Theory Weak_Formula
theory Weak_Formula
imports
Weak_Transition_System
Disjunction
begin
section ‹Weak Formulas›
subsection ‹Lemmas about \texorpdfstring{$\alpha$}{alpha}-equivalence involving \texorpdfstring{$\tau$}{tau}›
context weak_nominal_ts
begin
lemma Act_tau_eq_iff [simp]:
"Act τ x1 = Act α x2 ⟷ α = τ ∧ x2 = x1"
(is "?l ⟷ ?r")
proof
assume "?l"
then obtain p where p_α: "p ∙ τ = α" and p_x: "p ∙ x1 = x2" and fresh: "(supp x1 - bn τ) ♯* p"
by (metis Act_eq_iff_perm)
from p_α have "α = τ"
by (metis tau_eqvt)
moreover from fresh and p_x have "x2 = x1"
by (simp add: supp_perm_eq)
ultimately show "?r" ..
next
assume "?r" then show "?l"
by simp
qed
end
subsection ‹Weak action modality›
text ‹The definition of (strong) formulas is parametric in the index type, but from now on we
want to work with a fixed (sufficiently large) index type.
Also, we use~@{term τ} in our definition of weak formulas.›
locale indexed_weak_nominal_ts = weak_nominal_ts satisfies transition
for satisfies :: "'state::fs ⇒ 'pred::fs ⇒ bool" (infix "⊢" 70)
and transition :: "'state ⇒ ('act::bn,'state) residual ⇒ bool" (infix "→" 70) +
assumes card_idx_perm: "|UNIV::perm set| <o |UNIV::'idx set|"
and card_idx_state: "|UNIV::'state set| <o |UNIV::'idx set|"
and card_idx_nat: "|UNIV::nat set| <o |UNIV::'idx set|"
begin
text ‹The assumption @{thm card_idx_nat} is redundant: it is already implied by
@{thm card_idx_perm}. A formal proof of this fact is left for future work.›
lemma card_idx_nat' [simp]:
"|UNIV::nat set| <o natLeq +c |UNIV::'idx set|"
proof -
note card_idx_nat
also have "|UNIV :: 'idx set| ≤o natLeq +c |UNIV :: 'idx set|"
by (metis Cnotzero_UNIV ordLeq_csum2)
finally show ?thesis .
qed
primrec tau_steps :: "('idx,'pred::fs,'act::bn) formula ⇒ nat ⇒ ('idx,'pred,'act) formula"
where
"tau_steps x 0 = x"
| "tau_steps x (Suc n) = Act τ (tau_steps x n)"
lemma tau_steps_eqvt [simp]:
"p ∙ tau_steps x n = tau_steps (p ∙ x) (p ∙ n)"
by (induct n) (simp_all add: permute_nat_def tau_eqvt)
lemma tau_steps_eqvt' [simp]:
"p ∙ tau_steps x = tau_steps (p ∙ x)"
by (simp add: permute_fun_def)
lemma tau_steps_eqvt_raw [simp]:
"p ∙ tau_steps = tau_steps"
by (simp add: permute_fun_def)
lemma tau_steps_add [simp]:
"tau_steps (tau_steps x m) n = tau_steps x (m + n)"
by (induct n) auto
lemma tau_steps_not_self:
"x = tau_steps x n ⟷ n = 0"
proof
assume "x = tau_steps x n" then show "n = 0"
proof (induct n arbitrary: x)
case 0 show ?case ..
next
case (Suc n)
then have "x = Act τ (tau_steps x n)"
by simp
then show "Suc n = 0"
proof (induct x)
case (Act α x)
then have "x = tau_steps (Act τ x) n"
by (metis Act_tau_eq_iff)
with Act.hyps show ?thesis
by (metis add_Suc tau_steps.simps(2) tau_steps_add)
qed simp_all
qed
next
assume "n = 0" then show "x = tau_steps x n"
by simp
qed
definition weak_tau_modality :: "('idx,'pred::fs,'act::bn) formula ⇒ ('idx,'pred,'act) formula"
where
"weak_tau_modality x ≡ Disj (map_bset (tau_steps x) (Abs_bset UNIV))"
lemma finite_supp_map_bset_tau_steps [simp]:
"finite (supp (map_bset (tau_steps x) (Abs_bset UNIV :: nat set['idx])))"
proof -
have "eqvt map_bset" and "eqvt tau_steps"
by (simp add: eqvtI)+
then have "supp (map_bset (tau_steps x)) ⊆ supp x"
using supp_fun_eqvt supp_fun_app supp_fun_app_eqvt by blast
moreover have "supp (Abs_bset UNIV :: nat set['idx]) = {}"
by (simp add: eqvtI supp_fun_eqvt)
ultimately have "supp (map_bset (tau_steps x) (Abs_bset UNIV :: nat set['idx])) ⊆ supp x"
using supp_fun_app by blast
then show ?thesis
by (metis finite_subset finite_supp)
qed
lemma weak_tau_modality_eqvt [simp]:
"p ∙ weak_tau_modality x = weak_tau_modality (p ∙ x)"
unfolding weak_tau_modality_def by (simp add: map_bset_eqvt)
lemma weak_tau_modality_eq_iff [simp]:
"weak_tau_modality x = weak_tau_modality y ⟷ x = y"
proof
assume "weak_tau_modality x = weak_tau_modality y"
then have "map_bset (tau_steps x) (Abs_bset UNIV :: _ set['idx]) = map_bset (tau_steps y) (Abs_bset UNIV)"
unfolding weak_tau_modality_def by simp
with card_idx_nat' have "range (tau_steps x) = range (tau_steps y)"
(is "?X = ?Y")
by (metis Abs_bset_inverse' map_bset.rep_eq)
then have "x ∈ range (tau_steps y)" and "y ∈ range (tau_steps x)"
by (metis range_eqI tau_steps.simps(1))+
then obtain nx ny where x: "x = tau_steps y nx" and y: "y = tau_steps x ny"
by blast
then have "ny + nx = 0"
by (simp add: tau_steps_not_self)
with x and y show "x = y"
by simp
next
assume "x = y" then show "weak_tau_modality x = weak_tau_modality y"
by simp
qed
lemma supp_weak_tau_modality [simp]:
"supp (weak_tau_modality x) = supp x"
unfolding supp_def by simp
lemma Act_weak_tau_modality_eq_iff [simp]:
"Act α1 (weak_tau_modality x1) = Act α2 (weak_tau_modality x2) ⟷ Act α1 x1 = Act α2 x2"
by (simp add: Act_eq_iff_perm)
definition weak_action_modality :: "'act ⇒ ('idx,'pred::fs,'act::bn) formula ⇒ ('idx,'pred,'act) formula" ("⟨⟨_⟩⟩_")
where
"⟨⟨α⟩⟩x ≡ if α = τ then weak_tau_modality x else weak_tau_modality (Act α (weak_tau_modality x))"
lemma weak_action_modality_eqvt [simp]:
"p ∙ (⟨⟨α⟩⟩x) = ⟨⟨p ∙ α⟩⟩(p ∙ x)"
using tau_eqvt weak_action_modality_def by fastforce
lemma weak_action_modality_tau:
"(⟨⟨τ⟩⟩x) = weak_tau_modality x"
unfolding weak_action_modality_def by simp
lemma weak_action_modality_not_tau:
assumes "α ≠ τ"
shows "(⟨⟨α⟩⟩x) = weak_tau_modality (Act α (weak_tau_modality x))"
using assms unfolding weak_action_modality_def by simp
text ‹Equality is modulo $\alpha$-equivalence.›
text ‹Note that the converse of the following lemma does not hold. For instance,
for~@{prop "α ≠ τ"} we have @{prop "(⟨⟨τ⟩⟩(Act α (weak_tau_modality x))) = ⟨⟨α⟩⟩x"} by definition,
but clearly not @{prop "Act τ (Act α (weak_tau_modality x)) = Act α x"}.›
lemma weak_action_modality_eq:
assumes "Act α1 x1 = Act α2 x2"
shows "(⟨⟨α1⟩⟩x1) = (⟨⟨α2⟩⟩x2)"
proof (cases "α1 = τ")
case True
with assms have "α2 = α1 ∧ x2 = x1"
by (metis Act_tau_eq_iff)
then show ?thesis
by simp
next
case False
from assms obtain p where 1: "supp x1 - bn α1 = supp x2 - bn α2" and 2: "(supp x1 - bn α1) ♯* p"
and 3: "p ∙ x1 = x2" and 4: "supp α1 - bn α1 = supp α2 - bn α2" and 5: "(supp α1 - bn α1) ♯* p"
and 6: "p ∙ α1 = α2"
by (metis Act_eq_iff_perm)
from 1 have "supp (weak_tau_modality x1) - bn α1 = supp (weak_tau_modality x2) - bn α2"
by (metis supp_weak_tau_modality)
moreover from 2 have "(supp (weak_tau_modality x1) - bn α1) ♯* p"
by (metis supp_weak_tau_modality)
moreover from 3 have "p ∙ weak_tau_modality x1 = weak_tau_modality x2"
by (metis weak_tau_modality_eqvt)
ultimately have "Act α1 (weak_tau_modality x1) = Act α2 (weak_tau_modality x2)"
using 4 and 5 and 6 and Act_eq_iff_perm by blast
moreover from ‹α1 ≠ τ› and assms have "α2 ≠ τ"
by (metis Act_tau_eq_iff)
ultimately show ?thesis
using ‹α1 ≠ τ› by (simp add: weak_action_modality_not_tau)
qed
subsection ‹Weak formulas›
inductive weak_formula :: "('idx,'pred::fs,'act::bn) formula ⇒ bool"
where
wf_Conj: "finite (supp xset) ⟹ (⋀x. x ∈ set_bset xset ⟹ weak_formula x) ⟹ weak_formula (Conj xset)"
| wf_Not: "weak_formula x ⟹ weak_formula (Not x)"
| wf_Act: "weak_formula x ⟹ weak_formula (⟨⟨α⟩⟩x)"
| wf_Pred: "weak_formula x ⟹ weak_formula (⟨⟨τ⟩⟩(Conj (binsert (Pred φ) (bsingleton x))))"
lemma finite_supp_wf_Pred [simp]: "finite (supp (binsert (Pred φ) (bsingleton x)))"
proof -
have "supp (bsingleton x) ⊆ supp x"
by (simp add: eqvtI supp_fun_app_eqvt)
moreover have "eqvt binsert"
by (simp add: eqvtI)
ultimately have "supp (binsert (Pred φ) (bsingleton x)) ⊆ supp φ ∪ supp x"
using supp_fun_app supp_fun_app_eqvt by fastforce
then show ?thesis
by (metis finite_UnI finite_supp rev_finite_subset)
qed
text ‹@{const weak_formula} is equivariant.›
lemma weak_formula_eqvt [simp]: "weak_formula x ⟹ weak_formula (p ∙ x)"
proof (induct rule: weak_formula.induct)
case (wf_Conj xset) then show ?case
by simp (metis (no_types, lifting) imageE permute_finite permute_set_eq_image set_bset_eqvt supp_eqvt weak_formula.wf_Conj)
next
case (wf_Not x) then show ?case
by (simp add: weak_formula.wf_Not)
next
case (wf_Act x α) then show ?case
by (simp add: weak_formula.wf_Act)
next
case (wf_Pred x φ) then show ?case
by (simp add: tau_eqvt weak_formula.wf_Pred)
qed
end
end