Theory CompositionalityResults
theory CompositionalityResults
imports GeneralizedZippingLemma CompositionSupport
begin
context Compositionality
begin
theorem compositionality_BSD:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β β§ βΉ BSD π± Trβ(ES1 β₯ ES2)β"
proof -
assume BSD_Tr1_v1: "BSD π±1 TrβES1β"
assume BSD_Tr2_v2: "BSD π±2 TrβES2β"
{
fix Ξ± Ξ² c
assume c_in_Cv: "c β Cβπ±β"
assume Ξ²cΞ±_in_Tr: "(Ξ² @ [c] @ Ξ±) β Trβ(ES1 β₯ ES2)β"
assume Ξ±_contains_no_c: "Ξ± βΏ Cβπ±β = []"
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from Ξ²cΞ±_in_Tr
have Ξ²cΞ±_E1_in_Tr1: "((Ξ² @ [c] @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²cΞ±_E2_in_Tr2: "((Ξ² @ [c] @ Ξ±) βΏ EβES2β) β TrβES2β"
by (auto, simp add: composeES_def)+
from composeES_yields_ES validES1 validES2 have "ES_valid (ES1 β₯ ES2)"
by auto
with Ξ²cΞ±_in_Tr have "set Ξ² β Eβ(ES1 β₯ ES2)β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set (Ξ± βΏ Vβπ±β) β Vβπ±β"
by (simp add: projection_def, auto)
moreover
have "(Ξ± βΏ Vβπ±β) βΏ Vβπ±β = (Ξ± βΏ Vβπ±β)"
by (simp add: projection_def)
moreover
from CSES1.BSD_in_subsystem[OF c_in_Cv Ξ²cΞ±_E1_in_Tr1 BSD_Tr1_v1]
obtain Ξ±1'
where Ξ±1'_1: "((Ξ² βΏ EβES1β) @ Ξ±1') β TrβES1β"
and Ξ±1'_2: "(Ξ±1' βΏ Vβπ±1β) = (Ξ± βΏ Vβπ±1β)"
and "Ξ±1' βΏ Cβπ±1β = []"
by auto
moreover
from Ξ±1'_1 validES1 have Ξ±1'_in_E1: "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ±1'_2 propSepViews have "((Ξ± βΏ Vβπ±β) βΏ EβES1β) = (Ξ±1' βΏ Vβπ±β)"
proof -
have "((Ξ± βΏ Vβπ±β) βΏ EβES1β) = Ξ± βΏ (Vβπ±β β© EβES1β)"
by (simp only: projection_def, auto)
with propSepViews have "((Ξ± βΏ Vβπ±β) βΏ EβES1β) = (Ξ± βΏ Vβπ±1β)"
unfolding properSeparationOfViews_def by auto
moreover
from Ξ±1'_2 have "(Ξ±1' βΏ Vβπ±1β) = (Ξ±1' βΏ Vβπ±β)"
proof -
from Ξ±1'_in_E1 have "Ξ±1' βΏ EβES1β = Ξ±1'"
by (simp add: list_subset_iff_projection_neutral)
hence "(Ξ±1' βΏ EβES1β) βΏ Vβπ±β = Ξ±1' βΏ Vβπ±β"
by simp
with Vv_is_Vv1_union_Vv2 have "(Ξ±1' βΏ EβES1β) βΏ (Vβπ±1β βͺ Vβπ±2β) = Ξ±1' βΏ Vβπ±β"
by simp
hence "Ξ±1' βΏ (EβES1β β© (Vβπ±1β βͺ Vβπ±2β)) = Ξ±1' βΏ Vβπ±β"
by (simp only: projection_def, auto)
hence "Ξ±1' βΏ (EβES1β β© Vβπ±1β βͺ EβES1β β© Vβπ±2β) = Ξ±1' βΏ Vβπ±β"
by (simp add: Int_Un_distrib)
moreover
from validV1 have "EβES1β β© Vβπ±1β = Vβπ±1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ±1' βΏ (Vβπ±1β βͺ EβES1β β© Vβπ±2β) = Ξ±1' βΏ Vβπ±β"
by simp
moreover
have "EβES1β β© Vβπ±2β β Vβπ±1β"
proof -
from propSepViews Vv_is_Vv1_union_Vv2 have "(Vβπ±1β βͺ Vβπ±2β) β© EβES1β = Vβπ±1β"
unfolding properSeparationOfViews_def by simp
hence "(Vβπ±1β β© EβES1β βͺ Vβπ±2β β© EβES1β) = Vβπ±1β"
by auto
with validV1 have "(Vβπ±1β βͺ Vβπ±2β β© EβES1β) = Vβπ±1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by auto
qed
ultimately show ?thesis
by (simp add: Un_absorb2)
qed
moreover note Ξ±1'_2
ultimately show ?thesis
by auto
qed
moreover
from CSES2.BSD_in_subsystem[OF c_in_Cv Ξ²cΞ±_E2_in_Tr2 BSD_Tr2_v2]
obtain Ξ±2'
where Ξ±2'_1: "((Ξ² βΏ EβES2β) @ Ξ±2') β TrβES2β"
and Ξ±2'_2: "(Ξ±2' βΏ Vβπ±2β) = (Ξ± βΏ Vβπ±2β)"
and "Ξ±2' βΏ Cβπ±2β = []"
by auto
moreover
from Ξ±2'_1 validES2 have Ξ±2'_in_E2: "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ±2'_2 propSepViews have "((Ξ± βΏ Vβπ±β) βΏ EβES2β) = (Ξ±2' βΏ Vβπ±β)"
proof -
have "((Ξ± βΏ Vβπ±β) βΏ EβES2β) = Ξ± βΏ (Vβπ±β β© EβES2β)"
by (simp only: projection_def, auto)
with propSepViews have "((Ξ± βΏ Vβπ±β) βΏ EβES2β) = (Ξ± βΏ Vβπ±2β)"
unfolding properSeparationOfViews_def by auto
moreover
from Ξ±2'_2 have "(Ξ±2' βΏ Vβπ±2β) = (Ξ±2' βΏ Vβπ±β)"
proof -
from Ξ±2'_in_E2 have "Ξ±2' βΏ EβES2β = Ξ±2'"
by (simp add: list_subset_iff_projection_neutral)
hence "(Ξ±2' βΏ EβES2β) βΏ Vβπ±β = Ξ±2' βΏ Vβπ±β"
by simp
with Vv_is_Vv1_union_Vv2 have "(Ξ±2' βΏ EβES2β) βΏ (Vβπ±2β βͺ Vβπ±1β) = Ξ±2' βΏ Vβπ±β"
by (simp add: Un_commute)
hence "Ξ±2' βΏ (EβES2β β© (Vβπ±2β βͺ Vβπ±1β)) = Ξ±2' βΏ Vβπ±β"
by (simp only: projection_def, auto)
hence "Ξ±2' βΏ (EβES2β β© Vβπ±2β βͺ EβES2β β© Vβπ±1β) = Ξ±2' βΏ Vβπ±β"
by (simp add: Int_Un_distrib)
moreover
from validV2 have "EβES2β β© Vβπ±2β = Vβπ±2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ±2' βΏ (Vβπ±2β βͺ EβES2β β© Vβπ±1β) = Ξ±2' βΏ Vβπ±β"
by simp
moreover
have "EβES2β β© Vβπ±1β β Vβπ±2β"
proof -
from propSepViews Vv_is_Vv1_union_Vv2 have "(Vβπ±2β βͺ Vβπ±1β) β© EβES2β = Vβπ±2β"
unfolding properSeparationOfViews_def by (simp add: Un_commute)
hence "(Vβπ±2β β© EβES2β βͺ Vβπ±1β β© EβES2β) = Vβπ±2β"
by auto
with validV2 have "(Vβπ±2β βͺ Vβπ±1β β© EβES2β) = Vβπ±2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by auto
qed
ultimately show ?thesis
by (simp add: Un_absorb2)
qed
moreover note Ξ±2'_2
ultimately show ?thesis
by auto
qed
moreover note generalized_zipping_lemma
ultimately have "βΞ±'. ((Ξ² @ Ξ±') β (Trβ(ES1 β₯ ES2)β) β§ (Ξ±' βΏ Vβπ±β = (Ξ± βΏ Vβπ±β)) β§ Ξ±' βΏ Cβπ±β = [])"
by blast
}
thus ?thesis
unfolding BSD_def
by auto
qed
theorem compositionality_BSI:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β; BSI π±1 TrβES1β; BSI π±2 TrβES2β β§
βΉ BSI π± Trβ(ES1 β₯ ES2)β"
proof -
assume BSD1: "BSD π±1 TrβES1β"
and BSD2: "BSD π±2 TrβES2β"
and BSI1: "BSI π±1 TrβES1β"
and BSI2: "BSI π±2 TrβES2β"
{
fix Ξ± Ξ² c
assume c_in_Cv: "c β Cβπ±β"
assume Ξ²Ξ±_in_Tr: "(Ξ² @ Ξ±) β Trβ(ES1 β₯ ES2)β"
assume Ξ±_no_Cv: "Ξ± βΏ Cβπ±β = []"
from Ξ²Ξ±_in_Tr
have Ξ²Ξ±_E1_in_Tr1: "((Ξ² @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²Ξ±_E2_in_Tr2: "((Ξ² @ Ξ±) βΏ EβES2β) β TrβES2β"
by (simp add: composeES_def)+
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from CSES1.BSD_in_subsystem2[OF Ξ²Ξ±_E1_in_Tr1 BSD1] obtain Ξ±1'
where Ξ²E1Ξ±1'_in_Tr1: "Ξ² βΏ EβES1β @ Ξ±1' β TrβES1β"
and Ξ±1'Vv1_is_Ξ±Vv1: "Ξ±1' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1'Cv1_empty: "Ξ±1' βΏ Cβπ±1β = []"
by auto
from CSES2.BSD_in_subsystem2[OF Ξ²Ξ±_E2_in_Tr2 BSD2] obtain Ξ±2'
where Ξ²E2Ξ±2'_in_Tr2: "Ξ² βΏ EβES2β @ Ξ±2' β TrβES2β"
and Ξ±2'Vv2_is_Ξ±Vv2: "Ξ±2' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2'Cv2_empty: "Ξ±2' βΏ Cβπ±2β = []"
by auto
have "β Ξ±1''. (set Ξ±1'' β EβES1β β§ ((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = [])"
proof cases
assume cE1_empty: "[c] βΏ EβES1β = []"
from Ξ²E1Ξ±1'_in_Tr1 validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from cE1_empty Ξ²E1Ξ±1'_in_Tr1 have "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1' β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1'Cv1_empty
ultimately show ?thesis
by auto
next
assume cE1_not_empty: "[c] βΏ EβES1β β []"
hence c_in_E1: "c β EβES1β"
by (simp only: projection_def, auto, split if_split_asm, auto)
from c_in_Cv c_in_E1 propSepViews have "c β Cβπ±1β"
unfolding properSeparationOfViews_def by auto
moreover
note Ξ²E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty BSI1
ultimately obtain Ξ±1''
where Ξ²E1cΞ±1''_in_Tr1: "(Ξ² βΏ EβES1β) @ [c] @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSI_def
by blast
from validES1 Ξ²E1cΞ±1''_in_Tr1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ²E1cΞ±1''_in_Tr1 c_in_E1 have "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
from Ξ±1''Vv1_is_Ξ±1'Vv1 Ξ±1'Vv1_is_Ξ±Vv1 have "Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
by auto
moreover
note Ξ±1''Cv1_empty
ultimately show ?thesis
by auto
qed
then obtain Ξ±1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ²cE1Ξ±1''_in_Tr1: "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
by auto
have "β Ξ±2''. (set Ξ±2'' β EβES2β
β§ ((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β
β§ Ξ±2'' βΏ Cβπ±2β = [])"
proof cases
assume cE2_empty: "[c] βΏ EβES2β = []"
from Ξ²E2Ξ±2'_in_Tr2 validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from cE2_empty Ξ²E2Ξ±2'_in_Tr2 have "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2' β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2'Cv2_empty
ultimately show ?thesis
by auto
next
assume cE2_not_empty: "[c] βΏ EβES2β β []"
hence c_in_E2: "c β EβES2β"
by (simp only: projection_def, auto, split if_split_asm, auto)
from c_in_Cv c_in_E2 propSepViews have "c β Cβπ±2β"
unfolding properSeparationOfViews_def by auto
moreover
note Ξ²E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty BSI2
ultimately obtain Ξ±2''
where Ξ²E2cΞ±2''_in_Tr2: "(Ξ² βΏ EβES2β) @ [c] @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSI_def
by blast
from validES2 Ξ²E2cΞ±2''_in_Tr2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ²E2cΞ±2''_in_Tr2 c_in_E2 have "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
from Ξ±2''Vv2_is_Ξ±2'Vv2 Ξ±2'Vv2_is_Ξ±Vv2 have "Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
by auto
moreover
note Ξ±2''Cv2_empty
ultimately show ?thesis
by auto
qed
then obtain Ξ±2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ²cE2Ξ±2''_in_Tr2: "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
by auto
from VIsViewOnE c_in_Cv Ξ²Ξ±_in_Tr have "set (Ξ² @ [c]) β Eβ(ES1 β₯ ES2)β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def composeES_def, auto)
moreover
have "set (Ξ± βΏ Vβπ±β) β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±1''_in_E1star Ξ±2''_in_E2star Ξ²cE1Ξ±1''_in_Tr1 Ξ²cE2Ξ±2''_in_Tr2
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES1β = Ξ±1'' βΏ Vβπ±β"
proof -
from Ξ±1''Vv1_is_Ξ±Vv1 propSepViews have "Ξ± βΏ (Vβπ±β β© EβES1β) = Ξ±1'' βΏ (EβES1β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES1β = Ξ±1'' βΏ EβES1β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±1''_in_E1star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES2β = Ξ±2'' βΏ Vβπ±β"
proof -
from Ξ±2''Vv2_is_Ξ±Vv2 propSepViews have "Ξ± βΏ (Vβπ±β β© EβES2β) = Ξ±2'' βΏ (EβES2β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES2β = Ξ±2'' βΏ EβES2β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±2''_in_E2star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
note Ξ±1''Cv1_empty Ξ±2''Cv2_empty generalized_zipping_lemma
ultimately have "βΞ±'. (Ξ² @ [c]) @ Ξ±' β Trβ(ES1 β₯ ES2)β β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
by blast
}
thus ?thesis
unfolding BSI_def
by auto
qed
theorem compositionality_BSIA:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β; BSIA Ο1 π±1 TrβES1β; BSIA Ο2 π±2 TrβES2β;
(Ο1 π±1) β (Ο π±) β© EβES1β; (Ο2 π±2) β (Ο π±) β© EβES2β β§
βΉ BSIA Ο π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume BSD1: "BSD π±1 TrβES1β"
and BSD2: "BSD π±2 TrβES2β"
and BSIA1: "BSIA Ο1 π±1 TrβES1β"
and BSIA2: "BSIA Ο2 π±2 TrβES2β"
and Ο1v1_subset_Οv_inter_E1: "(Ο1 π±1) β (Ο π±) β© EβES1β"
and Ο2v2_subset_Οv_inter_E2:"(Ο2 π±2) β (Ο π±) β© EβES2β"
{
fix Ξ± Ξ² c
assume c_in_Cv: "c β Cβπ±β"
assume Ξ²Ξ±_in_Tr: "(Ξ² @ Ξ±) β Trβ(ES1 β₯ ES2)β"
assume Ξ±_no_Cv: "Ξ± βΏ Cβπ±β = []"
assume Adm: "(Adm π± Ο Trβ(ES1 β₯ ES2)β Ξ² c)"
then obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from Ξ²Ξ±_in_Tr
have Ξ²Ξ±_E1_in_Tr1: "((Ξ² @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²Ξ±_E2_in_Tr2: "((Ξ² @ Ξ±) βΏ EβES2β) β TrβES2β"
by (simp add: composeES_def)+
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from CSES1.BSD_in_subsystem2[OF Ξ²Ξ±_E1_in_Tr1 BSD1] obtain Ξ±1'
where Ξ²E1Ξ±1'_in_Tr1: "Ξ² βΏ EβES1β @ Ξ±1' β TrβES1β"
and Ξ±1'Vv1_is_Ξ±Vv1: "Ξ±1' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1'Cv1_empty: "Ξ±1' βΏ Cβπ±1β = []"
by auto
from CSES2.BSD_in_subsystem2[OF Ξ²Ξ±_E2_in_Tr2 BSD2] obtain Ξ±2'
where Ξ²E2Ξ±2'_in_Tr2: "Ξ² βΏ EβES2β @ Ξ±2' β TrβES2β"
and Ξ±2'Vv2_is_Ξ±Vv2: "Ξ±2' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2'Cv2_empty: "Ξ±2' βΏ Cβπ±2β = []"
by auto
have "β Ξ±1''. (set Ξ±1'' β EβES1β
β§ ((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β
β§ Ξ±1'' βΏ Cβπ±1β = [])"
proof cases
assume cE1_empty: "[c] βΏ EβES1β = []"
from Ξ²E1Ξ±1'_in_Tr1 validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from cE1_empty Ξ²E1Ξ±1'_in_Tr1 have "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1' β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1'Cv1_empty
ultimately show ?thesis
by auto
next
assume cE1_not_empty: "[c] βΏ EβES1β β []"
hence c_in_E1: "c β EβES1β"
by (simp only: projection_def, auto, split if_split_asm, auto)
from c_in_Cv c_in_E1 propSepViews have "c β Cβπ±1β"
unfolding properSeparationOfViews_def by auto
moreover
note Ξ²E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty
moreover
have "(Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c)"
proof -
from c_in_E1 Ξ³c_in_Tr have "(Ξ³ βΏ EβES1β) @ [c] β TrβES1β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES1β βΏ (Ο1 π±1) = Ξ² βΏ EβES1β βΏ (Ο1 π±1)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES1β βΏ (Ο π±) = Ξ² βΏ EβES1β βΏ (Ο π±)"
by (metis projection_commute)
with Ο1v1_subset_Οv_inter_E1 have "Ξ³ βΏ (Ο1 π±1) = Ξ² βΏ (Ο1 π±1)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where Ξ²E1cΞ±1''_in_Tr1: "(Ξ² βΏ EβES1β) @ [c] @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
from validES1 Ξ²E1cΞ±1''_in_Tr1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ²E1cΞ±1''_in_Tr1 c_in_E1 have "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
from Ξ±1''Vv1_is_Ξ±1'Vv1 Ξ±1'Vv1_is_Ξ±Vv1 have "Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
by auto
moreover
note Ξ±1''Cv1_empty
ultimately show ?thesis
by auto
qed
then obtain Ξ±1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ²cE1Ξ±1''_in_Tr1: "((Ξ² @ [c]) βΏ EβES1β) @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
by auto
have "β Ξ±2''. (set Ξ±2'' β EβES2β
β§ ((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β
β§ Ξ±2'' βΏ Cβπ±2β = [])"
proof cases
assume cE2_empty: "[c] βΏ EβES2β = []"
from Ξ²E2Ξ±2'_in_Tr2 validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from cE2_empty Ξ²E2Ξ±2'_in_Tr2 have "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2' β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2'Cv2_empty
ultimately show ?thesis
by auto
next
assume cE2_not_empty: "[c] βΏ EβES2β β []"
hence c_in_E2: "c β EβES2β"
by (simp only: projection_def, auto, split if_split_asm, auto)
from c_in_Cv c_in_E2 propSepViews have "c β Cβπ±2β"
unfolding properSeparationOfViews_def by auto
moreover
note Ξ²E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty
moreover
have "(Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c)"
proof -
from c_in_E2 Ξ³c_in_Tr have "(Ξ³ βΏ EβES2β) @ [c] β TrβES2β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES2β βΏ (Ο2 π±2) = Ξ² βΏ EβES2β βΏ (Ο2 π±2)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES2β βΏ (Ο π±) = Ξ² βΏ EβES2β βΏ (Ο π±)"
by (metis projection_commute)
with Ο2v2_subset_Οv_inter_E2 have "Ξ³ βΏ (Ο2 π±2) = Ξ² βΏ (Ο2 π±2)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where Ξ²E2cΞ±2''_in_Tr2: "(Ξ² βΏ EβES2β) @ [c] @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
from validES2 Ξ²E2cΞ±2''_in_Tr2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ²E2cΞ±2''_in_Tr2 c_in_E2 have "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
from Ξ±2''Vv2_is_Ξ±2'Vv2 Ξ±2'Vv2_is_Ξ±Vv2 have "Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
by auto
moreover
note Ξ±2''Cv2_empty
ultimately show ?thesis
by auto
qed
then obtain Ξ±2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ²cE2Ξ±2''_in_Tr2: "((Ξ² @ [c]) βΏ EβES2β) @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
by auto
from VIsViewOnE c_in_Cv Ξ²Ξ±_in_Tr have "set (Ξ² @ [c]) β Eβ(ES1 β₯ ES2)β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def composeES_def, auto)
moreover
have "set (Ξ± βΏ Vβπ±β) β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±1''_in_E1star Ξ±2''_in_E2star Ξ²cE1Ξ±1''_in_Tr1 Ξ²cE2Ξ±2''_in_Tr2
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES1β = Ξ±1'' βΏ Vβπ±β"
proof -
from Ξ±1''Vv1_is_Ξ±Vv1 propSepViews
have "Ξ± βΏ (Vβπ±β β© EβES1β) = Ξ±1'' βΏ (EβES1β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES1β = Ξ±1'' βΏ EβES1β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±1''_in_E1star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES2β = Ξ±2'' βΏ Vβπ±β"
proof -
from Ξ±2''Vv2_is_Ξ±Vv2 propSepViews
have "Ξ± βΏ (Vβπ±β β© EβES2β) = Ξ±2'' βΏ (EβES2β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES2β = Ξ±2'' βΏ EβES2β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±2''_in_E2star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
note Ξ±1''Cv1_empty Ξ±2''Cv2_empty generalized_zipping_lemma
ultimately have "βΞ±'. (Ξ² @ [c]) @ Ξ±' β Trβ(ES1 β₯ ES2)β β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = []"
by blast
}
thus ?thesis
unfolding BSIA_def
by auto
qed
theorem compositionality_FCD:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β;
ββΞβ β© EβES1β β ββΞ1β; ββΞβ β© EβES2β β ββΞ2β;
Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β; Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β;
( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ;
Nβπ±1β β© ΞβΞ1β β© EβES2β = {}; Nβπ±2β β© ΞβΞ2β β© EβES1β = {};
FCD Ξ1 π±1 TrβES1β; FCD Ξ2 π±2 TrβES2β β§
βΉ FCD Ξ π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume BSD1: "BSD π±1 TrβES1β"
and BSD2: "BSD π±2 TrβES2β"
and Nabla_inter_E1_subset_Nabla1: "ββΞβ β© EβES1β β ββΞ1β"
and Nabla_inter_E2_subset_Nabla2: "ββΞβ β© EβES2β β ββΞ2β"
and Upsilon_inter_E1_subset_Upsilon1: "Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β"
and Upsilon_inter_E2_subset_Upsilon2: "Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β"
and Delta1_N1_Delta2_N2_subset_Delta: "( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ"
and N1_Delta1_E2_disjoint: "Nβπ±1β β© ΞβΞ1β β© EβES2β = {}"
and N2_Delta2_E1_disjoint: "Nβπ±2β β© ΞβΞ2β β© EβES1β = {}"
and FCD1: "FCD Ξ1 π±1 TrβES1β"
and FCD2: "FCD Ξ2 π±2 TrβES2β"
{
fix Ξ± Ξ² c v'
assume c_in_Cv_inter_Upsilon: "c β (Cβπ±β β© Ξ₯βΞβ)"
and v'_in_Vv_inter_Nabla: "v' β (Vβπ±β β© ββΞβ)"
and Ξ²cv'Ξ±_in_Tr: "(Ξ² @ [c,v'] @ Ξ±) β Trβ(ES1 β₯ ES2)β"
and Ξ±Cv_empty: "Ξ± βΏ Cβπ±β = []"
from Ξ²cv'Ξ±_in_Tr
have Ξ²cv'Ξ±_E1_in_Tr1: "(((Ξ² @ [c,v']) @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²cv'Ξ±_E2_in_Tr2: "(((Ξ² @ [c,v']) @ Ξ±) βΏ EβES2β) β TrβES2β"
by (simp add: composeES_def)+
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from CSES1.BSD_in_subsystem2[OF Ξ²cv'Ξ±_E1_in_Tr1 BSD1] obtain Ξ±1'
where Ξ²cv'E1Ξ±1'_in_Tr1: "(Ξ² @ [c,v']) βΏ EβES1β @ Ξ±1' β TrβES1β"
and Ξ±1'Vv1_is_Ξ±Vv1: "Ξ±1' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1'Cv1_empty: "Ξ±1' βΏ Cβπ±1β = []"
by auto
from CSES2.BSD_in_subsystem2[OF Ξ²cv'Ξ±_E2_in_Tr2 BSD2] obtain Ξ±2'
where Ξ²cv'E2Ξ±2'_in_Tr2: "(Ξ² @ [c,v']) βΏ EβES2β @ Ξ±2' β TrβES2β"
and Ξ±2'Vv2_is_Ξ±Vv2: "Ξ±2' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2'Cv2_empty: "Ξ±2' βΏ Cβπ±2β = []"
by auto
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV1
have "c β EβES1β β¨ (c β EβES1β β§ v' β EβES1β) β¨ (c β EβES1β β§ v' β EβES1β)"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E1: "c β EβES1β"
have "set [] β (Nβπ±1β β© ΞβΞ1β)"
by auto
moreover
from Ξ²cv'E1Ξ±1'_in_Tr1 c_notin_E1 have "(Ξ² βΏ EβES1β) @ [] @ ([v'] βΏ EβES1β) @ Ξ±1' β TrβES1β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note Ξ±1'Cv1_empty
ultimately have "β Ξ±1'' Ξ΄1''. set Ξ΄1'' β (Nβπ±1β β© ΞβΞ1β)
β§ (Ξ² βΏ EβES1β) @ Ξ΄1'' @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []"
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_notin_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_Upsilon1: "c β (Cβπ±1β β© Ξ₯βΞ1β)"
unfolding properSeparationOfViews_def by auto
hence c_in_Cv1: "c β Cβπ±1β"
by auto
moreover
from Ξ²cv'E1Ξ±1'_in_Tr1 c_in_E1 v'_notin_E1 have "(Ξ² βΏ EβES1β) @ [c] @ Ξ±1' β TrβES1β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
note Ξ±1'Cv1_empty BSD1
ultimately obtain Ξ±1''
where first: "(Ξ² βΏ EβES1β) @ Ξ±1'' β TrβES1β"
and second: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and third: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSD_def
by blast
have "set [] β (Nβπ±1β β© ΞβΞ1β)"
by auto
moreover
from first v'_notin_E1 have "(Ξ² βΏ EβES1β) @ [] @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note second third
ultimately
have "β Ξ±1'' Ξ΄1''. set Ξ΄1'' β (Nβπ±1β β© ΞβΞ1β)
β§ (Ξ² βΏ EβES1β) @ Ξ΄1'' @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []"
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_in_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_Upsilon1: "c β (Cβπ±1β β© Ξ₯βΞ1β)"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E1 v'_in_Vv_inter_Nabla propSepViews Nabla_inter_E1_subset_Nabla1
have v'_in_Vv1_inter_Nabla1: "v' β (Vβπ±1β β© ββΞ1β)"
unfolding properSeparationOfViews_def by auto
moreover
from Ξ²cv'E1Ξ±1'_in_Tr1 c_in_E1 v'_in_E1 have "(Ξ² βΏ EβES1β) @ [c,v'] @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
note Ξ±1'Cv1_empty FCD1
ultimately obtain Ξ±1'' Ξ΄1''
where first: "set Ξ΄1'' β (Nβπ±1β β© ΞβΞ1β)"
and second: "(Ξ² βΏ EβES1β) @ Ξ΄1'' @ [v'] @ Ξ±1'' β TrβES1β"
and third: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and fourth: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCD_def
by blast
from second v'_in_E1 have "(Ξ² βΏ EβES1β) @ Ξ΄1'' @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
with first third fourth
have "β Ξ±1'' Ξ΄1''. set Ξ΄1'' β (Nβπ±1β β© ΞβΞ1β)
β§ (Ξ² βΏ EβES1β) @ Ξ΄1'' @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCD_def
by blast
}
ultimately obtain Ξ±1'' Ξ΄1''
where Ξ΄1''_in_Nv1_Delta1_star: "set Ξ΄1'' β (Nβπ±1β β© ΞβΞ1β)"
and Ξ²E1Ξ΄1''vE1Ξ±1''_in_Tr1: "(Ξ² βΏ EβES1β) @ Ξ΄1'' @ ([v'] βΏ EβES1β) @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
by blast
with validV1 have Ξ΄1''_in_E1_star: "set Ξ΄1'' β EβES1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV2
have "c β EβES2β β¨ (c β EβES2β β§ v' β EβES2β) β¨ (c β EβES2β β§ v' β EβES2β)"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E2: "c β EβES2β"
have "set [] β (Nβπ±2β β© ΞβΞ2β)"
by auto
moreover
from Ξ²cv'E2Ξ±2'_in_Tr2 c_notin_E2 have "(Ξ² βΏ EβES2β) @ [] @ ([v'] βΏ EβES2β) @ Ξ±2' β TrβES2β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note Ξ±2'Cv2_empty
ultimately have "β Ξ±2'' Ξ΄2''. set Ξ΄2'' β (Nβπ±2β β© ΞβΞ2β)
β§ (Ξ² βΏ EβES2β) @ Ξ΄2'' @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []"
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_notin_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_Upsilon2: "c β (Cβπ±2β β© Ξ₯βΞ2β)"
unfolding properSeparationOfViews_def by auto
hence c_in_Cv2: "c β Cβπ±2β"
by auto
moreover
from Ξ²cv'E2Ξ±2'_in_Tr2 c_in_E2 v'_notin_E2 have "(Ξ² βΏ EβES2β) @ [c] @ Ξ±2' β TrβES2β"
by (simp only: projection_concatenation_commute projection_def, auto)
moreover
note Ξ±2'Cv2_empty BSD2
ultimately obtain Ξ±2''
where first: "(Ξ² βΏ EβES2β) @ Ξ±2'' β TrβES2β"
and second: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and third: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSD_def
by blast
have "set [] β (Nβπ±2β β© ΞβΞ2β)"
by auto
moreover
from first v'_notin_E2 have "(Ξ² βΏ EβES2β) @ [] @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note second third
ultimately
have "β Ξ±2'' Ξ΄2''. set Ξ΄2'' β (Nβπ±2β β© ΞβΞ2β)
β§ (Ξ² βΏ EβES2β) @ Ξ΄2'' @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []"
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_in_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_Upsilon2: "c β (Cβπ±2β β© Ξ₯βΞ2β)"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E2 v'_in_Vv_inter_Nabla propSepViews Nabla_inter_E2_subset_Nabla2
have v'_in_Vv2_inter_Nabla2: "v' β (Vβπ±2β β© ββΞ2β)"
unfolding properSeparationOfViews_def by auto
moreover
from Ξ²cv'E2Ξ±2'_in_Tr2 c_in_E2 v'_in_E2 have "(Ξ² βΏ EβES2β) @ [c,v'] @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
note Ξ±2'Cv2_empty FCD2
ultimately obtain Ξ±2'' Ξ΄2''
where first: "set Ξ΄2'' β (Nβπ±2β β© ΞβΞ2β)"
and second: "(Ξ² βΏ EβES2β) @ Ξ΄2'' @ [v'] @ Ξ±2'' β TrβES2β"
and third: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and fourth: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCD_def
by blast
from second v'_in_E2 have "(Ξ² βΏ EβES2β) @ Ξ΄2'' @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
with first third fourth
have "β Ξ±2'' Ξ΄2''. set Ξ΄2'' β (Nβπ±2β β© ΞβΞ2β)
β§ (Ξ² βΏ EβES2β) @ Ξ΄2'' @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCD_def
by blast
}
ultimately obtain Ξ±2'' Ξ΄2''
where Ξ΄2''_in_Nv2_Delta2_star: "set Ξ΄2'' β (Nβπ±2β β© ΞβΞ2β)"
and Ξ²E2Ξ΄2''vE2Ξ±2''_in_Tr2: "(Ξ² βΏ EβES2β) @ Ξ΄2'' @ ([v'] βΏ EβES2β) @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
by blast
with validV2 have Ξ΄2''_in_E2_star: "set Ξ΄2'' β EβES2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
from Ξ΄1''_in_Nv1_Delta1_star N1_Delta1_E2_disjoint
have Ξ΄1''E2_empty: "Ξ΄1'' βΏ EβES2β = []"
proof -
from Ξ΄1''_in_Nv1_Delta1_star have "Ξ΄1'' = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β)"
by (simp only: list_subset_iff_projection_neutral)
hence "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β) βΏ EβES2β"
by simp
moreover
have "Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β) βΏ EβES2β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β β© EβES2β)"
by (simp only: projection_def, auto)
with N1_Delta1_E2_disjoint have "Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β) βΏ EβES2β = []"
by (simp add: projection_def)
ultimately show ?thesis
by simp
qed
moreover
from Ξ΄2''_in_Nv2_Delta2_star N2_Delta2_E1_disjoint have Ξ΄2''E1_empty: "Ξ΄2'' βΏ EβES1β = []"
proof -
from Ξ΄2''_in_Nv2_Delta2_star have "Ξ΄2'' = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β)"
by (simp only: list_subset_iff_projection_neutral)
hence "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β) βΏ EβES1β"
by simp
moreover
have "Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β) βΏ EβES1β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β β© EβES1β)"
by (simp only: projection_def, auto)
with N2_Delta2_E1_disjoint have "Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β) βΏ EβES1β = []"
by (simp add: projection_def)
ultimately show ?thesis
by simp
qed
moreover
note Ξ²E1Ξ΄1''vE1Ξ±1''_in_Tr1 Ξ²E2Ξ΄2''vE2Ξ±2''_in_Tr2 Ξ΄1''_in_E1_star Ξ΄2''_in_E2_star
ultimately have Ξ²Ξ΄1''Ξ΄2''v'E1Ξ±1''_in_Tr1: "(Ξ² @ Ξ΄1'' @ Ξ΄2'' @ [v']) βΏ EβES1β @ Ξ±1'' β TrβES1β"
and Ξ²Ξ΄1''Ξ΄2''v'E2Ξ±2''_in_Tr2: "(Ξ² @ Ξ΄1'' @ Ξ΄2'' @ [v']) βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp only: projection_concatenation_commute list_subset_iff_projection_neutral, auto,
simp only: projection_concatenation_commute list_subset_iff_projection_neutral, auto)
have "set (Ξ² @ Ξ΄1'' @ Ξ΄2'' @ [v']) β Eβ(ES1 β₯ ES2)β"
proof -
from Ξ²cv'Ξ±_in_Tr have "set Ξ² β Eβ(ES1 β₯ ES2)β"
by (simp add: composeES_def)
moreover
note Ξ΄1''_in_E1_star Ξ΄2''_in_E2_star
moreover
from v'_in_Vv_inter_Nabla VIsViewOnE
have "v' β Eβ(ES1 β₯ ES2)β"
by (simp add:isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
ultimately show ?thesis
by (simp add: composeES_def, auto)
qed
moreover
have "set (Ξ± βΏ Vβπ±β) β Vβπ±β"
by (simp add: projection_def, auto)
moreover
from Ξ²E1Ξ΄1''vE1Ξ±1''_in_Tr1 validES1 have Ξ±1''_in_E1_star: "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ²E2Ξ΄2''vE2Ξ±2''_in_Tr2 validES2 have Ξ±2''_in_E2_star: "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
note Ξ²Ξ΄1''Ξ΄2''v'E1Ξ±1''_in_Tr1 Ξ²Ξ΄1''Ξ΄2''v'E2Ξ±2''_in_Tr2
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES1β = Ξ±1'' βΏ Vβπ±β"
proof -
from Ξ±1''Vv1_is_Ξ±1'Vv1 Ξ±1'Vv1_is_Ξ±Vv1 propSepViews
have "Ξ± βΏ (Vβπ±β β© EβES1β) = Ξ±1'' βΏ (EβES1β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES1β = Ξ±1'' βΏ EβES1β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±1''_in_E1_star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
have "(Ξ± βΏ Vβπ±β) βΏ EβES2β = Ξ±2'' βΏ Vβπ±β"
proof -
from Ξ±2''Vv2_is_Ξ±2'Vv2 Ξ±2'Vv2_is_Ξ±Vv2 propSepViews
have "Ξ± βΏ (Vβπ±β β© EβES2β) = Ξ±2'' βΏ (EβES2β β© Vβπ±β)"
unfolding properSeparationOfViews_def by (simp add: Int_commute)
hence "Ξ± βΏ Vβπ±β βΏ EβES2β = Ξ±2'' βΏ EβES2β βΏ Vβπ±β"
by (simp add: projection_def)
with Ξ±2''_in_E2_star show ?thesis
by (simp add: list_subset_iff_projection_neutral)
qed
moreover
note Ξ±1''Cv1_empty Ξ±2''Cv2_empty generalized_zipping_lemma
ultimately obtain t
where first: "(Ξ² @ Ξ΄1'' @ Ξ΄2'' @ [v']) @ t β Trβ(ES1 β₯ ES2)β"
and second: "t βΏ Vβπ±β = Ξ± βΏ Vβπ±β"
and third: "t βΏ Cβπ±β = []"
by blast
from Ξ΄1''_in_Nv1_Delta1_star Ξ΄2''_in_Nv2_Delta2_star
have "set (Ξ΄1'' @ Ξ΄2'') β (Nβπ±β β© ΞβΞβ)"
proof -
have "set (Ξ΄1'' @ Ξ΄2'') β ΞβΞβ"
proof -
from Ξ΄1''_in_Nv1_Delta1_star Ξ΄2''_in_Nv2_Delta2_star
have "set (Ξ΄1'' @ Ξ΄2'') β ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β"
by auto
with Delta1_N1_Delta2_N2_subset_Delta show ?thesis
by auto
qed
moreover
have "set (Ξ΄1'' @ Ξ΄2'') β Nβπ±β"
proof -
from Ξ΄1''_in_Nv1_Delta1_star Ξ΄2''_in_Nv2_Delta2_star
have "set (Ξ΄1'' @ Ξ΄2'') β (Nβπ±1β βͺ Nβπ±2β)"
by auto
with Nv1_union_Nv2_subsetof_Nv show ?thesis
by auto
qed
ultimately show ?thesis
by auto
qed
moreover
from first have "Ξ² @ (Ξ΄1'' @ Ξ΄2'') @ [v'] @ t β Trβ(ES1 β₯ ES2)β"
by auto
moreover
note second third
ultimately have "βΞ±'. βΞ³'. (set Ξ³') β (Nβπ±β β© ΞβΞβ)
β§ ((Ξ² @ Ξ³' @ [v'] @ Ξ±') β Trβ(ES1 β₯ ES2)β
β§ (Ξ±' βΏ Vβπ±β) = (Ξ± βΏ Vβπ±β)
β§ Ξ±' βΏ Cβπ±β = [])"
by blast
}
thus ?thesis
unfolding FCD_def
by auto
qed
theorem compositionality_FCI:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β; BSIA Ο1 π±1 TrβES1β; BSIA Ο2 π±2 TrβES2β;
total ES1 (Cβπ±1β β© Ξ₯βΞ1β); total ES2 (Cβπ±2β β© Ξ₯βΞ2β);
ββΞβ β© EβES1β β ββΞ1β; ββΞβ β© EβES2β β ββΞ2β;
Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β; Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β;
( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ;
(Nβπ±1β β© ΞβΞ1β β© EβES2β = {} β§ Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β)
β¨ ( Nβπ±2β β© ΞβΞ2β β© EβES1β = {} β§ Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β) ;
FCI Ξ1 π±1 TrβES1β; FCI Ξ2 π±2 TrβES2β β§
βΉ FCI Ξ π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume BSD1: "BSD π±1 TrβES1β"
and BSD2: "BSD π±2 TrβES2β"
and BSIA1: "BSIA Ο1 π±1 TrβES1β"
and BSIA2: "BSIA Ο2 π±2 TrβES2β"
and total_ES1_C1_inter_Upsilon1: "total ES1 (Cβπ±1β β© Ξ₯βΞ1β)"
and total_ES2_C2_inter_Upsilon2: "total ES2 (Cβπ±2β β© Ξ₯βΞ2β)"
and Nabla_inter_E1_subset_Nabla1: "ββΞβ β© EβES1β β ββΞ1β"
and Nabla_inter_E2_subset_Nabla2: "ββΞβ β© EβES2β β ββΞ2β"
and Upsilon_inter_E1_subset_Upsilon1: "Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β"
and Upsilon_inter_E2_subset_Upsilon2: "Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β"
and Delta1_N1_Delta2_N2_subset_Delta: "( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ"
and very_long_asm: "(Nβπ±1β β© ΞβΞ1β β© EβES2β = {} β§ Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β)
β¨ ( Nβπ±2β β© ΞβΞ2β β© EβES1β = {} β§ Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β)"
and FCI1: "FCI Ξ1 π±1 TrβES1β"
and FCI2: "FCI Ξ2 π±2 TrβES2β"
{
fix Ξ± Ξ² c v'
assume c_in_Cv_inter_Upsilon: "c β (Cβπ±β β© Ξ₯βΞβ)"
and v'_in_Vv_inter_Nabla: "v' β (Vβπ±β β© ββΞβ)"
and Ξ²v'Ξ±_in_Tr: "(Ξ² @ [v'] @ Ξ±) β Trβ(ES1 β₯ ES2)β"
and Ξ±Cv_empty: "Ξ± βΏ Cβπ±β = []"
from Ξ²v'Ξ±_in_Tr
have Ξ²v'Ξ±_E1_in_Tr1: "(((Ξ² @ [v']) @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²v'Ξ±_E2_in_Tr2: "(((Ξ² @ [v']) @ Ξ±) βΏ EβES2β) β TrβES2β"
by (simp add: composeES_def)+
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from CSES1.BSD_in_subsystem2[OF Ξ²v'Ξ±_E1_in_Tr1 BSD1] obtain Ξ±1'
where Ξ²v'E1Ξ±1'_in_Tr1: "(Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β"
and Ξ±1'Vv1_is_Ξ±Vv1: "Ξ±1' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1'Cv1_empty: "Ξ±1' βΏ Cβπ±1β = []"
by auto
from CSES2.BSD_in_subsystem2[OF Ξ²v'Ξ±_E2_in_Tr2 BSD2] obtain Ξ±2'
where Ξ²v'E2Ξ±2'_in_Tr2: "(Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β"
and Ξ±2'Vv2_is_Ξ±Vv2: "Ξ±2' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2'Cv2_empty: "Ξ±2' βΏ Cβπ±2β = []"
by auto
note very_long_asm
moreover {
assume Nv1_inter_Delta1_inter_E2_empty: "Nβπ±1β β© ΞβΞ1β β© EβES2β = {}"
and Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1: "Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β"
let ?ALPHA2''_DELTA2'' = "β Ξ±2'' Ξ΄2''. (
set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = [])"
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV2
have "c β EβES2β β¨ (c β EβES2β β§ v' β EβES2β) β¨ (c β EβES2β β§ v' β EβES2β)"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E2: "c β EβES2β"
from validES2 Ξ²v'E2Ξ±2'_in_Tr2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from Ξ²v'E2Ξ±2'_in_Tr2 c_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note Ξ±2'Cv2_empty
ultimately have ?ALPHA2''_DELTA2''
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_notin_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_inter_Upsilon2: "c β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by auto
hence "c β Cβπ±2β"
by auto
moreover
from Ξ²v'E2Ξ±2'_in_Tr2 v'_notin_E2 have "Ξ² βΏ EβES2β @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
note Ξ±2'Cv2_empty
moreover
have "(Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c)"
proof -
from validES2 Ξ²v'E2Ξ±2'_in_Tr2 v'_notin_E2 have "Ξ² βΏ EβES2β β TrβES2β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def projection_concatenation_commute)
with total_ES2_C2_inter_Upsilon2 c_in_Cv2_inter_Upsilon2
have "Ξ² βΏ EβES2β @ [c] β TrβES2β"
by (simp add: total_def)
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where one: "Ξ² βΏ EβES2β @ [c] @ Ξ±2'' β TrβES2β"
and two: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
from one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from one c_in_E2 v'_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note two three
ultimately have ?ALPHA2''_DELTA2''
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_in_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_inter_Upsilon2: "c β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E2 propSepViews v'_in_Vv_inter_Nabla Nabla_inter_E2_subset_Nabla2
have "v' β Vβπ±2β β© Nabla Ξ2"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E2 Ξ²v'E2Ξ±2'_in_Tr2 have "Ξ² βΏ EβES2β @ [v'] @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
note Ξ±2'Cv2_empty FCI2
ultimately obtain Ξ±2'' Ξ΄2''
where one: "set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β"
and two: "Ξ² βΏ EβES2β @ [c] @ Ξ΄2'' @ [v'] @ Ξ±2'' β TrβES2β"
and three: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCI_def
by blast
from two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
note one
moreover
from two c_in_E2 v'_in_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note three four
ultimately have ?ALPHA2''_DELTA2''
by blast
}
ultimately obtain Ξ±2'' Ξ΄2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ΄2''_in_N2_inter_Delta2star:"set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β"
and Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2:
"Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
by blast
from c_in_Cv_inter_Upsilon Upsilon_inter_E1_subset_Upsilon1
propSepViews
have cE1_in_Cv1_inter_Upsilon1: "set ([c] βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by (simp add: projection_def, auto)
from Ξ΄2''_in_N2_inter_Delta2star Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1
propSepViews disjoint_Nv2_Vv1
have Ξ΄2''E1_in_Cv1_inter_Upsilon1star: "set (Ξ΄2'' βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
from Ξ΄2''_in_N2_inter_Delta2star
have eq: "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β β© EβES1β)"
by (metis Int_commute Int_left_commute Int_lower1 Int_lower2
projection_intersection_neutral subset_trans)
from validV1 Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1 propSepViews
disjoint_Nv2_Vv1
have "Nβπ±2β β© ΞβΞ2β β© EβES1β β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def
by (simp add:isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (subst eq, simp only: projection_def, auto)
qed
have cΞ΄2''E1_in_Cv1_inter_Upsilon1star: "set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
from cE1_in_Cv1_inter_Upsilon1 Ξ΄2''E1_in_Cv1_inter_Upsilon1star
have "set (([c] @ Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: projection_concatenation_commute, auto)
thus ?thesis
by auto
qed
have "β Ξ±1'' Ξ΄1''. set Ξ±1'' β EβES1β
β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2
β β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof cases
assume v'_in_E1: "v' β EβES1β"
with Nabla_inter_E1_subset_Nabla1 propSepViews v'_in_Vv_inter_Nabla
have v'_in_Vv1_inter_Nabla1: "v' β Vβπ±1β β© Nabla Ξ1"
unfolding properSeparationOfViews_def by auto
have "β¦ (Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β ;
Ξ±1' βΏ Cβπ±1β = []; set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β β§
βΉ β Ξ±1'' Ξ΄1''. (set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β
βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β)"
proof (induct "length ((c # Ξ΄2'') βΏ EβES1β)" arbitrary: Ξ² Ξ±1' c Ξ΄2'')
case 0
from 0(2) validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES1β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E1: "c' β EβES1β"
and cΞ΄2''_is_ΞΌc'Ξ½: "c # Ξ΄2'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E1_empty: "Ξ½ βΏ EβES1β = []"
and n_is_length_ΞΌΞ½E1: "n = length ((ΞΌ @ Ξ½) βΏ EβES1β)"
by blast
from Suc(5) c'_in_E1 cΞ΄2''_is_ΞΌc'Ξ½
have "set (ΞΌ βΏ EβES1β @ [c']) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
projection_def, auto)
hence c'_in_Cv1_inter_Upsilon1: "c' β Cβπ±1β β© Ξ₯βΞ1β"
by auto
hence c'_in_Cv1: "c' β Cβπ±1β" and c'_in_Upsilon1: "c' β Ξ₯βΞ1β"
by auto
with validV1 have c'_in_E1: "c' β EβES1β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄2''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄2''_is_Ξ½: "Ξ΄2'' = Ξ½"
by auto
with c'_in_Cv1_inter_Upsilon1 have "c β Cβπ±1β β© Ξ₯βΞ1β"
by simp
moreover
note v'_in_Vv1_inter_Nabla1
moreover
from v'_in_E1 Suc(3) have "(Ξ² βΏ EβES1β) @ [v'] @ Ξ±1' β TrβES1β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4) FCI1
ultimately obtain Ξ±1'' Ξ³
where one: "set Ξ³ β Nβπ±1β β© ΞβΞ1β"
and two: "Ξ² βΏ EβES1β @ [c] @ Ξ³ @ [v'] @ Ξ±1'' β TrβES1β"
and three: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCI_def
by blast
let ?DELTA1'' = "Ξ½ βΏ EβES1β @ Ξ³"
from two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from one Ξ½E1_empty
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
proof -
from c_is_c' c'_in_E1 have "[c] = [c] βΏ EβES1β"
by (simp add: projection_def)
moreover
from v'_in_E1 have "[v'] = [v'] βΏ EβES1β"
by (simp add: projection_def)
moreover
note Ξ½E1_empty two
ultimately show ?thesis
by auto
qed
moreover
note three four
moreover
have "?DELTA1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
proof -
have "Ξ³ βΏ (Cβπ±1β β© Ξ₯βΞ1β) = []"
proof -
from validV1 have "Nβπ±1β β© ΞβΞ1β β© (Cβπ±1β β© Ξ₯βΞ1β) = {}"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with projection_intersection_neutral[OF one, of "Cβπ±1β β© Ξ₯βΞ1β"]
show ?thesis
by (simp add: projection_def)
qed
with Ξ΄2''_is_Ξ½ Ξ½E1_empty show ?thesis
by (simp add: projection_concatenation_commute)
qed
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄2''_is_ΞΌc'Ξ½ have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs"
and Ξ΄2''_is_xs_c'_Ξ½: "Ξ΄2'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E1 have "n = length ((c # (xs @ Ξ½)) βΏ EβES1β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄2''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E1_empty
show ?thesis
by (subst res, simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄2''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±2β β© ΞβΞ2β"
by auto
moreover note Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±1']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES1β"
and two: "set Ξ³ β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³ @ [v'] βΏ EβES1β @ Ξ΄ β TrβES1β"
and four: "Ξ΄ βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and five: "Ξ΄ βΏ Cβπ±1β = []"
and six: "Ξ³ βΏ (Cβπ±1β β© Ξ₯βΞ1β) = (xs @ Ξ½) βΏ EβES1β"
by blast
let ?BETA = "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³"
note c'_in_Cv1_inter_Upsilon1 v'_in_Vv1_inter_Nabla1
moreover
from three v'_in_E1 have "?BETA @ [v'] @ Ξ΄ β TrβES1β"
by (simp add: projection_def)
moreover
note five FCI1
ultimately obtain Ξ±1'' Ξ΄'
where fci_one: "set Ξ΄' β Nβπ±1β β© ΞβΞ1β"
and fci_two: "?BETA @ [c'] @ Ξ΄' @ [v'] @ Ξ±1'' β TrβES1β"
and fci_three: "Ξ±1'' βΏ Vβπ±1β = Ξ΄ βΏ Vβπ±1β"
and fci_four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCI_def
by blast
let ?DELTA1'' = "Ξ³ @ [c'] @ Ξ΄'"
from fci_two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
with two fci_one show ?thesis
by auto
qed
moreover
from fci_two v'_in_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
from fci_three four have "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
by simp
moreover
note fci_four
moreover
have "?DELTA1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
proof -
have "Ξ΄' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = []"
proof -
from fci_one have "β e β set Ξ΄'. e β Nβπ±1β β© ΞβΞ1β"
by auto
with validV1 have "β e β set Ξ΄'. e β Cβπ±1β β© Ξ₯βΞ1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (simp add: projection_def)
qed
with c'_in_E1 c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½ Ξ½E1_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty cΞ΄2''E1_in_Cv1_inter_Upsilon1star
c_in_Cv_inter_Upsilon Ξ΄2''_in_N2_inter_Delta2star]
obtain Ξ±1'' Ξ΄1''
where one: "set Ξ±1'' β EβES1β"
and two: "set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []"
and four: "Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
by blast
note one two three
moreover
have "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof -
from projection_intersection_neutral[OF two, of "EβES2β"]
Nv1_inter_Delta1_inter_E2_empty validV2
have "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β β© EβES2β)"
by (simp only: Int_Un_distrib2, auto)
moreover
from validV2
have "Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β β© EβES2β = Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β)"
by simp
hence "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) βΏ (Nβπ±2β β© ΞβΞ2β)"
by (simp add: projection_def)
with four have "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β βΏ (Nβπ±2β β© ΞβΞ2β)"
by simp
hence "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β) βΏ EβES1β"
by (simp only: projection_commute)
with Ξ΄2''_in_N2_inter_Delta2star show ?thesis
by (simp only: list_subset_iff_projection_neutral)
qed
ultimately show ?thesis
by blast
next
assume v'_notin_E1: "v' β EβES1β"
have "β¦ (Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β ;
Ξ±1' βΏ Cβπ±1β = []; set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β β§
βΉ β Ξ±1'' Ξ΄1''. (set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β
β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2
β β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β)"
proof (induct "length ((c # Ξ΄2'') βΏ EβES1β)" arbitrary: Ξ² Ξ±1' c Ξ΄2'')
case 0
from 0(2) validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES1β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E1: "c' β EβES1β"
and cΞ΄2''_is_ΞΌc'Ξ½: "c # Ξ΄2'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E1_empty: "Ξ½ βΏ EβES1β = []"
and n_is_length_ΞΌΞ½E1: "n = length ((ΞΌ @ Ξ½) βΏ EβES1β)"
by blast
from Suc(5) c'_in_E1 cΞ΄2''_is_ΞΌc'Ξ½
have "set (ΞΌ βΏ EβES1β @ [c']) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
projection_def, auto)
hence c'_in_Cv1_inter_Upsilon1: "c' β Cβπ±1β β© Ξ₯βΞ1β"
by auto
hence c'_in_Cv1: "c' β Cβπ±1β" and c'_in_Upsilon1: "c' β Ξ₯βΞ1β"
by auto
with validV1 have c'_in_E1: "c' β EβES1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄2''_is_ΞΌc'Ξ½ have c_is_c': "c = c'"
and Ξ΄2''_is_Ξ½: "Ξ΄2'' = Ξ½"
by auto
with c'_in_Cv1_inter_Upsilon1 have "c β Cβπ±1β"
by simp
moreover
from v'_notin_E1 Suc(3) have "(Ξ² βΏ EβES1β) @ Ξ±1' β TrβES1β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c"
proof -
have "Ξ² βΏ EβES1β @ [c] β TrβES1β"
proof -
from c_is_c' c'_in_Cv1_inter_Upsilon1
have "c β Cβπ±1β β© Ξ₯βΞ1β"
by simp
moreover
from validES1 Suc(3)
have "(Ξ² βΏ EβES1β) β TrβES1β"
by (simp only: ES_valid_def traces_prefixclosed_def
projection_concatenation_commute
prefixclosed_def prefix_def, auto)
moreover
note total_ES1_C1_inter_Upsilon1
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where one: "(Ξ² βΏ EβES1β) @ [c] @ Ξ±1'' β TrβES1β"
and two: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
let ?DELTA1'' = "Ξ½ βΏ EβES1β"
from one validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ½E1_empty
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by simp
moreover
from c_is_c' c'_in_E1 one v'_notin_E1 Ξ½E1_empty
have "(Ξ² βΏ EβES1β) @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note two three
moreover
from Ξ½E1_empty Ξ΄2''_is_Ξ½ have "?DELTA1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def)
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄2''_is_ΞΌc'Ξ½
have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs" and Ξ΄2''_is_xs_c'_Ξ½: "Ξ΄2'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E1 have "n = length ((c # (xs @ Ξ½)) βΏ EβES1β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄2''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E1_empty
show ?thesis
by (subst res, simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄2''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±2β β© ΞβΞ2β"
by auto
moreover note Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±1']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES1β"
and two: "set Ξ³ β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³ @ [v'] βΏ EβES1β @ Ξ΄ β TrβES1β"
and four: "Ξ΄ βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and five: "Ξ΄ βΏ Cβπ±1β = []"
and six: "Ξ³ βΏ EβES2β = (xs @ Ξ½) βΏ EβES1β"
by blast
let ?BETA = "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³"
from c'_in_Cv1_inter_Upsilon1 have "c' β Cβπ±1β"
by auto
moreover
from three v'_notin_E1 have "?BETA @ Ξ΄ β TrβES1β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±1 Ο1 TrβES1β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES1β"
proof -
from validES1 three
have "?BETA β TrβES1β"
by (simp only: ES_valid_def traces_prefixclosed_def
projection_concatenation_commute
prefixclosed_def prefix_def, auto)
moreover
note c'_in_Cv1_inter_Upsilon1 total_ES1_C1_inter_Upsilon1
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where bsia_one: "?BETA @ [c'] @ Ξ±1'' β TrβES1β"
and bsia_two: "Ξ±1'' βΏ Vβπ±1β = Ξ΄ βΏ Vβπ±1β"
and bsia_three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
let ?DELTA1'' = "Ξ³ @ [c']"
from bsia_one validES1 have "set Ξ±1'' β EβES1β"
by (simp add:isViewOn_def ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
with two show ?thesis
by auto
qed
moreover
from bsia_one v'_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
from bsia_two four have "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
by simp
moreover
note bsia_three
moreover
have "?DELTA1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof -
from validV2 Suc(7) Ξ΄2''_is_xs_c'_Ξ½
have "c' β EβES2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with c'_in_E1 c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½ Ξ½E1_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty cΞ΄2''E1_in_Cv1_inter_Upsilon1star
c_in_Cv_inter_Upsilon Ξ΄2''_in_N2_inter_Delta2star]
show ?thesis
by blast
qed
then obtain Ξ±1'' Ξ΄1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ΄1''_in_N1_inter_Delta1star:"set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1:
"Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
and Ξ΄1''E2_is_Ξ΄2''E1: "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by blast
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2
validES1 validES2
have Ξ΄1''_in_E1star: "set Ξ΄1'' β EβES1β" and Ξ΄2''_in_E2star: "set Ξ΄2'' β EβES2β"
by (simp_all add: ES_valid_def traces_contain_events_def, auto)
with Ξ΄1''E2_is_Ξ΄2''E1 merge_property[of Ξ΄1'' "EβES1β" Ξ΄2'' "EβES2β"] obtain Ξ΄'
where Ξ΄'E1_is_Ξ΄1'': "Ξ΄' βΏ EβES1β = Ξ΄1''"
and Ξ΄'E2_is_Ξ΄2'': "Ξ΄' βΏ EβES2β = Ξ΄2''"
and Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events: "set Ξ΄' β set Ξ΄1'' βͺ set Ξ΄2''"
unfolding Let_def
by auto
let ?TAU = "Ξ² @ [c] @ Ξ΄' @ [v']"
let ?LAMBDA = "Ξ± βΏ Vβπ±β"
let ?T1 = Ξ±1''
let ?T2 = Ξ±2''
have "?TAU β Trβ(ES1 β₯ ES2)β"
proof -
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1'' validES1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄' βΏ EβES1β @ [v'] βΏ EβES1β β TrβES1β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES1β β TrβES1β"
by (simp add: projection_def, auto)
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2'' validES2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄' βΏ EβES2β @ [v'] βΏ EβES2β β TrβES2β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES2β β TrβES2β"
by (simp add: projection_def, auto)
moreover
from Ξ²v'Ξ±_in_Tr c_in_Cv_inter_Upsilon VIsViewOnE
Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events Ξ΄1''_in_E1star Ξ΄2''_in_E2star
have "set (Ξ² @ [c] @ Ξ΄' @ [v']) β EβES1β βͺ EβES2β"
unfolding composeES_def isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def
by auto
ultimately show ?thesis
unfolding composeES_def
by auto
qed
hence "set ?TAU β Eβ(ES1 β₯ ES2)β"
unfolding composeES_def
by auto
moreover
have "set ?LAMBDA β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±1''_in_E1star Ξ±2''_in_E2star
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1''
have "?TAU βΏ EβES1β @ ?T1 β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2''
have "?TAU βΏ EβES2β @ ?T2 β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
have "?LAMBDA βΏ EβES1β = ?T1 βΏ Vβπ±β"
proof -
from propSepViews have "?LAMBDA βΏ EβES1β = Ξ± βΏ Vβπ±1β"
unfolding properSeparationOfViews_def by (simp add: projection_sequence)
moreover
from Ξ±1''_in_E1star propSepViews
have "?T1 βΏ Vβπ±β = ?T1 βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1''Vv1_is_Ξ±1'Vv1
ultimately show ?thesis
by simp
qed
moreover
have "?LAMBDA βΏ EβES2β = ?T2 βΏ Vβπ±β"
proof -
from propSepViews
have "?LAMBDA βΏ EβES2β = Ξ± βΏ Vβπ±2β"
unfolding properSeparationOfViews_def by (simp add: projection_sequence)
moreover
from Ξ±2''_in_E2star propSepViews
have "?T2 βΏ Vβπ±β = ?T2 βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2''Vv2_is_Ξ±2'Vv2
ultimately show ?thesis
by simp
qed
moreover
note Ξ±1''Cv1_empty Ξ±2''Cv2_empty generalized_zipping_lemma
ultimately obtain t
where "?TAU @ t β Trβ(ES1 β₯ ES2)β"
and "t βΏ Vβπ±β = ?LAMBDA"
and "t βΏ Cβπ±β = []"
by blast
moreover
have "set Ξ΄' β Nβπ±β β© ΞβΞβ"
proof -
from Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events
Ξ΄1''_in_N1_inter_Delta1star Ξ΄2''_in_N2_inter_Delta2star
have "set Ξ΄' β Nβπ±1β β© ΞβΞ1β βͺ Nβπ±2β β© ΞβΞ2β"
by auto
with Delta1_N1_Delta2_N2_subset_Delta Nv1_union_Nv2_subsetof_Nv
show ?thesis
by auto
qed
ultimately
have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by (simp only: append_assoc, blast)
}
moreover {
assume Nv2_inter_Delta2_inter_E1_empty: "Nβπ±2β β© ΞβΞ2β β© EβES1β = {}"
and Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2: "Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β"
let ?ALPHA1''_DELTA1'' = "β Ξ±1'' Ξ΄1''. (
set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = [])"
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV1
have "c β EβES1β β¨ (c β EβES1β β§ v' β EβES1β) β¨ (c β EβES1β β§ v' β EβES1β)"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E1: "c β EβES1β"
from validES1 Ξ²v'E1Ξ±1'_in_Tr1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from Ξ²v'E1Ξ±1'_in_Tr1 c_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note Ξ±1'Cv1_empty
ultimately have ?ALPHA1''_DELTA1''
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_notin_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_inter_Upsilon1: "c β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by auto
hence "c β Cβπ±1β"
by auto
moreover
from Ξ²v'E1Ξ±1'_in_Tr1 v'_notin_E1 have "Ξ² βΏ EβES1β @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
note Ξ±1'Cv1_empty
moreover
have "(Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c)"
proof -
from validES1 Ξ²v'E1Ξ±1'_in_Tr1 v'_notin_E1 have "Ξ² βΏ EβES1β β TrβES1β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def projection_concatenation_commute)
with total_ES1_C1_inter_Upsilon1 c_in_Cv1_inter_Upsilon1
have "Ξ² βΏ EβES1β @ [c] β TrβES1β"
by (simp add: total_def)
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where one: "Ξ² βΏ EβES1β @ [c] @ Ξ±1'' β TrβES1β"
and two: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
from one validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from one c_in_E1 v'_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note two three
ultimately have ?ALPHA1''_DELTA1''
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_in_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_inter_Upsilon1: "c β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E1 propSepViews v'_in_Vv_inter_Nabla Nabla_inter_E1_subset_Nabla1
have "v' β Vβπ±1β β© Nabla Ξ1"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E1 Ξ²v'E1Ξ±1'_in_Tr1 have "Ξ² βΏ EβES1β @ [v'] @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
note Ξ±1'Cv1_empty FCI1
ultimately obtain Ξ±1'' Ξ΄1''
where one: "set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β"
and two: "Ξ² βΏ EβES1β @ [c] @ Ξ΄1'' @ [v'] @ Ξ±1'' β TrβES1β"
and three: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCI_def
by blast
from two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
note one
moreover
from two c_in_E1 v'_in_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note three four
ultimately have ?ALPHA1''_DELTA1''
by blast
}
ultimately obtain Ξ±1'' Ξ΄1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ΄1''_in_N1_inter_Delta1star:"set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β"
and Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1:
"Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
by blast
from c_in_Cv_inter_Upsilon Upsilon_inter_E2_subset_Upsilon2 propSepViews
have cE2_in_Cv2_inter_Upsilon2: "set ([c] βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by (simp add: projection_def, auto)
from Ξ΄1''_in_N1_inter_Delta1star Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2
propSepViews disjoint_Nv1_Vv2
have Ξ΄1''E2_in_Cv2_inter_Upsilon2star: "set (Ξ΄1'' βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
from Ξ΄1''_in_N1_inter_Delta1star have eq: "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β β© EβES2β)"
by (metis Int_commute Int_left_commute Int_lower2 Int_lower1
projection_intersection_neutral subset_trans)
from validV2 Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2
propSepViews disjoint_Nv1_Vv2
have "Nβπ±1β β© ΞβΞ1β β© EβES2β β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (subst eq, simp only: projection_def, auto)
qed
have cΞ΄1''E2_in_Cv2_inter_Upsilon2star: "set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
from cE2_in_Cv2_inter_Upsilon2 Ξ΄1''E2_in_Cv2_inter_Upsilon2star
have "set (([c] @ Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: projection_concatenation_commute, auto)
thus ?thesis
by auto
qed
have "β Ξ±2'' Ξ΄2''. set Ξ±2'' β EβES2β
β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof cases
assume v'_in_E2: "v' β EβES2β"
with Nabla_inter_E2_subset_Nabla2
propSepViews v'_in_Vv_inter_Nabla
have v'_in_Vv2_inter_Nabla2: "v' β Vβπ±2β β© Nabla Ξ2"
unfolding properSeparationOfViews_def by auto
have "β¦ (Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β ;
Ξ±2' βΏ Cβπ±2β = []; set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β β§
βΉ β Ξ±2'' Ξ΄2''. (set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β
β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β)"
proof (induct "length ((c # Ξ΄1'') βΏ EβES2β)" arbitrary: Ξ² Ξ±2' c Ξ΄1'')
case 0
from 0(2) validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES2β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E2: "c' β EβES2β"
and cΞ΄1''_is_ΞΌc'Ξ½: "c # Ξ΄1'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E2_empty: "Ξ½ βΏ EβES2β = []"
and n_is_length_ΞΌΞ½E2: "n = length ((ΞΌ @ Ξ½) βΏ EβES2β)"
by blast
from Suc(5) c'_in_E2 cΞ΄1''_is_ΞΌc'Ξ½
have "set (ΞΌ βΏ EβES2β @ [c']) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: cΞ΄1''_is_ΞΌc'Ξ½ projection_concatenation_commute
projection_def, auto)
hence c'_in_Cv2_inter_Upsilon2: "c' β Cβπ±2β β© Ξ₯βΞ2β"
by auto
hence c'_in_Cv2: "c' β Cβπ±2β" and c'_in_Upsilon2: "c' β Ξ₯βΞ2β"
by auto
with validV2 have c'_in_E2: "c' β EβES2β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄1''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄1''_is_Ξ½: "Ξ΄1'' = Ξ½"
by auto
with c'_in_Cv2_inter_Upsilon2 have "c β Cβπ±2β β© Ξ₯βΞ2β"
by simp
moreover
note v'_in_Vv2_inter_Nabla2
moreover
from v'_in_E2 Suc(3) have "(Ξ² βΏ EβES2β) @ [v'] @ Ξ±2' β TrβES2β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4) FCI2
ultimately obtain Ξ±2'' Ξ³
where one: "set Ξ³ β Nβπ±2β β© ΞβΞ2β"
and two: "Ξ² βΏ EβES2β @ [c] @ Ξ³ @ [v'] @ Ξ±2'' β TrβES2β"
and three: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCI_def
by blast
let ?DELTA2'' = "Ξ½ βΏ EβES2β @ Ξ³"
from two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from one Ξ½E2_empty
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
proof -
from c_is_c' c'_in_E2 have "[c] = [c] βΏ EβES2β"
by (simp add: projection_def)
moreover
from v'_in_E2 have "[v'] = [v'] βΏ EβES2β"
by (simp add: projection_def)
moreover
note Ξ½E2_empty two
ultimately show ?thesis
by auto
qed
moreover
note three four
moreover
have "?DELTA2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
proof -
have "Ξ³ βΏ (Cβπ±2β β© Ξ₯βΞ2β) = []"
proof -
from validV2 have "Nβπ±2β β© ΞβΞ2β β© (Cβπ±2β β© Ξ₯βΞ2β) = {}"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with projection_intersection_neutral[OF one, of "Cβπ±2β β© Ξ₯βΞ2β"]
show ?thesis
by (simp add: projection_def)
qed
with Ξ΄1''_is_Ξ½ Ξ½E2_empty show ?thesis
by (simp add: projection_concatenation_commute)
qed
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄1''_is_ΞΌc'Ξ½ have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs"
and Ξ΄1''_is_xs_c'_Ξ½: "Ξ΄1'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E2 have "n = length ((c # (xs @ Ξ½)) βΏ EβES2β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄1''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E2_empty
show ?thesis
by (subst res, simp only: cΞ΄1''_is_ΞΌc'Ξ½
projection_concatenation_commute set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±1β β© ΞβΞ1β"
by auto
moreover note Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±2']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES2β"
and two: "set Ξ³ β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³ @ [v'] βΏ EβES2β @ Ξ΄ β TrβES2β"
and four: "Ξ΄ βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and five: "Ξ΄ βΏ Cβπ±2β = []"
and six: "Ξ³ βΏ (Cβπ±2β β© Ξ₯βΞ2β) = (xs @ Ξ½) βΏ EβES2β"
by blast
let ?BETA = "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³"
note c'_in_Cv2_inter_Upsilon2 v'_in_Vv2_inter_Nabla2
moreover
from three v'_in_E2 have "?BETA @ [v'] @ Ξ΄ β TrβES2β"
by (simp add: projection_def)
moreover
note five FCI2
ultimately obtain Ξ±2'' Ξ΄'
where fci_one: "set Ξ΄' β Nβπ±2β β© ΞβΞ2β"
and fci_two: "?BETA @ [c'] @ Ξ΄' @ [v'] @ Ξ±2'' β TrβES2β"
and fci_three: "Ξ±2'' βΏ Vβπ±2β = Ξ΄ βΏ Vβπ±2β"
and fci_four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCI_def
by blast
let ?DELTA2'' = "Ξ³ @ [c'] @ Ξ΄'"
from fci_two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
with two fci_one show ?thesis
by auto
qed
moreover
from fci_two v'_in_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
from fci_three four have "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
by simp
moreover
note fci_four
moreover
have "?DELTA2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
proof -
have "Ξ΄' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = []"
proof -
from fci_one have "β e β set Ξ΄'. e β Nβπ±2β β© ΞβΞ2β"
by auto
with validV2 have "β e β set Ξ΄'. e β Cβπ±2β β© Ξ₯βΞ2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (simp add: projection_def)
qed
with c'_in_E2 c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½ Ξ½E2_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty cΞ΄1''E2_in_Cv2_inter_Upsilon2star
c_in_Cv_inter_Upsilon Ξ΄1''_in_N1_inter_Delta1star]
obtain Ξ±2'' Ξ΄2''
where one: "set Ξ±2'' β EβES2β"
and two: "set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []"
and four: "Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
by blast
note one two three
moreover
have "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof -
from projection_intersection_neutral[OF two, of "EβES1β"]
Nv2_inter_Delta2_inter_E1_empty validV1
have "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β β© EβES1β)"
by (simp only: Int_Un_distrib2, auto)
moreover
from validV1
have "Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β β© EβES1β = Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β)"
by simp
hence "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) βΏ (Nβπ±1β β© ΞβΞ1β)"
by (simp add: projection_def)
with four have "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β βΏ (Nβπ±1β β© ΞβΞ1β)"
by simp
hence "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β) βΏ EβES2β"
by (simp only: projection_commute)
with Ξ΄1''_in_N1_inter_Delta1star show ?thesis
by (simp only: list_subset_iff_projection_neutral)
qed
ultimately show ?thesis
by blast
next
assume v'_notin_E2: "v' β EβES2β"
have
"β¦ (Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β ; Ξ±2' βΏ Cβπ±2β = [];
set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β ; c β Cβπ±β β© Ξ₯βΞβ ;
set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β β§
βΉ β Ξ±2'' Ξ΄2''.
(set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2 β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β)"
proof (induct "length ((c # Ξ΄1'') βΏ EβES2β)" arbitrary: Ξ² Ξ±2' c Ξ΄1'')
case 0
from 0(2) validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES2β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E2: "c' β EβES2β"
and cΞ΄1''_is_ΞΌc'Ξ½: "c # Ξ΄1'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E2_empty: "Ξ½ βΏ EβES2β = []"
and n_is_length_ΞΌΞ½E2: "n = length ((ΞΌ @ Ξ½) βΏ EβES2β)"
by blast
from Suc(5) c'_in_E2 cΞ΄1''_is_ΞΌc'Ξ½ have "set (ΞΌ βΏ EβES2β @ [c']) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: cΞ΄1''_is_ΞΌc'Ξ½ projection_concatenation_commute projection_def, auto)
hence c'_in_Cv2_inter_Upsilon2: "c' β Cβπ±2β β© Ξ₯βΞ2β"
by auto
hence c'_in_Cv2: "c' β Cβπ±2β" and c'_in_Upsilon2: "c' β Ξ₯βΞ2β"
by auto
with validV2 have c'_in_E2: "c' β EβES2β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄1''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄1''_is_Ξ½: "Ξ΄1'' = Ξ½"
by auto
with c'_in_Cv2_inter_Upsilon2 have "c β Cβπ±2β"
by simp
moreover
from v'_notin_E2 Suc(3) have "(Ξ² βΏ EβES2β) @ Ξ±2' β TrβES2β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c"
proof -
have "Ξ² βΏ EβES2β @ [c] β TrβES2β"
proof -
from c_is_c' c'_in_Cv2_inter_Upsilon2 have "c β Cβπ±2β β© Ξ₯βΞ2β"
by simp
moreover
from validES2 Suc(3) have "(Ξ² βΏ EβES2β) β TrβES2β"
by (simp only: ES_valid_def traces_prefixclosed_def
projection_concatenation_commute
prefixclosed_def prefix_def, auto)
moreover
note total_ES2_C2_inter_Upsilon2
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where one: "(Ξ² βΏ EβES2β) @ [c] @ Ξ±2'' β TrβES2β"
and two: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
let ?DELTA2'' = "Ξ½ βΏ EβES2β"
from one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ½E2_empty
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by simp
moreover
from c_is_c' c'_in_E2 one v'_notin_E2 Ξ½E2_empty
have "(Ξ² βΏ EβES2β) @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note two three
moreover
from Ξ½E2_empty Ξ΄1''_is_Ξ½ have "?DELTA2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def)
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄1''_is_ΞΌc'Ξ½ have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs"
and Ξ΄1''_is_xs_c'_Ξ½: "Ξ΄1'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E2 have "n = length ((c # (xs @ Ξ½)) βΏ EβES2β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄1''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E2_empty
show ?thesis
by (subst res, simp only: cΞ΄1''_is_ΞΌc'Ξ½ projection_concatenation_commute
set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±1β β© ΞβΞ1β"
by auto
moreover note Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±2']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES2β"
and two: "set Ξ³ β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³ @ [v'] βΏ EβES2β @ Ξ΄ β TrβES2β"
and four: "Ξ΄ βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and five: "Ξ΄ βΏ Cβπ±2β = []"
and six: "Ξ³ βΏ EβES1β = (xs @ Ξ½) βΏ EβES2β"
by blast
let ?BETA = "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³"
from c'_in_Cv2_inter_Upsilon2 have "c' β Cβπ±2β"
by auto
moreover
from three v'_notin_E2 have "?BETA @ Ξ΄ β TrβES2β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±2 Ο2 TrβES2β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES2β"
proof -
from validES2 three have "?BETA β TrβES2β"
by (simp only: ES_valid_def traces_prefixclosed_def
projection_concatenation_commute prefixclosed_def prefix_def, auto)
moreover
note c'_in_Cv2_inter_Upsilon2 total_ES2_C2_inter_Upsilon2
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where bsia_one: "?BETA @ [c'] @ Ξ±2'' β TrβES2β"
and bsia_two: "Ξ±2'' βΏ Vβπ±2β = Ξ΄ βΏ Vβπ±2β"
and bsia_three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
let ?DELTA2'' = "Ξ³ @ [c']"
from bsia_one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
with two show ?thesis
by auto
qed
moreover
from bsia_one v'_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
from bsia_two four have "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
by simp
moreover
note bsia_three
moreover
have "?DELTA2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof -
from validV1 Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "c' β EβES1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with c'_in_E2 c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½ Ξ½E2_empty six
show ?thesis
by (simp only: projection_concatenation_commute
projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty cΞ΄1''E2_in_Cv2_inter_Upsilon2star
c_in_Cv_inter_Upsilon Ξ΄1''_in_N1_inter_Delta1star]
show ?thesis
by blast
qed
then obtain Ξ±2'' Ξ΄2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ΄2''_in_N2_inter_Delta2star:"set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2:
"Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
and Ξ΄2''E1_is_Ξ΄1''E2: "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by blast
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1
validES2 validES1
have Ξ΄2''_in_E2star: "set Ξ΄2'' β EβES2β" and Ξ΄1''_in_E1star: "set Ξ΄1'' β EβES1β"
by (simp_all add: ES_valid_def traces_contain_events_def, auto)
with Ξ΄2''E1_is_Ξ΄1''E2 merge_property[of Ξ΄2'' "EβES2β" Ξ΄1'' "EβES1β"] obtain Ξ΄'
where Ξ΄'E2_is_Ξ΄2'': "Ξ΄' βΏ EβES2β = Ξ΄2''"
and Ξ΄'E1_is_Ξ΄1'': "Ξ΄' βΏ EβES1β = Ξ΄1''"
and Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events: "set Ξ΄' β set Ξ΄2'' βͺ set Ξ΄1''"
unfolding Let_def
by auto
let ?TAU = "Ξ² @ [c] @ Ξ΄' @ [v']"
let ?LAMBDA = "Ξ± βΏ Vβπ±β"
let ?T2 = Ξ±2''
let ?T1 = Ξ±1''
have "?TAU β Trβ(ES1 β₯ ES2)β"
proof -
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2'' validES2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄' βΏ EβES2β @ [v'] βΏ EβES2β β TrβES2β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES2β β TrβES2β"
by (simp add: projection_def, auto)
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1'' validES1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄' βΏ EβES1β @ [v'] βΏ EβES1β β TrβES1β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES1β β TrβES1β"
by (simp add: projection_def, auto)
moreover
from Ξ²v'Ξ±_in_Tr c_in_Cv_inter_Upsilon VIsViewOnE Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events
Ξ΄2''_in_E2star Ξ΄1''_in_E1star
have "set (Ξ² @ [c] @ Ξ΄' @ [v']) β EβES2β βͺ EβES1β"
unfolding composeES_def isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def
by auto
ultimately show ?thesis
unfolding composeES_def
by auto
qed
hence "set ?TAU β Eβ(ES1 β₯ ES2)β"
unfolding composeES_def
by auto
moreover
have "set ?LAMBDA β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±2''_in_E2star Ξ±1''_in_E1star
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2''
have "?TAU βΏ EβES2β @ ?T2 β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1''
have "?TAU βΏ EβES1β @ ?T1 β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
have "?LAMBDA βΏ EβES2β = ?T2 βΏ Vβπ±β"
proof -
from propSepViews
have "?LAMBDA βΏ EβES2β = Ξ± βΏ Vβπ±2β"
unfolding properSeparationOfViews_def by (simp only: projection_sequence)
moreover
from Ξ±2''_in_E2star propSepViews
have "?T2 βΏ Vβπ±β = ?T2 βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2''Vv2_is_Ξ±2'Vv2
ultimately show ?thesis
by simp
qed
moreover
have "?LAMBDA βΏ EβES1β = ?T1 βΏ Vβπ±β"
proof -
from propSepViews
have "?LAMBDA βΏ EβES1β = Ξ± βΏ Vβπ±1β"
unfolding properSeparationOfViews_def by (simp add: projection_sequence)
moreover
from Ξ±1''_in_E1star propSepViews
have "?T1 βΏ Vβπ±β = ?T1 βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1''Vv1_is_Ξ±1'Vv1
ultimately show ?thesis
by simp
qed
moreover
note Ξ±2''Cv2_empty Ξ±1''Cv1_empty generalized_zipping_lemma
ultimately obtain t
where "?TAU @ t β Trβ(ES1 β₯ ES2)β"
and "t βΏ Vβπ±β = ?LAMBDA"
and "t βΏ Cβπ±β = []"
by blast
moreover
have "set Ξ΄' β Nβπ±β β© ΞβΞβ"
proof -
from Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events Ξ΄2''_in_N2_inter_Delta2star
Ξ΄1''_in_N1_inter_Delta1star
have "set Ξ΄' β Nβπ±2β β© ΞβΞ2β βͺ Nβπ±1β β© ΞβΞ1β"
by auto
with Delta1_N1_Delta2_N2_subset_Delta Nv1_union_Nv2_subsetof_Nv show ?thesis
by auto
qed
ultimately have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by (simp only: append_assoc, blast)
}
ultimately have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by blast
}
thus ?thesis
unfolding FCI_def
by blast
qed
theorem compositionality_FCIA:
"β¦ BSD π±1 TrβES1β; BSD π±2 TrβES2β; BSIA Ο1 π±1 TrβES1β; BSIA Ο2 π±2 TrβES2β;
(Ο1 π±1) β (Ο π±) β© EβES1β; (Ο2 π±2) β (Ο π±) β© EβES2β;
total ES1 (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β); total ES2 (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β);
ββΞβ β© EβES1β β ββΞ1β; ββΞβ β© EβES2β β ββΞ2β;
Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β; Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β;
( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ;
(Nβπ±1β β© ΞβΞ1β β© EβES2β = {} β§ Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β)
β¨ ( Nβπ±2β β© ΞβΞ2β β© EβES1β = {} β§ Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β) ;
FCIA Ο1 Ξ1 π±1 TrβES1β; FCIA Ο2 Ξ2 π±2 TrβES2β β§
βΉ FCIA Ο Ξ π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume BSD1: "BSD π±1 TrβES1β"
and BSD2: "BSD π±2 TrβES2β"
and BSIA1: "BSIA Ο1 π±1 TrβES1β"
and BSIA2: "BSIA Ο2 π±2 TrβES2β"
and Ο1v1_subset_Οv_inter_E1: "(Ο1 π±1) β (Ο π±) β© EβES1β"
and Ο2v2_subset_Οv_inter_E2: "(Ο2 π±2) β (Ο π±) β© EβES2β"
and total_ES1_C1_inter_Upsilon1_inter_N2_inter_Delta2:
"total ES1 (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β)"
and total_ES2_C2_inter_Upsilon2_inter_N1_inter_Delta1:
"total ES2 (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β)"
and Nabla_inter_E1_subset_Nabla1: "ββΞβ β© EβES1β β ββΞ1β"
and Nabla_inter_E2_subset_Nabla2: "ββΞβ β© EβES2β β ββΞ2β"
and Upsilon_inter_E1_subset_Upsilon1: "Ξ₯βΞβ β© EβES1β β Ξ₯βΞ1β"
and Upsilon_inter_E2_subset_Upsilon2: "Ξ₯βΞβ β© EβES2β β Ξ₯βΞ2β"
and Delta1_N1_Delta2_N2_subset_Delta: "( ΞβΞ1β β© Nβπ±1β βͺ ΞβΞ2β β© Nβπ±2β ) β ΞβΞβ"
and very_long_asm: "(Nβπ±1β β© ΞβΞ1β β© EβES2β = {} β§ Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β)
β¨ ( Nβπ±2β β© ΞβΞ2β β© EβES1β = {} β§ Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β)"
and FCIA1: "FCIA Ο1 Ξ1 π±1 TrβES1β"
and FCIA2: "FCIA Ο2 Ξ2 π±2 TrβES2β"
{
fix Ξ± Ξ² c v'
assume c_in_Cv_inter_Upsilon: "c β (Cβπ±β β© Ξ₯βΞβ)"
and v'_in_Vv_inter_Nabla: "v' β (Vβπ±β β© ββΞβ)"
and Ξ²v'Ξ±_in_Tr: "(Ξ² @ [v'] @ Ξ±) β Trβ(ES1 β₯ ES2)β"
and Ξ±Cv_empty: "Ξ± βΏ Cβπ±β = []"
and Adm: "Adm π± Ο (Trβ(ES1 β₯ ES2)β) Ξ² c"
interpret CSES1: CompositionSupport "ES1" "π±" "π±1"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES1 validV1)
interpret CSES2: CompositionSupport "ES2" "π±" "π±2"
using propSepViews unfolding properSeparationOfViews_def
by (simp add: CompositionSupport_def validES2 validV2)
from Ξ²v'Ξ±_in_Tr
have Ξ²v'Ξ±_E1_in_Tr1: "(((Ξ² @ [v']) @ Ξ±) βΏ EβES1β) β TrβES1β"
and Ξ²v'Ξ±_E2_in_Tr2: "(((Ξ² @ [v']) @ Ξ±) βΏ EβES2β) β TrβES2β"
by (simp add: composeES_def)+
from CSES1.BSD_in_subsystem2[OF Ξ²v'Ξ±_E1_in_Tr1 BSD1] obtain Ξ±1'
where Ξ²v'E1Ξ±1'_in_Tr1: "(Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β"
and Ξ±1'Vv1_is_Ξ±Vv1: "Ξ±1' βΏ Vβπ±1β = Ξ± βΏ Vβπ±1β"
and Ξ±1'Cv1_empty: "Ξ±1' βΏ Cβπ±1β = []"
by auto
from CSES2.BSD_in_subsystem2[OF Ξ²v'Ξ±_E2_in_Tr2 BSD2] obtain Ξ±2'
where Ξ²v'E2Ξ±2'_in_Tr2: "(Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β"
and Ξ±2'Vv2_is_Ξ±Vv2: "Ξ±2' βΏ Vβπ±2β = Ξ± βΏ Vβπ±2β"
and Ξ±2'Cv2_empty: "Ξ±2' βΏ Cβπ±2β = []"
by auto
note very_long_asm
moreover {
assume Nv1_inter_Delta1_inter_E2_empty: "Nβπ±1β β© ΞβΞ1β β© EβES2β = {}"
and Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1: "Nβπ±2β β© ΞβΞ2β β© EβES1β β Ξ₯βΞ1β"
let ?ALPHA2''_DELTA2'' = "β Ξ±2'' Ξ΄2''. (
set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = [])"
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV2
have "c β EβES2β β¨ (c β EβES2β β§ v' β EβES2β) β¨ (c β EβES2β β§ v' β EβES2β)"
by (simp add: V_valid_def isViewOn_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E2: "c β EβES2β"
from validES2 Ξ²v'E2Ξ±2'_in_Tr2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from Ξ²v'E2Ξ±2'_in_Tr2 c_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note Ξ±2'Cv2_empty
ultimately have ?ALPHA2''_DELTA2''
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_notin_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_inter_Upsilon2: "c β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by auto
hence "c β Cβπ±2β"
by auto
moreover
from Ξ²v'E2Ξ±2'_in_Tr2 v'_notin_E2 have "Ξ² βΏ EβES2β @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
note Ξ±2'Cv2_empty
moreover
have "Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c"
proof -
from Adm obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_in_E2 Ξ³c_in_Tr have "(Ξ³ βΏ EβES2β) @ [c] β TrβES2β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES2β βΏ (Ο2 π±2) = Ξ² βΏ EβES2β βΏ (Ο2 π±2)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES2β βΏ (Ο π±) = Ξ² βΏ EβES2β βΏ (Ο π±)"
by (metis projection_commute)
with Ο2v2_subset_Οv_inter_E2 have "Ξ³ βΏ (Ο2 π±2) = Ξ² βΏ (Ο2 π±2)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where one: "Ξ² βΏ EβES2β @ [c] @ Ξ±2'' β TrβES2β"
and two: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
from one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from one c_in_E2 v'_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note two three
ultimately have ?ALPHA2''_DELTA2''
by blast
}
moreover {
assume c_in_E2: "c β EβES2β"
and v'_in_E2: "v' β EβES2β"
from c_in_E2 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E2_subset_Upsilon2
have c_in_Cv2_inter_Upsilon2: "c β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E2 propSepViews v'_in_Vv_inter_Nabla Nabla_inter_E2_subset_Nabla2
have "v' β Vβπ±2β β© Nabla Ξ2"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E2 Ξ²v'E2Ξ±2'_in_Tr2 have "Ξ² βΏ EβES2β @ [v'] @ Ξ±2' β TrβES2β"
by (simp add: projection_def)
moreover
note Ξ±2'Cv2_empty
moreover
have "Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c"
proof -
from Adm obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_in_E2 Ξ³c_in_Tr have "(Ξ³ βΏ EβES2β) @ [c] β TrβES2β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES2β βΏ (Ο2 π±2) = Ξ² βΏ EβES2β βΏ (Ο2 π±2)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES2β βΏ (Ο π±) = Ξ² βΏ EβES2β βΏ (Ο π±)"
by (metis projection_commute)
with Ο2v2_subset_Οv_inter_E2 have "Ξ³ βΏ (Ο2 π±2) = Ξ² βΏ (Ο2 π±2)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note FCIA2
ultimately obtain Ξ±2'' Ξ΄2''
where one: "set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β"
and two: "Ξ² βΏ EβES2β @ [c] @ Ξ΄2'' @ [v'] @ Ξ±2'' β TrβES2β"
and three: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCIA_def
by blast
from two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
note one
moreover
from two c_in_E2 v'_in_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note three four
ultimately have ?ALPHA2''_DELTA2''
by blast
}
ultimately obtain Ξ±2'' Ξ΄2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ΄2''_in_N2_inter_Delta2star:"set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β"
and Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2:
"Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
by blast
from c_in_Cv_inter_Upsilon Upsilon_inter_E1_subset_Upsilon1 propSepViews
have cE1_in_Cv1_inter_Upsilon1: "set ([c] βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by (simp add: projection_def, auto)
from Ξ΄2''_in_N2_inter_Delta2star Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1
propSepViews disjoint_Nv2_Vv1
have Ξ΄2''E1_in_Cv1_inter_Upsilon1star: "set (Ξ΄2'' βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
from Ξ΄2''_in_N2_inter_Delta2star
have eq: "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β β© EβES1β)"
by (metis Int_commute Int_left_commute Int_lower1 Int_lower2
projection_intersection_neutral subset_trans)
from validV1 Nv2_inter_Delta2_inter_E1_subsetof_Upsilon1
propSepViews disjoint_Nv2_Vv1
have "Nβπ±2β β© ΞβΞ2β β© EβES1β β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (subst eq, simp only: projection_def, auto)
qed
have cΞ΄2''E1_in_Cv1_inter_Upsilon1star: "set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
from cE1_in_Cv1_inter_Upsilon1 Ξ΄2''E1_in_Cv1_inter_Upsilon1star
have "set (([c] @ Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: projection_concatenation_commute, auto)
thus ?thesis
by auto
qed
have
"β Ξ±1'' Ξ΄1''. set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof cases
assume v'_in_E1: "v' β EβES1β"
with Nabla_inter_E1_subset_Nabla1 propSepViews v'_in_Vv_inter_Nabla
have v'_in_Vv1_inter_Nabla1: "v' β Vβπ±1β β© Nabla Ξ1"
unfolding properSeparationOfViews_def by auto
have "β¦ (Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β ;
Ξ±1' βΏ Cβπ±1β = []; set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β;
Adm π± Ο (Trβ(ES1 β₯ ES2)β) Ξ² c β§
βΉ β Ξ±1'' Ξ΄1''.
(set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β)"
proof (induct "length ((c # Ξ΄2'') βΏ EβES1β)" arbitrary: Ξ² Ξ±1' c Ξ΄2'')
case 0
from 0(2) validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES1β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E1: "c' β EβES1β"
and cΞ΄2''_is_ΞΌc'Ξ½: "c # Ξ΄2'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E1_empty: "Ξ½ βΏ EβES1β = []"
and n_is_length_ΞΌΞ½E1: "n = length ((ΞΌ @ Ξ½) βΏ EβES1β)"
by blast
from Suc(5) c'_in_E1 cΞ΄2''_is_ΞΌc'Ξ½ have "set (ΞΌ βΏ EβES1β @ [c']) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
projection_def, auto)
hence c'_in_Cv1_inter_Upsilon1: "c' β Cβπ±1β β© Ξ₯βΞ1β"
by auto
hence c'_in_Cv1: "c' β Cβπ±1β" and c'_in_Upsilon1: "c' β Ξ₯βΞ1β"
by auto
with validV1 have c'_in_E1: "c' β EβES1β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄2''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄2''_is_Ξ½: "Ξ΄2'' = Ξ½"
by auto
with c'_in_Cv1_inter_Upsilon1 have "c β Cβπ±1β β© Ξ₯βΞ1β"
by simp
moreover
note v'_in_Vv1_inter_Nabla1
moreover
from v'_in_E1 Suc(3) have "(Ξ² βΏ EβES1β) @ [v'] @ Ξ±1' β TrβES1β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c"
proof -
from Suc(8) obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_is_c' c'_in_E1 Ξ³c_in_Tr have "(Ξ³ βΏ EβES1β) @ [c] β TrβES1β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES1β βΏ (Ο1 π±1) = Ξ² βΏ EβES1β βΏ (Ο1 π±1)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES1β βΏ (Ο π±) = Ξ² βΏ EβES1β βΏ (Ο π±)"
by (metis projection_commute)
with Ο1v1_subset_Οv_inter_E1 have "Ξ³ βΏ (Ο1 π±1) = Ξ² βΏ (Ο1 π±1)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note FCIA1
ultimately obtain Ξ±1'' Ξ³
where one: "set Ξ³ β Nβπ±1β β© ΞβΞ1β"
and two: "Ξ² βΏ EβES1β @ [c] @ Ξ³ @ [v'] @ Ξ±1'' β TrβES1β"
and three: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCIA_def
by blast
let ?DELTA1'' = "Ξ½ βΏ EβES1β @ Ξ³"
from two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from one Ξ½E1_empty
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
proof -
from c_is_c' c'_in_E1 have "[c] = [c] βΏ EβES1β"
by (simp add: projection_def)
moreover
from v'_in_E1 have "[v'] = [v'] βΏ EβES1β"
by (simp add: projection_def)
moreover
note Ξ½E1_empty two
ultimately show ?thesis
by auto
qed
moreover
note three four
moreover
have "?DELTA1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
proof -
have "Ξ³ βΏ (Cβπ±1β β© Ξ₯βΞ1β) = []"
proof -
from validV1 have "Nβπ±1β β© ΞβΞ1β β© (Cβπ±1β β© Ξ₯βΞ1β) = {}"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with projection_intersection_neutral[OF one, of "Cβπ±1β β© Ξ₯βΞ1β"]
show ?thesis
by (simp add: projection_def)
qed
with Ξ΄2''_is_Ξ½ Ξ½E1_empty show ?thesis
by (simp add: projection_concatenation_commute)
qed
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄2''_is_ΞΌc'Ξ½
have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs" and Ξ΄2''_is_xs_c'_Ξ½: "Ξ΄2'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E1 have "n = length ((c # (xs @ Ξ½)) βΏ EβES1β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄2''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E1_empty
show ?thesis
by (subst res, simp only: cΞ΄2''_is_ΞΌc'Ξ½
projection_concatenation_commute set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄2''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±2β β© ΞβΞ2β"
by auto
moreover note Suc(8) Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±1']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES1β"
and two: "set Ξ³ β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³ @ [v'] βΏ EβES1β @ Ξ΄ β TrβES1β"
and four: "Ξ΄ βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and five: "Ξ΄ βΏ Cβπ±1β = []"
and six: "Ξ³ βΏ (Cβπ±1β β© Ξ₯βΞ1β) = (xs @ Ξ½) βΏ EβES1β"
by blast
let ?BETA = "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³"
note c'_in_Cv1_inter_Upsilon1 v'_in_Vv1_inter_Nabla1
moreover
from three v'_in_E1 have "?BETA @ [v'] @ Ξ΄ β TrβES1β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±1 Ο1 TrβES1β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES1β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from validES1 three have "?BETA β TrβES1β"
by (unfold ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def, auto)
moreover
note total_ES1_C1_inter_Upsilon1_inter_N2_inter_Delta2
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note FCIA1
ultimately obtain Ξ±1'' Ξ΄'
where fcia_one: "set Ξ΄' β Nβπ±1β β© ΞβΞ1β"
and fcia_two: "?BETA @ [c'] @ Ξ΄' @ [v'] @ Ξ±1'' β TrβES1β"
and fcia_three: "Ξ±1'' βΏ Vβπ±1β = Ξ΄ βΏ Vβπ±1β"
and fcia_four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCIA_def
by blast
let ?DELTA1'' = "Ξ³ @ [c'] @ Ξ΄'"
from fcia_two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
with two fcia_one show ?thesis
by auto
qed
moreover
from fcia_two v'_in_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
from fcia_three four have "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
by simp
moreover
note fcia_four
moreover
have "?DELTA1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
proof -
have "Ξ΄' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = []"
proof -
from fcia_one have "β e β set Ξ΄'. e β Nβπ±1β β© ΞβΞ1β"
by auto
with validV1 have "β e β set Ξ΄'. e β Cβπ±1β β© Ξ₯βΞ1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (simp add: projection_def)
qed
with c'_in_E1 c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½ Ξ½E1_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty cΞ΄2''E1_in_Cv1_inter_Upsilon1star
c_in_Cv_inter_Upsilon Ξ΄2''_in_N2_inter_Delta2star Adm]
obtain Ξ±1'' Ξ΄1''
where one: "set Ξ±1'' β EβES1β"
and two: "set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []"
and four: "Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) = Ξ΄2'' βΏ EβES1β"
by blast
note one two three
moreover
have "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof -
from projection_intersection_neutral[OF two, of "EβES2β"]
Nv1_inter_Delta1_inter_E2_empty validV2
have "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β β© EβES2β)"
by (simp only: Int_Un_distrib2, auto)
moreover
from validV2
have "Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β β© EβES2β = Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by (simp add:isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β)"
by simp
hence "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Cβπ±1β β© Ξ₯βΞ1β) βΏ (Nβπ±2β β© ΞβΞ2β)"
by (simp add: projection_def)
with four have "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β βΏ (Nβπ±2β β© ΞβΞ2β)"
by simp
hence "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ (Nβπ±2β β© ΞβΞ2β) βΏ EβES1β"
by (simp only: projection_commute)
with Ξ΄2''_in_N2_inter_Delta2star show ?thesis
by (simp only: list_subset_iff_projection_neutral)
qed
ultimately show ?thesis
by blast
next
assume v'_notin_E1: "v' β EβES1β"
have "β¦ (Ξ² @ [v']) βΏ EβES1β @ Ξ±1' β TrβES1β ;
Ξ±1' βΏ Cβπ±1β = []; set ((c # Ξ΄2'') βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β;
Adm π± Ο (Trβ(ES1 β₯ ES2)β) Ξ² c β§
βΉ β Ξ±1'' Ξ΄1''. (set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β
β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = []
β§ Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β)"
proof (induct "length ((c # Ξ΄2'') βΏ EβES1β)" arbitrary: Ξ² Ξ±1' c Ξ΄2'')
case 0
from 0(2) validES1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES1β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E1: "c' β EβES1β"
and cΞ΄2''_is_ΞΌc'Ξ½: "c # Ξ΄2'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E1_empty: "Ξ½ βΏ EβES1β = []"
and n_is_length_ΞΌΞ½E1: "n = length ((ΞΌ @ Ξ½) βΏ EβES1β)"
by blast
from Suc(5) c'_in_E1 cΞ΄2''_is_ΞΌc'Ξ½ have "set (ΞΌ βΏ EβES1β @ [c']) β Cβπ±1β β© Ξ₯βΞ1β"
by (simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute projection_def, auto)
hence c'_in_Cv1_inter_Upsilon1: "c' β Cβπ±1β β© Ξ₯βΞ1β"
by auto
hence c'_in_Cv1: "c' β Cβπ±1β" and c'_in_Upsilon1: "c' β Ξ₯βΞ1β"
by auto
with validV1 have c'_in_E1: "c' β EβES1β"
by (simp add:isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄2''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄2''_is_Ξ½: "Ξ΄2'' = Ξ½"
by auto
with c'_in_Cv1_inter_Upsilon1 have "c β Cβπ±1β"
by simp
moreover
from v'_notin_E1 Suc(3) have "(Ξ² βΏ EβES1β) @ Ξ±1' β TrβES1β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c"
proof -
from Suc(8) obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_is_c' c'_in_E1 Ξ³c_in_Tr have "(Ξ³ βΏ EβES1β) @ [c] β TrβES1β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES1β βΏ (Ο1 π±1) = Ξ² βΏ EβES1β βΏ (Ο1 π±1)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES1β βΏ (Ο π±) = Ξ² βΏ EβES1β βΏ (Ο π±)"
by (metis projection_commute)
with Ο1v1_subset_Οv_inter_E1 have "Ξ³ βΏ (Ο1 π±1) = Ξ² βΏ (Ο1 π±1)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where one: "(Ξ² βΏ EβES1β) @ [c] @ Ξ±1'' β TrβES1β"
and two: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
let ?DELTA1'' = "Ξ½ βΏ EβES1β"
from one validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ½E1_empty
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by simp
moreover
from c_is_c' c'_in_E1 one v'_notin_E1 Ξ½E1_empty
have "(Ξ² βΏ EβES1β) @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note two three
moreover
from Ξ½E1_empty Ξ΄2''_is_Ξ½ have "?DELTA1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by (simp add: projection_def)
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄2''_is_ΞΌc'Ξ½
have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs" and Ξ΄2''_is_xs_c'_Ξ½: "Ξ΄2'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E1 have "n = length ((c # (xs @ Ξ½)) βΏ EβES1β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES1β) β Cβπ±1β β© Ξ₯βΞ1β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄2''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E1_empty
show ?thesis
by (subst res, simp only: cΞ΄2''_is_ΞΌc'Ξ½ projection_concatenation_commute
set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄2''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±2β β© ΞβΞ2β"
by auto
moreover note Suc(8) Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±1']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES1β"
and two: "set Ξ³ β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and three: "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³ @ [v'] βΏ EβES1β @ Ξ΄ β TrβES1β"
and four: "Ξ΄ βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and five: "Ξ΄ βΏ Cβπ±1β = []"
and six: "Ξ³ βΏ EβES2β = (xs @ Ξ½) βΏ EβES1β"
by blast
let ?BETA = "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ³"
from c'_in_Cv1_inter_Upsilon1 have "c' β Cβπ±1β"
by auto
moreover
from three v'_notin_E1 have "?BETA @ Ξ΄ β TrβES1β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±1 Ο1 TrβES1β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES1β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
moreover
from validES1 three have "?BETA β TrβES1β"
by (unfold ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def, auto)
moreover
note total_ES1_C1_inter_Upsilon1_inter_N2_inter_Delta2
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where bsia_one: "?BETA @ [c'] @ Ξ±1'' β TrβES1β"
and bsia_two: "Ξ±1'' βΏ Vβπ±1β = Ξ΄ βΏ Vβπ±1β"
and bsia_three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
let ?DELTA1'' = "Ξ³ @ [c']"
from bsia_one validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
proof -
from Suc(7) c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½
have "c' β Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
by auto
with two show ?thesis
by auto
qed
moreover
from bsia_one v'_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ ?DELTA1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
from bsia_two four have "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
by simp
moreover
note bsia_three
moreover
have "?DELTA1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
proof -
from validV2 Suc(7) Ξ΄2''_is_xs_c'_Ξ½ have "c' β EβES2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with c'_in_E1 c'_in_Cv1_inter_Upsilon1 Ξ΄2''_is_xs_c'_Ξ½ Ξ½E1_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E1Ξ±1'_in_Tr1 Ξ±1'Cv1_empty cΞ΄2''E1_in_Cv1_inter_Upsilon1star
c_in_Cv_inter_Upsilon Ξ΄2''_in_N2_inter_Delta2star Adm]
show ?thesis
by blast
qed
then obtain Ξ±1'' Ξ΄1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ΄1''_in_N1_inter_Delta1star:"set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β βͺ Cβπ±1β β© Ξ₯βΞ1β β© Nβπ±2β β© ΞβΞ2β"
and Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1:
"Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
and Ξ΄1''E2_is_Ξ΄2''E1: "Ξ΄1'' βΏ EβES2β = Ξ΄2'' βΏ EβES1β"
by blast
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 validES1
validES2
have Ξ΄1''_in_E1star: "set Ξ΄1'' β EβES1β" and Ξ΄2''_in_E2star: "set Ξ΄2'' β EβES2β"
by (simp_all add: ES_valid_def traces_contain_events_def, auto)
with Ξ΄1''E2_is_Ξ΄2''E1 merge_property[of Ξ΄1'' "EβES1β" Ξ΄2'' "EβES2β"] obtain Ξ΄'
where Ξ΄'E1_is_Ξ΄1'': "Ξ΄' βΏ EβES1β = Ξ΄1''"
and Ξ΄'E2_is_Ξ΄2'': "Ξ΄' βΏ EβES2β = Ξ΄2''"
and Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events: "set Ξ΄' β set Ξ΄1'' βͺ set Ξ΄2''"
unfolding Let_def
by auto
let ?TAU = "Ξ² @ [c] @ Ξ΄' @ [v']"
let ?LAMBDA = "Ξ± βΏ Vβπ±β"
let ?T1 = Ξ±1''
let ?T2 = Ξ±2''
have "?TAU β Trβ(ES1 β₯ ES2)β"
proof -
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1'' validES1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄' βΏ EβES1β @ [v'] βΏ EβES1β β TrβES1β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES1β β TrβES1β"
by (simp add: projection_def, auto)
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2'' validES2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄' βΏ EβES2β @ [v'] βΏ EβES2β β TrβES2β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES2β β TrβES2β"
by (simp add: projection_def, auto)
moreover
from Ξ²v'Ξ±_in_Tr c_in_Cv_inter_Upsilon VIsViewOnE Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events
Ξ΄1''_in_E1star Ξ΄2''_in_E2star
have "set (Ξ² @ [c] @ Ξ΄' @ [v']) β EβES1β βͺ EβES2β"
unfolding composeES_def isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def
by auto
ultimately show ?thesis
unfolding composeES_def
by auto
qed
hence "set ?TAU β Eβ(ES1 β₯ ES2)β"
unfolding composeES_def
by auto
moreover
have "set ?LAMBDA β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±1''_in_E1star Ξ±2''_in_E2star
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1''
have "?TAU βΏ EβES1β @ ?T1 β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2''
have "?TAU βΏ EβES2β @ ?T2 β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
have "?LAMBDA βΏ EβES1β = ?T1 βΏ Vβπ±β"
proof -
from propSepViews have "?LAMBDA βΏ EβES1β = Ξ± βΏ Vβπ±1β"
unfolding properSeparationOfViews_def by (simp only: projection_sequence)
moreover
from Ξ±1''_in_E1star propSepViews
have "?T1 βΏ Vβπ±β = ?T1 βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1''Vv1_is_Ξ±1'Vv1
ultimately show ?thesis
by simp
qed
moreover
have "?LAMBDA βΏ EβES2β = ?T2 βΏ Vβπ±β"
proof -
from propSepViews have "?LAMBDA βΏ EβES2β = Ξ± βΏ Vβπ±2β"
unfolding properSeparationOfViews_def by (simp only: projection_sequence)
moreover
from Ξ±2''_in_E2star propSepViews have "?T2 βΏ Vβπ±β = ?T2 βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2''Vv2_is_Ξ±2'Vv2
ultimately show ?thesis
by simp
qed
moreover
note Ξ±1''Cv1_empty Ξ±2''Cv2_empty generalized_zipping_lemma
ultimately obtain t
where "?TAU @ t β Trβ(ES1 β₯ ES2)β"
and "t βΏ Vβπ±β = ?LAMBDA"
and "t βΏ Cβπ±β = []"
by blast
moreover
have "set Ξ΄' β Nβπ±β β© ΞβΞβ"
proof -
from Ξ΄'_contains_only_Ξ΄1''_Ξ΄2''_events Ξ΄1''_in_N1_inter_Delta1star
Ξ΄2''_in_N2_inter_Delta2star
have "set Ξ΄' β Nβπ±1β β© ΞβΞ1β βͺ Nβπ±2β β© ΞβΞ2β"
by auto
with Delta1_N1_Delta2_N2_subset_Delta Nv1_union_Nv2_subsetof_Nv
show ?thesis
by auto
qed
ultimately have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by (simp only: append_assoc, blast)
}
moreover {
assume Nv2_inter_Delta2_inter_E1_empty: "Nβπ±2β β© ΞβΞ2β β© EβES1β = {}"
and Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2: "Nβπ±1β β© ΞβΞ1β β© EβES2β β Ξ₯βΞ2β"
let ?ALPHA1''_DELTA1'' = "β Ξ±1'' Ξ΄1''. (
set Ξ±1'' β EβES1β β§ set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β
β§ Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β β§ Ξ±1'' βΏ Cβπ±1β = [])"
from c_in_Cv_inter_Upsilon v'_in_Vv_inter_Nabla validV1
have "c β EβES1β β¨ (c β EβES1β β§ v' β EβES1β) β¨ (c β EβES1β β§ v' β EβES1β)"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def)
moreover {
assume c_notin_E1: "c β EβES1β"
from validES1 Ξ²v'E1Ξ±1'_in_Tr1 have "set Ξ±1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from Ξ²v'E1Ξ±1'_in_Tr1 c_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
have "Ξ±1' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β" ..
moreover
note Ξ±1'Cv1_empty
ultimately have ?ALPHA1''_DELTA1''
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_notin_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_inter_Upsilon1: "c β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by auto
hence "c β Cβπ±1β"
by auto
moreover
from Ξ²v'E1Ξ±1'_in_Tr1 v'_notin_E1 have "Ξ² βΏ EβES1β @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
note Ξ±1'Cv1_empty
moreover
have "Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c"
proof -
from Adm obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_in_E1 Ξ³c_in_Tr have "(Ξ³ βΏ EβES1β) @ [c] β TrβES1β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES1β βΏ (Ο1 π±1) = Ξ² βΏ EβES1β βΏ (Ο1 π±1)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES1β βΏ (Ο π±) = Ξ² βΏ EβES1β βΏ (Ο π±)"
by (metis projection_commute)
with Ο1v1_subset_Οv_inter_E1 have "Ξ³ βΏ (Ο1 π±1) = Ξ² βΏ (Ο1 π±1)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA1
ultimately obtain Ξ±1''
where one: "Ξ² βΏ EβES1β @ [c] @ Ξ±1'' β TrβES1β"
and two: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and three: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding BSIA_def
by blast
from one validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from one c_in_E1 v'_notin_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ [] @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note two three
ultimately have ?ALPHA1''_DELTA1''
by blast
}
moreover {
assume c_in_E1: "c β EβES1β"
and v'_in_E1: "v' β EβES1β"
from c_in_E1 c_in_Cv_inter_Upsilon propSepViews
Upsilon_inter_E1_subset_Upsilon1
have c_in_Cv1_inter_Upsilon1: "c β Cβπ±1β β© Ξ₯βΞ1β"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E1 propSepViews v'_in_Vv_inter_Nabla
Nabla_inter_E1_subset_Nabla1
have "v' β Vβπ±1β β© Nabla Ξ1"
unfolding properSeparationOfViews_def by auto
moreover
from v'_in_E1 Ξ²v'E1Ξ±1'_in_Tr1 have "Ξ² βΏ EβES1β @ [v'] @ Ξ±1' β TrβES1β"
by (simp add: projection_def)
moreover
note Ξ±1'Cv1_empty
moreover
have "Adm π±1 Ο1 TrβES1β (Ξ² βΏ EβES1β) c"
proof -
from Adm obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_in_E1 Ξ³c_in_Tr have "(Ξ³ βΏ EβES1β) @ [c] β TrβES1β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES1β βΏ (Ο1 π±1) = Ξ² βΏ EβES1β βΏ (Ο1 π±1)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES1β βΏ (Ο π±) = Ξ² βΏ EβES1β βΏ (Ο π±)"
by (metis projection_commute)
with Ο1v1_subset_Οv_inter_E1 have "Ξ³ βΏ (Ο1 π±1) = Ξ² βΏ (Ο1 π±1)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note FCIA1
ultimately obtain Ξ±1'' Ξ΄1''
where one: "set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β"
and two: "Ξ² βΏ EβES1β @ [c] @ Ξ΄1'' @ [v'] @ Ξ±1'' β TrβES1β"
and three: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and four: "Ξ±1'' βΏ Cβπ±1β = []"
unfolding FCIA_def
by blast
from two validES1 have "set Ξ±1'' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
note one
moreover
from two c_in_E1 v'_in_E1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
by (simp add: projection_def)
moreover
note three four
ultimately have ?ALPHA1''_DELTA1''
by blast
}
ultimately obtain Ξ±1'' Ξ΄1''
where Ξ±1''_in_E1star: "set Ξ±1'' β EβES1β"
and Ξ΄1''_in_N1_inter_Delta1star:"set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β"
and Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1:
"Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄1'' @ [v'] βΏ EβES1β @ Ξ±1'' β TrβES1β"
and Ξ±1''Vv1_is_Ξ±1'Vv1: "Ξ±1'' βΏ Vβπ±1β = Ξ±1' βΏ Vβπ±1β"
and Ξ±1''Cv1_empty: "Ξ±1'' βΏ Cβπ±1β = []"
by blast
from c_in_Cv_inter_Upsilon Upsilon_inter_E2_subset_Upsilon2 propSepViews
have cE2_in_Cv2_inter_Upsilon2: "set ([c] βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def by (simp add: projection_def, auto)
from Ξ΄1''_in_N1_inter_Delta1star Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2
propSepViews disjoint_Nv1_Vv2
have Ξ΄1''E2_in_Cv2_inter_Upsilon2star: "set (Ξ΄1'' βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
from Ξ΄1''_in_N1_inter_Delta1star
have eq: "Ξ΄1'' βΏ EβES2β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β β© EβES2β)"
by (metis Int_commute Int_left_commute Int_lower2 Int_lower1
projection_intersection_neutral subset_trans)
from validV2 Nv1_inter_Delta1_inter_E2_subsetof_Upsilon2
propSepViews disjoint_Nv1_Vv2
have "Nβπ±1β β© ΞβΞ1β β© EβES2β β Cβπ±2β β© Ξ₯βΞ2β"
unfolding properSeparationOfViews_def
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (subst eq, simp only: projection_def, auto)
qed
have cΞ΄1''E2_in_Cv2_inter_Upsilon2star: "set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
from cE2_in_Cv2_inter_Upsilon2 Ξ΄1''E2_in_Cv2_inter_Upsilon2star
have "set (([c] @ Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: projection_concatenation_commute, auto)
thus ?thesis
by auto
qed
have "β Ξ±2'' Ξ΄2''. set Ξ±2'' β EβES2β
β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof cases
assume v'_in_E2: "v' β EβES2β"
with Nabla_inter_E2_subset_Nabla2 propSepViews v'_in_Vv_inter_Nabla
have v'_in_Vv2_inter_Nabla2: "v' β Vβπ±2β β© Nabla Ξ2"
unfolding properSeparationOfViews_def by auto
have "β¦ (Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β ;
Ξ±2' βΏ Cβπ±2β = []; set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β;
Adm π± Ο (Trβ(ES1 β₯ ES2)β) Ξ² c β§
βΉ β Ξ±2'' Ξ΄2''.
(set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β)"
proof (induct "length ((c # Ξ΄1'') βΏ EβES2β)" arbitrary: Ξ² Ξ±2' c Ξ΄1'')
case 0
from 0(2) validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES2β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E2: "c' β EβES2β"
and cΞ΄1''_is_ΞΌc'Ξ½: "c # Ξ΄1'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E2_empty: "Ξ½ βΏ EβES2β = []"
and n_is_length_ΞΌΞ½E2: "n = length ((ΞΌ @ Ξ½) βΏ EβES2β)"
by blast
from Suc(5) c'_in_E2 cΞ΄1''_is_ΞΌc'Ξ½ have "set (ΞΌ βΏ EβES2β @ [c']) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: cΞ΄1''_is_ΞΌc'Ξ½ projection_concatenation_commute
projection_def, auto)
hence c'_in_Cv2_inter_Upsilon2: "c' β Cβπ±2β β© Ξ₯βΞ2β"
by auto
hence c'_in_Cv2: "c' β Cβπ±2β" and c'_in_Upsilon2: "c' β Ξ₯βΞ2β"
by auto
with validV2 have c'_in_E2: "c' β EβES2β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄1''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄1''_is_Ξ½: "Ξ΄1'' = Ξ½"
by auto
with c'_in_Cv2_inter_Upsilon2 have "c β Cβπ±2β β© Ξ₯βΞ2β"
by simp
moreover
note v'_in_Vv2_inter_Nabla2
moreover
from v'_in_E2 Suc(3) have "(Ξ² βΏ EβES2β) @ [v'] @ Ξ±2' β TrβES2β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c"
proof -
from Suc(8) obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_is_c' c'_in_E2 Ξ³c_in_Tr have "(Ξ³ βΏ EβES2β) @ [c] β TrβES2β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES2β βΏ (Ο2 π±2) = Ξ² βΏ EβES2β βΏ (Ο2 π±2)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES2β βΏ (Ο π±) = Ξ² βΏ EβES2β βΏ (Ο π±)"
by (metis projection_commute)
with Ο2v2_subset_Οv_inter_E2 have "Ξ³ βΏ (Ο2 π±2) = Ξ² βΏ (Ο2 π±2)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note FCIA2
ultimately obtain Ξ±2'' Ξ³
where one: "set Ξ³ β Nβπ±2β β© ΞβΞ2β"
and two: "Ξ² βΏ EβES2β @ [c] @ Ξ³ @ [v'] @ Ξ±2'' β TrβES2β"
and three: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCIA_def
by blast
let ?DELTA2'' = "Ξ½ βΏ EβES2β @ Ξ³"
from two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from one Ξ½E2_empty
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
proof -
from c_is_c' c'_in_E2 have "[c] = [c] βΏ EβES2β"
by (simp add: projection_def)
moreover
from v'_in_E2 have "[v'] = [v'] βΏ EβES2β"
by (simp add: projection_def)
moreover
note Ξ½E2_empty two
ultimately show ?thesis
by auto
qed
moreover
note three four
moreover
have "?DELTA2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
proof -
have "Ξ³ βΏ (Cβπ±2β β© Ξ₯βΞ2β) = []"
proof -
from validV2 have "Nβπ±2β β© ΞβΞ2β β© (Cβπ±2β β© Ξ₯βΞ2β) = {}"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with projection_intersection_neutral[OF one, of "Cβπ±2β β© Ξ₯βΞ2β"]
show ?thesis
by (simp add: projection_def)
qed
with Ξ΄1''_is_Ξ½ Ξ½E2_empty show ?thesis
by (simp add: projection_concatenation_commute)
qed
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄1''_is_ΞΌc'Ξ½
have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs" and Ξ΄1''_is_xs_c'_Ξ½: "Ξ΄1'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E2 have "n = length ((c # (xs @ Ξ½)) βΏ EβES2β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄1''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E2_empty
show ?thesis
by (subst res, simp only: cΞ΄1''_is_ΞΌc'Ξ½
projection_concatenation_commute set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±1β β© ΞβΞ1β"
by auto
moreover note Suc(8) Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±2']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES2β"
and two: "set Ξ³ β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³ @ [v'] βΏ EβES2β @ Ξ΄ β TrβES2β"
and four: "Ξ΄ βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and five: "Ξ΄ βΏ Cβπ±2β = []"
and six: "Ξ³ βΏ (Cβπ±2β β© Ξ₯βΞ2β) = (xs @ Ξ½) βΏ EβES2β"
by blast
let ?BETA = "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³"
note c'_in_Cv2_inter_Upsilon2 v'_in_Vv2_inter_Nabla2
moreover
from three v'_in_E2 have "?BETA @ [v'] @ Ξ΄ β TrβES2β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±2 Ο2 TrβES2β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES2β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from validES2 three have "?BETA β TrβES2β"
by (unfold ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def, auto)
moreover
note total_ES2_C2_inter_Upsilon2_inter_N1_inter_Delta1
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note FCIA2
ultimately obtain Ξ±2'' Ξ΄'
where fcia_one: "set Ξ΄' β Nβπ±2β β© ΞβΞ2β"
and fcia_two: "?BETA @ [c'] @ Ξ΄' @ [v'] @ Ξ±2'' β TrβES2β"
and fcia_three: "Ξ±2'' βΏ Vβπ±2β = Ξ΄ βΏ Vβπ±2β"
and fcia_four: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding FCIA_def
by blast
let ?DELTA2'' = "Ξ³ @ [c'] @ Ξ΄'"
from fcia_two validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
with two fcia_one show ?thesis
by auto
qed
moreover
from fcia_two v'_in_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
from fcia_three four have "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
by simp
moreover
note fcia_four
moreover
have "?DELTA2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
proof -
have "Ξ΄' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = []"
proof -
from fcia_one have "β e β set Ξ΄'. e β Nβπ±2β β© ΞβΞ2β"
by auto
with validV2 have "β e β set Ξ΄'. e β Cβπ±2β β© Ξ₯βΞ2β"
by (simp add:isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
thus ?thesis
by (simp add: projection_def)
qed
with c'_in_E2 c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½ Ξ½E2_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty
cΞ΄1''E2_in_Cv2_inter_Upsilon2star c_in_Cv_inter_Upsilon Ξ΄1''_in_N1_inter_Delta1star Adm]
obtain Ξ±2'' Ξ΄2''
where one: "set Ξ±2'' β EβES2β"
and two: "set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []"
and four: "Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) = Ξ΄1'' βΏ EβES2β"
by blast
note one two three
moreover
have "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof -
from projection_intersection_neutral[OF two, of "EβES1β"]
Nv2_inter_Delta2_inter_E1_empty validV1
have "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β β© EβES1β)"
by (simp only: Int_Un_distrib2, auto)
moreover
from validV1
have "Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β β© EβES1β = Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by (simp add: isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β)"
by simp
hence "Ξ΄2'' βΏ EβES1β = Ξ΄2'' βΏ (Cβπ±2β β© Ξ₯βΞ2β) βΏ (Nβπ±1β β© ΞβΞ1β)"
by (simp add: projection_def)
with four have "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β βΏ (Nβπ±1β β© ΞβΞ1β)"
by simp
hence "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ (Nβπ±1β β© ΞβΞ1β) βΏ EβES2β"
by (simp only: projection_commute)
with Ξ΄1''_in_N1_inter_Delta1star show ?thesis
by (simp only: list_subset_iff_projection_neutral)
qed
ultimately show ?thesis
by blast
next
assume v'_notin_E2: "v' β EβES2β"
have "β¦ (Ξ² @ [v']) βΏ EβES2β @ Ξ±2' β TrβES2β ;
Ξ±2' βΏ Cβπ±2β = []; set ((c # Ξ΄1'') βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β ;
c β Cβπ±β β© Ξ₯βΞβ ; set Ξ΄1'' β Nβπ±1β β© ΞβΞ1β;
Adm π± Ο (Trβ(ES1 β₯ ES2)β) Ξ² c β§
βΉ β Ξ±2'' Ξ΄2''.
(set Ξ±2'' β EβES2β β§ set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β
β§ Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β
β§ Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β β§ Ξ±2'' βΏ Cβπ±2β = []
β§ Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β)"
proof (induct "length ((c # Ξ΄1'') βΏ EβES2β)" arbitrary: Ξ² Ξ±2' c Ξ΄1'')
case 0
from 0(2) validES2 have "set Ξ±2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set [] β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ [] @ [v'] βΏ EβES2β @ Ξ±2' β TrβES2β"
proof -
note 0(2)
moreover
from 0(1) have "c β EβES2β"
by (simp add: projection_def, auto)
ultimately show ?thesis
by (simp add: projection_concatenation_commute projection_def)
qed
moreover
have "Ξ±2' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β" ..
moreover
note 0(3)
moreover
from 0(1) have "[] βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def, split if_split_asm, auto)
ultimately show ?case
by blast
next
case (Suc n)
from projection_split_last[OF Suc(2)] obtain ΞΌ c' Ξ½
where c'_in_E2: "c' β EβES2β"
and cΞ΄1''_is_ΞΌc'Ξ½: "c # Ξ΄1'' = ΞΌ @ [c'] @ Ξ½"
and Ξ½E2_empty: "Ξ½ βΏ EβES2β = []"
and n_is_length_ΞΌΞ½E2: "n = length ((ΞΌ @ Ξ½) βΏ EβES2β)"
by blast
from Suc(5) c'_in_E2 cΞ΄1''_is_ΞΌc'Ξ½ have "set (ΞΌ βΏ EβES2β @ [c']) β Cβπ±2β β© Ξ₯βΞ2β"
by (simp only: cΞ΄1''_is_ΞΌc'Ξ½ projection_concatenation_commute projection_def, auto)
hence c'_in_Cv2_inter_Upsilon2: "c' β Cβπ±2β β© Ξ₯βΞ2β"
by auto
hence c'_in_Cv2: "c' β Cβπ±2β" and c'_in_Upsilon2: "c' β Ξ₯βΞ2β"
by auto
with validV2 have c'_in_E2: "c' β EβES2β"
by (simp add:isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
show ?case
proof (cases ΞΌ)
case Nil
with cΞ΄1''_is_ΞΌc'Ξ½ have c_is_c': "c = c'" and Ξ΄1''_is_Ξ½: "Ξ΄1'' = Ξ½"
by auto
with c'_in_Cv2_inter_Upsilon2 have "c β Cβπ±2β"
by simp
moreover
from v'_notin_E2 Suc(3) have "(Ξ² βΏ EβES2β) @ Ξ±2' β TrβES2β"
by (simp add: projection_concatenation_commute projection_def)
moreover
note Suc(4)
moreover
have "Adm π±2 Ο2 TrβES2β (Ξ² βΏ EβES2β) c"
proof -
from Suc(8) obtain Ξ³
where Ξ³Οv_is_Ξ²Οv: "Ξ³ βΏ (Ο π±) = Ξ² βΏ (Ο π±)"
and Ξ³c_in_Tr: "(Ξ³ @ [c]) β Trβ(ES1 β₯ ES2)β"
unfolding Adm_def
by auto
from c_is_c' c'_in_E2 Ξ³c_in_Tr have "(Ξ³ βΏ EβES2β) @ [c] β TrβES2β"
by (simp add: projection_def composeES_def)
moreover
have "Ξ³ βΏ EβES2β βΏ (Ο2 π±2) = Ξ² βΏ EβES2β βΏ (Ο2 π±2)"
proof -
from Ξ³Οv_is_Ξ²Οv have "Ξ³ βΏ EβES2β βΏ (Ο π±) = Ξ² βΏ EβES2β βΏ (Ο π±)"
by (metis projection_commute)
with Ο2v2_subset_Οv_inter_E2
have "Ξ³ βΏ (Ο2 π±2) = Ξ² βΏ (Ο2 π±2)"
by (metis Int_subset_iff Ξ³Οv_is_Ξ²Οv projection_subset_elim)
thus ?thesis
by (metis projection_commute)
qed
ultimately show ?thesis unfolding Adm_def
by auto
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where one: "(Ξ² βΏ EβES2β) @ [c] @ Ξ±2'' β TrβES2β"
and two: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
let ?DELTA2'' = "Ξ½ βΏ EβES2β"
from one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ξ½E2_empty
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by simp
moreover
from c_is_c' c'_in_E2 one v'_notin_E2 Ξ½E2_empty
have "(Ξ² βΏ EβES2β) @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
note two three
moreover
from Ξ½E2_empty Ξ΄1''_is_Ξ½ have "?DELTA2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by (simp add: projection_def)
ultimately show ?thesis
by blast
next
case (Cons x xs)
with cΞ΄1''_is_ΞΌc'Ξ½ have ΞΌ_is_c_xs: "ΞΌ = [c] @ xs"
and Ξ΄1''_is_xs_c'_Ξ½: "Ξ΄1'' = xs @ [c'] @ Ξ½"
by auto
with n_is_length_ΞΌΞ½E2 have "n = length ((c # (xs @ Ξ½)) βΏ EβES2β)"
by auto
moreover
note Suc(3,4)
moreover
have "set ((c # (xs @ Ξ½)) βΏ EβES2β) β Cβπ±2β β© Ξ₯βΞ2β"
proof -
have res: "c # (xs @ Ξ½) = [c] @ (xs @ Ξ½)"
by auto
from Suc(5) cΞ΄1''_is_ΞΌc'Ξ½ ΞΌ_is_c_xs Ξ½E2_empty
show ?thesis
by (subst res, simp only: cΞ΄1''_is_ΞΌc'Ξ½
projection_concatenation_commute set_append, auto)
qed
moreover
note Suc(6)
moreover
from Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "set (xs @ Ξ½) β Nβπ±1β β© ΞβΞ1β"
by auto
moreover note Suc(8) Suc(1)[of c "xs @ Ξ½" Ξ² Ξ±2']
ultimately obtain Ξ΄ Ξ³
where one: "set Ξ΄ β EβES2β"
and two: "set Ξ³ β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and three: "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³ @ [v'] βΏ EβES2β @ Ξ΄ β TrβES2β"
and four: "Ξ΄ βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and five: "Ξ΄ βΏ Cβπ±2β = []"
and six: "Ξ³ βΏ EβES1β = (xs @ Ξ½) βΏ EβES2β"
by blast
let ?BETA = "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ³"
from c'_in_Cv2_inter_Upsilon2 have "c' β Cβπ±2β"
by auto
moreover
from three v'_notin_E2 have "?BETA @ Ξ΄ β TrβES2β"
by (simp add: projection_def)
moreover
note five
moreover
have "Adm π±2 Ο2 TrβES2β ?BETA c'"
proof -
have "?BETA @ [c'] β TrβES2β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
moreover
from validES2 three have "?BETA β TrβES2β"
by (unfold ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def, auto)
moreover
note total_ES2_C2_inter_Upsilon2_inter_N1_inter_Delta1
ultimately show ?thesis
unfolding total_def
by blast
qed
thus ?thesis
unfolding Adm_def
by blast
qed
moreover
note BSIA2
ultimately obtain Ξ±2''
where bsia_one: "?BETA @ [c'] @ Ξ±2'' β TrβES2β"
and bsia_two: "Ξ±2'' βΏ Vβπ±2β = Ξ΄ βΏ Vβπ±2β"
and bsia_three: "Ξ±2'' βΏ Cβπ±2β = []"
unfolding BSIA_def
by blast
let ?DELTA2'' = "Ξ³ @ [c']"
from bsia_one validES2 have "set Ξ±2'' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
have "set ?DELTA2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
proof -
from Suc(7) c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½
have "c' β Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
by auto
with two show ?thesis
by auto
qed
moreover
from bsia_one v'_notin_E2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ ?DELTA2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
by (simp add: projection_def)
moreover
from bsia_two four have "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
by simp
moreover
note bsia_three
moreover
have "?DELTA2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
proof -
from validV1 Suc(7) Ξ΄1''_is_xs_c'_Ξ½ have "c' β EβES1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
with c'_in_E2 c'_in_Cv2_inter_Upsilon2 Ξ΄1''_is_xs_c'_Ξ½ Ξ½E2_empty six
show ?thesis
by (simp only: projection_concatenation_commute projection_def, auto)
qed
ultimately show ?thesis
by blast
qed
qed
from this[OF Ξ²v'E2Ξ±2'_in_Tr2 Ξ±2'Cv2_empty cΞ΄1''E2_in_Cv2_inter_Upsilon2star
c_in_Cv_inter_Upsilon Ξ΄1''_in_N1_inter_Delta1star Adm]
show ?thesis
by blast
qed
then obtain Ξ±2'' Ξ΄2''
where Ξ±2''_in_E2star: "set Ξ±2'' β EβES2β"
and Ξ΄2''_in_N2_inter_Delta2star:"set Ξ΄2'' β Nβπ±2β β© ΞβΞ2β βͺ Cβπ±2β β© Ξ₯βΞ2β β© Nβπ±1β β© ΞβΞ1β"
and Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2:
"Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄2'' @ [v'] βΏ EβES2β @ Ξ±2'' β TrβES2β"
and Ξ±2''Vv2_is_Ξ±2'Vv2: "Ξ±2'' βΏ Vβπ±2β = Ξ±2' βΏ Vβπ±2β"
and Ξ±2''Cv2_empty: "Ξ±2'' βΏ Cβπ±2β = []"
and Ξ΄2''E1_is_Ξ΄1''E2: "Ξ΄2'' βΏ EβES1β = Ξ΄1'' βΏ EβES2β"
by blast
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1
validES2 validES1
have Ξ΄2''_in_E2star: "set Ξ΄2'' β EβES2β" and Ξ΄1''_in_E1star: "set Ξ΄1'' β EβES1β"
by (simp_all add: ES_valid_def traces_contain_events_def, auto)
with Ξ΄2''E1_is_Ξ΄1''E2 merge_property[of Ξ΄2'' "EβES2β" Ξ΄1'' "EβES1β"] obtain Ξ΄'
where Ξ΄'E2_is_Ξ΄2'': "Ξ΄' βΏ EβES2β = Ξ΄2''"
and Ξ΄'E1_is_Ξ΄1'': "Ξ΄' βΏ EβES1β = Ξ΄1''"
and Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events: "set Ξ΄' β set Ξ΄2'' βͺ set Ξ΄1''"
unfolding Let_def
by auto
let ?TAU = "Ξ² @ [c] @ Ξ΄' @ [v']"
let ?LAMBDA = "Ξ± βΏ Vβπ±β"
let ?T2 = Ξ±2''
let ?T1 = Ξ±1''
have "?TAU β Trβ(ES1 β₯ ES2)β"
proof -
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2'' validES2
have "Ξ² βΏ EβES2β @ [c] βΏ EβES2β @ Ξ΄' βΏ EβES2β @ [v'] βΏ EβES2β β TrβES2β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES2β β TrβES2β"
by (simp add: projection_def, auto)
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1'' validES1
have "Ξ² βΏ EβES1β @ [c] βΏ EβES1β @ Ξ΄' βΏ EβES1β @ [v'] βΏ EβES1β β TrβES1β"
by (simp add: ES_valid_def traces_prefixclosed_def
prefixclosed_def prefix_def)
hence "(Ξ² @ [c] @ Ξ΄' @ [v']) βΏ EβES1β β TrβES1β"
by (simp add: projection_def, auto)
moreover
from Ξ²v'Ξ±_in_Tr c_in_Cv_inter_Upsilon VIsViewOnE
Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events Ξ΄2''_in_E2star Ξ΄1''_in_E1star
have "set (Ξ² @ [c] @ Ξ΄' @ [v']) β EβES2β βͺ EβES1β"
unfolding composeES_def isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def
by auto
ultimately show ?thesis
unfolding composeES_def
by auto
qed
hence "set ?TAU β Eβ(ES1 β₯ ES2)β"
unfolding composeES_def
by auto
moreover
have "set ?LAMBDA β Vβπ±β"
by (simp add: projection_def, auto)
moreover
note Ξ±2''_in_E2star Ξ±1''_in_E1star
moreover
from Ξ²E2_cE2_Ξ΄2''_v'E2_Ξ±2''_in_Tr2 Ξ΄'E2_is_Ξ΄2''
have "?TAU βΏ EβES2β @ ?T2 β TrβES2β"
by (simp only: projection_concatenation_commute, auto)
moreover
from Ξ²E1_cE1_Ξ΄1''_v'E1_Ξ±1''_in_Tr1 Ξ΄'E1_is_Ξ΄1''
have "?TAU βΏ EβES1β @ ?T1 β TrβES1β"
by (simp only: projection_concatenation_commute, auto)
moreover
have "?LAMBDA βΏ EβES2β = ?T2 βΏ Vβπ±β"
proof -
from propSepViews have "?LAMBDA βΏ EβES2β = Ξ± βΏ Vβπ±2β"
unfolding properSeparationOfViews_def by (simp only: projection_sequence)
moreover
from Ξ±2''_in_E2star propSepViews have "?T2 βΏ Vβπ±β = ?T2 βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±2'Vv2_is_Ξ±Vv2 Ξ±2''Vv2_is_Ξ±2'Vv2
ultimately show ?thesis
by simp
qed
moreover
have "?LAMBDA βΏ EβES1β = ?T1 βΏ Vβπ±β"
proof -
from propSepViews have "?LAMBDA βΏ EβES1β = Ξ± βΏ Vβπ±1β"
unfolding properSeparationOfViews_def by (simp only: projection_sequence)
moreover
from Ξ±1''_in_E1star propSepViews have "?T1 βΏ Vβπ±β = ?T1 βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (metis Int_commute projection_intersection_neutral)
moreover
note Ξ±1'Vv1_is_Ξ±Vv1 Ξ±1''Vv1_is_Ξ±1'Vv1
ultimately show ?thesis
by simp
qed
moreover
note Ξ±2''Cv2_empty Ξ±1''Cv1_empty generalized_zipping_lemma
ultimately obtain t
where "?TAU @ t β Trβ(ES1 β₯ ES2)β"
and "t βΏ Vβπ±β = ?LAMBDA"
and "t βΏ Cβπ±β = []"
by blast
moreover
have "set Ξ΄' β Nβπ±β β© ΞβΞβ"
proof -
from Ξ΄'_contains_only_Ξ΄2''_Ξ΄1''_events
Ξ΄2''_in_N2_inter_Delta2star Ξ΄1''_in_N1_inter_Delta1star
have "set Ξ΄' β Nβπ±2β β© ΞβΞ2β βͺ Nβπ±1β β© ΞβΞ1β"
by auto
with Delta1_N1_Delta2_N2_subset_Delta Nv1_union_Nv2_subsetof_Nv show ?thesis
by auto
qed
ultimately have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by (simp only: append_assoc, blast)
}
ultimately have "βΞ±' Ξ³'. (set Ξ³' β Nβπ±β β© ΞβΞβ β§ Ξ² @ [c] @ Ξ³' @ [v'] @ Ξ±' β Trβ(ES1 β₯ ES2)β
β§ Ξ±' βΏ Vβπ±β = Ξ± βΏ Vβπ±β β§ Ξ±' βΏ Cβπ±β = [])"
by blast
}
thus ?thesis
unfolding FCIA_def
by blast
qed
theorem compositionality_R:
"β¦ R π±1 TrβES1β; R π±2 TrβES2β β§ βΉ R π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume R1: "R π±1 TrβES1β"
and R2: "R π±2 TrβES2β"
{
fix Ο'
assume Ο'_in_Tr: "Ο' β Trβ(ES1 β₯ ES2)β"
hence Ο'E1_in_Tr1: "Ο' βΏ EβES1β β TrβES1β"
and Ο'E2_in_Tr2: "Ο' βΏ EβES2β β TrβES2β"
unfolding composeES_def
by auto
with R1 R2 obtain Ο1' Ο2'
where Ο1'_in_Tr1: "Ο1' β TrβES1β"
and Ο1'Cv1_empty: "Ο1' βΏ Cβπ±1β = []"
and Ο1'Vv1_is_Ο'_E1_Vv1: "Ο1' βΏ Vβπ±1β = Ο' βΏ EβES1β βΏ Vβπ±1β"
and Ο2'_in_Tr2: "Ο2' β TrβES2β"
and Ο2'Cv2_empty: "Ο2' βΏ Cβπ±2β = []"
and Ο2'Vv2_is_Ο'_E2_Vv2: "Ο2' βΏ Vβπ±2β = Ο' βΏ EβES2β βΏ Vβπ±2β"
unfolding R_def
by blast
have "set [] β Eβ(ES1 β₯ ES2)β"
by auto
moreover
have "set (Ο' βΏ Vβπ±β) β Vβπ±β"
by (simp add: projection_def, auto)
moreover
from validES1 Ο1'_in_Tr1 have Ο1'_in_E1: "set Ο1' β EβES1β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from validES2 Ο2'_in_Tr2 have Ο2'_in_E2: "set Ο2' β EβES2β"
by (simp add: ES_valid_def traces_contain_events_def, auto)
moreover
from Ο1'_in_Tr1 have "[] βΏ EβES1β @ Ο1' β TrβES1β"
by (simp add: projection_def)
moreover
from Ο2'_in_Tr2 have "[] βΏ EβES2β @ Ο2' β TrβES2β"
by (simp add: projection_def)
moreover
have "Ο' βΏ Vβπ±β βΏ EβES1β = Ο1' βΏ Vβπ±β"
proof -
from projection_intersection_neutral[OF Ο1'_in_E1, of "Vβπ±β"] propSepViews
have "Ο1' βΏ Vβπ±β = Ο1' βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (simp add: Int_commute)
moreover
from propSepViews have "Ο' βΏ Vβπ±β βΏ EβES1β = Ο' βΏ Vβπ±1β"
unfolding properSeparationOfViews_def
by (simp add: projection_sequence)
moreover {
have " Ο' βΏ EβES1β βΏ Vβπ±1β = Ο' βΏ (EβES1β β© Vβπ±1β)"
by (simp add: projection_def)
moreover
from validV1 have "EβES1β β© Vβπ±1β = Vβπ±1β"
by (simp add: isViewOn_def V_valid_def
VC_disjoint_def VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ο' βΏ EβES1β βΏ Vβπ±1β = Ο' βΏ Vβπ±1β"
by simp
}
moreover
note Ο1'Vv1_is_Ο'_E1_Vv1
ultimately show ?thesis
by simp
qed
moreover
have "Ο' βΏ Vβπ±β βΏ EβES2β = Ο2' βΏ Vβπ±β"
proof -
from projection_intersection_neutral[OF Ο2'_in_E2, of "Vβπ±β"] propSepViews
have "Ο2' βΏ Vβπ±β = Ο2' βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (simp add: Int_commute)
moreover
from propSepViews have "Ο' βΏ Vβπ±β βΏ EβES2β = Ο' βΏ Vβπ±2β"
unfolding properSeparationOfViews_def
by (simp add: projection_sequence)
moreover {
have " Ο' βΏ EβES2β βΏ Vβπ±2β = Ο' βΏ (EβES2β β© Vβπ±2β)"
by (simp add: projection_def)
moreover
from validV2 have "EβES2β β© Vβπ±2β = Vβπ±2β"
by (simp add:isViewOn_def V_valid_def VC_disjoint_def
VN_disjoint_def NC_disjoint_def, auto)
ultimately have "Ο' βΏ EβES2β βΏ Vβπ±2β = Ο' βΏ Vβπ±2β"
by simp
}
moreover
note Ο2'Vv2_is_Ο'_E2_Vv2
ultimately show ?thesis
by simp
qed
moreover
note Ο1'Cv1_empty Ο2'Cv2_empty generalized_zipping_lemma
ultimately have "βt. [] @ t β Trβ(ES1 β₯ ES2)β β§ t βΏ Vβπ±β = Ο' βΏ Vβπ±β β§ t βΏ Cβπ±β = []"
by blast
}
thus ?thesis
unfolding R_def
by auto
qed
end
locale CompositionalityStrictBSPs = Compositionality +
assumes Nπ±_inter_E1_is_Nπ±1: "Nβπ±β β© EβES1β = Nβπ±1β"
and Nπ±_inter_E2_is_Nπ±2: "Nβπ±β β© EβES2β = Nβπ±2β"
sublocale CompositionalityStrictBSPs β Compositionality
by (unfold_locales)
context CompositionalityStrictBSPs
begin
theorem compositionality_SR:
"β¦ SR π±1 TrβES1β; SR π±2 TrβES2β β§ βΉ SR π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume "SR π±1 TrβES1β"
and "SR π±2 TrβES2β"
{
let ?π±β©1'="β¦V = Vβπ±1β βͺ Nβπ±1β, N = {}, C = Cβπ±1ββ¦"
let ?π±β©2'="β¦V = Vβπ±2β βͺ Nβπ±2β, N = {}, C = Cβπ±2β β¦"
let ?π±' ="β¦V=Vβπ±β βͺ Nβπ±β, N={}, C=Cβπ±β β¦"
from validV1 have π±β©1'IsViewOnEβ©1: "isViewOn ?π±β©1' EβES1β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from validV2 have π±β©2'IsViewOnEβ©2: "isViewOn ?π±β©2' EβES2β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from VIsViewOnE have π±'IsViewOnE: "isViewOn ?π±' Eβ(ES1β₯ES2)β"
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from propSepViews Nπ±_inter_E1_is_Nπ±1
have "Vβ?π±'β β© EβES1β = Vβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews Nπ±_inter_E2_is_Nπ±2
have "Vβ?π±'β β© EβES2β = Vβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES1β β Cβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES2β β Cβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
have "Nβ?π±β©1'β β© Nβ?π±β©2'β ={}"
by auto
note properSeparation_π±β©1π±β©2=βΉVβ?π±'β β© EβES1β = Vβ?π±β©1'ββΊ βΉVβ?π±'β β© EβES2β = Vβ?π±β©2'ββΊ
βΉCβ?π±'β β© EβES1β β Cβ?π±β©1'ββΊ βΉCβ?π±'β β© EβES2β β Cβ?π±β©2'ββΊ βΉNβ?π±β©1'β β© Nβ?π±β©2'β ={}βΊ
have wbc1: "Nβ?π±β©1'β β© EβES1β={} β§ Nβ?π±β©2'β β© EβES2β={}"
by auto
from βΉSR π±1 TrβES1ββΊ have "R ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SR_implies_R_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSR π±2 TrβES2ββΊ have "R ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SR_implies_R_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from validES1 validES2 composableES1ES2 π±'IsViewOnE π±β©1'IsViewOnEβ©1 π±β©2'IsViewOnEβ©2
properSeparation_π±β©1π±β©2 wbc1
have "Compositionality ES1 ES2 ?π±' ?π±β©1' ?π±β©2'" unfolding Compositionality_def
by (simp add: properSeparationOfViews_def wellBehavedComposition_def)
with βΉR ?π±β©1' TrβES1ββΊ βΉR ?π±β©2' TrβES2ββΊ have "R ?π±' Trβ(ES1β₯ES2)β"
using Compositionality.compositionality_R by blast
from validES1 validES2 composeES_yields_ES validVC
have "BSPTaxonomyDifferentCorrections (ES1β₯ES2) π±"
unfolding BSPTaxonomyDifferentCorrections_def by auto
with βΉR ?π±' Trβ(ES1β₯ES2)ββΊ have "SR π± Trβ(ES1β₯ES2)β"
using BSPTaxonomyDifferentCorrections.R_implies_SR_for_modified_view by auto
}
thus ?thesis by auto
qed
theorem compositionality_SD:
"β¦ SD π±1 TrβES1β; SD π±2 TrβES2β β§ βΉ SD π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume "SD π±1 TrβES1β"
and "SD π±2 TrβES2β"
{
let ?π±β©1'="β¦V = Vβπ±1β βͺ Nβπ±1β, N = {}, C = Cβπ±1ββ¦"
let ?π±β©2'="β¦V = Vβπ±2β βͺ Nβπ±2β, N = {}, C = Cβπ±2β β¦"
let ?π±' ="β¦V=Vβπ±β βͺ Nβπ±β, N={}, C=Cβπ±β β¦"
from validV1 have π±β©1'IsViewOnEβ©1: "isViewOn ?π±β©1' EβES1β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from validV2 have π±β©2'IsViewOnEβ©2: "isViewOn ?π±β©2' EβES2β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from VIsViewOnE have π±'IsViewOnE: "isViewOn ?π±' Eβ(ES1β₯ES2)β"
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from propSepViews Nπ±_inter_E1_is_Nπ±1
have "Vβ?π±'β β© EβES1β = Vβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews Nπ±_inter_E2_is_Nπ±2
have "Vβ?π±'β β© EβES2β = Vβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES1β β Cβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES2β β Cβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
have "Nβ?π±β©1'β β© Nβ?π±β©2'β ={}"
by auto
note properSeparation_π±β©1π±β©2=βΉVβ?π±'β β© EβES1β = Vβ?π±β©1'ββΊ βΉVβ?π±'β β© EβES2β = Vβ?π±β©2'ββΊ
βΉCβ?π±'β β© EβES1β β Cβ?π±β©1'ββΊ βΉCβ?π±'β β© EβES2β β Cβ?π±β©2'ββΊ βΉNβ?π±β©1'β β© Nβ?π±β©2'β ={}βΊ
have wbc1: "Nβ?π±β©1'β β© EβES1β={} β§ Nβ?π±β©2'β β© EβES2β={}"
by auto
from βΉSD π±1 TrβES1ββΊ have "BSD ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSD π±2 TrβES2ββΊ have "BSD ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from validES1 validES2 composableES1ES2 π±'IsViewOnE π±β©1'IsViewOnEβ©1 π±β©2'IsViewOnEβ©2
properSeparation_π±β©1π±β©2 wbc1
have "Compositionality ES1 ES2 ?π±' ?π±β©1' ?π±β©2'"
unfolding Compositionality_def
by (simp add: properSeparationOfViews_def wellBehavedComposition_def)
with βΉBSD ?π±β©1' TrβES1ββΊ βΉBSD ?π±β©2' TrβES2ββΊ have "BSD ?π±' Trβ(ES1β₯ES2)β"
using Compositionality.compositionality_BSD by blast
from validES1 validES2 composeES_yields_ES validVC
have "BSPTaxonomyDifferentCorrections (ES1β₯ES2) π±"
unfolding BSPTaxonomyDifferentCorrections_def by auto
with βΉBSD ?π±' Trβ(ES1β₯ES2)ββΊ have "SD π± Trβ(ES1β₯ES2)β"
using BSPTaxonomyDifferentCorrections.BSD_implies_SD_for_modified_view by auto
}
thus ?thesis by auto
qed
theorem compositionality_SI:
"β¦SD π±1 TrβES1β; SD π±2 TrβES2β; SI π±1 TrβES1β; SI π±2 TrβES2β β§
βΉ SI π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume "SD π±1 TrβES1β"
and "SD π±2 TrβES2β"
and "SI π±1 TrβES1β"
and "SI π±2 TrβES2β"
{
let ?π±β©1'="β¦V = Vβπ±1β βͺ Nβπ±1β, N = {}, C = Cβπ±1ββ¦"
let ?π±β©2'="β¦V = Vβπ±2β βͺ Nβπ±2β, N = {}, C = Cβπ±2β β¦"
let ?π±' ="β¦V=Vβπ±β βͺ Nβπ±β, N={}, C=Cβπ±β β¦"
from validV1 have π±β©1'IsViewOnEβ©1: "isViewOn ?π±β©1' EβES1β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from validV2 have π±β©2'IsViewOnEβ©2: "isViewOn ?π±β©2' EβES2β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from VIsViewOnE have π±'IsViewOnE: "isViewOn ?π±' Eβ(ES1β₯ES2)β"
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from propSepViews Nπ±_inter_E1_is_Nπ±1
have "Vβ?π±'β β© EβES1β = Vβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews Nπ±_inter_E2_is_Nπ±2
have "Vβ?π±'β β© EβES2β = Vβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES1β β Cβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES2β β Cβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
have "Nβ?π±β©1'β β© Nβ?π±β©2'β ={}"
by auto
note properSeparation_π±β©1π±β©2=βΉVβ?π±'β β© EβES1β = Vβ?π±β©1'ββΊ βΉVβ?π±'β β© EβES2β = Vβ?π±β©2'ββΊ
βΉCβ?π±'β β© EβES1β β Cβ?π±β©1'ββΊ βΉCβ?π±'β β© EβES2β β Cβ?π±β©2'ββΊ βΉNβ?π±β©1'β β© Nβ?π±β©2'β ={}βΊ
have wbc1: "Nβ?π±β©1'β β© EβES1β={} β§ Nβ?π±β©2'β β© EβES2β={}"
by auto
from βΉSD π±1 TrβES1ββΊ have "BSD ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSD π±2 TrβES2ββΊ have "BSD ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSI π±1 TrβES1ββΊ have "BSI ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SI_implies_BSI_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSI π±2 TrβES2ββΊ have "BSI ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SI_implies_BSI_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from validES1 validES2 composableES1ES2 π±'IsViewOnE π±β©1'IsViewOnEβ©1 π±β©2'IsViewOnEβ©2
properSeparation_π±β©1π±β©2 wbc1
have "Compositionality ES1 ES2 ?π±' ?π±β©1' ?π±β©2'" unfolding Compositionality_def
by (simp add: properSeparationOfViews_def wellBehavedComposition_def)
with βΉBSD ?π±β©1' TrβES1ββΊ βΉBSD ?π±β©2' TrβES2ββΊ βΉBSI ?π±β©1' TrβES1ββΊ βΉBSI ?π±β©2' TrβES2ββΊ
have "BSI ?π±' Trβ(ES1β₯ES2)β"
using Compositionality.compositionality_BSI by blast
from validES1 validES2 composeES_yields_ES validVC
have "BSPTaxonomyDifferentCorrections (ES1β₯ES2) π±"
unfolding BSPTaxonomyDifferentCorrections_def by auto
with βΉBSI ?π±' Trβ(ES1β₯ES2)ββΊ have "SI π± Trβ(ES1β₯ES2)β"
using BSPTaxonomyDifferentCorrections.BSI_implies_SI_for_modified_view by auto
}
thus ?thesis by auto
qed
theorem compositionality_SIA:
"β¦SD π±1 TrβES1β; SD π±2 TrβES2β; SIA Ο1 π±1 TrβES1β; SIA Ο2 π±2 TrβES2β;
(Ο1 π±1) β (Ο π±) β© EβES1β; (Ο2 π±2) β (Ο π±) β© EβES2β β§
βΉ SIA Ο π± (Trβ(ES1 β₯ ES2)β)"
proof -
assume "SD π±1 TrβES1β"
and "SD π±2 TrβES2β"
and "SIA Ο1 π±1 TrβES1β"
and "SIA Ο2 π±2 TrβES2β"
and "(Ο1 π±1) β (Ο π±) β© EβES1β"
and "(Ο2 π±2) β (Ο π±) β© EβES2β"
{
let ?π±β©1' ="β¦V = Vβπ±1β βͺ Nβπ±1β, N = {}, C = Cβπ±1ββ¦"
let ?π±β©2'="β¦V = Vβπ±2β βͺ Nβπ±2β, N = {}, C = Cβπ±2β β¦"
let ?π±' ="β¦V=Vβπ±β βͺ Nβπ±β, N={}, C=Cβπ±β β¦"
let "?Ο1'::'a Rho" ="Ξ»π±. if π±=?π±β©1' then Ο1 π±1 else {}"
let "?Ο2'::'a Rho" ="Ξ»π±. if π±=?π±β©2' then Ο2 π±2 else {}"
let "?Ο'::'a Rho" ="Ξ»π±'. if π±'=?π±' then Ο π± else {}"
have "(?Ο1' ?π±β©1') = (Ο1 π±1)" by simp
have "(?Ο2' ?π±β©2') = (Ο2 π±2)" by simp
have "(?Ο' ?π±') = (Ο π±)" by simp
from validV1 have π±β©1'IsViewOnEβ©1: "isViewOn ?π±β©1' EβES1β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from validV2 have π±β©2'IsViewOnEβ©2: "isViewOn ?π±β©2' EβES2β "
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from VIsViewOnE have π±'IsViewOnE: "isViewOn ?π±' Eβ(ES1β₯ES2)β"
unfolding isViewOn_def V_valid_def VN_disjoint_def NC_disjoint_def VC_disjoint_def by auto
from propSepViews Nπ±_inter_E1_is_Nπ±1
have "Vβ?π±'β β© EβES1β = Vβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews Nπ±_inter_E2_is_Nπ±2
have "Vβ?π±'β β© EβES2β = Vβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES1β β Cβ?π±β©1'β"
unfolding properSeparationOfViews_def by auto
from propSepViews
have "Cβ?π±'β β© EβES2β β Cβ?π±β©2'β"
unfolding properSeparationOfViews_def by auto
have "Nβ?π±β©1'β β© Nβ?π±β©2'β ={}"
by auto
note properSeparation_π±β©1π±β©2=βΉVβ?π±'β β© EβES1β = Vβ?π±β©1'ββΊ βΉVβ?π±'β β© EβES2β = Vβ?π±β©2'ββΊ
βΉCβ?π±'β β© EβES1β β Cβ?π±β©1'ββΊ βΉCβ?π±'β β© EβES2β β Cβ?π±β©2'ββΊ βΉNβ?π±β©1'β β© Nβ?π±β©2'β ={}βΊ
have wbc1: "Nβ?π±β©1'β β© EβES1β={} β§ Nβ?π±β©2'β β© EβES2β={}"
by auto
from βΉSD π±1 TrβES1ββΊ have "BSD ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSD π±2 TrβES2ββΊ have "BSD ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SD_implies_BSD_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by auto
from βΉSIA Ο1 π±1 TrβES1ββΊ βΉ(?Ο1' ?π±β©1') = (Ο1 π±1)βΊ have "BSIA ?Ο1' ?π±β©1' TrβES1β"
using validES1 validV1 BSPTaxonomyDifferentCorrections.SIA_implies_BSIA_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by fastforce
from βΉSIA Ο2 π±2 TrβES2ββΊ βΉ(?Ο2' ?π±β©2') = (Ο2 π±2)βΊ have "BSIA ?Ο2' ?π±β©2' TrβES2β"
using validES2 validV2 BSPTaxonomyDifferentCorrections.SIA_implies_BSIA_for_modified_view
unfolding BSPTaxonomyDifferentCorrections_def by fastforce
from validES1 validES2 composableES1ES2 π±'IsViewOnE π±β©1'IsViewOnEβ©1 π±β©2'IsViewOnEβ©2
properSeparation_π±β©1π±β©2 wbc1
have "Compositionality ES1 ES2 ?π±' ?π±β©1' ?π±β©2'"
unfolding Compositionality_def
by (simp add: properSeparationOfViews_def wellBehavedComposition_def)
from βΉ(Ο1 π±1) β (Ο π±) β© EβES1ββΊ βΉ(?Ο1' ?π±β©1') = (Ο1 π±1)βΊ βΉ(?Ο' ?π±') = (Ο π±)βΊ
have "?Ο1' ?π±β©1' β ?Ο' ?π±' β© EβES1β"
by auto
from βΉ(Ο2 π±2) β (Ο π±) β© EβES2ββΊ βΉ(?Ο2' ?π±β©2') = (Ο2 π±2)βΊ βΉ(?Ο' ?π±') = (Ο π±)βΊ
have "?Ο2' ?π±β©2' β ?Ο' ?π±' β© EβES2β"
by auto
from βΉCompositionality ES1 ES2 ?π±' ?π±β©1' ?π±β©2'βΊ βΉBSD ?π±β©1' TrβES1ββΊ βΉBSD ?π±β©2' TrβES2ββΊ
βΉBSIA ?Ο1' ?π±β©1' TrβES1ββΊ βΉBSIA ?Ο2' ?π±β©2' TrβES2ββΊ
βΉ?Ο1' ?π±β©1' β ?Ο' ?π±' β© EβES1ββΊ βΉ?Ο2' ?π±β©2' β ?Ο' ?π±' β© EβES2ββΊ
have "BSIA ?Ο' ?π±' Trβ(ES1β₯ES2)β"
using Compositionality.compositionality_BSIA by fastforce
from validES1 validES2 composeES_yields_ES validVC
have "BSPTaxonomyDifferentCorrections (ES1β₯ES2) π±"
unfolding BSPTaxonomyDifferentCorrections_def by auto
with βΉBSIA ?Ο' ?π±' Trβ(ES1β₯ES2)ββΊ βΉ(?Ο' ?π±') = (Ο π±)βΊ have "SIA Ο π± Trβ(ES1β₯ES2)β"
using BSPTaxonomyDifferentCorrections.BSIA_implies_SIA_for_modified_view by fastforce
}
thus ?thesis
by auto
qed
end
end