# input-output-hk/fm-ouroboros

Continue proof for `internal_communication`

• Loading branch information...
javierdiaz72 committed Jan 11, 2019
1 parent ae7d50f commit 26b4e715454e7e628243f5e8806cc9b0328cd350
Showing with 101 additions and 50 deletions.
1. +4 −1 Isabelle/Chi_Calculus/Proper_Weak_Bisimulation.thy
2. +97 −49 Isabelle/Chi_Calculus_Examples/Utilities.thy
 @@ -8,6 +8,9 @@ lemma proper_tau_trans_is_basic_tau_trans: "(p \\<^sub>\\\<^sub>\\\\ q \ p \\<^sub>\\basic_action_of \\ q" by (metis proper_residual.distinct(1) proper_residual.inject(1) proper_transition.simps) lemma proper_output_without_opening_trans_is_basic_trans: "p \\<^sub>\\a \ x\ q \ p \\<^sub>\\a \ x\ q" using proper_transition.cases by auto (* TODO: Rename \\<^sup>\\<^sub>\ to \\<^sup>\\<^sub>\ in `Basic_Weak_Bisimulation`, then remove the following abbreviation. *) abbreviation proper_tau_sequence :: "process \ process \ bool" (infix "\\<^sup>\" 50) @@ -202,7 +205,7 @@ definition weak_proper_transition :: "process \ proper_residual \\\ q \ p \\<^sub>\\\\ q \ (\ = \ \ p = q) | \a \ x\ q \ p \\<^sub>\\a \ x\ q | Output a K \ p \\<^sub>\ Output a K" \a \ K \ p \\<^sub>\\a \ K" lemma prepend_tau_transition_to_weak_proper_transition: "\ p \\<^sub>\\\\ r; r \\<^sub>\\<^sup>^\\\ q \ \ p \\<^sub>\\<^sup>^\\\ q" proof -
 @@ -29,6 +29,50 @@ where private lemma transitions_from_p0: "(\!d. p0 y P \\<^sub>\ d) \ (THE d. p0 y P \\<^sub>\ d) = \\\ \ c. (\ \ P y)" sorry (* private lemma transitions_from_p0: "\d. p0 y P \\<^sub>\\\\ d \ (\d. p0 y P \\<^sub>\ d \ d = \\\ \ c. (\ \ P y))" sorry *) private lemma aux1: "\ c. (\ \ p) \\<^sub>\ p" proof - have "\ \ p \\<^sub>\ p" using proper_parallel_unit by simp then have "\ c. (\ \ p) \\<^sub>\ \ c. p" using proper_new_channel_preservation by simp then show ?thesis using proper_scope_redundancy and proper.bisimilarity_transitivity_rule by blast qed private lemma aux2: "p0 y P \\<^sup>\ \ c. (\ \ P y)" proof - have "p0 y P \\<^sub>\\\\ \ c. (\ \ P y)" using transitions_from_p0 and theI2 by metis then show ?thesis using proper_tau_trans_is_basic_tau_trans and tau_transition_is_tau_sequence by simp_all qed private lemma aux3: assumes "reflp \" and "\ = (\\<^sub>\) OO \ OO (\\<^sub>\)" shows "\ (\ c. (\ \ p)) p" and "\ p (\ c. (\ \ p))" proof - have "\ (\ c. (\ \ p)) p" proof - have "\ c. (\ \ p) \\<^sub>\ p" using aux1 by fastforce then show ?thesis using reflp_ge_eq and assms by blast qed moreover have "\ p (\ c. (\ \ p))" proof - have "\ c. (\ \ p) \\<^sub>\ p" using aux1 by fastforce then have "p \\<^sub>\ \ c. (\ \ p)" using proper.bisimilarity_symmetry by simp then show ?thesis using reflp_ge_eq and assms by blast qed ultimately show "\ (\ c. (\ \ p)) p" and "\ p (\ c. (\ \ p))" by simp_all qed (* TODO: Fill holes. *) lemma internal_communication: "\ c. (c \ y \ c \ x. P x) \\<^sub>\ P y" proof - @@ -52,19 +96,7 @@ proof - moreover have "q \\<^sub>\\<^sup>^\\\ q" using weak_proper_transition_refl_intro by simp moreover have "?\ (\ c. (\ \ P y)) q" proof - have "\ c. (\ \ P y) \\<^sub>\ P y" proof - have "\ \ P y \\<^sub>\ P y" using proper_parallel_unit by simp then have "\ c. (\ \ P y) \\<^sub>\ \ c. P y" using proper_new_channel_preservation by simp then show ?thesis using proper_scope_redundancy and proper.bisimilarity_transitivity_rule by blast qed then show ?thesis using bisim_rel.id and `q = p1 y P` and p1_def by auto qed using aux3 and bisim_rel.id and `q = p1 y P` and p1_def by (simp add: reflpI) then have "proper_lift ?\ d (\\\ q)" using simple_lift and `d = \\\ \ c. (\ \ P y)` by simp ultimately show ?thesis @@ -78,59 +110,75 @@ proof - fix d assume "p \\<^sub>\ d" then show "\e. q \\<^sub>\\<^sup>^ e \ proper_lift ?\ d e" proof (cases d) case (Simple \ p') proof cases case (simple \ p') then show ?thesis proof - let ?e = "\\\ \ c. (\ \ p')" have "q \\<^sub>\\<^sup>^ ?e" have "q \\<^sub>\\<^sup>^\\\ \ c. (\ \ p')" proof - have "q \\<^sub>\\\\ \ c. (\ \ P y)" using `q = p0 y P` and transitions_from_p0 by (metis theI_unique) moreover have "\ c. (\ \ P y) \\<^sub>\ ?e" using transitions_from_p0 and `q = p0 y P` by (metis theI2) moreover have "\ c. (\ \ P y) \\<^sub>\\\\ \ c. (\ \ p')" proof - have "P y \\<^sub>\\basic_action_of \\ p'" using `p \\<^sub>\ d` and `d = \\\ p'` and `p = p1 y P` and p1_def and proper_simple_trans_is_basic_trans by simp then have "\ \ P y \\<^sub>\\basic_action_of \\ \ \ p'" using acting_right by simp moreover have "\ c. (\ \ P y) \\<^sub>\\\ c\ \ \ P y" using opening by simp ultimately have "\ c. (\ \ P y) \\<^sub>\\basic_action_of \\ \ c. (\ \ p')" using scoped_acting by simp then show ?thesis have "\ \ P y \\<^sub>\\basic_action_of \\ \ \ p'" using `p \\<^sub>\\basic_action_of \\ p'` and `p = p1 y P` and p1_def and acting_right by simp then have "\ c. (\ \ P y) \\<^sub>\\basic_action_of \\ \ c. (\ \ p')" using acting_scope by simp then have "\ c. (\ \ P y) \\<^sub>\\\\ \ c. (\ \ p')" using proper_transition.simple by simp then show ?thesis using weak_tau_respecting_proper_transition_single_simple by simp qed ultimately show ?thesis using weak_tau_respecting_proper_transition_single_simple and prepend_tau_transition_to_weak_proper_transition and weak_proper_transition_step_intro by simp using prepend_tau_transition_to_weak_proper_transition and weak_proper_transition_def by simp qed moreover have "proper_lift ?\ d ?e" moreover have "proper_lift ?\ (\\\ p') (\\\ \ c. (\ \ p'))" proof - have "p' \\<^sub>\ \ \ p'" using proper_parallel_unit by simp also have "\ \ p' \\<^sub>\ \ c. (\ \ p')" using proper_scope_redundancy by simp finally have "p' \\<^sub>\ \ c. (\ \ p')" . then have "?\ p' (\ c. (\ \ p'))" using bisim_rel.id by auto have "?\ p' (\ c. (\ \ p'))" using aux3 and bisim_rel.id by (simp add: reflpI) then show ?thesis using simple_lift and `d = \\\ p'` by simp using simple_lift by simp qed ultimately show ?thesis by smt using `d = \\\ p'` by auto qed next case (Output c K) case (output_without_opening a x p') then show ?thesis proof (induction K) case (WithoutOpening x p) then show ?case sorry next case (WithOpening \) then show ?case sorry proof - have "q \\<^sub>\\<^sup>^\a \ x\ \ c. (\ \ p')" proof - have "q \\<^sup>\ \ c. (\ \ P y)" using aux2 and `q = p0 y P` by simp moreover have "\ c. (\ \ P y) \\<^sub>\\a \ x\ \ c. (\ \ p')" proof - have "\ \ P y \\<^sub>\\a \ x\ \ \ p'" using `p \\<^sub>\\a \ x\ p'` and `p = p1 y P` and p1_def and acting_right by simp then have "\ c. (\ \ P y) \\<^sub>\\a \ x\ \ c. (\ \ p')" using acting_scope by simp then have "\ c. (\ \ P y) \\<^sub>\\a \ x\ \ c. (\ \ p')" using proper_transition.output_without_opening by simp then show ?thesis using weak_tau_respecting_proper_transition_single_output_without_opening by simp qed ultimately show ?thesis using prepend_tau_sequence_to_weak_tau_respecting_proper_transition_output_without_opening and weak_proper_transition_def by simp qed moreover have "proper_lift ?\ (\a \ x\ p') (\a \ x\ \ c. (\ \ p'))" proof - have "?\ p' (\ c. (\ \ p'))" using aux3 and bisim_rel.id by (simp add: reflpI) then have "output_rest_lift ?\ (x\ p') (x\ \ c. (\ \ p'))" using without_opening_lift by simp then show ?thesis using output_lift by simp qed ultimately show ?thesis using `d = \a \ x\ p'` by auto qed next case (output_with_opening P' a K) then show ?thesis sorry qed qed next

#### 0 comments on commit `26b4e71`

Please sign in to comment.