Theory utp_lift

section ‹ Lifting Expressions ›

theory utp_lift
  imports
    utp_alphabet
begin

subsection ‹ Lifting definitions ›

text ‹ We define operators for converting an expression to and from a relational state space
  with the help of alphabet extrusion and restriction. In general throughout Isabelle/UTP
  we adopt the notation $\lceil P \rceil$ with some subscript to denote lifting an expression
  into a larger alphabet, and $\lfloor P \rfloor$ for dropping into a smaller alphabet.

  The following two functions lift and drop an expression, respectively, whose alphabet is 
  @{typ "'α"}, into a product alphabet @{typ "'α × 'β"}. This allows us to deal with expressions
  which refer only to undashed variables, and use the type-system to ensure this. ›

abbreviation lift_pre :: "('a, 'α) uexpr ⇒ ('a, 'α × 'β) uexpr" (‹⌈_⌉⇩<›)
where "⌈P⌉⇩< ≡ P ⊕⇩p fst⇩L"

abbreviation drop_pre :: "('a, 'α × 'β) uexpr ⇒ ('a, 'α) uexpr" (‹⌊_⌋⇩<›)
where "⌊P⌋⇩< ≡ P ↾⇩e fst⇩L"

text ‹ The following two functions lift and drop an expression, respectively, whose alphabet is 
  @{typ "'β"}, into a product alphabet @{typ "'α × 'β"}. This allows us to deal with expressions
  which refer only to dashed variables. ›
  
abbreviation lift_post :: "('a, 'β) uexpr ⇒ ('a, 'α × 'β) uexpr" (‹⌈_⌉⇩>›)
where "⌈P⌉⇩> ≡ P ⊕⇩p snd⇩L"

abbreviation drop_post :: "('a, 'α × 'β) uexpr ⇒ ('a, 'β) uexpr" (‹⌊_⌋⇩>›)
where "⌊P⌋⇩> ≡ P ↾⇩e snd⇩L"
  
subsection ‹ Lifting Laws ›

text ‹ With the help of our alphabet laws, we can prove some intuitive laws about alphabet
  lifting. For example, lifting variables yields an unprimed or primed relational variable
  expression, respectively. ›
  
lemma lift_pre_var [simp]:
  "⌈var x⌉⇩< = $x"
  by (alpha_tac)

lemma lift_post_var [simp]:
  "⌈var x⌉⇩> = $x´"
  by (alpha_tac)

subsection ‹ Substitution Laws ›
    
lemma pre_var_subst [usubst]:
  "σ($x ↦⇩s «v») † ⌈P⌉⇩< = σ † ⌈P⟦«v»/&x⟧⌉⇩<"
  by (pred_simp)
    
subsection ‹ Unrestriction laws ›

text ‹ Crucially, the lifting operators allow us to demonstrate unrestriction properties. For
  example, we can show that no primed variable is restricted in an expression over only the
  first element of the state-space product type. ›
  
lemma unrest_dash_var_pre [unrest]:
  fixes x :: "('a ⟹ 'α)"
  shows "$x´ ♯ ⌈p⌉⇩<"
  by (pred_auto)

end