eq less_iff_succ_less_eq)
obtain j1 where j1_bound: "(?s ! i1) ≤ j1 ∧ j1 ≤ (?s ! (i1 + 1) - 1)"
and β_semantics1: "semantics_mltl (drop j1 π) (to_mltl β)"
and α_semantics1: "(∀j. interval_times a L ! i1 ≤ j ∧ j < j1 ⟶
semantics_mltl (drop j π) (to_mltl α))"
and global_before1: "∀i. ?s ! 0 ≤ i ∧ i ≤ ?s ! i1 - 1 ⟶
semantics_mltl (drop i π) (to_mltl α) ∧
¬ semantics_mltl (drop i π) (to_mltl β)"
using assms(7) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd by auto
have bound1: "?s ! 1 ≤ ?s ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i1 1 ?s]
using i1_bound by force
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Until_mltl_ext α (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0] β"
by blast
have ?thesis
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst
by (smt (verit, ccfv_SIG) bound1 diff_is_0_eq' global_before1 interval_times_first le0 le_trans nat_le_linear ordered_cancel_comm_monoid_diff_class.le_diff_conv2)
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext (?s ! 0) (?s ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext α (Not⇩c β)))
(Until_mltl_ext α (?s ! i2) (?s ! (i2 + 1) - 1) [?s ! (i2 + 1) - ?s ! i2] β)"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by auto
have lb2: "a ≤ ?s!i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 0 ?s]
unfolding sfirst using i2_bound by simp
have welldef2: "?s!i2 < ?s!(i2+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i2" ?s]
using i2_bound by blast
have ub2: "?s!(i2+1)-1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i2+1" ?s]
using slast i2_bound
by (metis le_diff_conv le_eq_less_or_eq less_iff_succ_less_eq)
obtain j2 where j2_bound: "(?s ! i2) ≤ j2 ∧ j2 ≤ (?s ! (i2 + 1) - 1)"
and β_semantics2: "semantics_mltl (drop j2 π) (to_mltl β)"
and α_semantics2: "(∀j. interval_times a L ! i2 ≤ j ∧ j < j2 ⟶
semantics_mltl (drop j π) (to_mltl α))"
and global_before2: "∀i. ?s ! 0 ≤ i ∧ i ≤ ?s ! i2 - 1 ⟶
semantics_mltl (drop i π) (to_mltl α) ∧
¬ semantics_mltl (drop i π) (to_mltl β)"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd by auto
{
assume i1_eq_i2: "i1 = i2"
then have ?thesis
using assms(6) ψ1 ψ2 by blast
} moreover {
assume i1_le_i2: "i1 < i2"
then have "?s ! (i1 + 1) ≤ ?s ! i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i2 "i1+1" ?s]
using i1_bound i2_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have ?thesis
using β_semantics1 global_before2 j1_bound unfolding sfirst
using lb1 by auto
} moreover {
assume i1_ge_i2: "i1 > i2"
then have "?s ! (i2 + 1) ≤ ?s ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i1 "i2+1" ?s]
using i1_bound i2_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have ?thesis
using β_semantics2 global_before1 j2_bound unfolding sfirst
using lb2 by auto
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis
using D_is assms by blast
}
ultimately show ?thesis
using D_is assms by blast
next
case (Release_mltl_ext α a b L β)
have a_leq_b: "a ≤ b" and
α_welldef: "intervals_welldef (to_mltl α)" and
β_welldef: "intervals_welldef (to_mltl β)"
using assms unfolding intervals_welldef.simps Release_mltl_ext to_mltl.simps
by simp_all
have α_nnf: "∃φ_init. α = convert_nnf_ext φ_init"
using assms unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have α_convert: "convert_nnf_ext α = α"
using α_nnf convert_nnf_ext_convert_nnf_ext by metis
have β_nnf: "∃φ_init. β = convert_nnf_ext φ_init"
using assms unfolding Release_mltl_ext
by (metis convert_nnf_ext.simps(9) convert_nnf_ext_convert_nnf_ext mltl_ext.inject(8))
have β_convert: "convert_nnf_ext β = β"
using β_nnf convert_nnf_ext_convert_nnf_ext by metis
have α_composition: "is_composition_MLTL α" and
β_composition: "is_composition_MLTL β" and
L_composition: "is_composition (b-a+1) L"
using Release_mltl_ext assms by simp_all
have α_wpd: "b + wpd_mltl (to_mltl α) ≤ length π" and
β_wpd: "b + wpd_mltl (to_mltl β) ≤ length π"
using assms unfolding Release_mltl_ext to_mltl.simps wpd_mltl.simps
by auto
let ?s = "interval_times a L"
have length_L: "1 ≤ length L"
using composition_length_lb[OF L_composition] a_leq_b by linarith
have sfirst: "?s!0 = a"
using interval_times_first by simp
have slast: "?s!(length L) = b+1"
using interval_times_last[OF a_leq_b L_composition]
by blast
have length_s: "length ?s = length L + 1"
using interval_times_length by simp
let ?D = "[α]"
let ?front = "{Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)}"
let ?middle = "{Mighty_Release_mltl_ext α β (?s ! 0) (?s ! 1 - 1)
[?s ! 1 - ?s ! 0]}"
let ?back = "set (map (λi. And_mltl_ext
(Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext α β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L])"
have middle_eq: "?middle = set (Mighty_Release_mltl_list ?D β (?s ! 0) (?s ! 1 - 1) [?s ! 1 - ?s ! 0])"
by simp
have back_eq: "?back = set (concat
(map (λi. And_mltl_list
[Global_mltl_ext
(?s ! 0) (?s ! i - 1) [?s!i - ?s!0] (And_mltl_ext (Not⇩c α) β)]
(Mighty_Release_mltl_list ?D β (?s ! i)
(?s ! (i + 1) - 1) [?s ! (i + 1) - ?s ! i]))
[1..<length L]))"
by simp
have D_is: "D = ?front ∪ ?middle ∪ ?back"
using assms(5) unfolding Release_mltl_ext LP_mltl_aux.simps
using α_convert list_concat_set_union
using middle_eq back_eq
by (smt (verit, ccfv_SIG) append.assoc empty_set list.simps(15) map_eq_conv)
{
assume *: "ψ1 ∈ ?front"
then have ψ1: "ψ1 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have global1: "(∀i. a ≤ i ∧ i ≤ b ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β))"
using assms(7) unfolding ψ1 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd a_leq_b
by (metis add_diff_cancel_left' cancel_comm_monoid_add_class.diff_cancel dual_order.trans le_add1 not_one_le_zero order_antisym_conv wpd_geq_one)
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have global2: "(∀i. a ≤ i ∧ i ≤ b ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β))"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd a_leq_b
by (metis add_diff_cancel_left' cancel_comm_monoid_add_class.diff_cancel dual_order.trans le_add1 not_one_le_zero order_antisym_conv wpd_geq_one)
have ?thesis using * ** assms by auto
} moreover {
assume **: "ψ2 ∈ ?middle"
then have ψ2: "ψ2 = Mighty_Release_mltl_ext α β (?s ! 0)
(?s ! 1 - 1) [?s ! 1 - ?s ! 0]"
by blast
obtain j2 where j2_bound: "(?s ! 0 ≤ j2 ∧ j2 ≤ ?s ! 1 - 1)"
and α_semantics2: "semantics_mltl (drop j2 π) (to_mltl α)"
using assms(8) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have bound1: "interval_times a L ! 1 - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
using slast length_L by force
then have ?thesis using α_semantics2 global1 j2_bound unfolding sfirst
by simp
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0) (interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext α β (interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) - interval_times a L ! i2])"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by auto
obtain j2 where j2_bound: "((?s ! i2) ≤ j2 ∧ j2 ≤ ?s ! (i2 + 1) - 1)"
and α_semantics2: "semantics_mltl (drop j2 π) (to_mltl α)"
using assms(8) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have lb2: "a ≤ ?s!i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 0 ?s]
unfolding sfirst using i2_bound by simp
have welldef2: "?s!i2 < ?s!(i2+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i2" ?s]
using i2_bound by blast
have ub2: "interval_times a L ! (i2 + 1) - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i2+1" ?s]
using slast i2_bound
by (metis add.commute diff_diff_left diff_is_0_eq le_neq_implies_less less_iff_succ_less_eq less_or_eq_imp_le)
have ?thesis using α_semantics2 global1 j2_bound
unfolding sfirst using lb2 ub2 by simp
}
ultimately have ?thesis using assms D_is by blast
} moreover {
assume *: "ψ1 ∈ ?middle"
then have ψ1: "ψ1 = Mighty_Release_mltl_ext α β (?s ! 0)
(?s ! 1 - 1) [?s ! 1 - ?s ! 0]"
by blast
obtain j1 where j1_bound: "(?s ! 0 ≤ j1 ∧ j1 ≤ ?s ! 1 - 1)"
and α_semantics1: "semantics_mltl (drop j1 π) (to_mltl α)"
using assms(7) unfolding ψ1 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have bound1: "interval_times a L ! 1 - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" 1 ?s]
using slast length_L by force
{
assume **: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have global2: "(∀i. a ≤ i ∧ i ≤ b ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β))"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd a_leq_b
by (metis add_diff_cancel_left' cancel_comm_monoid_add_class.diff_cancel dual_order.trans le_add1 not_one_le_zero order_antisym_conv wpd_geq_one)
have ?thesis
using global2 α_semantics1 j1_bound unfolding sfirst using bound1 by simp
} moreover {
assume **: "ψ2 ∈ ?middle"
then have ψ2: "ψ2 = Mighty_Release_mltl_ext α β (?s ! 0)
(?s ! 1 - 1) [?s ! 1 - ?s ! 0]"
by blast
then have ?thesis using ψ1 assms by blast
} moreover {
assume **: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0) (interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext α β (interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) - interval_times a L ! i2])"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by auto
obtain j2 where j2_bound: "((?s ! i2) ≤ j2 ∧ j2 ≤ ?s ! (i2 + 1) - 1)"
and α_semantics2: "semantics_mltl (drop j2 π) (to_mltl α)"
and global_before2: "∀i. interval_times a L ! 0 ≤ i ∧ i ≤ interval_times a L ! i2 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β)"
using assms(8) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd by auto
have lb2: "a ≤ ?s!i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 0 ?s]
unfolding sfirst using i2_bound by simp
have welldef2: "?s!i2 < ?s!(i2+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i2" ?s]
using i2_bound by blast
have ub2: "interval_times a L ! (i2 + 1) - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i2+1" ?s]
using slast i2_bound
by (metis add.commute diff_diff_left diff_is_0_eq le_neq_implies_less less_iff_succ_less_eq less_or_eq_imp_le)
have bound1: "interval_times a L ! 1 ≤ interval_times a L ! i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 1 ?s]
using i2_bound by force
have ?thesis using global_before2 α_semantics1 bound1
using j1_bound unfolding sfirst by auto
}
ultimately have ?thesis using assms D_is by blast
} moreover {
assume *: "ψ1 ∈ ?back"
then obtain i1 where ψ1: "ψ1 = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0) (interval_times a L ! i1 - 1) [?s!i1 - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext α β (interval_times a L ! i1)
(interval_times a L ! (i1 + 1) - 1)
[interval_times a L ! (i1 + 1) - interval_times a L ! i1])"
and i1_bound: "1 ≤ i1 ∧ i1 < length L"
by auto
obtain j1 where j1_bound: "((?s ! i1) ≤ j1 ∧ j1 ≤ ?s ! (i1 + 1) - 1)"
and α_semantics1: "semantics_mltl (drop j1 π) (to_mltl α)"
and global_before1: "∀i. interval_times a L ! 0 ≤ i ∧ i ≤ interval_times a L ! i1 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β)"
using assms(7) unfolding ψ1 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd by auto
have lb1: "a ≤ ?s!i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 0 ?s]
unfolding sfirst using i1_bound by simp
have welldef1: "?s!i1 < ?s!(i1+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i1" ?s]
using i1_bound by blast
have ub1: "interval_times a L ! (i1 + 1) - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i1+1" ?s]
using slast i1_bound
by (metis add.commute diff_diff_left diff_is_0_eq le_neq_implies_less less_iff_succ_less_eq less_or_eq_imp_le)
have bound1: "interval_times a L ! 1 ≤ interval_times a L ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 1 ?s]
using i1_bound by force
{
assume *: "ψ2 ∈ ?front"
then have ψ2: "ψ2 = Global_mltl_ext a b L (And_mltl_ext (Not⇩c α) β)"
by auto
have global2: "(∀i. a ≤ i ∧ i ≤ b ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β))"
using assms(8) unfolding ψ2 semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
using α_wpd a_leq_b
by (metis add_diff_cancel_left' cancel_comm_monoid_add_class.diff_cancel dual_order.trans le_add1 not_one_le_zero order_antisym_conv wpd_geq_one)
have ?thesis using α_semantics1 global2 j1_bound
unfolding sfirst using lb1 ub1 by simp
} moreover {
assume *: "ψ2 ∈ ?middle"
then have ψ2: "ψ2 = Mighty_Release_mltl_ext α β (?s ! 0)
(?s ! 1 - 1) [?s ! 1 - ?s ! 0]"
by blast
obtain j2 where j2_bound: "(?s ! 0 ≤ j2 ∧ j2 ≤ ?s ! 1 - 1)"
and α_semantics2: "semantics_mltl (drop j2 π) (to_mltl α)"
using assms(8) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
by blast
have bound1: "interval_times a L ! 1 ≤ interval_times a L ! i1"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i1" 1 ?s]
using i1_bound by force
then have ?thesis
using α_semantics2 global_before1
using j2_bound unfolding sfirst by auto
} moreover {
assume *: "ψ2 ∈ ?back"
then obtain i2 where ψ2: "ψ2 = And_mltl_ext
(Global_mltl_ext
(interval_times a L ! 0) (interval_times a L ! i2 - 1) [?s!i2 - ?s!0] (And_mltl_ext (Not⇩c α) β))
(Mighty_Release_mltl_ext α β (interval_times a L ! i2)
(interval_times a L ! (i2 + 1) - 1)
[interval_times a L ! (i2 + 1) - interval_times a L ! i2])"
and i2_bound: "1 ≤ i2 ∧ i2 < length L"
by auto
obtain j2 where j2_bound: "((?s ! i2) ≤ j2 ∧ j2 ≤ ?s ! (i2 + 1) - 1)"
and α_semantics2: "semantics_mltl (drop j2 π) (to_mltl α)"
and global_before2: "∀i. interval_times a L ! 0 ≤ i ∧ i ≤ interval_times a L ! i2 - 1 ⟶
¬ semantics_mltl (drop i π) (to_mltl α) ∧
semantics_mltl (drop i π) (to_mltl β)"
using assms(8) unfolding ψ2 Mighty_Release_mltl_ext.simps semantics_mltl_ext_def to_mltl.simps semantics_mltl.simps
unfolding sfirst using α_wpd by auto
have lb2: "a ≤ ?s!i2"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "i2" 0 ?s]
unfolding sfirst using i2_bound by simp
have welldef2: "?s!i2 < ?s!(i2+1)"
using interval_times_diff_ge[OF a_leq_b L_composition, of "i2" ?s]
using i2_bound by blast
have ub2: "interval_times a L ! (i2 + 1) - 1 ≤ b"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of "length L" "i2+1" ?s]
using slast i2_bound
by (metis add.commute diff_diff_left diff_is_0_eq le_neq_implies_less less_iff_succ_less_eq less_or_eq_imp_le)
{
assume eq: "i1 = i2"
then have ?thesis
using assms(6) ψ1 ψ2 by blast
} moreover {
assume le: "i1 < i2"
then have "interval_times a L ! (i1 + 1) ≤ interval_times a L ! (i2)"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i2 "i1+1" ?s]
using i1_bound i2_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have ?thesis
using α_semantics1 global_before2 j1_bound
using lb1 unfolding sfirst by auto
} moreover {
assume ge: "i1 > i2"
then have "interval_times a L ! (i2 + 1) ≤ interval_times a L ! (i1)"
using interval_times_diff_ge_general[OF a_leq_b L_composition, of i1 "i2+1" ?s]
using i1_bound i2_bound
by (metis le_eq_less_or_eq less_iff_succ_less_eq)
then have ?thesis
using α_semantics2 global_before1 j2_bound
using lb2 unfolding sfirst by auto
}
ultimately have ?thesis by linarith
}
ultimately have ?thesis using assms D_is by blast
}
ultimately show ?thesis using assms D_is by blast
qed
lemma LP_mltl_language_disjoint_aux_k1:
fixes φ::"'a mltl_ext" and ψ1 ψ2::"'a mltl_ext" and k::"nat"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes is_nnf: "∃φ_init. φ = convert_nnf_ext φ_init"
assumes composition: "is_composition_MLTL φ"
assumes D_decomp: "D = set (LP_mltl_aux φ 1)"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes r_wpd: "r ≥ wpd_mltl (to_mltl φ)"
shows "(language_mltl_r (to_mltl ψ1) r)
∩ (language_mltl_r (to_mltl ψ2) r) = {}"
proof-
{
assume contra: "(language_mltl_r (to_mltl ψ1) r)
∩ (language_mltl_r (to_mltl ψ2) r) ≠ {}"
then have "∃π. π ∈ (language_mltl_r (to_mltl ψ1) r) ∧
π ∈ (language_mltl_r (to_mltl ψ2) r)"
by auto
then obtain π where in1: "π ∈ (language_mltl_r (to_mltl ψ1) r)"
and in2: "π ∈ (language_mltl_r (to_mltl ψ2) r)"
by blast
have sem1: "semantics_mltl_ext π ψ1" and
sem2: "semantics_mltl_ext π ψ2" and
len: "length π ≥ wpd_mltl (to_mltl φ)"
using in1 in2 assms(6)
unfolding language_mltl_r_def semantics_mltl_ext_def
by simp_all
have "False"
by (metis D_decomp LP_mltl_language_disjoint_aux_helper_k1 One_nat_def composition diff_formulas intervals_welldef is_nnf len sem1 sem2)
}
then show ?thesis by blast
qed
theorem LP_mltl_language_disjoint_k1:
fixes φ::"'a mltl_ext" and ψ1 ψ2::"'a mltl" and k::"nat"
assumes intervals_welldef: "intervals_welldef (to_mltl φ)"
assumes composition: "is_composition_MLTL φ"
assumes D_decomp: "D = set (LP_mltl φ 1)"
assumes diff_formulas: "(ψ1 ∈ D) ∧ (ψ2 ∈ D) ∧ ψ1 ≠ ψ2"
assumes r_wpd: "r ≥ wpd_mltl (to_mltl φ)"
shows "(language_mltl_r ψ1 r) ∩ (language_mltl_r ψ2 r) = {}"
proof-
let ?D = "LP_mltl_aux (convert_nnf_ext φ) 1"
let ?φ = "convert_nnf_ext φ"
have cond1: "intervals_welldef (to_mltl (convert_nnf_ext φ))"
using intervals_welldef
by (metis convert_nnf_ext_to_mltl_commute nnf_intervals_welldef)
have cond2: "∃φ_init. convert_nnf_ext φ = convert_nnf_ext φ_init"
by blast
have cond3: "is_composition_MLTL (convert_nnf_ext φ)"
using composition
by (simp add: intervals_welldef is_composition_convert_nnf_ext)
have cond4: "set (LP_mltl_aux (convert_nnf_ext φ) 1) =
set (LP_mltl_aux (convert_nnf_ext φ) 1)"
by blast
obtain ψ1' ψ2' where ψ1: "ψ1 = to_mltl (convert_nnf_ext ψ1')"
and ψ1'_in: "ψ1' ∈ set ?D"
and ψ2: "ψ2 = to_mltl (convert_nnf_ext ψ2')"
and ψ2'_in: "ψ2' ∈ set ?D"
using D_decomp unfolding LP_mltl.simps
using diff_formulas by auto
have ψ's_neq: "ψ1' ≠ ψ2'"
using diff_formulas ψ1 ψ2 by blast
have ψ1_welldef: "intervals_welldef ψ1"
using assms(4) D_decomp unfolding LP_mltl.simps
using LP_mltl_aux_intervals_welldef
by (metis ψ1 ψ1'_in composition convert_nnf_ext_to_mltl_commute intervals_welldef nnf_intervals_welldef)
then have ψ1'_welldef: "intervals_welldef (to_mltl ψ1')"
using ψ1
using LP_mltl_aux_intervals_welldef ψ1'_in allones_implies_is_composition_MLTL composition intervals_welldef by auto
have ψ2_welldef: "intervals_welldef ψ2"
using assms(4) D_decomp unfolding LP_mltl.simps
using LP_mltl_aux_intervals_welldef
by (metis ψ2 ψ2'_in composition convert_nnf_ext_to_mltl_commute intervals_welldef nnf_intervals_welldef)
then have ψ2'_welldef: "intervals_welldef (to_mltl ψ2')"
using ψ2
using LP_mltl_aux_intervals_welldef ψ2'_in allones_implies_is_composition_MLTL composition intervals_welldef by auto
have intersect: "language_mltl_r (to_mltl ψ1') r ∩
language_mltl_r (to_mltl ψ2') r = {}"
using LP_mltl_language_disjoint_aux_k1[OF cond1 cond2 cond3 cond4, of ψ1' ψ2' r]
using ψ1'_in ψ2'_in ψ's_neq r_wpd
by (metis convert_nnf_ext_preserves_wpd)
have "semantics_mltl π (to_mltl (convert_nnf_ext φ)) =
semantics_mltl π (to_mltl φ)"
if "intervals_welldef (to_mltl φ)"
for φ::"'a mltl_ext" and π
using that unfolding semantic_equiv_ext_def
by (metis convert_nnf_ext_to_mltl_commute convert_nnf_preserves_semantics)
then show ?thesis using intersect
unfolding language_mltl_r_def ψ1 ψ2
using ψ1'_welldef ψ2'_welldef
by auto
qed
end