Theory UML_String
theory UML_String
imports "../UML_PropertyProfiles"
begin
section‹Basic Type String: Operations›
subsection‹Fundamental Properties on Strings: Strict Equality \label{sec:string-strict-eq}›
text‹The last basic operation belonging to the fundamental infrastructure
of a value-type in OCL is the weak equality, which is defined similar
to the @{typ "('𝔄)Boolean"}-case as strict extension of the strong equality:›
overloading StrictRefEq ≡ "StrictRefEq :: [('𝔄)String,('𝔄)String] ⇒ ('𝔄)Boolean"
begin
definition StrictRefEq⇩S⇩t⇩r⇩i⇩n⇩g[code_unfold] :
"(x::('𝔄)String) ≐ y ≡ λ τ. if (υ x) τ = true τ ∧ (υ y) τ = true τ
then (x ≜ y) τ
else invalid τ"
end
text‹Property proof in terms of @{term "profile_bin⇩S⇩t⇩r⇩o⇩n⇩g⇩E⇩q_⇩v_⇩v"}›
interpretation StrictRefEq⇩S⇩t⇩r⇩i⇩n⇩g : profile_bin⇩S⇩t⇩r⇩o⇩n⇩g⇩E⇩q_⇩v_⇩v "λ x y. (x::('𝔄)String) ≐ y"
by unfold_locales (auto simp: StrictRefEq⇩S⇩t⇩r⇩i⇩n⇩g)
subsection‹Basic String Constants›
text‹Although the remaining part of this library reasons about
integers abstractly, we provide here as example some convenient shortcuts.›
definition OclStringa ::"('𝔄)String" (‹𝖺›) where "𝖺 = (λ _ . ⌊⌊''a''⌋⌋)"
definition OclStringb ::"('𝔄)String" (‹𝖻›) where "𝖻 = (λ _ . ⌊⌊''b''⌋⌋)"
definition OclStringc ::"('𝔄)String" (‹𝖼›) where "𝖼 = (λ _ . ⌊⌊''c''⌋⌋)"
text‹Etc.›
text_raw‹\isatagafp›
subsection‹Validity and Definedness Properties›
lemma "δ(null::('𝔄)String) = false" by simp
lemma "υ(null::('𝔄)String) = true" by simp
lemma [simp,code_unfold]: "δ (λ_. ⌊⌊n⌋⌋) = true"
by(simp add:defined_def true_def
bot_fun_def bot_option_def null_fun_def null_option_def)
lemma [simp,code_unfold]: "υ (λ_. ⌊⌊n⌋⌋) = true"
by(simp add:valid_def true_def
bot_fun_def bot_option_def)
lemma [simp,code_unfold]: "δ 𝖺 = true" by(simp add:OclStringa_def)
lemma [simp,code_unfold]: "υ 𝖺 = true" by(simp add:OclStringa_def)
text_raw‹\endisatagafp›
subsection‹String Operations›
subsubsection‹Definition›
text‹Here is a common case of a built-in operation on built-in types.
Note that the arguments must be both defined (non-null, non-bot).›
text‹Note that we can not follow the lexis of the OCL Standard for Isabelle
technical reasons; these operators are heavily overloaded in the HOL library
that a further overloading would lead to heavy technical buzz in this
document.
›
definition OclAdd⇩S⇩t⇩r⇩i⇩n⇩g ::"('𝔄)String ⇒ ('𝔄)String ⇒ ('𝔄)String" (infix ‹+⇩s⇩t⇩r⇩i⇩n⇩g› 40)
where "x +⇩s⇩t⇩r⇩i⇩n⇩g y ≡ λ τ. if (δ x) τ = true τ ∧ (δ y) τ = true τ
then ⌊⌊concat [⌈⌈x τ⌉⌉, ⌈⌈y τ⌉⌉]⌋⌋
else invalid τ "
interpretation OclAdd⇩S⇩t⇩r⇩i⇩n⇩g : profile_bin⇩d_⇩d "(+⇩s⇩t⇩r⇩i⇩n⇩g)" "λ x y. ⌊⌊concat [⌈⌈x⌉⌉, ⌈⌈y⌉⌉]⌋⌋"
by unfold_locales (auto simp:OclAdd⇩S⇩t⇩r⇩i⇩n⇩g_def bot_option_def null_option_def)
subsubsection‹Basic Properties›
lemma OclAdd⇩S⇩t⇩r⇩i⇩n⇩g_not_commute: "∃X Y. (X +⇩s⇩t⇩r⇩i⇩n⇩g Y) ≠ (Y +⇩s⇩t⇩r⇩i⇩n⇩g X)"
apply(rule_tac x = "λ_. ⌊⌊''b''⌋⌋" in exI)
apply(rule_tac x = "λ_. ⌊⌊''a''⌋⌋" in exI)
apply(simp_all add:OclAdd⇩S⇩t⇩r⇩i⇩n⇩g_def)
by(auto, drule fun_cong, auto)
subsection‹Test Statements›
text‹Here follows a list of code-examples, that explain the meanings
of the above definitions by compilation to code and execution to @{term "True"}.›
text‹Here follows a list of code-examples, that explain the meanings
of the above definitions by compilation to code and execution to @{term "True"}.›
text‹Elementary computations on String›
Assert "τ ⊨ 𝖺 <> 𝖻"
Assert "τ ⊨ 𝖻 <> 𝖺"
Assert "τ ⊨ 𝖻 ≐ 𝖻"
Assert "τ ⊨ υ 𝖺"
Assert "τ ⊨ δ 𝖺"
Assert "τ ⊨ υ (null::('𝔄)String)"
Assert "τ ⊨ (invalid ≜ invalid)"
Assert "τ ⊨ (null ≜ null)"
Assert "τ ⊨ (𝖺 ≜ 𝖺)"
Assert "τ |≠ (𝖺 ≜ 𝖻)"
Assert "τ |≠ (invalid ≜ 𝖻)"
Assert "τ |≠ (null ≜ 𝖻)"
Assert "τ |≠ (invalid ≐ (invalid::('𝔄)String))"
Assert "τ |≠ υ (invalid ≐ (invalid::('𝔄)String))"
Assert "τ |≠ (invalid <> (invalid::('𝔄)String))"
Assert "τ |≠ υ (invalid <> (invalid::('𝔄)String))"
Assert "τ ⊨ (null ≐ (null::('𝔄)String) )"
Assert "τ ⊨ (null ≐ (null::('𝔄)String) )"
Assert "τ ⊨ (𝖻 ≐ 𝖻)"
Assert "τ |≠ (𝖻 <> 𝖻)"
Assert "τ |≠ (𝖻 ≐ 𝖼)"
Assert "τ ⊨ (𝖻 <> 𝖼)"
end