├── .gitignore ├── CONTRIBUTORS ├── COPYING ├── README.md ├── ROOT ├── _config.yml ├── assurance └── fmac │ ├── formal_assurance.thy │ └── refinement.thy ├── axiomatic ├── .gitignore ├── Axiomatic.thy ├── ROOT ├── TODO.txt ├── build.sh ├── document │ ├── document.sty │ └── root.tex ├── hierarchy.pdf ├── hierarchy │ ├── .gitignore │ ├── document.sty │ └── root.tex ├── nedit-all.sh └── theories │ ├── core │ ├── uattrib.thy │ ├── uconsts.thy │ ├── udefaults.thy │ ├── uexpr.ML │ ├── uexpr.thy │ ├── ulens.thy │ ├── ulift.ML │ ├── ulift.thy │ ├── uname.ML │ ├── uname.thy │ ├── unrest.thy │ ├── unrest_sf.thy │ ├── uparser.thy │ ├── upred.thy │ ├── uref.thy │ ├── urel.thy │ ├── ustate.thy │ ├── ustore.thy │ ├── utype.thy │ ├── uval.ML │ ├── uval.thy │ ├── uvar.ML │ └── uvar.thy │ ├── document.thy │ ├── hierarchy │ ├── hval.thy │ ├── indices.ML │ ├── ranks.ML │ └── ranks.thy │ ├── meta │ ├── ucore.thy │ ├── umodel.thy │ ├── uranked.thy │ └── usystem.thy │ ├── theories │ ├── designs.thy │ ├── thiago.thy │ ├── thiago_prel.thy │ └── utheory.thy │ ├── ucommon.thy │ ├── uimports.thy │ └── utils │ ├── Interpret.thy │ ├── Named_Attrib.ML │ ├── Named_Attrib.thy │ ├── Normalise.thy │ ├── Pure_Utils.ML │ ├── Strings.thy │ ├── Sum_Order.thy │ ├── Transfer_Plus.ML │ ├── Transfer_Plus.thy │ ├── Typedef_extra.thy │ ├── Typedep.ML │ ├── Typedep.thy │ ├── Typerep_Collect.ML │ ├── Typerep_ind.thy │ ├── flat_orders.ML │ ├── flat_orders.thy │ └── remove_duplicates.thy ├── bin ├── afp_get.sh ├── build.sh ├── clean.sh ├── nedit-all.sh ├── utp-jedit └── utp_deps.sh ├── calculi └── utp_wprespec.thy ├── casestudies └── Tokeneer │ ├── Tokeneer-UTP.pdf │ ├── Tokeneer.thy │ └── document │ └── root.tex ├── continuum ├── Continuum.thy ├── Dyadic.thy ├── Finite_Bijection.thy ├── Lightweight_Cardinals.thy ├── Real_Bit.thy └── UNIV_TYPE.thy ├── doc ├── UTP-Circus.pdf ├── UTP-Designs.pdf ├── UTP-KAT.pdf ├── UTP-Reactive-Designs.pdf ├── UTP-Reactive.pdf ├── UTP-Stateful-Failures.pdf ├── UTP-Toolkit.pdf ├── UTP-Tutorial.pdf ├── UTP.pdf └── syntax │ ├── csp.sty │ ├── utp-syntax.bib │ ├── utp-syntax.pdf │ ├── utp-syntax.tex │ └── zed.sty ├── dynamics ├── .gitignore ├── Contiguous_Functions.thy ├── Derivative_extra.thy ├── Matrix_Syntax.thy ├── ODE_Cert.thy ├── Timed_Traces.thy └── document │ ├── comment.sty │ ├── csp.sty │ ├── document.sty │ ├── isabelle.sty │ ├── isabellesym.sty │ ├── isabelletags.sty │ ├── pdfsetup.sty │ ├── railsetup.sty │ ├── root.bib │ ├── root.tex │ └── zed.sty ├── fmi ├── .gitignore ├── Architecture.thy ├── Architecture_D2_3c.thy ├── Example_D2_2d.thy ├── Interlocking.thy ├── Positive_New.thy ├── Railways_Impl.thy ├── Railways_Impl2.thy ├── Railways_Spec.thy ├── Time.thy ├── Topology.thy ├── Vector.thy ├── document │ ├── document.sty │ ├── root.bib │ └── root.tex ├── fmi.thy ├── fmi_export.thy ├── fmi_report.pdf ├── utp_hoare_ext.thy └── wf_value.thy ├── fmi_report.pdf ├── hybrid ├── .gitignore ├── document │ ├── csp.sty │ ├── document.sty │ ├── root.bib │ ├── root.tex │ └── zed.sty ├── examples │ ├── utp_bouncing_ball.thy │ ├── utp_bouncing_ball.thy~ │ ├── utp_thermostat.thy │ └── utp_trains.thy ├── imports │ └── utp_hybrid_imports.thy ├── utp_differential.thy ├── utp_hrd.thy ├── utp_hybrid.thy └── utp_hyrel.thy ├── impl ├── examples │ └── utp_rcalc_ex.thy ├── utp_impl.thy ├── utp_prog.thy └── utp_rcalc.thy ├── isabelle-utp.py ├── modelica ├── Modelica.thy ├── Modelica_Blocks_Continuous.thy ├── Modelica_Blocks_Discrete.thy ├── Modelica_Blocks_Math.thy ├── Modelica_Blocks_Sources.thy ├── Modelica_Core.thy ├── Modelica_Math.thy └── noncomp │ ├── Modelica_Blocks.thy │ ├── Modelica_Blocks_Continuous.thy │ ├── Modelica_Blocks_Core.thy │ ├── Modelica_Blocks_Discrete.thy │ ├── Modelica_Blocks_Math.thy │ ├── Modelica_Blocks_Sources.thy │ ├── Modelica_Discrete.thy │ ├── Modelica_NonComp.thy │ └── examples │ └── Modelica_Blocks_Examples.thy ├── probability ├── utp_expectation.thy └── utp_prob_des.thy ├── profiling ├── Profiling.ML └── Profiling.thy ├── robochart └── untimed │ ├── Actions.thy │ ├── AsyncChannel.thy │ ├── MetaModel.thy │ ├── ReactiveSpec.thy │ ├── StateMachine.thy │ └── examples │ ├── Chemical.thy │ └── GasAnalysis.thy ├── simplefmi ├── SimpleFMI.thy ├── SimpleTank.thy └── VDMRT.thy ├── theories ├── actions │ ├── utp_action_circus.thy │ └── utp_action_language.thy ├── circus │ ├── document │ │ ├── document.sty │ │ ├── root.bib │ │ └── root.tex │ ├── utp_circus.thy │ ├── utp_circus_easy_parser.thy │ ├── utp_circus_hiding.thy │ ├── utp_circus_parallel.thy │ ├── utp_circus_parallel.thy~ │ ├── utp_circus_prefix.thy │ └── utp_circus_traces.thy ├── designs │ ├── document │ │ ├── document.sty │ │ ├── root.bib │ │ └── root.tex │ ├── utp_des_core.thy │ ├── utp_des_healths │ ├── utp_des_healths.thy │ ├── utp_des_hoare.thy │ ├── utp_des_invariants.thy │ ├── utp_des_parallel.thy │ ├── utp_des_prog.thy │ ├── utp_des_refcalc.thy │ ├── utp_des_tactics.thy │ ├── utp_des_theory.thy │ ├── utp_des_wp.thy │ └── utp_designs.thy ├── hyprog │ ├── examples │ │ ├── AMV.thy │ │ └── Bouncing_Ball.thy │ ├── utp_hyprog.thy │ ├── utp_hyprog_dL.thy │ ├── utp_hyprog_deriv.thy │ ├── utp_hyprog_dinv.thy │ ├── utp_hyprog_ex.thy │ ├── utp_hyprog_ode.thy │ └── utp_hyprog_prelim.thy ├── kleene │ ├── document │ │ ├── comment.sty │ │ ├── document.sty │ │ ├── isabelle.sty │ │ ├── isabellesym.sty │ │ ├── isabelletags.sty │ │ ├── pdfsetup.sty │ │ ├── railsetup.sty │ │ ├── root.bib │ │ └── root.tex │ └── utp_kleene.thy ├── memory │ ├── Injection_Universe.thy │ ├── Partial_Monoids.thy │ ├── Partial_Monoids_Instances.thy │ ├── utp_mem_aseplog.thy │ ├── utp_mem_prelim.thy │ ├── utp_mem_prog.thy │ ├── utp_mem_seplog.thy │ ├── utp_mem_stack.thy │ └── utp_memory.thy ├── rcircus │ ├── Refusal_Tests.thy │ └── utp_rcircus.thy ├── rea_designs │ ├── document │ │ ├── document.sty │ │ ├── root.bib │ │ └── root.tex │ ├── utp_rdes_contracts.thy │ ├── utp_rdes_designs.thy │ ├── utp_rdes_guarded.thy │ ├── utp_rdes_healths.thy │ ├── utp_rdes_instant.thy │ ├── utp_rdes_normal.thy │ ├── utp_rdes_parallel.thy │ ├── utp_rdes_productive.thy │ ├── utp_rdes_prog.thy │ ├── utp_rdes_tactics.thy │ ├── utp_rdes_tactics.thy~ │ ├── utp_rdes_triples.thy │ └── utp_rea_designs.thy ├── reactive │ ├── document │ │ ├── document.sty │ │ ├── root.bib │ │ └── root.tex │ ├── utp_rea_cond.thy │ ├── utp_rea_core.thy │ ├── utp_rea_event.thy │ ├── utp_rea_healths.thy │ ├── utp_rea_healths.thy~ │ ├── utp_rea_hoare.thy │ ├── utp_rea_links.thy │ ├── utp_rea_parallel.thy │ ├── utp_rea_prog.thy │ ├── utp_rea_rel.thy │ ├── utp_rea_wp.thy │ └── utp_reactive.thy ├── sf_rdes │ ├── document │ │ ├── document.sty │ │ ├── root.bib │ │ └── root.tex │ ├── utp_sf_rdes.thy │ ├── utp_sfrd_contracts.thy │ ├── utp_sfrd_core.thy │ ├── utp_sfrd_core.thy~ │ ├── utp_sfrd_extchoice.thy │ ├── utp_sfrd_fdsem.thy │ ├── utp_sfrd_healths.thy │ ├── utp_sfrd_prog.thy │ ├── utp_sfrd_recursion.thy │ ├── utp_sfrd_rel.thy │ └── utp_sfrd_traces.thy ├── time │ └── utp_time_rel.thy ├── tockcircus │ ├── tcircus_calc.thy │ ├── tcircus_idle.thy │ ├── tcircus_rel.thy │ ├── tcircus_traces.thy │ └── tockcircus.thy ├── undef │ └── utp_undef.thy ├── utp_circus.thy ├── utp_circus_prefix.thy ├── utp_circus_prel.thy ├── utp_cml.thy ├── utp_theories.thy ├── utp_theories_deep.thy ├── utp_time_designs.thy ├── utp_timed_rea_designs.thy └── utp_tockcircus.thy ├── toolkit ├── document │ ├── document.sty │ ├── root.bib │ └── root.tex └── utp_toolkit.thy ├── tools └── transcl │ ├── .gitignore │ ├── ROOT │ ├── TODO.txt │ ├── doc │ ├── transcl.pdf │ └── transcl_c++.pdf │ ├── isabelle │ ├── document │ │ ├── document.sty │ │ └── root.tex │ ├── presimplify.ML │ ├── transcl.ML │ ├── transcl.thy │ ├── transcl_issue.thy │ └── transcl_tests.thy │ ├── makefile │ ├── relation.isa │ ├── rev │ └── transcl_v1.tar.gz │ └── src │ ├── Algorithms.cpp │ ├── Algorithms.hpp │ ├── BoostAlgorithm.cpp │ ├── BoostAlgorithm.hpp │ ├── FloydWarshall.cpp │ ├── FloydWarshall.hpp │ ├── MapletRecorder.cpp │ ├── MapletRecorder.hpp │ ├── NullStream.cpp │ ├── NullStream.hpp │ ├── ScanException.cpp │ ├── ScanException.hpp │ ├── Scanner.cpp │ ├── Scanner.hpp │ ├── Symtab.cpp │ ├── Symtab.h │ ├── Symtab.hpp │ ├── TCAlgorithm.cpp │ ├── TCAlgorithm.hpp │ ├── TrieNode.cpp │ ├── TrieNode.hpp │ ├── argp_conf.c │ ├── argp_conf.h │ ├── concat_all.sh │ ├── debug.c │ ├── debug.h │ ├── encode_mode.h │ ├── main.c │ ├── main.h │ ├── test.c │ └── test.h ├── tutorial ├── .gitignore ├── document │ ├── comment.sty │ ├── document.sty │ ├── isabelle.sty │ ├── isabellesym.sty │ ├── isabelletags.sty │ ├── pdfsetup.sty │ ├── railsetup.sty │ ├── root.bib │ └── root.tex ├── ictac16_tutorial.thy ├── isabelle_tutorial.thy ├── utp_boyle.thy ├── utp_circus_tutorial.thy ├── utp_circus_tutorial_ex.thy ├── utp_csp_buffer.thy ├── utp_csp_counter.thy ├── utp_csp_ex.thy ├── utp_csp_mini_mondex.thy ├── utp_csp_pump.thy ├── utp_csp_timer.thy ├── utp_designs_ref_ex.thy ├── utp_examples.thy ├── utp_hello_world.thy ├── utp_lens_demo.thy ├── utp_library.thy ├── utp_simple_time.thy └── utp_tutorial.thy ├── utp ├── .gitignore ├── document │ ├── comment.sty │ ├── document.sty │ ├── isabelle.sty │ ├── isabellesym.sty │ ├── isabelletags.sty │ ├── pdfsetup.sty │ ├── railsetup.sty │ ├── root.bib │ └── root.tex ├── examples │ ├── factorial.thy │ ├── find_replace.thy │ ├── gcd.thy │ ├── insertion_sort.thy │ ├── local_var.thy │ ├── max_list.thy │ ├── morgan_rcalc.thy │ ├── quicksort.thy │ └── sum_list.thy ├── models │ ├── axm │ │ ├── utp_avar.thy │ │ └── utp_axm.thy │ └── deep │ │ ├── utp_deep.thy │ │ ├── utp_dvar.thy │ │ └── utp_procedure.thy ├── uexpr_rep_eq.ML ├── utp.thy ├── utp_alphabet.thy ├── utp_blocks.thy ├── utp_collection.thy ├── utp_concurrency.thy ├── utp_deduct.thy ├── utp_definition.thy ├── utp_dvar.thy ├── utp_dynlog.thy ├── utp_easy_parser.thy ├── utp_expr.thy ├── utp_expr_funcs.thy ├── utp_expr_insts.thy ├── utp_expr_ovld.thy ├── utp_frame.thy ├── utp_full.thy ├── utp_healthy.thy ├── utp_hoare.thy ├── utp_lift.thy ├── utp_lift_parser.thy ├── utp_lift_pretty.thy ├── utp_meta_subst.thy ├── utp_morgan.thy ├── utp_parser_utils.thy ├── utp_pred.thy ├── utp_pred_laws.thy ├── utp_recursion.thy ├── utp_rel.thy ├── utp_rel_laws.thy ├── utp_rel_opsem.thy ├── utp_schema.thy ├── utp_sequent.thy ├── utp_sp.thy ├── utp_spec.thy ├── utp_state_parser.thy ├── utp_subst.thy ├── utp_sym_eval.thy ├── utp_tactics.ML ├── utp_tactics.thy ├── utp_theory.thy ├── utp_unrest.thy ├── utp_usedby.thy ├── utp_var.thy ├── utp_wlp.thy └── utp_wp.thy ├── vdm-sl ├── LPF.thy ├── PFOL.thy ├── VDM.thy ├── VDM_Ops.thy └── examples │ └── Alarm.thy └── zedlite └── zedlite.thy /.gitignore: -------------------------------------------------------------------------------- 1 | # Directories that are ignored by git if present. 2 | output 3 | export 4 | obsolete 5 | misc 6 | tmp 7 | -------------------------------------------------------------------------------- /CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | For the purposes of the license agreement in the file COPYRIGHT, a 2 | 'contributor' is anybody who is listed in this file (CONTRIBUTORS) or 3 | who is listed as an author in one of the source files of this Isabelle 4 | distribution. 5 | 6 | Contributors to Isabelle/UTP 7 | ---------------------------- 8 | 9 | * Simon Foster, University of York, UK 10 | * Frank Zeyda, University of York, UK 11 | * Yakoub Nemouchi, Virginia Tech, USA 12 | * Abderrahmane Feliachi, University of Paris Sud, France 13 | * Burkhart Wolff, University of Paris Sud, France 14 | * Samuel Canham, University of York, UK 15 | * Pedro Ribeiro, University of York, UK 16 | * Christian Pardillo Laursen, University of York, UK 17 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | ISABELLE/UTP COPYRIGHT NOTICE, LICENSE AND DISCLAIMER. 2 | 3 | Copyright (c) 2012-2018, 4 | University of York, UK, 5 | Copyright (c) 2016-2018, 6 | Virginia Tech, USA, 7 | Copyright (c) 2011-2018, 8 | Université Paris-Saclay, Univ. Paris-Sud, France, 9 | and contributors. 10 | 11 | All rights reserved. 12 | 13 | Redistribution and use in source and binary forms, with or without 14 | modification, are permitted provided that the following conditions are met: 15 | * Redistributions of source code must retain the above copyright 16 | notice, this list of conditions and the following disclaimer. 17 | * Redistributions in binary form must reproduce the above copyright 18 | notice, this list of conditions and the following disclaimer in the 19 | documentation and/or other materials provided with the distribution. 20 | * Neither the names of the University of York, nor the 21 | names of its contributors may be used to endorse or promote products 22 | derived from this software without specific prior written permission. 23 | 24 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 25 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 26 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 27 | DISCLAIMED. IN NO EVENT SHALL UNIVERSITY OF YORK BE LIABLE FOR ANY 28 | DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 29 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 30 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 31 | ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 32 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 | -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-architect -------------------------------------------------------------------------------- /axiomatic/.gitignore: -------------------------------------------------------------------------------- 1 | # The files in this folder are kept in sync with the subversion repository at 2 | # 3 | # https://cssvn.york.ac.uk/repos/utp-isabelle/axiomatic 4 | .svn 5 | # Ignore output directory for Isabelle documents (dynamically created). 6 | output 7 | -------------------------------------------------------------------------------- /axiomatic/Axiomatic.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Axiomatic.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Axiomatic Model\ 10 | 11 | theory Axiomatic 12 | imports 13 | "UTP-Axiomatic.umodel" 14 | (* "../utp/models/axm/utp_avar" *) 15 | begin end 16 | -------------------------------------------------------------------------------- /axiomatic/ROOT: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: ROOT *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | (* Session UTP-Axiomatic *) 9 | 10 | session "UTP-Axiomatic" in "theories" = "HOL" + 11 | options [browser_info = true, 12 | document = pdf, 13 | document_variants = "document:outline=/proof,/ML", 14 | document_output = "../output", 15 | timeout = 600] 16 | sessions "UTP1-Toolkit" 17 | directories 18 | "utils" 19 | "core" 20 | "meta" 21 | "theories" 22 | "hierarchy" 23 | theories 24 | "ucore" 25 | "umodel" 26 | "usystem" 27 | "uranked" 28 | document_files (in "../document") 29 | "root.tex" 30 | "document.sty" 31 | document_files (in "utils") 32 | "flat_orders.ML" 33 | "Named_Attrib.ML" 34 | "Pure_Utils.ML" 35 | "Transfer_Plus.ML" 36 | "Typedep.ML" 37 | "Typerep_Collect.ML" 38 | document_files (in "core") 39 | "uexpr.ML" 40 | "ulift.ML" 41 | "uname.ML" 42 | "uval.ML" 43 | "uvar.ML" 44 | 45 | (* Session UTP-Ranked *) 46 | 47 | session "UTP-Ranked" in "hierarchy" = "UTP-Axiomatic" + 48 | options [browser_info = true, 49 | document = pdf, 50 | document_variants = "document:outline=/proof,/ML", 51 | document_output = "output", 52 | timeout = 600] 53 | document_theories 54 | "UTP-Axiomatic.uimports" 55 | "UTP-Axiomatic.uranked" 56 | "UTP-Axiomatic.uattrib" 57 | "UTP-Axiomatic.ucommon" 58 | "UTP-Axiomatic.uconsts" 59 | "UTP-Axiomatic.uname" 60 | "UTP-Axiomatic.utype" 61 | "UTP-Axiomatic.ranks" 62 | "UTP-Axiomatic.hval" 63 | "UTP-Axiomatic.uvar" 64 | document_files (in ".") 65 | "root.tex" 66 | "document.sty" 67 | document_files (in "../theories/hierarchy") 68 | "indices.ML" 69 | "ranks.ML" 70 | -------------------------------------------------------------------------------- /axiomatic/TODO.txt: -------------------------------------------------------------------------------- 1 | (1) Think about how to best implement the HO model, considering all options and previous experience(s). 2 | 3 | (2) Think about the idea of a monadic model for alphabetised predicates. Talk about this to Jim Woodcock and Simon Foster. 4 | 5 | (3) Integrating the axiomatic work with Leo's/Diego's RG theories; there appeared to be some issues due to a change in precedence of function application. Perhaps reconsider that change; it is quite invasive [DONE]. 6 | -------------------------------------------------------------------------------- /axiomatic/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | isabelle build -c -b UTP-AXM-IMPORTS 3 | isabelle build -c -b UTP-AXM-CORE 4 | isabelle build -c -b UTP-AXM-RANKED 5 | isabelle build -c -b UTP-AXM-SYSTEM 6 | -------------------------------------------------------------------------------- /axiomatic/document/document.sty: -------------------------------------------------------------------------------- 1 | %%%%%%%%%%%% 2 | % Typeface % 3 | %%%%%%%%%%%% 4 | 5 | \newcommand{\strong}[1]{\textbf{#1}} 6 | \newcommand{\code}[1]{\texttt{#1}} 7 | 8 | %%%%%%%%%% 9 | % Colors % 10 | %%%%%%%%%% 11 | 12 | \newcommand{\red}[1]{{\color{Red}#1}} 13 | \newcommand{\blue}[1]{{\color{Blue}#1}} 14 | \newcommand{\green}[1]{{\color{Green}#1}} 15 | \newcommand{\grey}[1]{{\color{Gray}#1}} 16 | \newcommand{\purple}[1]{{\color{Purple}#1}} 17 | 18 | %%%%%%%%%%%%%%%%%%%%%%% 19 | % Document Management % 20 | %%%%%%%%%%%%%%%%%%%%%%% 21 | 22 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 23 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 24 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 25 | -------------------------------------------------------------------------------- /axiomatic/hierarchy.pdf: -------------------------------------------------------------------------------- 1 | hierarchy/output/document.pdf -------------------------------------------------------------------------------- /axiomatic/hierarchy/.gitignore: -------------------------------------------------------------------------------- 1 | # The files in this folder are kept in sync with the subversion repository at 2 | # 3 | # https://cssvn.york.ac.uk/repos/utp-isabelle/axiomatic 4 | .svn 5 | # Ignore output directory for Isabelle documents (dynamically created). 6 | output 7 | -------------------------------------------------------------------------------- /axiomatic/hierarchy/document.sty: -------------------------------------------------------------------------------- 1 | %%%%%%%%%%%% 2 | % Typeface % 3 | %%%%%%%%%%%% 4 | 5 | \newcommand{\strong}[1]{\textbf{#1}} 6 | \newcommand{\code}[1]{\texttt{#1}} 7 | 8 | %%%%%%%%%% 9 | % Colors % 10 | %%%%%%%%%% 11 | 12 | \newcommand{\red}[1]{{\color{Red}#1}} 13 | \newcommand{\blue}[1]{{\color{Blue}#1}} 14 | \newcommand{\green}[1]{{\color{Green}#1}} 15 | \newcommand{\grey}[1]{{\color{Gray}#1}} 16 | \newcommand{\purple}[1]{{\color{Purple}#1}} 17 | 18 | %%%%%%%%%%%%%%%%%%%%%%% 19 | % Document Management % 20 | %%%%%%%%%%%%%%%%%%%%%%% 21 | 22 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 23 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 24 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 25 | -------------------------------------------------------------------------------- /axiomatic/nedit-all.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | NEDIT_FILES=$(find theories \( -name *.thy -or -name *.ML \) -type f) 3 | 4 | # Open all .thy and .ML files inside the theories directory tree. 5 | nedit $NEDIT_FILES 6 | -------------------------------------------------------------------------------- /axiomatic/theories/core/uattrib.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: uattrib.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Theorem Attributes\ 10 | 11 | theory uattrib 12 | imports "../utils/Named_Attrib" 13 | begin 14 | 15 | subsection \Named Theorems\ 16 | 17 | \ \Commented out partly for compatibility with Isabelle/UTP.\ 18 | 19 | named_theorems typing "typing theorems" 20 | named_theorems vars "variable theorems" 21 | named_theorems alphas "alphabet theorems" 22 | (* named_theorems unrest "unrestriction laws" *) 23 | (* named_theorems closure "closure theorems" *) 24 | named_theorems refine "refinement laws" 25 | 26 | subsection \Attribute Structures\ 27 | 28 | \ \Commented out partly for compatibility with Isabelle/UTP.\ 29 | 30 | ML \ 31 | structure typing = Named_Attrib(val name = @{named_theorems typing}); 32 | structure vars = Named_Attrib(val name = @{named_theorems vars}); 33 | structure alphas = Named_Attrib(val name = @{named_theorems alphas}); 34 | (* structure unrest = Named_Attrib(val name = @{named_theorems unrest}); *) 35 | (* structure closure = Named_Attrib(val name = @{named_theorems closure}); *) 36 | structure refine = Named_Attrib(val name = @{named_theorems refine}); 37 | \ 38 | 39 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/uconsts.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: uconst.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Polymorphic Constants\ 10 | 11 | theory uconsts 12 | imports "../ucommon" 13 | begin 14 | 15 | text \We are going to use the converse symbol for undashing.\ 16 | 17 | no_notation 18 | converse ("(_\)" [1000] 999) 19 | 20 | subsection \Constants for Ad-hoc Overloading\ 21 | 22 | text \The following constants are used for \textit{ad hoc} overloading.\ 23 | 24 | consts 25 | UNDASHED :: "'a set" 26 | DASHED :: "'a set" 27 | dash :: "'a \ 'a" ("_\" [1000] 1000) 28 | undash :: "'a \ 'a" ("_\" [1000] 1000) 29 | subscr :: "'a \ string \ 'a" ("_\<^bsub>_\<^esub>" [1000, 0] 1000) 30 | 31 | subsection \Derived Definitions\ 32 | 33 | abbreviation NON_REL_VAR :: "'a set" where 34 | "NON_REL_VAR \ -(UNDASHED \ DASHED)" 35 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/udefaults.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: udefault.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Default Injections\ 10 | 11 | theory udefaults 12 | imports uval 13 | begin 14 | inject_type unit 15 | inject_type bool 16 | inject_type nat 17 | inject_type int 18 | inject_type char 19 | inject_type real 20 | inject_type "fun" 21 | inject_type set 22 | inject_type list 23 | inject_type prod 24 | inject_type sum 25 | inject_type option 26 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/unrest.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: unrest.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Unrestriction\ 10 | 11 | theory unrest 12 | imports upred 13 | begin 14 | 15 | subsection \Definition\ 16 | 17 | lift_definition unrest :: "uvar set \ upred \ bool" (infix "\" 50) 18 | is "\vs bs. \b1\bs. \b2. b1 \\<^sub>s b2 on vs \ bs" 19 | done 20 | 21 | subsection \Theorems\ 22 | 23 | theorem TrueP_unrest (*[unrest]*): 24 | "v \ TrueP" 25 | apply (transfer) 26 | apply (simp) 27 | done 28 | 29 | theorem FalseP_unrest (*[unrest]*): 30 | "v \ FalseP" 31 | apply (transfer) 32 | apply (simp) 33 | done 34 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/unrest_sf.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: unrest_sf.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Unrestriction\ 10 | 11 | theory unrest_sf 12 | imports uvar ustate 13 | begin 14 | 15 | default_sort type 16 | 17 | subsection \Definition of Unrestriction\ 18 | 19 | definition unrest_sf :: "uvar set \ (ustate \ 'a) \ bool" where 20 | "unrest_sf vs f = (\v\vs. \s x. f s(v :=\<^sub>u x)\<^sub>s = f s)" 21 | 22 | subsection \Theorems\ 23 | 24 | theorem unrest_sf_empty: 25 | "unrest_sf {} f" 26 | apply (unfold unrest_sf_def) 27 | apply (clarsimp) 28 | done 29 | 30 | theorem unrest_sf_subset: 31 | "vs1 \ vs2 \ unrest_sf vs2 f \ unrest_sf vs1 f" 32 | apply (unfold unrest_sf_def) 33 | apply (blast) 34 | done 35 | 36 | theorem unrest_sf_const: 37 | "unrest_sf vs (\_. c)" 38 | apply (unfold unrest_sf_def) 39 | apply (clarsimp) 40 | done 41 | 42 | theorem unrest_sf_uvar: 43 | "unrest_sf (vs - {v}) (\s. f s\v)" 44 | apply (unfold unrest_sf_def) 45 | apply (transfer) 46 | apply (clarsimp) 47 | done 48 | 49 | theorem unrest_sf_var: 50 | "unrest_sf (vs - {v\}) (\s. f s\v)" 51 | apply (unfold unrest_sf_def) 52 | apply (transfer) 53 | apply (clarsimp) 54 | done 55 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/urel.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: urel.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Relational Predicates\ 10 | 11 | theory urel 12 | imports upred ulift 13 | begin 14 | 15 | subsection \Operators\ 16 | 17 | subsubsection \Skip\ 18 | 19 | definition SkipP :: "upred" where 20 | "SkipP = LiftP (\b. \v\UNDASHED. b\v = b\(v\))" 21 | 22 | notation SkipP ("II\<^sub>p") 23 | 24 | subsubsection \Composition\ 25 | 26 | text \\fixme{Give an algebraic definition once substitution is mechanised.}\ 27 | 28 | lift_definition SemiP :: "upred \ upred \ upred" 29 | is "(\bs1 bs2. 30 | {b::ustate. \b1\bs1. \b2\bs2. 31 | (b \\<^sub>b b1 on UNDASHED \ NON_REL_VAR) \ 32 | (b \\<^sub>b b2 on DASHED \ NON_REL_VAR) \ 33 | (\v\UNDASHED. b1\(v\) = b2\v)})" 34 | done 35 | 36 | notation SemiP (infixl ";\<^sub>p" 100) 37 | 38 | subsection \Proof Support\ 39 | 40 | declare SkipP_def [evalp] 41 | 42 | subsection \Experiments\ 43 | 44 | text \\todo{Automate imposing @{class injectable} on free types!}\ 45 | 46 | theorem "II\<^sub>p \\<^sub>p (x = @(c::nat))\<^sub>p \\<^sub>p (x' = @(c))\<^sub>p" 47 | apply (upred_tac) 48 | apply (unfold ustate_app_poly_def) 49 | apply (simp add: vars) 50 | done 51 | end -------------------------------------------------------------------------------- /axiomatic/theories/core/uvar.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: uvar.ML *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 2 December 2014 *) 8 | 9 | (* Var Utilities *) 10 | 11 | signature VAR_UTILS = 12 | sig 13 | val mk_MkPVar : Proof.context -> string -> typ -> term 14 | end; 15 | 16 | structure Var_Utils : VAR_UTILS = 17 | struct 18 | fun mk_type_of_term ctx term = 19 | let val typ = type_of term in 20 | (Term_Utils.inst_const ctx 21 | (@{const_name type_of_term}, [typ]) $ term) 22 | end; 23 | 24 | fun mk_MkPVar ctx name typ = 25 | (Term_Utils.inst_const ctx (@{const_name MkPVar}, [typ])) 26 | $ (Name_Parser.uname_tr [Free (name, typ)]) 27 | $ (mk_type_of_term ctx (Free (name, typ))); 28 | end; 29 | 30 | (* Var Rewriter *) 31 | 32 | signature VAR_REWRITER = 33 | sig 34 | val MkPVar_type_of_term_elim : term -> term 35 | val remove_hidden_vars_tr : Proof.context -> term list -> term list 36 | end; 37 | 38 | structure Var_Rewriter : VAR_REWRITER = 39 | struct 40 | fun MkPVar_type_of_term_elim term = 41 | (case term of 42 | (Const (@{const_name MkPVar}, t) $ name $ type_of_term) => 43 | (Const (@{const_name MkPVar}, t) $ name $ 44 | Logic.mk_type (Type_Utils.dest_itselfT (type_of type_of_term))) 45 | | _ => raise Match); 46 | 47 | fun remove_hidden_vars_tr ctx terms = 48 | if (Config.get ctx remove_hidden_vars) then 49 | (map (Term_Utils.map_top_down MkPVar_type_of_term_elim) terms) 50 | else terms; 51 | end; -------------------------------------------------------------------------------- /axiomatic/theories/document.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: document.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 16 Jan 2016 *) 8 | 9 | section \Document Configuration\ 10 | 11 | theory document 12 | imports Pure 13 | (* "~~/src/HOL/Library/LaTeXsugar" *) 14 | (* "~~/src/HOL/Library/OptionalSugar" *) 15 | begin 16 | (* no_notation (latex) 17 | Cons ("_ \/ _" [66,65] 65) *) 18 | 19 | (* no_translations 20 | "xs" \ "CONST set xs" *) 21 | end -------------------------------------------------------------------------------- /axiomatic/theories/meta/ucore.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: ucore.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Core Theories (Original)\ 10 | 11 | theory ucore 12 | imports 13 | "../ucommon" 14 | "../core/uattrib" 15 | "../core/uconsts" 16 | "../core/uname" 17 | "../core/utype" 18 | "../core/uval" 19 | "../core/uref" 20 | "../core/uvar" 21 | "../core/ustate" 22 | "../core/ulens" 23 | "../core/unrest" 24 | "../core/upred" 25 | "../core/ulift" 26 | "../core/urel" 27 | "../core/uparser" 28 | "../core/udefaults" 29 | begin 30 | end 31 | -------------------------------------------------------------------------------- /axiomatic/theories/meta/umodel.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: umodel.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Axiomatic Model\ 10 | 11 | theory umodel 12 | imports 13 | "../ucommon" 14 | "../core/uattrib" 15 | "../core/uconsts" 16 | "../core/uname" 17 | "../core/utype" 18 | "../core/uval" 19 | "../core/uvar" 20 | "../core/ustate" 21 | "../core/ustore" 22 | "../core/ulens" 23 | "../core/udefaults" 24 | begin 25 | end -------------------------------------------------------------------------------- /axiomatic/theories/meta/uranked.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: uranked.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Core Theories (Hierarchy)\ 10 | 11 | theory uranked 12 | imports 13 | "../core/uattrib" 14 | "../core/uconsts" 15 | "../core/uname" 16 | "../core/utype" 17 | "../hierarchy/ranks" 18 | "../hierarchy/hval" 19 | "../core/uvar" 20 | begin 21 | end -------------------------------------------------------------------------------- /axiomatic/theories/meta/usystem.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: usystem.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \System Theories\ 10 | 11 | theory usystem 12 | imports ucore 13 | "../core/udefaults" 14 | "../theories/utheory" 15 | "../theories/designs" 16 | "../theories/thiago" 17 | (* "../theories/ptsc" *) 18 | begin 19 | end -------------------------------------------------------------------------------- /axiomatic/theories/theories/designs.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: designs.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Theory of Designs\ 10 | 11 | theory designs 12 | imports utheory 13 | begin 14 | 15 | subsection \Type Injections\ 16 | 17 | inject_type bool 18 | 19 | subsection \Theory Variables\ 20 | 21 | declare_uvar ok :: "bool" 22 | 23 | subsection \Operators\ 24 | 25 | definition design :: "upred \ upred \ upred" (infix "\\<^sub>p" 90) where 26 | "P \\<^sub>p Q = `ok \ {P} \ ok' \ {Q}`" 27 | 28 | declare design_def [evalp] 29 | 30 | subsection \Parser Extensions\ 31 | 32 | syntax "_udesign" :: "uterm \ uterm \ uterm" (infix "\" 90) 33 | 34 | translations "_udesign P Q" \ "P \\<^sub>p Q" 35 | 36 | subsection \Healthiness Conditions\ 37 | 38 | definition H1 :: "hcond" where 39 | "H1 P = `ok \ {P}`" 40 | 41 | declare H1_def [evalp] 42 | 43 | subsection \Theorems\ 44 | 45 | theorem design_H1 : 46 | "P \\<^sub>p Q is H1" 47 | apply (unfold evalp) 48 | apply (auto) 49 | done 50 | end -------------------------------------------------------------------------------- /axiomatic/theories/theories/thiago.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: thiago.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \A Modular Theory of Object Orientation\ 10 | 11 | theory thiago 12 | imports utheory designs thiago_prel 13 | begin 14 | 15 | subsection \Theory Types\ 16 | 17 | datatype cname = Object | Class "string" 18 | datatype aname = Attr "string" 19 | datatype prim = int | bool 20 | datatype atype = PType "prim" | CType "cname" 21 | 22 | subsection \Refinement Orders\ 23 | 24 | flat_order cname 25 | flat_order aname 26 | flat_order prim 27 | flat_order atype 28 | 29 | subsection \Type Injections\ 30 | 31 | inject_type cname 32 | inject_type aname 33 | inject_type prim 34 | inject_type atype 35 | 36 | subsection \Theory Variables\ 37 | 38 | declare_uvar cls :: "cname set" 39 | declare_uvar sc :: "(cname, cname) rel" 40 | declare_uvar atts :: "(cname, (aname, atype) rel) rel" 41 | 42 | subsection \Utility Definitions\ 43 | 44 | definition prim :: "atype set" where 45 | "prim \ range PType" 46 | 47 | subsection \Healthiness Conditions\ 48 | 49 | definition OO1 :: "upred" where 50 | "OO1 = (Object \ cls)\<^sub>p" 51 | 52 | definition OO2 :: "upred" where 53 | "OO2 = (dom sc = (cls - {Object}))\<^sub>p" 54 | 55 | definition OO3 :: "upred" where 56 | "OO3 = (\ C \ dom sc . (C, Object) \ sc\<^sup>+)\<^sub>p" 57 | 58 | definition OO4 :: "upred" where 59 | "OO4 = (dom atts = cls)\<^sub>p" 60 | 61 | definition OO5 :: "upred" where 62 | "OO5 = (\ C1 \ dom atts . 63 | \ C2 \ dom atts . C1 \ C2 | 64 | dom (atts\C1) \ dom (atts\C2) = {})\<^sub>p" 65 | 66 | definition OO6 :: "upred" where 67 | "OO6 = (ran (\ (ran atts)) \ prim \ (CType ` cls))\<^sub>p" 68 | 69 | subsection \Proof Experiments\ 70 | 71 | theorem "`{OO1} \ cls \ {}`" 72 | apply (unfold OO1_def) 73 | apply (unfold evalp simp_thms) 74 | apply (subst ustate_transfer) 75 | apply (auto) 76 | done 77 | end -------------------------------------------------------------------------------- /axiomatic/theories/theories/thiago_prel.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: thiago_prel.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Relational Extras\ 10 | 11 | theory thiago_prel 12 | imports "../ucommon" 13 | begin 14 | 15 | hide_type Relation.rel 16 | 17 | subsection \Notation\ 18 | 19 | notation Domain ("dom") 20 | notation Range ("ran") 21 | 22 | subsection \Type Synonym\ 23 | 24 | type_synonym ('a, 'b) rel = "('a \ 'b) set" 25 | 26 | translations (type) "('a, 'b) rel" \ (type) "('a \ 'b) set" 27 | 28 | subsection \Relational Application\ 29 | 30 | definition rel_app :: "('a, 'b) rel \ 'a \ 'b" where 31 | "rel_app r x = (THE y. (x, y) \ r)" 32 | 33 | notation rel_app ("(_\/_)" [101, 101] 100) 34 | end -------------------------------------------------------------------------------- /axiomatic/theories/theories/utheory.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: utheory.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \UTP Theories\ 10 | 11 | theory utheory 12 | imports "../meta/ucore" 13 | begin 14 | 15 | subsection \Healthiness Functions\ 16 | 17 | subsubsection \Type Synonym\ 18 | 19 | type_synonym hcond = "upred \ upred" 20 | 21 | subsubsection \Healthiness Property\ 22 | 23 | definition is_healthy :: "upred \ hcond \ bool" (infix "is" 50) where 24 | "p is H \ H p = p" 25 | 26 | declare is_healthy_def [evalp] 27 | 28 | end -------------------------------------------------------------------------------- /axiomatic/theories/uimports.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: uimports.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Imported Theories\ 10 | 11 | theory uimports 12 | imports Main HOL.Real 13 | "HOL-Library.Adhoc_Overloading" 14 | "HOL-Eisbach.Eisbach" 15 | "HOL-Library.Countable" 16 | "HOL-Library.Char_ord" 17 | "HOL-Library.Option_ord" 18 | "HOL-Library.FSet" 19 | "HOL-Library.Infinite_Set" 20 | (* "~~/src/HOL/Cardinals/Bounded_Set" *) 21 | begin 22 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Named_Attrib.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Named_Attrib.ML *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 16 Jan 2016 *) 8 | 9 | (* Attribute Structure *) 10 | 11 | signature NAMED_ATTRIB = 12 | sig 13 | val get : Proof.context -> thm list; 14 | val add : attribute; 15 | val del : attribute; 16 | end; 17 | 18 | (* Instantiation Functor *) 19 | 20 | functor Named_Attrib(val name : string) : NAMED_ATTRIB = 21 | struct 22 | val get = (fn ctx => Named_Theorems.get ctx name); 23 | val add = Named_Theorems.add name; 24 | val del = Named_Theorems.del name; 25 | end; -------------------------------------------------------------------------------- /axiomatic/theories/utils/Named_Attrib.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Named_Attrib.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Attribute Structure\ 10 | 11 | theory Named_Attrib 12 | imports Pure 13 | begin 14 | 15 | ML_file "Named_Attrib.ML" 16 | 17 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Normalise.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Normalise.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Normalisation\ 10 | 11 | theory Normalise 12 | imports Main 13 | "HOL-Eisbach.Eisbach" 14 | begin 15 | 16 | subsection \Theorem Attribute\ 17 | 18 | text \Theorems and tactic used for normalisation.\ 19 | 20 | named_theorems normalise "normalisation theorems" 21 | 22 | subsection \Normalisation Tactic\ 23 | 24 | method normalise = (simp add: normalise) 25 | 26 | subsection \Type Class @{text normalise}\ 27 | 28 | text \ 29 | Instantiation of the class @{text normalise} signals that normalisation can 30 | be performed on constructions that involve the underlying type. For now, we 31 | only consider chains of function updates. Importantly, the type must provide 32 | a linear order to ensure that normalisation does not loop. 33 | \ 34 | 35 | class normalise = linorder 36 | begin 37 | theorem fun_upd_normalise [normalise]: 38 | fixes x :: "'a" 39 | fixes y :: "'a" 40 | shows "x < y \ f(y := a, x := b) = f(x := b, y := a)" 41 | by (simp add: fun_upd_twist) 42 | end 43 | 44 | text \ 45 | The tactic below is not very efficient as using backtracking. In practice, 46 | it is slightly quicker to use plain simplification instead of substitution. 47 | Both approaches, however, suffer from the same drawback that dead ends may 48 | need to be explored. A better solution would implement some form of guarded 49 | rewriting. 50 | \ 51 | 52 | method fun_upd_normalise_tac = 53 | (subst fun_upd_normalise, (simp; fail))+ 54 | 55 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Strings.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Strings.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \String Literals\ 10 | 11 | theory Strings 12 | imports Normalise 13 | "HOL-Library.Countable" 14 | "HOL-Library.Char_ord" 15 | "Z_Toolkit.Infinity" 16 | begin 17 | 18 | subsection \Type Synonyms\ 19 | 20 | type_synonym string_t = "String.literal" 21 | 22 | translations (type) "string" \ (type) "char list" 23 | translations (type) "string_t" \ (type) "String.literal" 24 | 25 | subsection \Instantiations\ 26 | 27 | subsubsection \Countability\ 28 | 29 | text \@{type "String.literal"} already instantiates @{class countable}.\ 30 | 31 | subsubsection \Infinity\ 32 | 33 | instance String.literal :: infinite 34 | apply (intro_classes) 35 | apply (rule String.infinite_literal) 36 | done 37 | 38 | subsubsection \Linear Order\ 39 | 40 | text \@{type "String.literal"} already instantiates @{class linorder}.\ 41 | 42 | subsubsection \Normalisation\ 43 | 44 | instance String.literal :: normalise by (intro_classes) 45 | 46 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Sum_Order.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Sum_Order.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Sum Type Order\ 10 | 11 | theory Sum_Order 12 | imports Main 13 | begin 14 | 15 | subsection \Instantiation of @{class ord}\ 16 | 17 | instantiation sum :: (ord, ord) ord 18 | begin 19 | fun less_eq_sum :: "'a + 'b \ 'a + 'b \ bool" where 20 | "less_eq_sum (Inl x) (Inl y) \ x \ y" | 21 | "less_eq_sum (Inr x) (Inr y) \ x \ y" | 22 | "less_eq_sum (Inl x) (Inr y) \ False" | 23 | "less_eq_sum (Inr x) (Inl y) \ False" 24 | 25 | definition less_sum :: "'a + 'b \ 'a + 'b \ bool" where 26 | "less_sum x y \ (x \ y) \ x \ y" 27 | instance by (intro_classes) 28 | end 29 | 30 | subsection \Instantiation of @{class order}\ 31 | 32 | instantiation sum :: (order, order) order 33 | begin 34 | theorem less_le_not_le_sum : 35 | fixes x :: "'a + 'b" 36 | fixes y :: "'a + 'b" 37 | shows "(x < y) = (x \ y \ \ y \ x)" 38 | apply (unfold less_sum_def) 39 | apply (induct x; induct y) 40 | apply (auto) 41 | done 42 | 43 | theorem order_refl_sum : 44 | fixes x :: "'a + 'b" 45 | shows "x \ x" 46 | apply (induct x) 47 | apply (auto) 48 | done 49 | 50 | theorem order_trans_sum : 51 | fixes x :: "'a + 'b" 52 | fixes y :: "'a + 'b" 53 | fixes z :: "'a + 'b" 54 | shows "x \ y \ y \ z \ x \ z" 55 | apply (atomize (full)) 56 | apply (induct x; induct y; induct z) 57 | apply (auto) 58 | done 59 | 60 | theorem antisym_sum : 61 | fixes x :: "'a + 'b" 62 | fixes y :: "'a + 'b" 63 | shows "x \ y \ y \ x \ x = y" 64 | apply (atomize (full)) 65 | apply (induct x; induct y) 66 | apply (auto) 67 | done 68 | 69 | instance 70 | apply (intro_classes) 71 | apply (metis less_le_not_le_sum) 72 | apply (metis order_refl_sum) 73 | apply (metis order_trans_sum) 74 | apply (metis antisym_sum) 75 | done 76 | end 77 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Transfer_Plus.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Transfer_Plus.ML *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 19 Jan 2016 *) 8 | 9 | (* Unfolding Transfer *) 10 | 11 | signature TRANSFER_PLUS = 12 | sig 13 | val transfer_unfold_tac : Proof.context -> tactic 14 | val unfolding_transfer_method : 15 | bool -> (Proof.context -> Proof.method) context_parser 16 | end; 17 | 18 | structure Transfer_Plus : TRANSFER_PLUS = 19 | struct 20 | open Transfer; 21 | 22 | fun transfer_unfold_tac ctx = 23 | Local_Defs.unfold_tac ctx 24 | (Named_Theorems.get ctx @{named_theorems transfer_unfold}); 25 | 26 | local 27 | val free = Args.context -- Args.term >> (fn (_, Free v) => v | (ctxt, t) => 28 | error ("Bad free variable: " ^ Syntax.string_of_term ctxt t)) 29 | 30 | val fixing = Scan.optional (Scan.lift (Args.$$$ "fixing" -- Args.colon) 31 | |-- Scan.repeat free) [] 32 | in 33 | fun unfolding_transfer_method equiv : 34 | (Proof.context -> Proof.method) context_parser = 35 | fixing >> (fn vs => fn ctxt => 36 | SIMPLE_METHOD' (K (TRY (transfer_unfold_tac ctxt)) THEN' 37 | (gen_frees_tac vs ctxt THEN' transfer_tac equiv ctxt))) 38 | end; 39 | end; -------------------------------------------------------------------------------- /axiomatic/theories/utils/Transfer_Plus.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Transfer_Plus.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Unfolding Transfer\ 10 | 11 | theory Transfer_Plus 12 | imports HOL.Transfer 13 | begin 14 | 15 | text \ 16 | This theory makes a slight improvement to Isabelle/HOL's transfer tactics. 17 | Below, we declare a theorem attribute @{text transfer_unfold} in which the 18 | user may collection theorems that are automatically used in rewriting prior 19 | to execution of the transfer tactics @{text transfer} and @{text transfer'}. 20 | \ 21 | 22 | named_theorems transfer_unfold "theorems to unfold before transfer" 23 | 24 | text \ 25 | ML code that provides the improved transfer tactic. Unfortunately, as the 26 | Isabelle/HOL transfer tool does not expose the proof method for transfer, 27 | a small amount of code had to be copied and duplicated here. This code is 28 | unlikely to change though in future versions of Isabelle/HOL. Maybe get in 29 | touch with the developers and ask if @{text Transfer.transfer_method} could 30 | be exposed in the signature @{text Transfer} in future versions if Isabelle. 31 | \ 32 | 33 | ML_file "Transfer_Plus.ML" 34 | 35 | text \ 36 | We next override the existing tactics @{text transfer} and @{text transfer'} 37 | to use our improved method. This completes the implementation. 38 | \ 39 | 40 | setup \ 41 | Method.setup @{binding transfer} 42 | (Transfer_Plus.unfolding_transfer_method true) 43 | "generic theorem transfer method with unfolding" 44 | \ 45 | 46 | setup \ 47 | Method.setup @{binding transfer'} 48 | (Transfer_Plus.unfolding_transfer_method false) 49 | "generic theorem transfer method with unfolding" 50 | \ 51 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Typedef_extra.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: Transfer_extra.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Typedef Extras\ 10 | 11 | theory Typedef_extra 12 | imports Main 13 | begin 14 | 15 | subsection \Transfer Laws\ 16 | 17 | text \ 18 | We extend Isabelle's @{text type_definition} locale here with transfer laws 19 | for existential, universal and meta quantifiers. These laws can be used with 20 | plain rewriting via @{method simp}, hence do not require the full-blown use 21 | of the transfer package. Note that we have to instantiate them manually for 22 | particular type definitions, an example is at the bottom of the theory. 23 | \ 24 | 25 | context type_definition 26 | begin 27 | lemma meta_transfer: 28 | "(\y::'b. PROP P y) \ (\x::'a. x \ A \ PROP P (Abs x))" 29 | apply (rule) 30 | \ \Subgoal 1\ 31 | apply (drule_tac x = "Abs x" in meta_spec) 32 | apply (assumption) 33 | \ \Subgoal 2\ 34 | apply (drule_tac x = "Rep y" in meta_spec) 35 | apply (simp add: Rep) 36 | apply (simp add: Rep_inverse) 37 | done 38 | 39 | lemma forall_transfer: 40 | "(\y::'b. P y) = (\(x::'a)\A. P (Abs x))" 41 | apply (safe) 42 | \ \Subgoal 1\ 43 | apply (drule_tac x = "Abs x" in spec) 44 | apply (assumption) 45 | \ \Subgoal 2\ 46 | apply (drule_tac x = "Rep y" in bspec) 47 | apply (simp add: Rep) 48 | apply (simp add: Rep_inverse) 49 | done 50 | 51 | lemma exists_transfer: 52 | "(\y::'b. P y) = (\(x::'a)\A. P (Abs x))" 53 | apply (safe) 54 | \ \Subgoal 1\ 55 | apply (rule_tac x = "Rep y" in bexI) 56 | apply (simp add: Rep_inverse) 57 | apply (simp add: Rep) 58 | \ \Subgoal 2\ 59 | apply (rule_tac x = "Abs x" in exI) 60 | apply (assumption) 61 | done 62 | 63 | lemmas transfer = 64 | meta_transfer 65 | forall_transfer 66 | exists_transfer 67 | end 68 | 69 | text \An example of an instantiation i.e.~for the product type would be.\ 70 | 71 | lemmas list_transfer = 72 | type_definition.transfer [OF Product_Type.type_definition_prod] 73 | 74 | hide_fact list_transfer 75 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/Typerep_Collect.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Typerep_Collect.ML *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 16 Jan 2016 *) 8 | 9 | (* Utility to automatically collect typerep theorems in an attribute. *) 10 | 11 | signature TYPEREP_COLLECT = 12 | sig 13 | val get_typerep_def : theory -> string -> thm 14 | val collect_typerep_thm : string -> theory -> theory 15 | end; 16 | 17 | structure Typerep_Collect : TYPEREP_COLLECT = 18 | struct 19 | val typing_add = Named_Theorems.add @{named_theorems "typing"}; 20 | 21 | fun get_typerep_def thy ty_name = 22 | Global_Theory.get_thm thy ( 23 | (* FIXME: The condition below is a hack. Fix this properly! *) 24 | if ty_name = "literal" then 25 | "String.typerep_literal_def" 26 | else "typerep_" ^ ty_name ^ "_def"); 27 | 28 | fun collect_typerep_thm tyco thy = 29 | let val ty_name = Binding.name_of (Binding.qualified_name tyco); 30 | val typerep_def = get_typerep_def thy ty_name; 31 | in 32 | snd (Global_Theory.note_thmss "" 33 | [((Binding.empty, [typing_add]), [([typerep_def], [])])] thy) 34 | end 35 | handle ERROR _ => (Output.warning 36 | ("Failed to collect typerep theorem for type " ^ tyco); thy); 37 | end; 38 | -------------------------------------------------------------------------------- /axiomatic/theories/utils/Typerep_ind.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: Typerep_ind.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Typerep of @{text Nat.ind}\ 10 | 11 | theory Typerep_ind 12 | imports Main 13 | begin 14 | 15 | text \ 16 | By default, Isabelle/HOL does not instantiate class @{class typerep} for the 17 | @{type ind} type. We do so in this theory. 18 | \ 19 | 20 | instantiation ind :: typerep 21 | begin 22 | definition typerep_ind :: "ind itself \ typerep" where 23 | "typerep_ind t = Typerep.Typerep (STR ''Nat.ind'') []" 24 | instance by (intro_classes) 25 | end 26 | end -------------------------------------------------------------------------------- /axiomatic/theories/utils/flat_orders.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: flat_orders.ML *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 16 Jan 2016 *) 8 | 9 | (* Signature: FLAT_ORDER *) 10 | 11 | signature FALT_ORDER = 12 | sig 13 | val flat_order_tac : Proof.context -> tactic 14 | val flat_order : xstring -> theory -> theory 15 | end; 16 | 17 | (* Structure: Flat_Order *) 18 | 19 | structure Flat_Order : FALT_ORDER = 20 | struct 21 | val simp_attr = @{attributes [simp]}; 22 | 23 | fun full_type_name ctx typ = (#1 o dest_Type) 24 | (Proof_Context.read_type_name {proper = true, strict = false} ctx typ); 25 | 26 | fun mk_less_eq_def typ = 27 | HOLogic.mk_Trueprop (HOLogic.mk_eq ( 28 | Const (@{const_name "less_eq"}, typ --> typ --> HOLogic.boolT), 29 | Const (@{const_name "HOL.eq"}, typ --> typ --> HOLogic.boolT))); 30 | 31 | fun mk_less_def typ = 32 | HOLogic.mk_Trueprop (HOLogic.mk_eq ( 33 | Const (@{const_name "less"}, typ --> typ --> HOLogic.boolT), 34 | Abs ("uu_", typ, Abs ("uu_", typ, @{term False})))); 35 | 36 | fun flat_order_tac ctx = 37 | (Class.intro_classes_tac ctx []) THEN ALLGOALS (asm_full_simp_tac ctx); 38 | 39 | fun flat_order typ thy = 40 | let val tyco = full_type_name (Proof_Context.init_global thy) typ; 41 | val sorts = replicate (Sign.arity_number thy tyco) @{sort type}; 42 | val vs = Name.invent_names Name.context "'a" sorts; 43 | val typ_inst = Type (tyco, map TFree vs); 44 | val less_eq_def = mk_less_eq_def typ_inst; 45 | val less_def = mk_less_def typ_inst; 46 | in 47 | if (Sign.of_sort thy (typ_inst, @{sort ord})) then 48 | error ("Type \"" ^ typ ^ "\" already instantiates class ord.") 49 | else (thy 50 | |> Class.instantiation ([tyco], vs, @{sort "ord"}) 51 | |> Specification.definition NONE [] [] (Binding.empty_atts, less_eq_def) 52 | |> (fn ((_, (_, thm)), lthy) => 53 | snd (Local_Theory.note ((Binding.empty, simp_attr), [thm]) lthy)) 54 | |> Specification.definition NONE [] [] (Binding.empty_atts, less_def) 55 | |> (fn ((_, (_, thm)), lthy) => 56 | snd (Local_Theory.note ((Binding.empty, simp_attr), [thm]) lthy)) 57 | |> Class.prove_instantiation_exit 58 | (fn ctx => Class.intro_classes_tac ctx []) 59 | |> Class.instantiation ([tyco], vs, @{sort "order"}) 60 | |> Class.prove_instantiation_exit (flat_order_tac)) 61 | end; 62 | end; -------------------------------------------------------------------------------- /axiomatic/theories/utils/flat_orders.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: flat_orders.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@gmail.com and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 09 Jun 2022 *) 8 | 9 | section \Flat Orders\ 10 | 11 | theory flat_orders 12 | imports Main 13 | keywords "flat_order" :: thy_decl 14 | begin 15 | 16 | text \This theory adds a command to instantiate a flat order on a type.\ 17 | 18 | subsection \Command @{command flat_order}\ 19 | 20 | ML_file "flat_orders.ML" 21 | 22 | text \The following configures the @{command flat_order} command.\ 23 | 24 | ML \ 25 | Outer_Syntax.command @{command_keyword flat_order} "instantiate flat order" 26 | (Parse.type_const >> (Toplevel.theory o Flat_Order.flat_order)); 27 | \ 28 | 29 | end -------------------------------------------------------------------------------- /bin/build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Guess name of Isabelle/UTP home directory unless already set. 3 | ISABELLE=${ISABELLE:-isabelle} 4 | ISABELLE_UTP=${ISABELLE_UTP:-$(readlink -f $(dirname $0))/..} 5 | 6 | # Directory for scripts and binary executables. 7 | BIN_DIR=$ISABELLE_UTP/bin 8 | 9 | # Check for Isabelle/UTP dependencies 10 | bash "$BIN_DIR/utp_deps.sh" 11 | 12 | ROOT=$ISABELLE_UTP 13 | 14 | # Build all heap images of Isabelle/UTP 15 | 16 | printf "\nBuilding Isabelle/UTP sessions... \n\n" 17 | 18 | dirs=( "toolkit" "utp" "theories/kleene" "theories/designs" "theories/reactive" "theories/rea_designs" "theories/sf_rdes" "theories/circus" "tutorial" ) 19 | heaps=( "UTP-Toolkit" "UTP" "UTP-KAT" "UTP-Designs" "UTP-Reactive" "UTP-Reactive-Designs" "UTP-Stateful-Failures" "UTP-Circus" "UTP-Tutorial" ) 20 | 21 | for ((i=0;i<${#heaps[@]};++i)); 22 | do 23 | eval $ISABELLE build -d $ROOT -b "${heaps[i]}" || break 24 | if [ -f "$ISABELLE_UTP/${dirs[i]}/output/document.pdf" ]; then 25 | echo "Installing ${heaps[i]} documentation to doc/${heaps[i]}.pdf..." 26 | cp "$ISABELLE_UTP/${dirs[i]}/output/document.pdf" "$ISABELLE_UTP/doc/${heaps[i]}.pdf" 27 | fi 28 | 29 | done 30 | -------------------------------------------------------------------------------- /bin/clean.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Guess name of Isabelle/UTP home directory unless already set. 3 | ISABELLE_UTP=${ISABELLE_UTP:-$(readlink -f $(dirname $0))/..} 4 | 5 | # Directory for scripts and binary executables. 6 | BIN_DIR=$ISABELLE_UTP/bin 7 | 8 | # Remove AFP entry downloads 9 | $BIN_DIR/afp_get.sh -d Kleene_Algebra 10 | $BIN_DIR/afp_get.sh -d Ordinary_Differential_Equations 11 | 12 | # Clean up document output directories 13 | rm -rf $ISABELLE_UTP/axiomatic/output 14 | rm -rf $ISABELLE_UTP/axiomatic/hierarchy/output 15 | rm -rf $ISABELLE_UTP/dynamics/output 16 | rm -rf $ISABELLE_UTP/fmi/output 17 | rm -rf $ISABELLE_UTP/hybrid/output 18 | rm -rf $ISABELLE_UTP/optics/output 19 | rm -rf $ISABELLE_UTP/tutorial/output 20 | rm -rf $ISABELLE_UTP/utils/output 21 | rm -rf $ISABELLE_UTP/utp/output 22 | -------------------------------------------------------------------------------- /bin/nedit-all.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | # Guess name of Isabelle/UTP home directory unless already set. 3 | ISABELLE_UTP=${ISABELLE_UTP:-$(readlink -f $(dirname $0))/..} 4 | 5 | # Folders in which to look for .thy and .ML files. 6 | LOOK_INSIDE="axiomatic continuum dynamics fmi fmi hybrid optics theories tutorial utils utp vdm-sl" 7 | 8 | # Find all .thy and .ML files inside the utp directory tree. 9 | NEDIT_FILES=$(find $ISABELLE_UTP/$LOOK_INSIDE \( -name *.thy -or -name *.ML \) -type f) 10 | 11 | # A poor-mans refactoring facility: use *Multiple Documents* Replace/Find. 12 | nedit $NEDIT_FILES 13 | -------------------------------------------------------------------------------- /bin/utp-jedit: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Guess name of Isabelle/UTP home directory unless already set. 3 | ISABELLE=${ISABELLE:-isabelle} 4 | ISABELLE_UTP=${ISABELLE_UTP:-$(readlink -f $(dirname $0))/..} 5 | CONTRIB_DIR=$ISABELLE_UTP/contrib 6 | BIN_DIR=$ISABELLE_UTP/bin 7 | 8 | # Default heap to be used if no argument(s) are provided. 9 | DEFAULT_HEAP="UTP" 10 | 11 | # Default heap to be used if no argument(s) are provided. 12 | HEAP=$DEFAULT_HEAP 13 | 14 | # Check for Isabelle/UTP dependencies 15 | bash "$BIN_DIR/utp_deps.sh" 16 | 17 | # The first argument given specifies the heap to load. 18 | if [ ! $# -eq 0 ] 19 | then 20 | HEAP=$1 21 | shift 1 # Other arguments are passed to the isabelle jedit. 22 | fi 23 | 24 | # Open jedit while setting the root directory and heap to load. 25 | eval $ISABELLE jedit -d $ISABELLE_UTP -d $CONTRIB_DIR -l $HEAP $@ 26 | -------------------------------------------------------------------------------- /bin/utp_deps.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Guess name of Isabelle/UTP home directory unless already set. 3 | ISABELLE_UTP=${ISABELLE_UTP:-$(readlink -f $(dirname $0))/..} 4 | 5 | # Directory for scripts and binary executables. 6 | BIN_DIR=$ISABELLE_UTP/bin 7 | CONTRIB_DIR=$ISABELLE_UTP/contrib 8 | 9 | printf "Checking and obtaining Isabelle/UTP AFP dependencies... \n\n" 10 | 11 | # Download required AFP entries 12 | while read in; do $BIN_DIR/afp_get.sh "$in" ; done < $CONTRIB_DIR/ROOTS 13 | -------------------------------------------------------------------------------- /calculi/utp_wprespec.thy: -------------------------------------------------------------------------------- 1 | section \ Weakest Prespecification \ 2 | 3 | theory utp_wprespec 4 | imports "UTP1.utp" 5 | begin 6 | 7 | definition wprespec :: "('b, 'c) urel \ ('a, 'c) urel \ ('a, 'b) urel" (infixr "\\" 70) where 8 | [upred_defs]: "wprespec K Y = (\ ((\ Y) ;; K\<^sup>-))" 9 | 10 | lemma wprespec_alt_def: "P \\ Q = (\ P ;; (\ Q\<^sup>-))\<^sup>-" 11 | by (rel_auto) 12 | 13 | theorem wprespec: "R \ P ;; Q \ Q \\ R \ P" 14 | by (rel_auto) 15 | 16 | lemma wprespec1: "R \ (Q \\ R) ;; Q" 17 | by (simp add: wprespec) 18 | 19 | lemma wprespec2: "Q \\ (P ;; Q) \ P" 20 | by (meson eq_iff wprespec) 21 | 22 | lemma wprespec3: "Q \\ R \ II \ R \ Q" 23 | by (metis seqr_left_unit wprespec) 24 | 25 | lemma wprespec4: "Q \\ Q \ II" 26 | by (simp add: wprespec3) 27 | 28 | lemma wprespec5 [wp]: "II \\ P = P" 29 | by (metis eq_iff seqr_right_unit wprespec1 wprespec2) 30 | 31 | lemma wprespec6 [wp]: "Q \\ (R \ S) = ((Q \\ R) \ (Q \\ S))" 32 | by (meson eq_iff utp_pred_laws.inf.bounded_iff wprespec) 33 | 34 | lemma wprespec6a [wp]: "Q \\ (\ n\A \ R(n)) = (\ n\A \ Q \\ R(n))" 35 | by (rel_auto) 36 | 37 | lemma wprespec7 [wp]: "(P \ Q) \\ R = ((P \\ R) \ (Q \\ R))" 38 | by (rel_auto) 39 | 40 | lemma wprespec7a [wp]: "(\ i\A \ P(i)) \\ R = (\ i\A \ P(i) \\ R)" 41 | by (rel_auto) 42 | 43 | lemma wprespec8 [wp]: "(P ;; Q) \\ R = P \\ Q \\ R" 44 | by (simp add: seqr_assoc wprespec_def) 45 | 46 | theorem wprespec9: "Q \\ R = \ {Y. R \ Y ;; Q}" (is "?lhs = ?rhs") 47 | proof (rule antisym) 48 | show "?lhs \ ?rhs" 49 | by (metis Sup_least mem_Collect_eq wprespec) 50 | show "?rhs \ ?lhs" 51 | by (simp add: Sup_upper wprespec1) 52 | qed 53 | 54 | theorem wprespec10: "\Q \\ R\\<^sub>e (s\<^sub>0, s) = (\ s'. \Q\\<^sub>e (s, s') \ \R\\<^sub>e (s\<^sub>0, s'))" 55 | by (rel_auto) 56 | 57 | lemma wprespec12: "Q\<^sup>- = ((\Q) \\ (\II))" 58 | by (rel_auto) 59 | 60 | lemma wprespec13: "- (Q \\ R) = (-R \\ -Q) \\ -II" 61 | by (rel_auto) 62 | 63 | lemma wprespec17 [wp]: "\\\\<^sub>a \\ R = R ;; (\\\\<^sub>a \\ II)" 64 | by (rel_auto) 65 | 66 | lemma wprespec17a [wp]: "\\\\<^sub>a \\ II = \\\\<^sub>a\<^sup>-" 67 | by (rel_auto) 68 | 69 | theorem wlp_as_wprespec: "P wlp b = \P \\ b\<^sup>>\\<^sub>>" 70 | by (rel_auto) 71 | 72 | end -------------------------------------------------------------------------------- /casestudies/Tokeneer/Tokeneer-UTP.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/casestudies/Tokeneer/Tokeneer-UTP.pdf -------------------------------------------------------------------------------- /casestudies/Tokeneer/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | 4 | % further packages required for unusual symbols (see also 5 | % isabellesym.sty), use only when needed 6 | 7 | \usepackage{amssymb} 8 | %for \, \, \, \, \, \, 9 | %\, \, \, \, \, 10 | %\, \, \ 11 | 12 | \usepackage[english]{babel} 13 | 14 | \usepackage{stmaryrd} 15 | 16 | %\usepackage{eurosym} 17 | %for \ 18 | 19 | %\usepackage[only,bigsqcap]{stmaryrd} 20 | %for \ 21 | 22 | %\usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | \newcommand{\isactrlU}{\textit{\textbf{U}}} 39 | 40 | \begin{document} 41 | 42 | \title{Tokeneer in Isabelle/UTP} 43 | \author{Simon Foster, Mario Gleirscher, and Yakoub Nemouchi} 44 | \maketitle 45 | 46 | \tableofcontents 47 | 48 | % sane default for proof documents 49 | \parindent 0pt\parskip 0.5ex 50 | 51 | % generated text of all theories 52 | \input{session} 53 | 54 | % optional bibliography 55 | %\bibliographystyle{abbrv} 56 | %\bibliography{root} 57 | 58 | \end{document} 59 | 60 | %%% Local Variables: 61 | %%% mode: latex 62 | %%% TeX-master: t 63 | %%% End: 64 | -------------------------------------------------------------------------------- /continuum/UNIV_TYPE.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP: Unifying Theories of Programming in Isabelle/HOL *) 3 | (* File: UNIV_TYPE.thy *) 4 | (* Author: Frank Zeyda, University of York (UK) *) 5 | (******************************************************************************) 6 | (* LAST REVIEWED: 27 March 2014 *) 7 | 8 | section \Type Universe\ 9 | 10 | theory UNIV_TYPE 11 | imports Main 12 | begin 13 | 14 | definition UNIV_TYPE :: "'a itself \ 'a set" where 15 | "UNIV_TYPE (t :: 'a itself) = (UNIV :: 'a set)" 16 | 17 | (* declare UNIV_TYPE_def [simp] *) 18 | 19 | syntax 20 | "_UNIV_TYPE" :: "type => logic" ("(1UNIV'_T/(1'(_')))") 21 | 22 | translations 23 | "UNIV_T('t)" \ "(CONST UNIV_TYPE) TYPE('t)" 24 | 25 | theorem "0 \ UNIV_T(int)" 26 | apply (simp add: UNIV_TYPE_def) 27 | done 28 | 29 | theorem "\x. x \ UNIV_T('a)" 30 | apply (simp add: UNIV_TYPE_def) 31 | done 32 | 33 | theorem "UNIV_T('a) = UNIV" 34 | apply (simp add: UNIV_TYPE_def) 35 | done 36 | end 37 | -------------------------------------------------------------------------------- /doc/UTP-Circus.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Circus.pdf -------------------------------------------------------------------------------- /doc/UTP-Designs.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Designs.pdf -------------------------------------------------------------------------------- /doc/UTP-KAT.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-KAT.pdf -------------------------------------------------------------------------------- /doc/UTP-Reactive-Designs.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Reactive-Designs.pdf -------------------------------------------------------------------------------- /doc/UTP-Reactive.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Reactive.pdf -------------------------------------------------------------------------------- /doc/UTP-Stateful-Failures.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Stateful-Failures.pdf -------------------------------------------------------------------------------- /doc/UTP-Toolkit.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Toolkit.pdf -------------------------------------------------------------------------------- /doc/UTP-Tutorial.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP-Tutorial.pdf -------------------------------------------------------------------------------- /doc/UTP.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/UTP.pdf -------------------------------------------------------------------------------- /doc/syntax/utp-syntax.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/doc/syntax/utp-syntax.pdf -------------------------------------------------------------------------------- /dynamics/.gitignore: -------------------------------------------------------------------------------- 1 | # Ignore output directory for Isabelle/HOL proof documents. 2 | output 3 | -------------------------------------------------------------------------------- /dynamics/ODE_Cert.thy: -------------------------------------------------------------------------------- 1 | section \ ODE Certification Tactic \ 2 | 3 | theory ODE_Cert 4 | imports 5 | Derivative_extra 6 | "Ordinary_Differential_Equations.ODE_Analysis" 7 | begin 8 | 9 | text \ \emph{ode\_cert} is a simple tactic for certifying solutions to systems of differential equations \ 10 | 11 | method ode_cert = 12 | \ \ Apply the introduction rule \ 13 | (rule_tac solves_odeI, 14 | \ \ Simplify away the set-wise vector derivative definition \ 15 | simp_all add: has_vderiv_on_def, 16 | \ \ Split apart individual ODEs composed pair-wise \ 17 | safe intro!: has_vector_derivative_Pair, 18 | \ \ Raise two goals, with a linking meta-variable: (1) the derivative goal, (2) a goal that 19 | the resulting derivative is equal to the target \ 20 | (rule has_vector_derivative_eq_rhs, 21 | \ \ Recursively apply derivative introduction laws to (1) \ 22 | (rule derivative_intros; (simp)?)+, 23 | \ \ Simplify away (2) using field laws \ 24 | simp add: field_simps)+) 25 | 26 | type_synonym 'c ODE = "real \ 'c \ 'c" 27 | 28 | text \ A simple example is the following system of ODEs for an objecting accelerating according to gravity. \ 29 | 30 | abbreviation "grav \ 9.81" 31 | 32 | abbreviation grav_ode :: "(real \ real) ODE" where 33 | "grav_ode \ (\ t (v, h). (- grav, v))" 34 | 35 | text \ We also present the following solution to the system of ODEs, which is a function from 36 | initial values of the continuous variables to a continuous function that shows how the variables 37 | change with time. \ 38 | 39 | abbreviation grav_sol :: "real \ real \ real \ real \ real" where 40 | "grav_sol \ \ (v\<^sub>0, h\<^sub>0) \. (v\<^sub>0 - grav * \, v\<^sub>0 * \ - grav * (\ * \) / 2 + h\<^sub>0)" 41 | 42 | text \ Finally, we show how this solution to the ODEs can be certified. \ 43 | 44 | lemma 45 | "(grav_sol (v\<^sub>0, h\<^sub>0) solves_ode grav_ode) T UNIV" 46 | by ode_cert 47 | 48 | text \ More examples \ 49 | 50 | lemma "((\ t. exp t) solves_ode (\ t y. y)) T UNIV" 51 | by ode_cert 52 | 53 | lemma "((\ t. (cos t, sin t)) solves_ode (\ t (x, y). (-y, x))) T UNIV" 54 | by ode_cert 55 | 56 | end -------------------------------------------------------------------------------- /dynamics/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /dynamics/document/isabelletags.sty: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /dynamics/document/pdfsetup.sty: -------------------------------------------------------------------------------- 1 | %% 2 | %% default hyperref setup (both for pdf and dvi output) 3 | %% 4 | 5 | \usepackage{color} 6 | \definecolor{linkcolor}{rgb}{0,0,0.5} 7 | \usepackage[colorlinks=true,linkcolor=linkcolor,citecolor=linkcolor,filecolor=linkcolor,pagecolor=linkcolor,urlcolor=linkcolor]{hyperref} 8 | -------------------------------------------------------------------------------- /dynamics/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amsmath} 11 | \usepackage{amssymb} 12 | %for \, \, \, \, \, \, 13 | %\, \, \, \, \, 14 | %\, \, \ 15 | 16 | \usepackage[english]{babel} 17 | %option greek for \ 18 | %option english (default language) for \, \ 19 | 20 | \usepackage[only,bigsqcap]{stmaryrd} 21 | %for \ 22 | 23 | \usepackage[color,zed]{csp}% 24 | 25 | \usepackage{eufrak} 26 | %for \ ... \, \ ... \ (also included in amssymb) 27 | 28 | %\usepackage{textcomp} 29 | %for \, \, \, \, \, 30 | %\ 31 | 32 | % this should be the last package used 33 | \usepackage{pdfsetup} 34 | 35 | % urls in roman style, theory text in math-similar italics 36 | \urlstyle{rm} 37 | \isabellestyle{it} 38 | 39 | % for uniform font size 40 | %\renewcommand{\isastyle}{\isastyleminor} 41 | 42 | \begin{document} 43 | 44 | \title{Dynamics in Isabelle} 45 | 46 | \author{Simon Foster} 47 | 48 | \maketitle 49 | 50 | \tableofcontents 51 | 52 | % sane default for proof documents 53 | \parindent 0pt\parskip 0.5ex 54 | 55 | % generated text of all theories 56 | \input{Derivative_extra} 57 | 58 | \input{Contiguous_Functions} 59 | 60 | \input{Timed_Traces} 61 | 62 | % optional bibliography 63 | \bibliographystyle{abbrv} 64 | \bibliography{root} 65 | 66 | \end{document} 67 | -------------------------------------------------------------------------------- /fmi/.gitignore: -------------------------------------------------------------------------------- 1 | # Ignore output directory for Isabelle/HOL proof documents. 2 | output 3 | # Ignore resources directory containing documents and models. 4 | resources 5 | -------------------------------------------------------------------------------- /fmi/document/document.sty: -------------------------------------------------------------------------------- 1 | %%%%%%%%%%%%%%%%%%%%%% 2 | % Names and Acronyms % 3 | %%%%%%%%%%%%%%%%%%%%%% 4 | 5 | \newcommand{\Circus}{\textsf{\slshape Circus}} 6 | 7 | %%%%%%%%%%%% 8 | % Typeface % 9 | %%%%%%%%%%%% 10 | 11 | \newcommand{\strong}[1]{\textbf{#1}} 12 | \newcommand{\code}[1]{\texttt{#1}} 13 | 14 | %%%%%%%%%% 15 | % Colors % 16 | %%%%%%%%%% 17 | 18 | \newcommand{\red}[1]{{\color{Red}#1}} 19 | \newcommand{\blue}[1]{{\color{Blue}#1}} 20 | \newcommand{\green}[1]{{\color{Green}#1}} 21 | \newcommand{\grey}[1]{{\color{Gray}#1}} 22 | \newcommand{\purple}[1]{{\color{Purple}#1}} 23 | 24 | %%%%%%%%%%%%%%%%%%%%% 25 | % Document Headings % 26 | %%%%%%%%%%%%%%%%%%%%% 27 | 28 | \renewcommand{\isamarkupparagraph}[1]{\subsubsection*{\textsf{\textbf{#1}}}} 29 | 30 | %%%%%%%%%%%%%%%%%%%%%%% 31 | % Document Management % 32 | %%%%%%%%%%%%%%%%%%%%%%% 33 | 34 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 35 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 36 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} -------------------------------------------------------------------------------- /fmi/document/root.bib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/fmi/document/root.bib -------------------------------------------------------------------------------- /fmi/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[english]{babel} 5 | \usepackage[usenames,dvipsnames]{color} 6 | \usepackage{document} 7 | 8 | % further packages required for unusual symbols (see also 9 | % isabellesym.sty), use only when needed 10 | 11 | \usepackage{amssymb} 12 | %for \, \, \, \, \, \, 13 | %\, \, \, \, \, 14 | %\, \, \ 15 | 16 | %\usepackage{eurosym} 17 | %for \ 18 | 19 | \usepackage[only,bigsqcap]{stmaryrd} 20 | %for \ 21 | 22 | %\usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{tt} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \begin{document} 40 | 41 | \title{A Mechanisation of FMI in Isabelle/UTP} 42 | \author{Frank Zeyda, Ana Cavalcanti, and Simon Foster} 43 | \maketitle 44 | 45 | \tableofcontents 46 | 47 | \clearpage 48 | 49 | % sane default for proof documents 50 | \parindent 0pt\parskip 0.5ex 51 | 52 | % generated text of all theories 53 | %\input{session} 54 | 55 | %%%%%%%%%%%%%%%%%%%% 56 | % Theory of Cirucs % 57 | %%%%%%%%%%%%%%%%%%%% 58 | 59 | \input{utp_circus} 60 | 61 | \clearpage 62 | 63 | %%%%%%%%%%%%%% 64 | % Time Model % 65 | %%%%%%%%%%%%%% 66 | 67 | \input{Time} 68 | 69 | \clearpage 70 | 71 | %%%%%%%%%%%%% 72 | % FMI Model % 73 | %%%%%%%%%%%%% 74 | 75 | \input{fmi} 76 | 77 | \clearpage 78 | 79 | %%%%%%%%%%%%%%%%%%% 80 | % Railways System % 81 | %%%%%%%%%%%%%%%%%%% 82 | 83 | \input{Railways} 84 | 85 | \clearpage 86 | 87 | %%%%%%%%%%%% 88 | % Topology % 89 | %%%%%%%%%%%% 90 | 91 | \input{Topology} 92 | 93 | \clearpage 94 | 95 | %%%%%%%%%%%%%%%%%%%%%%%%%% 96 | % Railways Specification % 97 | %%%%%%%%%%%%%%%%%%%%%%%%%% 98 | 99 | \input{Railways_Spec} 100 | 101 | \clearpage 102 | 103 | %%%%%%%%%%%%%%%%%%%%%%%%%%% 104 | % Railways Implementation % 105 | %%%%%%%%%%%%%%%%%%%%%%%%%%% 106 | 107 | \input{Railways_Impl} 108 | 109 | \clearpage 110 | 111 | %%%%%%%%%%%%%%%%%%%% 112 | % Interlocking FMU % 113 | %%%%%%%%%%%%%%%%%%%% 114 | 115 | \input{Interlocking} 116 | 117 | \clearpage 118 | 119 | % optional bibliography 120 | %\bibliographystyle{abbrv} 121 | %\bibliography{root} 122 | 123 | \end{document} 124 | 125 | %%% Local Variables: 126 | %%% mode: latex 127 | %%% TeX-master: t 128 | %%% End: 129 | -------------------------------------------------------------------------------- /fmi/fmi_report.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/fmi/fmi_report.pdf -------------------------------------------------------------------------------- /fmi/utp_hoare_ext.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp_hoare_ext.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section {* Hoare Logic Extensions *} 9 | 10 | theory utp_hoare_ext 11 | imports utp_hoare 12 | begin 13 | 14 | subsection {* Invariant Split Tactic *} 15 | 16 | text {* This tactic is slightly more efficient than @{method hoare_split}. *} 17 | 18 | named_theorems hoare_split_inv_laws "splitting laws for Hoare logic" 19 | 20 | lemmas seq_hoare_inv = seq_hoare_invariant 21 | 22 | lemma skip_hoare_aux: 23 | "\p \ q\II\p\\<^sub>u" by (rel_simp)+ 24 | 25 | lemma cond_hoare_r': 26 | "\\p \ b\S\q\\<^sub>u ; \p \ \b\T\q\\<^sub>u\ \ \p\S \ b \\<^sub>r T\q\\<^sub>u" 27 | by (rel_auto) 28 | 29 | declare hoare_r_conj [hoare_split_inv_laws] 30 | declare skip_hoare_r [hoare_split_inv_laws] 31 | declare skip_hoare_aux [hoare_split_inv_laws] 32 | declare assigns_hoare_r [hoare_split_inv_laws] 33 | declare seq_hoare_inv [hoare_split_inv_laws] 34 | declare cond_hoare_r' [hoare_split_inv_laws] 35 | declare while_hoare_r [hoare_split_inv_laws] 36 | declare while_invr_hoare_r [hoare_split_inv_laws] 37 | 38 | method hoare_split_inv uses add = 39 | (rule hoare_split_inv_laws add; (hoare_split_inv add: add))? 40 | end -------------------------------------------------------------------------------- /fmi/wf_value.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: wf_value.thy *) 4 | (* Authors: Frank Zeyda and Simon Foster (University of York, UK) *) 5 | (* Emails: frank.zeyda@york.ac.uk and simon.foster@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 14 Sep 2017 *) 8 | 9 | section {* Well-formed Values *} 10 | 11 | theory wf_value 12 | imports Main 13 | begin 14 | 15 | text {* 16 | We declare a type class here that introduces a notion of well-formedness of 17 | values of some HOL type @{typ 'a}. With this, we are able to perform generic 18 | construction of subtypes that include well-formed values only. We may use 19 | this, for instance, to obtain types for well-formed events. 20 | *} 21 | 22 | class wf = 23 | fixes is_wf :: "'a \ bool" 24 | assumes wf_value_exists: "\x. is_wf x" 25 | begin 26 | definition WF_UNIV :: "'a itself \ 'a set" where 27 | "WF_UNIV t = Collect is_wf" 28 | end 29 | 30 | text {* Generic construction of a subtype comprising well-defined values only. *} 31 | 32 | typedef (overloaded) 'a::wf wf = "WF_UNIV TYPE('a)" 33 | apply (unfold WF_UNIV_def) 34 | apply (clarsimp) 35 | apply (rule wf_value_exists) 36 | done 37 | 38 | setup_lifting type_definition_wf 39 | end -------------------------------------------------------------------------------- /fmi_report.pdf: -------------------------------------------------------------------------------- 1 | fmi/output/document.pdf -------------------------------------------------------------------------------- /hybrid/.gitignore: -------------------------------------------------------------------------------- 1 | # Ignore output directory for Isabelle/HOL proof documents. 2 | output 3 | -------------------------------------------------------------------------------- /hybrid/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /hybrid/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amsmath} 11 | \usepackage{amssymb} 12 | %for \, \, \, \, \, \, 13 | %\, \, \, \, \, 14 | %\, \, \ 15 | 16 | \usepackage[english]{babel} 17 | %option greek for \ 18 | %option english (default language) for \, \ 19 | 20 | \usepackage[only,bigsqcap]{stmaryrd} 21 | %for \ 22 | 23 | \usepackage[color,zed]{csp}% 24 | 25 | \usepackage{eufrak} 26 | %for \ ... \, \ ... \ (also included in amssymb) 27 | 28 | %\usepackage{textcomp} 29 | %for \, \, \, \, \, 30 | %\ 31 | 32 | % this should be the last package used 33 | \usepackage{pdfsetup} 34 | 35 | % urls in roman style, theory text in math-similar italics 36 | \urlstyle{rm} 37 | \isabellestyle{it} 38 | 39 | % for uniform font size 40 | %\renewcommand{\isastyle}{\isastyleminor} 41 | 42 | \begin{document} 43 | 44 | \title{Hybrid Computation in the UTP} 45 | 46 | \author{Simon Foster} 47 | 48 | \maketitle 49 | 50 | \tableofcontents 51 | 52 | % sane default for proof documents 53 | \parindent 0pt\parskip 0.5ex 54 | 55 | % generated text of all theories 56 | \input{utp_hyrel} 57 | 58 | \input{utp_differential} 59 | 60 | % optional bibliography 61 | \bibliographystyle{abbrv} 62 | \bibliography{root} 63 | 64 | \end{document} 65 | -------------------------------------------------------------------------------- /hybrid/examples/utp_thermostat.thy: -------------------------------------------------------------------------------- 1 | section \ Thermostat \ 2 | 3 | theory utp_thermostat 4 | imports "UTP1-Hybrid.utp_hybrid" 5 | begin 6 | 7 | subsection \ State-space \ 8 | 9 | alphabet thermo_c = 10 | temp :: real 11 | 12 | alphabet thermo_d = 13 | isOn :: bool 14 | 15 | setup_lifting type_definition_thermo_c_ext 16 | 17 | instantiation thermo_c_ext :: (t2_space) t2_space 18 | begin 19 | lift_definition open_thermo_c_ext :: "'a thermo_c_scheme set \ bool" is "open" . 20 | instance by (intro_classes, (transfer, auto simp add: separation_t2)+) 21 | end 22 | 23 | subsection \ Constants \ 24 | 25 | abbreviation init_temp :: real where 26 | "init_temp \ 20" 27 | 28 | abbreviation max_temp :: real where 29 | "max_temp \ 21" 30 | 31 | abbreviation min_temp :: real where 32 | "min_temp \ 19" 33 | 34 | subsection \ Differential Equations and Solutions \ 35 | 36 | abbreviation heating_ode :: "real ODE" where 37 | "heating_ode \ (\ t temp. 5 - 0.1 * temp)" 38 | 39 | abbreviation cooling_ode :: "real ODE" where 40 | "cooling_ode \ (\ t temp. - 0.1 * temp)" 41 | 42 | subsection \ System Definition \ 43 | 44 | definition thermostat :: "(thermo_d, thermo_c) hyrel" where 45 | "thermostat = 46 | (\<^bold>c:temp :=\<^sub>r \init_temp\ ;; 47 | \<^bold>d:isOn :=\<^sub>r false ;; 48 | (\ X \ (\temp \ heating_ode(ti)\\<^sub>h \ &\<^bold>d:isOn \\<^sub>R \temp \ cooling_ode(ti)\\<^sub>h) 49 | [$temp\ <\<^sub>u \min_temp\ \ $temp\ >\<^sub>u \max_temp\]\<^sub>h 50 | (\<^bold>d:isOn :=\<^sub>r true \ (&\<^bold>c:temp <\<^sub>u \min_temp\) \\<^sub>R\<^bold>d:isOn :=\<^sub>r false) ;; X))" 51 | 52 | end -------------------------------------------------------------------------------- /hybrid/imports/utp_hybrid_imports.thy: -------------------------------------------------------------------------------- 1 | section \ Imports for UTP Hybrid \ 2 | 3 | theory utp_hybrid_imports 4 | imports 5 | "UTP1.utp" 6 | "UTP1-Reactive-Designs.utp_rea_designs" 7 | "UTP1-Time.utp_time_rel" 8 | "Ordinary_Differential_Equations.ODE_Analysis" 9 | "Dynamics.Derivative_extra" 10 | "Dynamics.Timed_Traces" 11 | "HOL-Analysis.Topology_Euclidean_Space" 12 | begin end -------------------------------------------------------------------------------- /hybrid/utp_hybrid.thy: -------------------------------------------------------------------------------- 1 | section \ Hybrid computation in UTP \ 2 | theory utp_hybrid 3 | imports 4 | utp_hyrel 5 | utp_differential 6 | utp_hrd 7 | begin end -------------------------------------------------------------------------------- /impl/examples/utp_rcalc_ex.thy: -------------------------------------------------------------------------------- 1 | section {* Refinement Calculus Examples *} 2 | 3 | theory utp_rcalc_ex 4 | imports "../utp_rcalc" 5 | begin 6 | 7 | subsection {* Initial Setup -- Example State Space *} 8 | 9 | alphabet exstate = 10 | x :: int 11 | y :: int 12 | z :: int 13 | 14 | text {* The examples in the section are taken from Carol Morgan's "Programming from Specifications". *} 15 | 16 | subsection {* Examples from Figure 1.5 on p7 *} 17 | 18 | term "&x:[true, &y\<^sup>2 =\<^sub>u &x]" 19 | 20 | term "&x:[&x \\<^sub>u 0, &y\<^sup>2 =\<^sub>u &x]" 21 | 22 | term "&e:[&s \\<^sub>u {}\<^sub>u, &e \\<^sub>u &s]" 23 | 24 | term "&x:[&b\<^sup>2 \\<^sub>u 4*&a*&c, &a*&x\<^sup>2 + &b*&x + &c =\<^sub>u 0]" 25 | 26 | subsection {* Exercise 1.4, first 4 questions *} 27 | 28 | lemma "&x:[true, &x \\<^sub>u 0] \ &x:[true, &x =\<^sub>u 0]" 29 | by (prefine) 30 | 31 | lemma "&x:[&x \\<^sub>u 0, true] \ &x:[&x =\<^sub>u 0, true]" 32 | apply (prefine) 33 | nitpick 34 | oops 35 | 36 | lemma "&x:[&x \\<^sub>u 0, &x =\<^sub>u 0] \ &x:[&x =\<^sub>u 0, &x \\<^sub>u 0]" 37 | apply (prefine) 38 | nitpick 39 | oops 40 | 41 | lemma "&x:[&x =\<^sub>u 0, &x \\<^sub>u 0] \ &x:[&x \\<^sub>u 0, &x =\<^sub>u 0]" 42 | by (prefine) 43 | 44 | end -------------------------------------------------------------------------------- /impl/utp_impl.thy: -------------------------------------------------------------------------------- 1 | section \ Meta Theory for UTP-Impl \ 2 | 3 | theory utp_impl 4 | imports utp_prog utp_rcalc 5 | begin end -------------------------------------------------------------------------------- /modelica/Modelica.thy: -------------------------------------------------------------------------------- 1 | section {* Modelica Blocks as UTP Reactive Designs *} 2 | 3 | theory Modelica 4 | imports 5 | Modelica_Core 6 | Modelica_Blocks_Sources 7 | Modelica_Blocks_Math 8 | Modelica_Blocks_Continuous 9 | begin end -------------------------------------------------------------------------------- /modelica/Modelica_Blocks_Continuous.thy: -------------------------------------------------------------------------------- 1 | section \ Modelica.Blocks.Continuous \ 2 | 3 | theory Modelica_Blocks_Continuous 4 | imports Modelica_Blocks_Math 5 | begin 6 | 7 | type_synonym Init = nat 8 | 9 | abbreviation "NoInit :: Init \ 1" 10 | abbreviation "SteadyState :: Init \ 2" 11 | abbreviation "InitialState :: Init \ 3" 12 | abbreviation "InitialOutput :: Init \ 4" 13 | 14 | definition Integrator where 15 | [urel_defs]: "Integrator k y_start initType u y = 16 | [ true 17 | | ((y~ has-deriv 0 at 0 < \<^bold>l) \ \initType = SteadyState\ \ (y~(0) =\<^sub>u \y_start\)) 18 | \ y~ has-vderiv (\\<^sub>u t \ \k\ * u~(\t\)) ]\<^sub>M" 19 | 20 | definition Derivative where 21 | [urel_defs]: "Derivative k T x_start y_start initType u x y = 22 | [ \T\ >\<^sub>u 0 23 | | ((x~ has-deriv 0 at 0 < \<^bold>l) 24 | \ \initType = SteadyState\ \ 25 | (x~(0) =\<^sub>u \x_start\) 26 | \ \initType = InitialState\ \ 27 | (y~(0) =\<^sub>u \y_start\)) 28 | \ x~ has-vderiv (\\<^sub>u t \ (u~(\t\) - x~(\t\)) / \T\) 29 | \ y~ has-vderiv (\\<^sub>u t \ (\k\ / \T\ * (u~(\t\) - x~(\t\)))) ]\<^sub>M" 30 | 31 | text \ The PID controller needs some internal wires which we here define. \ 32 | 33 | alphabet PID_st = 34 | pid_P :: real 35 | pid_I :: real 36 | pid_D :: real 37 | pid_y :: real 38 | pid_x :: real 39 | 40 | setup_lifting type_definition_PID_st_ext 41 | 42 | instantiation PID_st_ext :: (t2_space) t2_space 43 | begin 44 | lift_definition open_PID_st_ext :: "'a PID_st_scheme set \ bool" is "open" . 45 | 46 | instance 47 | apply (intro_classes) 48 | apply (transfer, simp) 49 | apply (transfer, auto) 50 | apply (transfer, auto) 51 | apply (transfer, meson hausdorff) 52 | done 53 | end 54 | 55 | definition PID where 56 | "PID k Ti Td Nd initType xi_start xd_start y_start u y 57 | = Gain 1 u pid_P \\<^sub>B 58 | Integrator (1 / Ti) xi_start initType u pid_I \\<^sub>B 59 | Derivative Td (Td / Nd) xd_start 0 initType u pid_x pid_D \\<^sub>B 60 | Add3 1 1 1 pid_P pid_I pid_D pid_y \\<^sub>B 61 | Gain k pid_y y" 62 | 63 | end -------------------------------------------------------------------------------- /modelica/Modelica_Blocks_Discrete.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_Blocks_Discrete 2 | imports Modelica_Core 3 | begin 4 | 5 | definition Sample :: "real \ real \ (real \ 'c) \ (real \ 'c) \ ('d,'c::t2_space) hyrel" where 6 | "Sample samplePeriod startTime u y = 7 | [ true | (\<^bold>\ t\{0..<\<^bold>l}\<^sub>u \ ((y~(\t\) =\<^sub>u 0) \ \t\ <\<^sub>u \startTime\ \ (y~(\t\) =\<^sub>u u~(\of_int(\t/samplePeriod\) * samplePeriod\))))]\<^sub>M" 8 | 9 | end -------------------------------------------------------------------------------- /modelica/Modelica_Blocks_Sources.thy: -------------------------------------------------------------------------------- 1 | section \ Modelica.Blocks.Sources \ 2 | 3 | theory Modelica_Blocks_Sources 4 | imports Modelica_Core 5 | begin 6 | 7 | definition Clock :: "real \ real \ (real \ 'c::t2_space) \ ('d,'c) hyrel" where 8 | [urel_defs]: "Clock offset startTime y = [ true | \$y\ =\<^sub>u \offset + (if ti < startTime then 0 else ti - startTime)\\\<^sub>h ]\<^sub>M" 9 | 10 | definition Constant :: "'a::real_algebra \ ('a \ 'c::t2_space) \ ('d,'c) hyrel" where 11 | [urel_defs]: "Constant k y = [ true | \$y\ =\<^sub>u \k\\\<^sub>h ]\<^sub>M" 12 | 13 | definition Step :: "real \ real \ real \ (real \ 'c::t2_space) \ ('d,'c) hyrel" where 14 | "Step offset startTime height y = 15 | [true | \$y\ =\<^sub>u \offset + (if ti < startTime then 0 else height)\\\<^sub>h ]\<^sub>M" 16 | 17 | definition Ramp :: 18 | "real \ real \ real \ real \ (real \ 'c::t2_space) \ ('d,'c) hyrel" where 19 | [urel_defs]: "Ramp height duration offset startTime y 20 | = [ \duration\ \\<^sub>u 0 21 | | \$y\ =\<^sub>u \offset + (if ti < startTime then 0 22 | else if ti < startTime + duration 23 | then (ti - startTime) * height / duration 24 | else height)\\\<^sub>h ]\<^sub>M" 25 | 26 | definition Sine :: 27 | "real \ real \ real \ real \ real \ (real \ 'c::t2_space) \ ('d,'c) hyrel" where 28 | "Sine ampltitude freqHz phase offset startTime y = 29 | [true | \$y\ =\<^sub>u \offset + (if ti < startTime 30 | then 0 31 | else sin(2 * pi * freqHz * (ti - startTime) + phase))\\\<^sub>h]\<^sub>M" 32 | 33 | 34 | end -------------------------------------------------------------------------------- /modelica/Modelica_Math.thy: -------------------------------------------------------------------------------- 1 | section \ Modelica.Math \ 2 | 3 | theory Modelica_Math 4 | imports Modelica_Core 5 | begin 6 | 7 | text \ We need some additional functions, such as summation, on finite Cartesian products that 8 | we here define. \ 9 | 10 | setup_lifting type_definition_vec 11 | 12 | lift_definition vec_sum :: "'a::comm_monoid_add ^ 'i::finite \ 'a" is 13 | "\ f. \ (range f)" . 14 | 15 | adhoc_overloading 16 | usums vec_sum 17 | 18 | text \ We define Modelica.Math functions that are not part of Isabelle/HOL \ 19 | 20 | definition sign\<^sub>m :: "real \ real" where 21 | [upred_defs]: "sign\<^sub>m(u) = (if (u > 0) then 1 else if (u = 0) then 0 else -1)" 22 | 23 | definition atan2\<^sub>m :: "real \ real \ real" where 24 | [upred_defs]: "atan2\<^sub>m(u) = undefined" 25 | 26 | end -------------------------------------------------------------------------------- /modelica/noncomp/Modelica_Blocks.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_Blocks 2 | imports 3 | Modelica_Blocks_Continuous 4 | Modelica_Blocks_Discrete 5 | Modelica_Blocks_Math 6 | Modelica_Blocks_Sources 7 | begin end 8 | -------------------------------------------------------------------------------- /modelica/noncomp/Modelica_Blocks_Continuous.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_Blocks_Continuous 2 | imports Modelica_Blocks_Core 3 | begin 4 | 5 | datatype Init = NoInit | SteadyState | InitialState | InitialOutput 6 | 7 | definition Integrator :: 8 | "Init \ real \ real \ (real, 'l, 'c) mcon \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 9 | [upred_defs, mo_defs]: 10 | "Integrator initType k y_start u y = 11 | \ mieqs = ((\initType \ {InitialState,InitialOutput}\ \ &y =\<^sub>u \y_start\) \ 12 | (\initType = SteadyState\ \ \k\*&u =\<^sub>u 0)) 13 | , mdeqs = y has-der (\k\*&u) 14 | , maeqs = true 15 | , mqeqs = true 16 | , mreqs = {} 17 | , mzcfs = {} 18 | , mtevs = (\ t. False) 19 | \" 20 | 21 | definition ResetIntegrator :: 22 | "real \ (real, 'l, 'c) mcon \ (real, 'l, 'c) mcon \ 23 | (real, 'l, 'c) mcon \ (bool, 'l, 'c) mcon \ ('l, 'c) mblock" where 24 | [upred_defs, mo_defs]: 25 | "ResetIntegrator k u y y_start r = 26 | \ mieqs = (&y =\<^sub>u &y_start) 27 | , mdeqs = y has-der (\k\*&u) 28 | , maeqs = true 29 | , mqeqs = true 30 | , mreqs = {($y\ =\<^sub>u $y_start) \ &r \\<^sub>r ($y\ =\<^sub>u $y)} 31 | , mzcfs = {} 32 | , mtevs = (\ t. False) 33 | \" 34 | 35 | 36 | definition Der :: 37 | "(real, 'l, 'c) mcon \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 38 | [upred_defs, mo_defs]: 39 | "Der u y = 40 | \ mieqs = true 41 | , mdeqs = u has-der &y 42 | , maeqs = true 43 | , mqeqs = true 44 | , mreqs = {} 45 | , mzcfs = {} 46 | , mtevs = (\t. False) 47 | \" 48 | 49 | end -------------------------------------------------------------------------------- /modelica/noncomp/Modelica_Blocks_Discrete.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_Blocks_Discrete 2 | imports Modelica_Blocks_Core 3 | begin 4 | 5 | definition sample\<^sub>m :: "real \ real \ real \ bool" where 6 | [upred_defs, mo_defs]: "sample\<^sub>m s p ti = (\ n::nat. ti = s + of_nat n * p)" 7 | 8 | definition Sampler :: 9 | "real \ real \ (real, 'l, 'c) mcon \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 10 | [upred_defs, mo_defs]: 11 | "Sampler samplePeriod startTime u y = 12 | \ mieqs = &y =\<^sub>u &u 13 | , mdeqs = true\<^sub>r 14 | , maeqs = true 15 | , mqeqs = (\sample\<^sub>m startTime samplePeriod\(&mtime)\<^sub>a \ &y =\<^sub>u &u) 16 | , mreqs = {} 17 | , mzcfs = {} 18 | , mtevs = sample\<^sub>m startTime samplePeriod 19 | \" 20 | 21 | end 22 | -------------------------------------------------------------------------------- /modelica/noncomp/Modelica_Blocks_Sources.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_Blocks_Sources 2 | imports Modelica_Blocks_Core 3 | begin 4 | 5 | definition Clock :: "real \ real \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 6 | [upred_defs, mo_defs]: 7 | "Clock offset startTime y = 8 | \ mieqs = true 9 | , mdeqs = true\<^sub>r 10 | , maeqs = (&y =\<^sub>u \offset\ + (0 \ &mtime <\<^sub>u \startTime\ \ &mtime - \startTime\)) 11 | , mqeqs = true 12 | , mreqs = {} 13 | , mzcfs = {} 14 | , mtevs = (\t. False) 15 | \" 16 | 17 | definition Constant :: "real \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 18 | [upred_defs, mo_defs]: 19 | "Constant k y = 20 | \ mieqs = true 21 | , mdeqs = true\<^sub>r 22 | , maeqs = (&y =\<^sub>u \k\) 23 | , mqeqs = true 24 | , mreqs = {} 25 | , mzcfs = {} 26 | , mtevs = (\t. False) 27 | \" 28 | 29 | definition Step :: "real \ real \ real \ (real, 'l, 'c) mcon \ ('l, 'c) mblock" where 30 | [upred_defs, mo_defs]: 31 | "Step height offset startTime y = 32 | \ mieqs = (&y =\<^sub>u \offset\) 33 | , mdeqs = true\<^sub>r 34 | , maeqs = true 35 | , mqeqs = (&mtime =\<^sub>u \startTime\ \ &y =\<^sub>u \offset + height\) 36 | , mreqs = {} 37 | , mzcfs = {} 38 | , mtevs = (\t. t = startTime) 39 | \" 40 | 41 | end -------------------------------------------------------------------------------- /modelica/noncomp/Modelica_NonComp.thy: -------------------------------------------------------------------------------- 1 | theory Modelica_NonComp 2 | imports 3 | Modelica_Blocks 4 | begin end 5 | -------------------------------------------------------------------------------- /probability/utp_expectation.thy: -------------------------------------------------------------------------------- 1 | section \ Expectations \ 2 | 3 | theory utp_expectation 4 | imports "UTP.utp" 5 | begin 6 | 7 | subsection \ Probabilities \ 8 | 9 | typedef prob = "{0..1} :: real set" 10 | by auto 11 | 12 | setup_lifting type_definition_prob 13 | 14 | instantiation prob :: "{ord,zero,one,times,uminus}" 15 | begin 16 | lift_definition less_eq_prob :: "prob \ prob \ bool" is "op \" . 17 | lift_definition less_prob :: "prob \ prob \ bool" is "op <" . 18 | lift_definition zero_prob :: prob is 0 by auto 19 | lift_definition one_prob :: prob is 1 by auto 20 | lift_definition times_prob :: "prob \ prob \ prob" is "op *" 21 | by (auto, simp add: mult_le_one) 22 | lift_definition uminus_prob :: "prob \ prob" is "\ p. 1 - p" 23 | by (auto) 24 | instance .. 25 | end 26 | 27 | instance prob :: order 28 | by (intro_classes, (transfer, auto)+) 29 | 30 | instance prob :: comm_monoid_mult 31 | by (intro_classes, (transfer, auto)+) 32 | 33 | lemma "- (- (p :: prob)) = p" 34 | by (transfer, simp) 35 | 36 | subsection \ Expectation Type \ 37 | 38 | type_synonym '\ uexpt = "(prob, '\) uexpr" 39 | 40 | definition upred_expt :: "'\ upred \ '\ uexpt" ("[_]\<^sub>P") where 41 | [upred_defs]: "[P]\<^sub>P = 1 \ P \ 0" 42 | 43 | lemma upred_expt_false: "[false]\<^sub>P = 0" 44 | by pred_auto 45 | 46 | lemma upred_expt_true: "[true]\<^sub>P = 1" 47 | by pred_auto 48 | 49 | end -------------------------------------------------------------------------------- /profiling/Profiling.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: profiling.ML *) 4 | (* Authors: Simon Foster and Frank Zeyda *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 7/12/2016 *) 8 | 9 | signature PROFILING = 10 | sig 11 | val probe_tac : (thm -> unit) -> Method.method 12 | val start_profiling : Method.method 13 | val finish_profiling : Method.method 14 | val wrap_method : Method.text_range -> Method.text_range 15 | val setup_command : unit -> unit 16 | end 17 | 18 | structure Profiling : PROFILING = 19 | struct 20 | val start_time = Unsynchronized.ref (Timing.start()); 21 | 22 | fun probe_tac f = METHOD (K (fn thm => (f thm; all_tac thm))); 23 | 24 | fun profiling_msg (duration : Timing.timing) = 25 | let val {cpu = cpu_time, elapsed = real_time, gc = gc_time} = duration in 26 | "Profiling: " 27 | ^ (Time.toString real_time) ^ "s elapsed time, " 28 | ^ (Time.toString cpu_time) ^ "s CPU time and " 29 | ^ (Time.toString gc_time) ^ "s GC time." 30 | end; 31 | 32 | val start_profiling = 33 | probe_tac (fn _ => start_time := Timing.start()); 34 | 35 | val finish_profiling = 36 | probe_tac (fn _ => 37 | (Output.information (profiling_msg (Timing.result(!start_time))))); 38 | 39 | fun wrap_method (m : Method.text_range) = 40 | (Method.Combinator ((Method.no_combinator_info, Method.Then, [ 41 | Method.Basic (K start_profiling), (fst m), 42 | Method.Basic (K finish_profiling)])), 43 | (snd m)); 44 | 45 | fun setup_command () = 46 | Outer_Syntax.command @{command_keyword profile} 47 | "initial goal refinement step (unstructured) with profiling" 48 | (Method.parse >> (fn m => (Method.report m; 49 | Toplevel.proofs (Proof.apply (wrap_method m))))); 50 | end -------------------------------------------------------------------------------- /profiling/Profiling.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: profiling.ML *) 4 | (* Authors: Simon Foster and Frank Zeyda *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 7/12/2016 *) 8 | 9 | section \ Profiling Tool \ 10 | 11 | theory Profiling 12 | imports "HOL-Eisbach.Eisbach" 13 | keywords "profile" :: prf_script 14 | begin 15 | 16 | ML_file "Profiling.ML" 17 | 18 | ML \ Profiling.setup_command() \ 19 | 20 | end -------------------------------------------------------------------------------- /robochart/untimed/AsyncChannel.thy: -------------------------------------------------------------------------------- 1 | section \ Asynchronous Channels \ 2 | 3 | theory AsyncChannel 4 | imports Actions 5 | begin 6 | 7 | definition async_channel :: "('a \ 'e) \ ('a \ 'e) \ 'e Process" ("_ \c\ _" [85,86] 85) where 8 | "async_channel efrom eto = 9 | (decl (isEmpty :: bool, buf :: 'a) \ 10 | isEmpty := true ; 11 | do &isEmpty \ efrom\<^bold>?(buf) ; isEmpty := false 12 | | (\ &isEmpty) \ efrom\<^bold>?(buf) \ (eto\<^bold>!(&buf) ; isEmpty := true) 13 | od)" 14 | 15 | end -------------------------------------------------------------------------------- /robochart/untimed/examples/Chemical.thy: -------------------------------------------------------------------------------- 1 | section \ Chemical Model \ 2 | 3 | theory Chemical 4 | imports "RoboChart-Untimed.StateMachine" 5 | begin recall_syntax 6 | 7 | subsection \ Type Declarations \ 8 | 9 | typedecl Chem 10 | type_synonym Intensity = real 11 | 12 | subsection \ Enumerated Types \ 13 | 14 | datatype Angle = Left | Right | Back | Front 15 | datatype Status = noGas | gasD 16 | 17 | subsection \ Data Types \ 18 | 19 | record GasSensor = 20 | c :: Chem 21 | i :: Intensity 22 | 23 | subsection \ Functions \ 24 | 25 | consts goreq :: "Intensity \ Intensity \ bool" 26 | consts analysis :: "GasSensor list \ Status" 27 | 28 | consts intensity :: "GasSensor list \ Intensity" 29 | 30 | consts location :: "GasSensor list \ real" 31 | 32 | end -------------------------------------------------------------------------------- /theories/actions/utp_action_circus.thy: -------------------------------------------------------------------------------- 1 | section \ Semantic Model for Stateful-Failures \ 2 | 3 | theory utp_action_circus 4 | imports "UTP1-Stateful-Failures.utp_sf_rdes" utp_action_language 5 | begin 6 | 7 | fun sfrd_sem :: "('s, 'e) Action \ ('s, 'e) action" ("\_\\<^sub>C") where 8 | "\P ; Q\\<^sub>C = \P\\<^sub>C ;; \Q\\<^sub>C" | 9 | "\if b then P else Q end\\<^sub>C = \P\\<^sub>C \ b \\<^sub>R \Q\\<^sub>C" | 10 | "\intchoice P Q\\<^sub>C = \P\\<^sub>C \ \Q\\<^sub>C" | 11 | "\assigns \\\<^sub>C = \\\\<^sub>C" | 12 | "\stop\\<^sub>C = Stop" | 13 | "\event E\\<^sub>C = (\ e\UNIV \ ev_pred E e &\<^sub>C do\<^sub>C(\e\) ;; \ev_update E e\\<^sub>C)" | 14 | "\extchoice P Q\\<^sub>C = (\P\\<^sub>C \ \Q\\<^sub>C)" | 15 | "\guard b P\\<^sub>C = (b &\<^sub>C \P\\<^sub>C)" 16 | 17 | lemma sfrd_sem_NCSP [closure]: "\A\\<^sub>C is NCSP" 18 | by (induct A, simp_all add: closure) 19 | 20 | definition sfrd_semantics :: "('s, 'e, ('s, 'e) sfrd \ ('s, 'e) sfrd) Action_Semantics" where 21 | "sfrd_semantics = \ act_sem = sfrd_sem, act_hcond = NCSP \" 22 | 23 | interpretation sfrd_semantic: action_semantics sfrd_semantics 24 | by (unfold_locales, 25 | simp_all add: sfrd_semantics_def asem_eq_def skips_def csp_theory.Unit_Left 26 | csp_theory.Unit_Right AssignsCSP_id seqr_assoc cond_st_true cond_st_false closure) 27 | 28 | end -------------------------------------------------------------------------------- /theories/circus/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/circus/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \newcommand{\isactrlU}{\textit{\textbf{U}}} 40 | 41 | \begin{document} 42 | 43 | \title{Circus in Isabelle/UTP} 44 | 45 | \author{Simon Foster \and James Baxter \and Ana Cavalcanti \and Jim Woodcock \and Samuel Canham} 46 | 47 | \maketitle 48 | 49 | \tableofcontents 50 | 51 | % sane default for proof documents 52 | \parindent 0pt\parskip 0.5ex 53 | 54 | \section{Introduction} 55 | 56 | This document contains a mechanisation in Isabelle/UTP~\cite{Foster16a} of Circus~\cite{Oliveira2005-PHD}. 57 | 58 | % generated text of all theories 59 | \input{session} 60 | 61 | % optional bibliography 62 | \bibliographystyle{abbrv} 63 | \bibliography{root} 64 | 65 | \end{document} 66 | -------------------------------------------------------------------------------- /theories/circus/utp_circus.thy: -------------------------------------------------------------------------------- 1 | section \ Meta theory for Circus \ 2 | 3 | theory utp_circus 4 | imports 5 | utp_circus_traces 6 | utp_circus_parallel 7 | utp_circus_hiding 8 | begin end -------------------------------------------------------------------------------- /theories/circus/utp_circus_easy_parser.thy: -------------------------------------------------------------------------------- 1 | section \ Easy to use Circus-M parser \ 2 | 3 | theory utp_circus_easy_parser 4 | imports "utp_circus" 5 | begin recall_syntax 6 | 7 | text \ We change := so that it refers to the Circus operator \ 8 | 9 | no_adhoc_overloading 10 | uassigns assigns_r 11 | 12 | adhoc_overloading 13 | uassigns AssignsCSP 14 | 15 | notation GuardCSP (infixr "&&" 60) 16 | 17 | utp_lift_notation GuardCSP (1) 18 | 19 | purge_notation while_top ("while _ do _ od") 20 | 21 | notation WhileC ("while _ do _ od") 22 | 23 | utp_lift_notation WhileC (1) 24 | 25 | end -------------------------------------------------------------------------------- /theories/designs/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/designs/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \begin{document} 40 | 41 | \title{Theory of Designs in Isabelle/UTP} 42 | 43 | \author{Simon Foster \and Yakoub Nemouchi \and Frank Zeyda} 44 | 45 | \maketitle 46 | 47 | \begin{abstract} 48 | This document describes a mechanisation of the UTP theory of designs in Isabelle/UTP. Designs enrich UTP relations 49 | with explicit precondition/postcondition pairs, as present in formal notations like VDM, B, and the refinement 50 | calculus. If a program's precondition holds, then it is guaranteed to terminate and establish its postcondition, which 51 | is an approach known as total correctness. If the precondition does not hold, the behaviour is maximally nondeterministic, 52 | which represents unspecified behaviour. In this mechanisation, we create the theory of designs, including its 53 | alphabet, signature, and healthiness conditions. We then use these to prove the key algebraic laws of 54 | programming. This development can be used to support program verification based on total correctness. 55 | \end{abstract} 56 | 57 | \tableofcontents 58 | 59 | % sane default for proof documents 60 | \parindent 0pt\parskip 0.5ex 61 | 62 | % generated text of all theories 63 | \input{session} 64 | 65 | % optional bibliography 66 | \bibliographystyle{abbrv} 67 | \bibliography{root} 68 | 69 | \end{document} 70 | -------------------------------------------------------------------------------- /theories/designs/utp_des_healths: -------------------------------------------------------------------------------- 1 | theory utp_des_healths 2 | imports utp_des_core 3 | begin 4 | 5 | end -------------------------------------------------------------------------------- /theories/designs/utp_des_hoare.thy: -------------------------------------------------------------------------------- 1 | subsection \ Design Hoare Logic \ 2 | 3 | theory utp_des_hoare 4 | imports utp_des_prog 5 | begin 6 | 7 | definition HoareD :: "'s upred \ 's hrel_des \ 's upred \ bool" ("{_}_{_}\<^sub>D") where 8 | [upred_defs, ndes_simp]: "HoareD p S q = ((p \\<^sub>n \q\\<^sub>>) \ S)" 9 | 10 | lemma assigns_hoare_d [hoare_safe]: "`p \ \ \ q` \ {p}\\\\<^sub>D{q}\<^sub>D" 11 | by rel_auto 12 | 13 | lemma skip_hoare_d: "{p}II\<^sub>D{p}\<^sub>D" 14 | by (rel_auto) 15 | 16 | lemma assigns_backward_hoare_d: 17 | "{\ \ p}\\\\<^sub>D{p}\<^sub>D" 18 | by rel_auto 19 | 20 | lemma seq_hoare_d: 21 | assumes "C is \<^bold>N" "D is \<^bold>N" "{p}C{q}\<^sub>D" "{q}D{r}\<^sub>D" 22 | shows "{p}C ;; D{r}\<^sub>D" 23 | proof - 24 | obtain c\<^sub>1 C\<^sub>2 where C: "C = c\<^sub>1 \\<^sub>n C\<^sub>2" 25 | by (metis assms(1) ndesign_form) 26 | obtain d\<^sub>1 D\<^sub>2 where D: "D = d\<^sub>1 \\<^sub>n D\<^sub>2" 27 | by (metis assms(2) ndesign_form) 28 | from assms(3-4) show ?thesis 29 | apply (simp add: C D) 30 | apply (ndes_simp) 31 | apply (simp add: ndesign_refinement) 32 | apply (rel_blast) 33 | done 34 | qed 35 | 36 | end -------------------------------------------------------------------------------- /theories/designs/utp_des_tactics.thy: -------------------------------------------------------------------------------- 1 | section \ Design Proof Tactics \ 2 | 3 | theory utp_des_tactics 4 | imports utp_des_theory 5 | begin 6 | 7 | text \ The tactics split apart a healthy normal design predicate into its pre-postcondition form, 8 | using elimination rules, and then attempt to prove refinement conjectures. \ 9 | 10 | named_theorems ND_elim 11 | 12 | lemma ndes_elim: "\ P is \<^bold>N; Q(\pre\<^sub>D(P)\\<^sub>< \\<^sub>n post\<^sub>D(P)) \ \ Q(P)" 13 | by (simp add: ndesign_form) 14 | 15 | lemma ndes_ind_elim: "\ \ i. P i is \<^bold>N; Q(\ i. \pre\<^sub>D(P i)\\<^sub>< \\<^sub>n post\<^sub>D(P i)) \ \ Q(P)" 16 | by (simp add: ndesign_form) 17 | 18 | lemma ndes_split [ND_elim]: "\ P is \<^bold>N; \ pre post. Q(pre \\<^sub>n post) \ \ Q(P)" 19 | by (metis H1_H2_eq_rdesign H1_H3_impl_H2 H3_unrest_out_alpha Healthy_def drop_pre_inv ndesign_def) 20 | 21 | text \ Use given closure laws (cls) to expand normal design predicates \ 22 | 23 | method ndes_expand uses cls = (insert cls, (erule ND_elim)+) 24 | 25 | text \ Expand and simplify normal designs \ 26 | 27 | method ndes_simp uses cls = 28 | ((ndes_expand cls: cls)?, (simp add: ndes_simp closure alpha usubst unrest wp prod.case_eq_if)) 29 | 30 | text \ Attempt to discharge a refinement between two normal designs \ 31 | 32 | method ndes_refine uses cls = 33 | (ndes_simp cls: cls; rule_tac ndesign_refine_intro; (insert cls; rel_simp; auto?)) 34 | 35 | text \ Attempt to discharge an equality between two normal designs \ 36 | 37 | method ndes_eq uses cls = 38 | (ndes_simp cls: cls; rule_tac antisym; rule_tac ndesign_refine_intro; (insert cls; rel_simp; auto?)) 39 | 40 | end -------------------------------------------------------------------------------- /theories/designs/utp_des_wp.thy: -------------------------------------------------------------------------------- 1 | section \ Design Weakest Preconditions \ 2 | 3 | theory utp_des_wp 4 | imports utp_des_prog utp_des_hoare 5 | begin 6 | 7 | definition wp_design :: "('\, '\) rel_des \ '\ cond \ '\ cond" (infix "wp\<^sub>D" 60) where 8 | [upred_defs]: "Q wp\<^sub>D r = (\pre\<^sub>D(Q) ;; true :: ('\, '\) urel\\<^sub>< \ (post\<^sub>D(Q) wlp r))" 9 | 10 | text \ If two normal designs have the same weakest precondition for any given postcondition, then 11 | the two designs are equivalent. \ 12 | 13 | theorem wpd_eq_intro: "\ \ r. (p\<^sub>1 \\<^sub>n Q\<^sub>1) wp\<^sub>D r = (p\<^sub>2 \\<^sub>n Q\<^sub>2) wp\<^sub>D r \ \ (p\<^sub>1 \\<^sub>n Q\<^sub>1) = (p\<^sub>2 \\<^sub>n Q\<^sub>2)" 14 | apply (rel_simp robust; metis curry_conv) 15 | done 16 | 17 | theorem wpd_H3_eq_intro: "\ P is H1_H3; Q is H1_H3; \ r. P wp\<^sub>D r = Q wp\<^sub>D r \ \ P = Q" 18 | by (metis H1_H3_commute H1_H3_is_normal_design H3_idem Healthy_def' wpd_eq_intro) 19 | 20 | lemma wp_d_abort [wp]: "true wp\<^sub>D p = false" 21 | by (rel_auto) 22 | 23 | lemma wp_assigns_d [wp]: "\\\\<^sub>D wp\<^sub>D r = \ \ r" 24 | by (rel_auto) 25 | 26 | theorem rdesign_wp [wp]: 27 | "(\p\\<^sub>< \\<^sub>r Q) wp\<^sub>D r = (p \ Q wlp r)" 28 | by (rel_auto) 29 | 30 | theorem ndesign_wp [wp]: 31 | "(p \\<^sub>n Q) wp\<^sub>D r = (p \ Q wlp r)" 32 | by (simp add: ndesign_def rdesign_wp) 33 | 34 | theorem wpd_seq_r: 35 | fixes Q1 Q2 :: "'\ hrel" 36 | shows "((\p1\\<^sub>< \\<^sub>r Q1) ;; (\p2\\<^sub>< \\<^sub>r Q2)) wp\<^sub>D r = (\p1\\<^sub>< \\<^sub>r Q1) wp\<^sub>D ((\p2\\<^sub>< \\<^sub>r Q2) wp\<^sub>D r)" 37 | apply (simp add: wp) 38 | apply (subst rdesign_composition_wp) 39 | apply (simp only: wp) 40 | apply (rel_auto) 41 | done 42 | 43 | theorem wpnd_seq_r [wp]: 44 | fixes Q1 Q2 :: "'\ hrel" 45 | shows "((p1 \\<^sub>n Q1) ;; (p2 \\<^sub>n Q2)) wp\<^sub>D r = (p1 \\<^sub>n Q1) wp\<^sub>D ((p2 \\<^sub>n Q2) wp\<^sub>D r)" 46 | by (simp add: ndesign_def wpd_seq_r) 47 | 48 | theorem wpd_seq_r_H1_H3 [wp]: 49 | fixes P Q :: "'\ hrel_des" 50 | assumes "P is \<^bold>N" "Q is \<^bold>N" 51 | shows "(P ;; Q) wp\<^sub>D r = P wp\<^sub>D (Q wp\<^sub>D r)" 52 | by (metis H1_H3_commute H1_H3_is_normal_design H1_idem Healthy_def' assms(1) assms(2) wpnd_seq_r) 53 | 54 | theorem wp_hoare_d_link: 55 | assumes "Q is \<^bold>N" 56 | shows "{p}Q{r}\<^sub>D \ (Q wp\<^sub>D r \ p)" 57 | by (ndes_simp cls: assms, rel_auto) 58 | 59 | end -------------------------------------------------------------------------------- /theories/designs/utp_designs.thy: -------------------------------------------------------------------------------- 1 | section \ Meta Theory for UTP Designs \ 2 | 3 | theory utp_designs 4 | imports 5 | utp_des_core 6 | utp_des_healths 7 | utp_des_theory 8 | utp_des_tactics 9 | utp_des_hoare 10 | utp_des_prog 11 | utp_des_parallel 12 | utp_des_wp 13 | utp_des_refcalc 14 | utp_des_invariants 15 | begin end 16 | -------------------------------------------------------------------------------- /theories/hyprog/utp_hyprog.thy: -------------------------------------------------------------------------------- 1 | section \ Hybrid Programs \ 2 | 3 | theory utp_hyprog 4 | imports 5 | utp_hyprog_prelim 6 | utp_hyprog_deriv 7 | utp_hyprog_ode 8 | utp_hyprog_dL 9 | utp_hyprog_dinv 10 | begin end -------------------------------------------------------------------------------- /theories/hyprog/utp_hyprog_ex.thy: -------------------------------------------------------------------------------- 1 | theory utp_hyprog_ex 2 | imports utp_hyprog 3 | begin 4 | 5 | type_synonym gravs = "(real^3, unit) hybs_scheme" 6 | 7 | abbreviation h :: "real \ real^3" where "h \ \[0]" 8 | abbreviation v :: "real \ real^3" where "v \ \[Suc 0]" 9 | abbreviation t :: "real \ real^3" where "t \ \[Suc (Suc 0)]" 10 | 11 | lemma dInv_grav_ex: 12 | "\[&\<^bold>c:v <\<^sub>P 0 \\<^sub>P &\<^bold>c:h \\<^sub>P 2]\<^sub>P\ode [h \\<^sub>s &v, v \\<^sub>s -9.81, t \\<^sub>s \1\] true\[&\<^bold>c:v <\<^sub>P 0 \\<^sub>P &\<^bold>c:h \\<^sub>P 2]\<^sub>P\\<^sub>u" 13 | apply (rule dCut_split) 14 | apply (rule dInv) 15 | apply (simp add: closure) 16 | apply (simp add: closure uderiv usubst fode_def mkuexpr alpha) 17 | apply (rel_auto) 18 | apply (simp) 19 | apply (rule dInv) 20 | apply (simp add: closure) 21 | apply (simp add: closure uderiv usubst fode_def mkuexpr alpha hyprop_pred_def) 22 | apply (rel_simp') 23 | done 24 | 25 | abbreviation "g \ (981 / 10\<^sup>2)" 26 | 27 | abbreviation 28 | "BBall \ (\der(h) = v, der(v) = -g, der(t) = 1 | (&h \\<^sub>u 0)\ ;; 29 | (if (&h =\<^sub>u 0 \ &t >\<^sub>u 0) 30 | then v := (-0.8 * &v) ;; t := 0 31 | else II fi))\<^sup>\" 32 | 33 | lemma "\[&v\<^sup>2 \\<^sub>P 2*\g\*(\H\-&h) \\<^sub>P 0 \\<^sub>P \H\]\<^sub>P\ BBall \[&v\<^sup>2 \\<^sub>P 2*\g\*(\H\-&h) \\<^sub>P 0 \\<^sub>P \H\]\<^sub>P\\<^sub>u" 34 | apply (rule iter_hoare_r) 35 | apply (rule seq_hoare_invariant) 36 | apply (simp add: hyprop_pred_def usubst unrest) 37 | apply (rel_simp) 38 | oops 39 | 40 | end -------------------------------------------------------------------------------- /theories/kleene/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/kleene/document/isabelletags.sty: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /theories/kleene/document/pdfsetup.sty: -------------------------------------------------------------------------------- 1 | %% 2 | %% default hyperref setup (both for pdf and dvi output) 3 | %% 4 | 5 | \usepackage{color} 6 | \definecolor{linkcolor}{rgb}{0,0,0.5} 7 | \usepackage[colorlinks=true,linkcolor=linkcolor,citecolor=linkcolor,filecolor=linkcolor,pagecolor=linkcolor,urlcolor=linkcolor]{hyperref} 8 | -------------------------------------------------------------------------------- /theories/kleene/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \begin{document} 40 | 41 | \title{Kleene Algebra in Unifying Theories of Programming} 42 | 43 | \author{Simon Foster} 44 | 45 | \maketitle 46 | 47 | \begin{abstract} 48 | This development links Isabelle/UTP to the mechanised Kleene Algebra (KA) hiearchy for Isabelle/HOL. We substantiate 49 | the required KA laws, and provides a large body of additional theorems for alphabetised relations which are provided 50 | by the KA library. Additionally, we show how such theorems can be lifted to a subclass of UTP theories, provided 51 | certain conditions hold. 52 | \end{abstract} 53 | 54 | \tableofcontents 55 | 56 | % sane default for proof documents 57 | \parindent 0pt\parskip 0.5ex 58 | 59 | % generated text of all theories 60 | \input{session} 61 | 62 | % optional bibliography 63 | \bibliographystyle{abbrv} 64 | \bibliography{root} 65 | 66 | \end{document} 67 | -------------------------------------------------------------------------------- /theories/memory/Injection_Universe.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP Toolkit *) 3 | (* File: Injection_Universe.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section \ Injection Universes \ 9 | 10 | theory Injection_Universe 11 | imports 12 | "HOL-Library.Countable" 13 | "Optics.Lenses" 14 | begin 15 | 16 | text \ An injection universe shows how one type @{typ "'a"} can be injected into another type, 17 | @{typ "'u"}. They are applied in UTP to provide local variables which require that we can 18 | injection a variety of different datatypes into a unified stack type. \ 19 | 20 | record ('a, 'u) inj_univ = 21 | to_univ :: "'a \ 'u" ("to-univ\") 22 | 23 | locale inj_univ = 24 | fixes I :: "('a, 'u) inj_univ" (structure) 25 | assumes inj_to_univ: "inj to-univ" 26 | begin 27 | 28 | definition from_univ :: "'u \ 'a" ("from-univ") where 29 | "from_univ = inv to-univ" 30 | 31 | lemma to_univ_inv [simp]: "from-univ (to-univ x) = x" 32 | by (simp add: from_univ_def inv_f_f inj_to_univ) 33 | 34 | text \ Lens-based view on universe injection and projection. \ 35 | 36 | definition to_univ_lens :: "'a \ 'u" ("to-univ\<^sub>L") where 37 | "to_univ_lens = \ lens_get = from-univ, lens_put = (\ s v. to-univ v) \" 38 | 39 | lemma mwb_to_univ_lens [simp]: 40 | "mwb_lens to_univ_lens" 41 | by (unfold_locales, simp_all add: to_univ_lens_def) 42 | 43 | end 44 | 45 | text \ Example universe based on natural numbers. Any countable type can be injected into it. \ 46 | 47 | definition nat_inj_univ :: "('a::countable, nat) inj_univ" ("\\<^sub>\") where 48 | "nat_inj_univ = \ to_univ = to_nat \" 49 | 50 | lemma nat_inj_univ: "inj_univ nat_inj_univ" 51 | by (unfold_locales, simp add: nat_inj_univ_def) 52 | 53 | end -------------------------------------------------------------------------------- /theories/memory/utp_memory.thy: -------------------------------------------------------------------------------- 1 | section \ Memory in UTP \ 2 | 3 | theory utp_memory 4 | imports 5 | utp_mem_aseplog 6 | utp_mem_prog 7 | utp_mem_seplog 8 | utp_mem_stack 9 | begin 10 | 11 | end -------------------------------------------------------------------------------- /theories/rea_designs/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/rea_designs/utp_rea_designs.thy: -------------------------------------------------------------------------------- 1 | section \ Meta-theory for Reactive Designs \ 2 | 3 | theory utp_rea_designs 4 | imports 5 | utp_rdes_healths 6 | utp_rdes_designs 7 | utp_rdes_triples 8 | utp_rdes_normal 9 | utp_rdes_contracts 10 | utp_rdes_tactics 11 | utp_rdes_parallel 12 | utp_rdes_prog 13 | utp_rdes_instant 14 | utp_rdes_guarded 15 | begin end 16 | 17 | -------------------------------------------------------------------------------- /theories/reactive/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/reactive/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \begin{document} 40 | 41 | \title{Generalised Reactive Processes in Isabelle/UTP} 42 | 43 | \author{Simon Foster \and Samuel Canham} 44 | 45 | \maketitle 46 | 47 | \begin{abstract} 48 | Hoare and He's UTP theory of reactive processes provides a unifying foundation for the semantics 49 | of process calculi and reactive programming. A reactive process is a form of UTP relation which 50 | can refer to both state variables and also a trace history of events. In their original presentation, 51 | a trace was modelled solely by a discrete sequence of events. Here, we generalise the trace model 52 | using ``trace algebra'', which characterises traces abstractly using cancellative monoids, and 53 | thus enables application of the theory to a wider family of computational models, including 54 | hybrid computation. We recast the reactive healthiness conditions in this setting, and prove 55 | all the associated distributivity laws. We tackle parallel composition of reactive processes 56 | using the ``parallel-by-merge'' scheme from UTP. We also identify the associated theory of 57 | ``reactive relations'', and use it to define generic reactive laws, a Hoare logic, and a weakest 58 | precondition calculus. 59 | \end{abstract} 60 | 61 | \tableofcontents 62 | 63 | % sane default for proof documents 64 | \parindent 0pt\parskip 0.5ex 65 | 66 | % generated text of all theories 67 | \input{session} 68 | 69 | % optional bibliography 70 | \bibliographystyle{abbrv} 71 | \bibliography{root} 72 | 73 | \end{document} 74 | -------------------------------------------------------------------------------- /theories/reactive/utp_rea_event.thy: -------------------------------------------------------------------------------- 1 | section \ Events for Reactive Processes \ 2 | 3 | theory utp_rea_event 4 | imports "UTP1.utp" 5 | begin 6 | 7 | subsection \ Events \ 8 | 9 | text \ Events of some type @{typ "'\"} are just the elements of that type. \ 10 | 11 | type_synonym '\ event = "'\" 12 | 13 | subsection \ Channels \ 14 | 15 | text \ 16 | Typed channels are modelled as prisms. Below, @{typ "'a"} determines the 17 | channel type and @{typ "'\"} the underlying event alphabet type. As with values, it 18 | is difficult to introduce channels as monomorphic types due to the fact that 19 | they can have arbitrary parametrisations in term of @{typ "'a"}. Applying a 20 | channel to an element of its type yields an event, as we may expect. Though 21 | this is not formalised here, we may also sensibly assume that all channel- 22 | representing functions are injective. 23 | \ 24 | 25 | type_synonym ('a, '\) chan = "'a \\<^sub>\ '\ event" 26 | 27 | text \ 28 | A downside of the approach is that the event type @{typ "'\"} must be able 29 | to encode \emph{all} events of a process model, and hence cannot be fixed 30 | upfront for a single channel or channel set. To do so, we actually require 31 | a notion of `extensible' datatypes, in analogy to extensible record types. 32 | Another solution is to encode a notion of channel scoping that namely uses 33 | @{type sum} types to lift channel types into extensible ones, that is using 34 | channel-set specific scoping operators. This is a current work in progress. 35 | \ 36 | 37 | subsubsection \ Operators \ 38 | 39 | text \ 40 | The next lifted function creates an expression that yields a channel event, 41 | from an expression on the channel type @{typ "'a"}. 42 | \ 43 | 44 | definition chan_apply :: 45 | "('a, '\) chan \ ('a, '\) uexpr \ ('\ event, '\) uexpr" ("'(_\/_')\<^sub>u") where 46 | [upred_defs]: "(c\e)\<^sub>u = uop (build\<^bsub>c\<^esub>) e" 47 | 48 | no_utp_lift chan_apply (0) 49 | 50 | lemma unrest_chan_apply [unrest]: "x \ e \ x \ (c\e)\<^sub>u" 51 | by (rel_auto) 52 | 53 | lemma usubst_chan_apply [usubst]: "\ \ (c\v)\<^sub>u = (c\\ \ v)\<^sub>u" 54 | by (rel_auto) 55 | 56 | lemma msubst_event [usubst]: 57 | "(c\v x)\<^sub>u\x\u\ = (c\(v x)\x\u\)\<^sub>u" 58 | by (pred_simp) 59 | 60 | lemma msubst_event_2 [usubst]: 61 | "(c\v x y)\<^sub>u\(x,y)\u\ = (c\(v x y)\(x,y)\u\)\<^sub>u" 62 | by (pred_simp)+ 63 | 64 | lemma aext_event [alpha]: "(c\v)\<^sub>u \\<^sub>p a = (c\v \\<^sub>p a)\<^sub>u" 65 | by (pred_auto) 66 | 67 | end -------------------------------------------------------------------------------- /theories/reactive/utp_reactive.thy: -------------------------------------------------------------------------------- 1 | section \ Meta-theory for Generalised Reactive Processes \ 2 | 3 | theory utp_reactive 4 | imports 5 | utp_rea_core 6 | utp_rea_event 7 | utp_rea_healths 8 | utp_rea_parallel 9 | utp_rea_rel 10 | utp_rea_cond 11 | utp_rea_prog 12 | utp_rea_wp 13 | utp_rea_hoare 14 | begin end -------------------------------------------------------------------------------- /theories/sf_rdes/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /theories/sf_rdes/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | % for uniform font size 37 | %\renewcommand{\isastyle}{\isastyleminor} 38 | 39 | \newcommand{\isactrlU}{\textit{\textbf{U}}} 40 | 41 | \begin{document} 42 | 43 | \title{Stateful-Failure Reactive Designs in Isabelle/UTP} 44 | 45 | \author{Simon Foster \and James Baxter \and Ana Cavalcanti \and Jim Woodcock} 46 | 47 | \maketitle 48 | 49 | \begin{abstract} 50 | Stateful-Failure Reactive Designs specialise reactive design contracts with failures traces, 51 | as present in languages like CSP and Circus. A failure trace consists of a sequence of events 52 | and a refusal set. It intuitively represents a quiescent observation, where certain events have 53 | previously occurred, and others are currently being accepted. Following the UTP book, we add 54 | an observational variable to represent refusal sets, and healthiness conditions that ensure 55 | their well-formedness. Using these, we also specialise our theory of reactive relations with 56 | operators to characterise both completed and quiescent interactions, and an accompanying 57 | equational theory. We use these to define the core operators --- including assignment, event occurence, 58 | and external choice --- and specialise our proof strategy to support these. We also demonstrate 59 | a link with the CSP failures-divergences semantic model. 60 | \end{abstract} 61 | 62 | \tableofcontents 63 | 64 | % sane default for proof documents 65 | \parindent 0pt\parskip 0.5ex 66 | 67 | \section{Introduction} 68 | 69 | This document contains a mechanisation in Isabelle/UTP~\cite{Foster16a} of an specialisation of 70 | stateful reactive designs with refusal information, as present in languages like 71 | Circus~\cite{Oliveira2005-PHD}. 72 | 73 | % generated text of all theories 74 | \input{session} 75 | 76 | % optional bibliography 77 | \bibliographystyle{abbrv} 78 | \bibliography{root} 79 | 80 | \end{document} 81 | -------------------------------------------------------------------------------- /theories/sf_rdes/utp_sf_rdes.thy: -------------------------------------------------------------------------------- 1 | section \ Meta-theory for Stateful-Failure Reactive Designs \ 2 | 3 | theory utp_sf_rdes 4 | imports 5 | utp_sfrd_core 6 | utp_sfrd_rel 7 | utp_sfrd_healths 8 | utp_sfrd_contracts 9 | utp_sfrd_extchoice 10 | utp_sfrd_prog 11 | utp_sfrd_recursion 12 | utp_sfrd_fdsem 13 | begin end -------------------------------------------------------------------------------- /theories/time/utp_time_rel.thy: -------------------------------------------------------------------------------- 1 | section {* Timed Relations *} 2 | 3 | theory utp_time_rel 4 | imports 5 | "UTP1-Reactive.utp_rea_hoare" 6 | begin 7 | 8 | type_synonym '\ trel = "('\, real pos) rdes" 9 | 10 | translations 11 | (type) "'\ trel" <= (type) "('\, real pos) rdes" 12 | 13 | abbreviation time :: "real pos \ (real pos, 'a) rp" where 14 | "time \ tr" 15 | 16 | definition wait_trel :: "(real pos, '\) uexpr \ '\ trel" ("wait\<^sub>r") where 17 | [upred_defs]: "wait\<^sub>r(n) = ($st\ =\<^sub>u $st \ $time\ =\<^sub>u $time + \n\\<^sub>S\<^sub><)" 18 | 19 | lemma wait_RR_closed [closure]: "wait\<^sub>r n is RR" 20 | using diff_add_cancel_left' by (rel_auto, fastforce) 21 | 22 | lemma st_subst_rea_wait [usubst]: 23 | "\ \\<^sub>S wait\<^sub>r n = wait\<^sub>r (\ \ n) ;; \\\\<^sub>r" 24 | by (rel_auto) 25 | 26 | lemma wait_zero: "wait\<^sub>r(0) = II\<^sub>r" 27 | by (rel_auto) 28 | 29 | lemma wait_plus: "wait\<^sub>r(m) ;; wait\<^sub>r(n) = wait\<^sub>r(m + n)" 30 | by (rel_auto, simp_all add: add.commute add.left_commute) 31 | 32 | lemma wait_cond: "wait\<^sub>r(m) ;; (P \ b \\<^sub>R Q) = (wait\<^sub>r(m) ;; P \ b \\<^sub>R wait\<^sub>r(m) ;; Q)" 33 | by (rel_auto) 34 | 35 | lemma wait_assign: "x \ m \ wait\<^sub>r(m) ;; x :=\<^sub>r v = x :=\<^sub>r v ;; wait\<^sub>r(m)" 36 | by (rel_auto) 37 | 38 | lemma wait_hoare_rp [hoare_safe]: 39 | "\p\wait\<^sub>r n\p\\<^sub>r" 40 | by (rel_auto) 41 | 42 | lemma hoare_rp_wait_comp [hoare_safe]: 43 | "\p\ Q \r\\<^sub>r \ \p\ wait\<^sub>r n ;; Q \r\\<^sub>r" 44 | by (rel_auto) 45 | 46 | lemma rea_frame_wait [frame]: 47 | "vwb_lens x \ x:[wait\<^sub>r(n)]\<^sub>r = wait\<^sub>r(n)" 48 | by (rel_auto) 49 | 50 | end 51 | -------------------------------------------------------------------------------- /theories/undef/utp_undef.thy: -------------------------------------------------------------------------------- 1 | section \ Undefinedness \ 2 | 3 | theory utp_undef 4 | imports "UTP1-Designs.utp_designs" "UTP1.utp_expr_funcs" 5 | begin 6 | 7 | type_synonym ('a, '\) pexpr = "('a option, '\) uexpr" 8 | 9 | definition pexpr_undef :: "('a, '\) pexpr" ("\\<^sub>\") where 10 | [upred_defs]: "\\<^sub>\ = \None\" 11 | 12 | definition pexpr_down :: "('a, '\) pexpr \ ('a, '\) uexpr" ("\_\\<^sub>\") where 13 | [upred_defs]: "\e\\<^sub>\ = uop the e" 14 | 15 | no_utp_lift pexpr_down (0) 16 | 17 | lift_definition pexpr_defined :: "('a, '\) pexpr \ '\ upred" ("\'(_')") is 18 | "\ e b. b \ dom(e)" . 19 | 20 | update_uexpr_rep_eq_thms 21 | 22 | lemma undef_defined: "\(\\<^sub>\) = false" 23 | by (rel_simp) 24 | 25 | 26 | definition partial_assign :: "('a \ '\) \ ('a, '\) pexpr \ '\ hrel_des" where 27 | [upred_defs, ndes_simp]: "partial_assign x e = (\<^bold>S(x) \ \(e)) \\<^sub>n x := \e\\<^sub>\" 28 | 29 | syntax 30 | "_passignd" :: "svid \ logic \ logic" (infixr ":=\<^sub>\" 62) 31 | 32 | translations 33 | "_passignd x e" == "CONST partial_assign x e" 34 | 35 | lemma passign_bot: "x :=\<^sub>\ \\<^sub>\ = \\<^sub>D" 36 | by (rel_auto) 37 | 38 | lemma passign_wp [wp]: "x :=\<^sub>\ v wp\<^sub>D b = (\<^bold>S(x) \ \(v) \ b\\v\\<^sub>\/&x\)" 39 | by (simp add: partial_assign_def wp conj_assoc) 40 | 41 | end -------------------------------------------------------------------------------- /theories/utp_theories.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp_theories.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section \ Meta-theory for UTP Theories \ 9 | 10 | theory utp_theories 11 | imports 12 | "UTP1-Designs.utp_designs" 13 | "UTP1-Reactive.utp_reactive" 14 | "UTP1-Reactive-Designs.utp_rea_designs" 15 | "UTP1-Time.utp_time_rel" 16 | "UTP1-Circus.utp_circus" 17 | utp_cml 18 | begin recall_syntax end -------------------------------------------------------------------------------- /theories/utp_theories_deep.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp_theories_deep.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section {* UTP Theories Supplement for Deep Variables *} 9 | 10 | theory utp_theories_deep 11 | imports utp_theories "UTP-Deep.utp_deep" 12 | begin 13 | 14 | subsection {* Instantiation of @{class vst}. *} 15 | 16 | text {* Instantiate the vstore for design alphabets. *} 17 | 18 | instantiation des_vars_ext :: (vst) vst 19 | begin 20 | definition vstore_lens_des_vars_ext :: "vstore \ 'a des_vars_ext" where 21 | "vstore_lens_des_vars_ext = \ ;\<^sub>L \\<^sub>D" 22 | instance 23 | by (intro_classes, simp add: vstore_lens_des_vars_ext_def) 24 | end 25 | 26 | text {* Instantiate the vstore for reactive alphabets. *} 27 | 28 | instantiation rp_vars_ext :: (trace,vst) vst 29 | begin 30 | definition vstore_lens_rp_vars_ext :: "vstore \ ('a, 'b) rp_vars_ext" where 31 | "vstore_lens_rp_vars_ext = \ ;\<^sub>L \\<^sub>r" 32 | instance 33 | by (intro_classes, simp add: vstore_lens_rp_vars_ext_def) 34 | end 35 | 36 | text {* Instantiate the vstore for stateful reactive alphabets. *} 37 | 38 | instantiation rsp_vars_ext :: (vst,type) vst 39 | begin 40 | definition vstore_lens_rsp_vars_ext :: "vstore \ ('a, 'b) rsp_vars_scheme" where 41 | "vstore_lens_rsp_vars_ext = \ ;\<^sub>L st\<^sub>a" 42 | instance 43 | by (intro_classes, simp add: vstore_lens_rsp_vars_ext_def) 44 | end 45 | 46 | end -------------------------------------------------------------------------------- /toolkit/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /toolkit/utp_toolkit.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: Isabelle/UTP Toolkit *) 3 | (* File: utp_toolkit.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section \ Meta-theory for UTP Toolkit \ 9 | 10 | theory utp_toolkit 11 | imports 12 | HOL.Deriv 13 | "HOL-Library.Adhoc_Overloading" 14 | "HOL-Library.Char_ord" 15 | "HOL-Library.Countable_Set" 16 | "HOL-Library.FSet" 17 | "HOL-Library.Monad_Syntax" 18 | "HOL-Library.Countable" 19 | "HOL-Library.Order_Continuity" 20 | "HOL-Library.Prefix_Order" 21 | "HOL-Library.Product_Order" 22 | "HOL-Library.Sublist" 23 | "HOL-Algebra.Complete_Lattice" 24 | "HOL-Algebra.Galois_Connection" 25 | "HOL-Eisbach.Eisbach" 26 | "Optics.Optics" 27 | "Z_Toolkit.Relation_Lib" 28 | Total_Recall.Total_Recall 29 | begin end -------------------------------------------------------------------------------- /tools/transcl/.gitignore: -------------------------------------------------------------------------------- 1 | # Tell git to ignore the following directories. 2 | build 3 | lib 4 | transcl -------------------------------------------------------------------------------- /tools/transcl/ROOT: -------------------------------------------------------------------------------- 1 | session "HOL-TRANSCL" in isabelle = "HOL-Eisbach" + 2 | options [document = pdf, document_output = "output"] 3 | theories [document = false] 4 | theories transcl transcl_issue 5 | document_files "root.tex" "document.sty" 6 | -------------------------------------------------------------------------------- /tools/transcl/TODO.txt: -------------------------------------------------------------------------------- 1 | (1) The rangecl(-) function seems not very useful after all - its corresponding witness theorem is too strong. Remove it from the C++ and ML code! 2 | 3 | (2) Implement an automatic tactic to prove acyclicity of a relation using the transcl(-) command. 4 | 5 | (3) There are some issues with simplifying the provisos of the witness lemma - this, by default, does not work as swiftly as I hoped. Perhaps configure some evaluation method to do this more efficiently, competing with plain (eval) on the initial goal "acyclic R". 6 | 7 | (4) There may be potential issues with using echo in transcl.ML due to special characters. It may thus be better to write the result into a file. This will also save time not having to escape double quotes. 8 | 9 | (5) Do a final review of the entire C++ and ML code. 10 | -------------------------------------------------------------------------------- /tools/transcl/doc/transcl.pdf: -------------------------------------------------------------------------------- 1 | ../isabelle/output/document.pdf -------------------------------------------------------------------------------- /tools/transcl/doc/transcl_c++.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/tools/transcl/doc/transcl_c++.pdf -------------------------------------------------------------------------------- /tools/transcl/isabelle/document/document.sty: -------------------------------------------------------------------------------- 1 | %%%%%%%%%%%% 2 | % Typeface % 3 | %%%%%%%%%%%% 4 | 5 | \newcommand{\code}[1]{\texttt{#1}} 6 | 7 | %%%%%%%%%%%%%% 8 | % References % 9 | %%%%%%%%%%%%%% 10 | 11 | \newcommand{\email}[1]{\href{mailto:#1}{\nolinkurl{#1}}} 12 | 13 | %%%%%%%%%%% 14 | % Colours % 15 | %%%%%%%%%%% 16 | 17 | \definecolor{CodeGreen}{rgb}{0,0.6,0} 18 | \definecolor{CodePurple}{rgb}{0.58,0,0.82} 19 | \definecolor{CodeGray}{rgb}{0.5,0.5,0.5} 20 | 21 | %%%%%%%%%%%%%%%% 22 | % listings.sty % 23 | %%%%%%%%%%%%%%%% 24 | 25 | \lstdefinestyle{mystyle}{ 26 | backgroundcolor=\color{white}, 27 | commentstyle=\color{CodeGreen}, 28 | keywordstyle=\color{red}, 29 | numberstyle=\tiny\color{CodeGray}, 30 | stringstyle=\color{Cyan}, 31 | basicstyle=\ttfamily\footnotesize, 32 | breakatwhitespace=false, 33 | breaklines=false, 34 | captionpos=b, 35 | keepspaces=true, 36 | numbers=left, 37 | numbersep=5pt, 38 | showspaces=false, 39 | showstringspaces=false, 40 | showtabs=false, 41 | tabsize=2 42 | } 43 | -------------------------------------------------------------------------------- /tools/transcl/isabelle/transcl_tests.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* External Algorithm for Calculating the Transitive Closure in Isabelle/HOL *) 3 | (* Author: Frank Zeyda, University of York (UK) *) 4 | (* Email: frank.zeyda@york.ac.uk *) 5 | (******************************************************************************) 6 | 7 | section {* Transcl Tests *} 8 | 9 | theory transcl_tests 10 | imports transcl 11 | begin 12 | 13 | (* Tool Invocation Test *) 14 | 15 | ML \ 16 | val input = "{(A, B), (B, C), (A, D), (B, E)}"; 17 | val result = Transcl.transcl_run @{context} input ""; 18 | val Transcl.Data data = result; 19 | val (ginit, gfini) = Transcl.parse_rel_data data; 20 | \ 21 | 22 | (* Reconstruction Tests *) 23 | 24 | ML \ 25 | val term = @{term "{(A, B), (B, C), (A, D), (B, E)}"}; 26 | val r1 = Transcl.transcl1 @{context} term; 27 | val r2 = Transcl.transcl2 @{context} @{term "{(A, B), (B, C)}"}; 28 | val r3 = Transcl.transcl2 @{context} @{term "{(1, 2), (2, 3)}"}; 29 | \ 30 | 31 | ML \ 32 | val _ = Output.writeln (Syntax.string_of_term @{context} term); 33 | val _ = Output.writeln (Syntax.string_of_term @{context} r1); 34 | val _ = Output.writeln (Syntax.string_of_term @{context} r2); 35 | (* Does not give the expected result as the relation is non-homogeneous. *) 36 | val _ = Output.writeln (Syntax.string_of_term @{context} r3); 37 | \ 38 | 39 | definition myrel1: 40 | "myrel1 = {(''A'', ''B''), (''B'', ''C''), (''A'', ''D''), (''B'', ''E'')}" 41 | 42 | definition myrel2: 43 | "myrel2 = {(''D'', ''A'')}" 44 | 45 | definition myrel3: 46 | "myrel3 = {(1, 2), (2, 3), (1, 4), (2, 5)}" 47 | 48 | (* PreSimplifier Tests *) 49 | 50 | ML \ 51 | val _ = Output.writeln 52 | (Syntax.string_of_term @{context} 53 | (PreSimplifier.presimplify @{context} 54 | Transcl_Rewriter.is_rel_const @{term "myrel1 \ myrel2"})); 55 | 56 | val _ = Output.writeln 57 | (Syntax.string_of_term @{context} 58 | (PreSimplifier.presimplify @{context} 59 | Transcl_Rewriter.is_rel_const @{term "myrel3"})); 60 | \ 61 | 62 | value "myrel1 \ myrel2" 63 | 64 | value "myrel3" -- {* In contrast, this does not give us quite what we want! *} 65 | 66 | (* Miscellaneous Experiments *) 67 | 68 | find_theorems name:"Set." name:"insert" 69 | 70 | lemma "TRUE (myrel1 \ myrel2)" 71 | apply (unfold myrel1 myrel2) 72 | apply (simp only: Set.Un_insert_left Set.Un_empty_left) 73 | oops 74 | 75 | hide_const myrel1 myrel2 myrel3 76 | end -------------------------------------------------------------------------------- /tools/transcl/relation.isa: -------------------------------------------------------------------------------- 1 | {(A, B), (B, C), (A, D), (B, E)} 2 | -------------------------------------------------------------------------------- /tools/transcl/rev/transcl_v1.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/tools/transcl/rev/transcl_v1.tar.gz -------------------------------------------------------------------------------- /tools/transcl/src/Algorithms.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | #include "Algorithms.hpp" 5 | #include "FloydWarshall.hpp" 6 | #include "BoostAlgorithm.hpp" 7 | 8 | class Algorithms Algorithms; 9 | 10 | Algorithms::Algorithms() { 11 | algo_by_name["floyd-warshall"] = floyd_warshall; 12 | algo_by_name["boost"] = boost_algorithm; 13 | } 14 | 15 | algorithm_t Algorithms::get_by_name(string name) { 16 | try { 17 | return algo_by_name.at(name); 18 | } 19 | catch (std::out_of_range& e) { 20 | throw std::invalid_argument("unknown algorithm"); 21 | } 22 | } 23 | 24 | TCAlgorithm* Algorithms::create(algorithm_t algorithm) { 25 | switch(algorithm) { 26 | case floyd_warshall: 27 | return new FloydWarshall(); 28 | 29 | case boost_algorithm: 30 | return new BoostAlgorithm(); 31 | 32 | default: 33 | assert(false); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /tools/transcl/src/Algorithms.hpp: -------------------------------------------------------------------------------- 1 | #ifndef ALGORITHMS_H 2 | #define ALGORITHMS_H 3 | #include 4 | #include 5 | 6 | #include "TCAlgorithm.hpp" 7 | 8 | typedef enum { floyd_warshall, boost_algorithm } algorithm_t; 9 | 10 | class Algorithms { 11 | private: 12 | map algo_by_name; 13 | 14 | public: 15 | Algorithms(); 16 | ~Algorithms() = default; 17 | 18 | algorithm_t get_by_name(string); 19 | 20 | TCAlgorithm* create(algorithm_t); 21 | }; 22 | 23 | extern class Algorithms Algorithms; 24 | #endif 25 | -------------------------------------------------------------------------------- /tools/transcl/src/BoostAlgorithm.cpp: -------------------------------------------------------------------------------- 1 | #include "BoostAlgorithm.hpp" 2 | 3 | #include "boost/graph/transitive_closure.hpp" 4 | 5 | using namespace boost; 6 | 7 | BoostAlgorithm::BoostAlgorithm() : size(0), graph(nullptr) { } 8 | 9 | BoostAlgorithm::~BoostAlgorithm() { 10 | if (graph != nullptr) delete graph; 11 | } 12 | 13 | void BoostAlgorithm::init(size_t size) { 14 | if (graph != nullptr) delete graph; 15 | graph = new graph_t(size); 16 | this->size = size; 17 | } 18 | 19 | void BoostAlgorithm::clear() { 20 | graph->clear(); 21 | } 22 | 23 | void BoostAlgorithm::execute() { 24 | /* Supplying size here, even if correct, does not work...! */ 25 | graph_t *result = new graph_t(/*size*/); 26 | transitive_closure(*graph, *result); 27 | if (graph != nullptr) delete graph; 28 | graph = result; 29 | } 30 | -------------------------------------------------------------------------------- /tools/transcl/src/BoostAlgorithm.hpp: -------------------------------------------------------------------------------- 1 | #ifndef BOOSTALGORITHM_HPP 2 | #define BOOSTALGORITHM_HPP 3 | #include 4 | #include 5 | 6 | #include "TCAlgorithm.hpp" 7 | 8 | #include "boost/graph/adjacency_list.hpp" 9 | 10 | using namespace boost; 11 | 12 | /* I am not entirely sure about the first two types below. Efficiency? */ 13 | typedef adjacency_list graph_t; 14 | 15 | class BoostAlgorithm : public TCAlgorithm { 16 | private: 17 | graph_t *graph; 18 | size_t size; 19 | 20 | public: 21 | BoostAlgorithm(); 22 | ~BoostAlgorithm(); 23 | 24 | /* Virtual Methods */ 25 | void init(size_t size); 26 | void clear(); 27 | void execute(); 28 | 29 | /* Inline Methods */ 30 | inline string name() { return "boost"; } 31 | inline size_t vertices() { return size; } 32 | inline void record(index_t i, index_t j) { 33 | add_edge(i, j, *graph); 34 | } 35 | inline bool readout(index_t i, index_t j) { 36 | return edge(i, j, *graph).second; 37 | } 38 | }; 39 | #endif 40 | -------------------------------------------------------------------------------- /tools/transcl/src/FloydWarshall.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "FloydWarshall.hpp" 4 | 5 | void FloydWarshall::init(size_t size) { 6 | if (size > ADJ_MATRIX_SIZE) { 7 | throw std::logic_error( 8 | "Number of vertices exceeds fixed adjecency matrix size."); 9 | } 10 | this->size = size; 11 | } 12 | 13 | void FloydWarshall::clear() { 14 | for (index_t i = 0; i < size; i++) { 15 | for (index_t j = 0; j < size; j++) { 16 | adj_matrix[i][j] = false; 17 | } 18 | } 19 | } 20 | 21 | void FloydWarshall::execute() { 22 | for (index_t k = 0; k < size; k++) { 23 | for (index_t i = 0; i < size; i++) { 24 | for (index_t j = 0; j < size; j++) { 25 | adj_matrix[i][j] |= adj_matrix[i][k] & adj_matrix[k][j]; 26 | } 27 | } 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /tools/transcl/src/FloydWarshall.hpp: -------------------------------------------------------------------------------- 1 | #ifndef FLOYDWARSHALL_HPP 2 | #define FLOYDWARSHALL_HPP 3 | #include 4 | #include 5 | 6 | #include "TCAlgorithm.hpp" 7 | 8 | /* For now, the maximum size of the adjacency matrix is fixed in code. */ 9 | #define ADJ_MATRIX_SIZE 1024 10 | 11 | typedef bool adj_matrix_t[ADJ_MATRIX_SIZE][ADJ_MATRIX_SIZE]; 12 | 13 | class FloydWarshall : public TCAlgorithm { 14 | private: 15 | adj_matrix_t adj_matrix; 16 | size_t size; 17 | 18 | public: 19 | FloydWarshall() : size(0) { }; 20 | ~FloydWarshall() = default; 21 | 22 | /* Virtual Methods */ 23 | void init(size_t size); 24 | void clear(); 25 | void execute(); 26 | 27 | /* Inline Methods */ 28 | inline string name() { return "floyd-warshall"; } 29 | inline size_t vertices() { return size; } 30 | inline void record(index_t i, index_t j) { adj_matrix[i][j] = true; } 31 | inline bool readout(index_t i, index_t j) { return adj_matrix[i][j]; } 32 | }; 33 | #endif 34 | -------------------------------------------------------------------------------- /tools/transcl/src/MapletRecorder.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "MapletRecorder.hpp" 4 | #include "main.h" 5 | #include "debug.h" 6 | 7 | void MapletRecorder::initialise() { 8 | algorithm.clear(); 9 | /* When producing output for Isabelle/UTP. */ 10 | if (args.encode_output) { 11 | outp << algorithm.vertices() << ";"; 12 | } 13 | } 14 | 15 | void MapletRecorder::record(index_t i, index_t j) { 16 | /*debug << "Maplet: (" << id1 << ", " << id2 << ")" << endl;*/ 17 | algorithm.record(i, j); 18 | /* When producing output for Isabelle/UTP. */ 19 | if (args.encode_output) { 20 | outp << i << ";"; 21 | outp << j << ";"; 22 | } 23 | } 24 | 25 | void MapletRecorder::finalise() { 26 | /* When producing output for Isabelle/UTP. */ 27 | if (args.encode_output) { 28 | outp << endl; 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /tools/transcl/src/MapletRecorder.hpp: -------------------------------------------------------------------------------- 1 | #ifndef RECORDER_HPP 2 | #define RECORDER_HPP 3 | #include "TCAlgorithm.hpp" 4 | 5 | class MapletRecorder { 6 | private: 7 | TCAlgorithm& algorithm; 8 | 9 | public: 10 | MapletRecorder(TCAlgorithm& algorithm) : algorithm(algorithm) { }; 11 | ~MapletRecorder() = default; 12 | virtual void initialise(); 13 | virtual void record(index_t i, index_t j); 14 | virtual void finalise(); 15 | }; 16 | #endif 17 | -------------------------------------------------------------------------------- /tools/transcl/src/NullStream.cpp: -------------------------------------------------------------------------------- 1 | #include "NullStream.hpp" 2 | 3 | namespace std { 4 | NullStream nil; 5 | } 6 | -------------------------------------------------------------------------------- /tools/transcl/src/NullStream.hpp: -------------------------------------------------------------------------------- 1 | #ifndef nullptrSTREAM_HPP 2 | #define nullptrSTREAM_HPP 3 | #include 4 | #include 5 | 6 | class NullBuffer : public std::streambuf { 7 | public: 8 | int overflow(int c) { return c; } 9 | }; 10 | 11 | class NullStream : public std::ostream { 12 | private: 13 | NullBuffer null_buffer; 14 | 15 | public: 16 | NullStream() : std::ostream(&null_buffer) { } 17 | }; 18 | 19 | namespace std { 20 | extern NullStream nil; 21 | } 22 | #endif 23 | -------------------------------------------------------------------------------- /tools/transcl/src/ScanException.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "ScanException.hpp" 4 | 5 | using namespace std; 6 | 7 | ScanException::ScanException(int line, int pos) : line(line), pos(pos) { } 8 | 9 | ScanException::ScanException(string msg, int line, int pos) 10 | : ScanException(line, pos) { 11 | str(msg); 12 | } 13 | 14 | ScanException::ScanException(const ScanException& obj) 15 | : ScanException(obj.line, obj.pos) { 16 | str(obj.str()); 17 | } 18 | 19 | const char *ScanException::what() const noexcept { 20 | /* The below does not work since str() creates a temporary string object 21 | * that does not appear to outlive the method invocation. */ 22 | /*return str().c_str();*/ 23 | 24 | /* This works but how are we going to dealloclate the string object now? 25 | * Due to the method being consts, neither can we retain a handle to it! */ 26 | return (new string(str()))->c_str(); 27 | } 28 | 29 | void ScanException::displayError() { 30 | cerr << "Error in line " << line << ", pos " << pos << ": " << str(); 31 | } 32 | -------------------------------------------------------------------------------- /tools/transcl/src/ScanException.hpp: -------------------------------------------------------------------------------- 1 | #ifndef SCANEXCEPTION_HPP 2 | #define SCANEXCEPTION_HPP 3 | #include 4 | #include 5 | #include 6 | 7 | using namespace std; 8 | 9 | class ScanException : public exception, public stringstream { 10 | protected: 11 | const int line, pos; 12 | 13 | public: 14 | ScanException(int line, int pos); 15 | ScanException(string msg, int line, int pos); 16 | ScanException(const ScanException&); 17 | ~ScanException() = default; 18 | 19 | virtual const char *what() const noexcept; 20 | 21 | void displayError(); 22 | }; 23 | #endif 24 | -------------------------------------------------------------------------------- /tools/transcl/src/Scanner.hpp: -------------------------------------------------------------------------------- 1 | #ifndef SCANNER_HPP 2 | #define SCANNER_HPP 3 | #include 4 | #include 5 | #include 6 | 7 | #include "Symtab.hpp" 8 | #include "MapletRecorder.hpp" 9 | #include "ScanException.hpp" 10 | 11 | #define MAX_TOKEN_SIZE 65536 12 | 13 | /* Used to calculate line positions for error messages. */ 14 | #define TAB_SIZE 8 15 | 16 | using namespace std; 17 | 18 | /* Note that scan_index points to the next character to be read. Moreover, 19 | * scan_index points one character ahead. So, after, for instance, reading 20 | * the first two characters scan_index would be 3. For efficienct and to 21 | * minimise elementary array accesses, we record both the current and next 22 | * character in local variables, giving us a look-ahead of one character. */ 23 | class Scanner { 24 | protected: 25 | /* File content in memory */ 26 | char *file_content = nullptr; 27 | streamsize file_size = 0; 28 | 29 | /* Scanning indices */ 30 | int scan_index; 31 | int line, pos; 32 | /* For efficiency reasons */ 33 | char curr_char; 34 | char next_char; 35 | bool curr_valid; 36 | 37 | /* Token management */ 38 | char token[MAX_TOKEN_SIZE + 1]; 39 | int token_index = 0; 40 | size_t token_length = 0; 41 | 42 | public: 43 | /* Constructors and Destructor */ 44 | Scanner(); 45 | Scanner(string filename) throw (ios_base::failure); 46 | ~Scanner(); 47 | 48 | /* Inline Methods */ 49 | inline bool more() { 50 | /* Note that scan_index points one character ahead. */ 51 | return scan_index <= file_size; 52 | } 53 | 54 | inline bool eof() { 55 | /* Note that scan_index points one character ahead. */ 56 | return scan_index == file_size + 1; 57 | } 58 | 59 | inline char valid() { 60 | return curr_valid; 61 | } 62 | 63 | inline char current() { 64 | assert(valid()); 65 | return curr_char; 66 | } 67 | 68 | inline char next() { 69 | assert(more()); 70 | return next_char; 71 | } 72 | 73 | /* Public Methods */ 74 | void fromString(const string& text); 75 | void readFile(string filename) throw (ios_base::failure); 76 | void initScan(); 77 | bool skipWS(); 78 | bool skipSymbol(char c); 79 | bool scanSymbol(char c); 80 | bool scanUntil(char until); 81 | bool scanString(); 82 | bool scanHOLString(); 83 | bool scanTerm(char until); 84 | void scanRelation(Symtab& symtab, MapletRecorder *mrec = nullptr); 85 | 86 | protected: 87 | /* Internal Methods */ 88 | void clearToken(); 89 | void processLinePos(); 90 | char advance(); 91 | void consume(); 92 | void freeMemory(); 93 | }; 94 | #endif 95 | -------------------------------------------------------------------------------- /tools/transcl/src/Symtab.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include"debug.h" 8 | 9 | #include"Symtab.hpp" 10 | 11 | Symtab::Symtab() { clear(); } 12 | 13 | void Symtab::clear() { 14 | root.reset(); 15 | symbols.clear(); 16 | counter = 1; 17 | } 18 | 19 | Symtab::index_t Symtab::operator[](const string& symbol) { 20 | TrieNode* node = &root; 21 | for(char c : symbol) { 22 | node = (*node)[c]; 23 | } 24 | if (!node->hasValue()) { 25 | /* Assert that an overflow will not occured. */ 26 | assert(counter != 0); 27 | node->setValue(counter); 28 | /* Perhaps this is not the most efficient approach! */ 29 | symbols.push_back(symbol); 30 | counter++; 31 | } 32 | /*debug << symbol << " = " << node->getValue() << std::endl;*/ 33 | return node->getValue(); 34 | } 35 | 36 | string Symtab::operator[](Symtab::index_t symid) { 37 | if (symid >= 1 && symid < counter) { 38 | return symbols[symid-1]; 39 | } 40 | else { 41 | throw std::invalid_argument( 42 | "Identifier " + to_string(symid) + " is not in symbol table."); 43 | } 44 | } 45 | 46 | int Symtab::size() { 47 | return symbols.size(); 48 | } 49 | 50 | void Symtab::print(ostream& os) { 51 | for(int i = 1; i <= size(); i++) { 52 | os << (*this)[i] << " = " << i << endl; 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /tools/transcl/src/Symtab.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/isabelle-utp/utp-main/ffd472022798e60f0385030682b7a07fbeb49e68/tools/transcl/src/Symtab.h -------------------------------------------------------------------------------- /tools/transcl/src/Symtab.hpp: -------------------------------------------------------------------------------- 1 | #ifndef SYMTAB_HPP 2 | #define SYMTAB_HPP 3 | #include 4 | #include 5 | #include 6 | 7 | #include"TrieNode.cpp" 8 | 9 | using namespace std; 10 | 11 | template class TrieNode; 12 | 13 | class Symtab { 14 | public: 15 | /* Indices are represented by unsigned integers. */ 16 | typedef unsigned int index_t; 17 | 18 | protected: 19 | /* Root of the trie encoding for the symbol table. */ 20 | TrieNode root; 21 | /* Array used to store symbols by their index. */ 22 | vector symbols; 23 | /* Counter for generating the next index. */ 24 | index_t counter; 25 | 26 | public: 27 | Symtab(); 28 | ~Symtab() = default; 29 | 30 | /* Remove all entries from the symbol table. */ 31 | void clear(); 32 | 33 | /* Obtain the identifier of a symobl; create if not present. */ 34 | index_t operator[](const string& symbol); 35 | 36 | /* Obtain the symbol for a given identifier. */ 37 | string operator[](index_t symid); 38 | 39 | /* Return the number of symbols in the table. */ 40 | int size(); 41 | 42 | /* Print the content of the symbol table. */ 43 | void print(ostream& os); 44 | }; 45 | #endif 46 | -------------------------------------------------------------------------------- /tools/transcl/src/TCAlgorithm.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include "TCAlgorithm.hpp" 4 | 5 | size_t TCAlgorithm::maplets() { 6 | size_t count = 0; 7 | for (index_t i = 0; i < vertices(); i++) { 8 | for (index_t j = 0; j < vertices(); j++) { 9 | if (readout(i, j)) count++; 10 | } 11 | } 12 | return count; 13 | } 14 | 15 | void TCAlgorithm::output(Symtab symtab, std::ostream& ss) { 16 | ss << "{"; 17 | bool first = true; 18 | for (index_t i = 0; i < vertices(); i++) { 19 | for (index_t j = 0; j < vertices(); j++) { 20 | if (readout(i, j)) { 21 | if (first) { first = false; } 22 | else { 23 | ss << ", "; 24 | } 25 | ss << "(" << symtab[i+1] << ", " << symtab[j+1] << ")"; 26 | } 27 | } 28 | } 29 | ss << "}"; 30 | } 31 | 32 | void TCAlgorithm::encode(std::ostream& ss, encode_mode_t mode) { 33 | switch (mode) { 34 | case relation: 35 | encode_relation(ss); 36 | break; 37 | 38 | case range_set: 39 | encode_rangeset(ss); 40 | break; 41 | 42 | default: 43 | assert(false); 44 | } 45 | } 46 | 47 | void TCAlgorithm::encode_relation(std::ostream& ss) { 48 | ss << vertices() << ";"; 49 | for (index_t i = 0; i < vertices(); i++) { 50 | for (index_t j = 0; j < vertices(); j++) { 51 | if (readout(i, j)) { 52 | ss << i << ";"; 53 | ss << j << ";"; 54 | } 55 | } 56 | } 57 | } 58 | 59 | void TCAlgorithm::encode_rangeset(std::ostream& ss) { 60 | ss << vertices() << ";"; 61 | for (index_t j = 0; j < vertices(); j++) { 62 | bool in_range = false; 63 | for (index_t i = 0; i < vertices(); i++) { 64 | in_range |= readout(i, j); 65 | } 66 | if (in_range) { ss << j << ";"; } 67 | } 68 | } 69 | 70 | void TCAlgorithm::cyclic(std::ostream& ss) { 71 | bool is_cyclic = false; 72 | for (index_t i = 0; i < vertices(); i++) { 73 | is_cyclic |= readout(i, i); 74 | } 75 | ss << (is_cyclic ? "true" : "false"); 76 | } 77 | -------------------------------------------------------------------------------- /tools/transcl/src/TCAlgorithm.hpp: -------------------------------------------------------------------------------- 1 | #ifndef TCALGORITHM_HPP 2 | #define TCALGORITHM_HPP 3 | #include 4 | #include 5 | #include 6 | 7 | #include "Symtab.hpp" 8 | #include "encode_mode.h" 9 | 10 | typedef unsigned int index_t; 11 | 12 | class TCAlgorithm { 13 | public: 14 | virtual string name() = 0; 15 | virtual void init(size_t size) = 0; 16 | virtual void clear() = 0; 17 | virtual size_t vertices() = 0; 18 | virtual void record(index_t i, index_t j) = 0; 19 | virtual bool readout(index_t i, index_t j) = 0; 20 | virtual void execute() = 0; 21 | size_t maplets(); 22 | void output(Symtab symtab, std::ostream& ss); 23 | void encode(std::ostream& ss, encode_mode_t mode); 24 | void cyclic(std::ostream& ss); 25 | 26 | private: 27 | void encode_relation(std::ostream& ss); 28 | void encode_rangeset(std::ostream& ss); 29 | }; 30 | #endif 31 | -------------------------------------------------------------------------------- /tools/transcl/src/TrieNode.cpp: -------------------------------------------------------------------------------- 1 | #ifndef TRIENODE_CPP 2 | #define TRIENODE_CPP 3 | #include 4 | 5 | #include"TrieNode.hpp" 6 | 7 | template 8 | TrieNode::TrieNode() { 9 | reset(); 10 | } 11 | 12 | template 13 | void TrieNode::reset() { 14 | has_value = false; 15 | children.clear(); 16 | } 17 | 18 | template 19 | bool TrieNode::hasValue() { 20 | return has_value; 21 | } 22 | 23 | template 24 | T TrieNode::getValue() { 25 | assert(hasValue()); 26 | return value; 27 | } 28 | 29 | template 30 | void TrieNode::setValue(T new_value) { 31 | value = new_value; 32 | has_value = true; 33 | } 34 | 35 | template 36 | TrieNode* TrieNode::operator[](char c) { 37 | return &children[c]; 38 | } 39 | #endif 40 | -------------------------------------------------------------------------------- /tools/transcl/src/TrieNode.hpp: -------------------------------------------------------------------------------- 1 | #ifndef TRIENODE_HPP 2 | #define TRIENODE_HPP 3 | #include 4 | 5 | template 6 | class TrieNode { 7 | /*friend class Symtab;*/ 8 | 9 | private: 10 | /* Does this node have a value? */ 11 | bool has_value; 12 | /* Value of the node, if present. */ 13 | T value; 14 | /* Child nodes of the trie object. */ 15 | std::map children; 16 | 17 | public: 18 | TrieNode(); 19 | ~TrieNode() = default; 20 | 21 | /* Reset the value and children of this node. */ 22 | void reset(); 23 | 24 | /* Does this node have a value? */ 25 | bool hasValue(); 26 | 27 | /* Get the value of this node. */ 28 | T getValue(); 29 | 30 | /* Set the value of this node. */ 31 | void setValue(T new_value); 32 | 33 | /* Obtain child by index, create if it does not exists. */ 34 | TrieNode* operator[](char c); 35 | }; 36 | #endif 37 | -------------------------------------------------------------------------------- /tools/transcl/src/argp_conf.h: -------------------------------------------------------------------------------- 1 | #ifndef ARGP_CONF_H 2 | #define ARGP_CONF_H 3 | #include "argp.h" 4 | #include "encode_mode.h" 5 | 6 | #include "Algorithms.hpp" 7 | 8 | struct args_t { 9 | algorithm_t algorithm; 10 | bool encode_output; 11 | encode_mode_t encode_mode; 12 | bool check_cyclic; 13 | char *input_file; 14 | char *output_file; 15 | }; 16 | 17 | extern struct args_t args; 18 | 19 | extern struct argp argp; 20 | 21 | /* Function Prototypes */ 22 | void setDefaults(args_t& args); 23 | #endif 24 | -------------------------------------------------------------------------------- /tools/transcl/src/concat_all.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | cat main.c main.h argp_conf.c argp_conf.h encode_mode.h debug.c debug.h Scanner.cpp Scanner.hpp ScanException.cpp ScanException.hpp Symtab.cpp Symtab.hpp TrieNode.cpp TrieNode.hpp MapletRecorder.cpp MapletRecorder.hpp TCAlgorithm.cpp TCAlgorithm.hpp Algorithms.cpp Algorithms.hpp FloydWarshall.cpp FloydWarshall.hpp BoostAlgorithm.cpp BoostAlgorithm.hpp NullStream.cpp NullStream.hpp 3 | -------------------------------------------------------------------------------- /tools/transcl/src/debug.c: -------------------------------------------------------------------------------- 1 | #include "debug.h" 2 | 3 | bool debug_enabled = false; 4 | 5 | void enable_debug() { 6 | debug_enabled = true; 7 | } 8 | 9 | void disable_debug() { 10 | debug_enabled = false; 11 | } 12 | -------------------------------------------------------------------------------- /tools/transcl/src/debug.h: -------------------------------------------------------------------------------- 1 | #ifndef DEBUG_H 2 | #define DEBUG_H 3 | #include 4 | 5 | #include "NullStream.hpp" 6 | 7 | /* Global variables */ 8 | extern bool debug_enabled; 9 | 10 | #define debug (debug_enabled ? std::cerr : std::nil) 11 | 12 | /* Function prototypes */ 13 | void enable_debug(); 14 | void disable_debug(); 15 | #endif 16 | -------------------------------------------------------------------------------- /tools/transcl/src/encode_mode.h: -------------------------------------------------------------------------------- 1 | #ifndef ENCODE_MODE_H 2 | #define ENCODE_MODE_H 3 | typedef enum { relation, range_set } encode_mode_t; 4 | #endif 5 | -------------------------------------------------------------------------------- /tools/transcl/src/main.h: -------------------------------------------------------------------------------- 1 | #ifndef MAIN_H 2 | #define MAIN_H 3 | #include 4 | #include 5 | 6 | #include"argp_conf.h" 7 | 8 | #define outp (file != nullptr ? (*file) : std::cout) 9 | 10 | extern std::ofstream* file; 11 | #endif 12 | -------------------------------------------------------------------------------- /tools/transcl/src/test.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include"Symtab.hpp" 3 | 4 | using namespace std; 5 | 6 | void symtab_test() { 7 | Symtab symtab; 8 | symtab["Frank"]; 9 | symtab["Alessi"]; 10 | symtab["Frank"]; 11 | symtab["Kerstin"]; 12 | symtab["Alessi"]; 13 | symtab["Frank"]; 14 | symtab["Kerstin"]; 15 | symtab["Horst"]; 16 | symtab["Frunk"]; 17 | symtab["Frunk"]; 18 | symtab.print(cout); 19 | cout << symtab[1] << " "; 20 | cout << symtab[2] << " "; 21 | cout << symtab[3] << " "; 22 | cout << symtab[4] << " "; 23 | cout << symtab[5] << endl; 24 | } 25 | -------------------------------------------------------------------------------- /tools/transcl/src/test.h: -------------------------------------------------------------------------------- 1 | #ifndef TEST_H 2 | #define TEST_H 3 | /* Function prototypes */ 4 | void symtab_test(); 5 | #endif 6 | -------------------------------------------------------------------------------- /tutorial/.gitignore: -------------------------------------------------------------------------------- 1 | # Ignore output directory for Isabelle/HOL proof documents. 2 | output 3 | -------------------------------------------------------------------------------- /tutorial/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /tutorial/document/isabelletags.sty: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /tutorial/document/pdfsetup.sty: -------------------------------------------------------------------------------- 1 | %% 2 | %% default hyperref setup (both for pdf and dvi output) 3 | %% 4 | 5 | \usepackage{color} 6 | \definecolor{linkcolor}{rgb}{0,0,0.5} 7 | \usepackage[colorlinks=true,linkcolor=linkcolor,citecolor=linkcolor,filecolor=linkcolor,pagecolor=linkcolor,urlcolor=linkcolor]{hyperref} 8 | -------------------------------------------------------------------------------- /tutorial/document/root.tex: -------------------------------------------------------------------------------- 1 | \documentclass[11pt,a4paper]{article} 2 | \usepackage{isabelle,isabellesym} 3 | \usepackage{fullpage} 4 | \usepackage[usenames,dvipsnames]{color} 5 | \usepackage{document} 6 | 7 | % further packages required for unusual symbols (see also 8 | % isabellesym.sty), use only when needed 9 | 10 | \usepackage{amssymb} 11 | %for \, \, \, \, \, \, 12 | %\, \, \, \, \, 13 | %\, \, \ 14 | 15 | \usepackage[english]{babel} 16 | %option greek for \ 17 | %option english (default language) for \, \ 18 | 19 | \usepackage[only,bigsqcap]{stmaryrd} 20 | %for \ 21 | 22 | \usepackage{eufrak} 23 | %for \ ... \, \ ... \ (also included in amssymb) 24 | 25 | %\usepackage{textcomp} 26 | %for \, \, \, \, \, 27 | %\ 28 | 29 | % this should be the last package used 30 | \usepackage{pdfsetup} 31 | 32 | % urls in roman style, theory text in math-similar italics 33 | \urlstyle{rm} 34 | \isabellestyle{it} 35 | 36 | \newcommand{\isactrlU}{\textit{\textbf{U}}} 37 | 38 | % for uniform font size 39 | %\renewcommand{\isastyle}{\isastyleminor} 40 | 41 | \begin{document} 42 | 43 | \title{Isabelle/UTP Tutorial} 44 | 45 | \author{Simon Foster \and Frank Zeyda} 46 | 47 | \maketitle 48 | 49 | \tableofcontents 50 | 51 | % sane default for proof documents 52 | \parindent 0pt\parskip 0.5ex 53 | 54 | % generated text of all theories 55 | \input{session} 56 | 57 | % optional bibliography 58 | \bibliographystyle{abbrv} 59 | \bibliography{root} 60 | 61 | \end{document} 62 | -------------------------------------------------------------------------------- /tutorial/utp_csp_pump.thy: -------------------------------------------------------------------------------- 1 | section {* Fuel Pump in UTP CSP *} 2 | 3 | theory utp_csp_pump 4 | imports "../theories/circus/utp_circus" 5 | begin 6 | 7 | alphabet st_pump = 8 | fuelQ :: "nat" 9 | 10 | datatype ch_pump = 11 | init | liftNozzle | putNozzle | pressTrigger | releaseTrigger | enterAmount nat | reload nat 12 | 13 | type_synonym op_pump = "st_pump hrel_des" 14 | type_synonym act_pump = "(st_pump, ch_pump) action" 15 | 16 | definition PInit :: "act_pump" where 17 | [rdes_def]: "PInit = (fuelQ :=\<^sub>C 5000)" 18 | 19 | definition Reload :: "nat \ act_pump" where 20 | [rdes_def]: "Reload(q) = fuelQ :=\<^sub>C (&fuelQ + \q\)" 21 | 22 | definition Supply :: "nat \ act_pump" where 23 | [rdes_def]: "Supply(q) = fuelQ :=\<^sub>C (&fuelQ - \q\)" 24 | 25 | definition PumpActive :: "act_pump" where 26 | [rdes_def]: "PumpActive = putNozzle \<^bold>\ Skip \ 27 | enterAmount?(q) \<^bold>\ pressTrigger \<^bold>\ Supply(q) ;; releaseTrigger \<^bold>\ Skip" 28 | 29 | definition PumpIdle :: "act_pump" where 30 | [rdes_def]: "PumpIdle = liftNozzle \<^bold>\ PumpActive \ 31 | reload?(q) \<^bold>\ Reload(q) \ 32 | init \<^bold>\ PInit" 33 | 34 | definition Pump :: "act_pump" where 35 | [rdes_def]: "Pump = init \<^bold>\ PInit ;; (while\<^sub>R true do PumpIdle od)" 36 | 37 | end 38 | -------------------------------------------------------------------------------- /tutorial/utp_csp_timer.thy: -------------------------------------------------------------------------------- 1 | section {* FMI Timer (Simplified) *} 2 | 3 | theory utp_csp_timer 4 | imports "../theories/utp_csp" 5 | begin 6 | 7 | type_synonym TIME = nat 8 | 9 | datatype ch_timer = 10 | setT TIME | 11 | updateSS TIME | 12 | step "TIME \ TIME" | 13 | endc 14 | 15 | alphabet st_timer = 16 | currentTime :: TIME 17 | stepSize :: TIME 18 | 19 | type_synonym timer = "(st_timer, ch_timer) action" 20 | 21 | definition Timer :: "TIME \ TIME \ TIME \ timer" where 22 | "Timer ct hc tN = 23 | (currentTime, stepSize) :=\<^sub>C (\ct\, \hc\) ;; 24 | (\\<^sub>C Step \ (setT?(t:\t\ <\<^sub>u \tN\) \<^bold>\ currentTime :=\<^sub>C \t\ 25 | \ updateSS?(ss) \<^bold>\ stepSize :=\<^sub>C \ss\ 26 | \ step!(¤tTime)!(&stepSize) \<^bold>\ 27 | currentTime :=\<^sub>C min\<^sub>u(¤tTime + &stepSize, \tN\) 28 | \ (¤tTime =\<^sub>u \tN\) &\<^sub>u endc \<^bold>\ Stop) ;; Step)" 29 | 30 | end -------------------------------------------------------------------------------- /tutorial/utp_designs_ref_ex.thy: -------------------------------------------------------------------------------- 1 | section {* UTP designs data refinement example *} 2 | 3 | theory utp_designs_ref_ex 4 | imports "../theories/utp_designs" 5 | begin 6 | 7 | text {* This theory is currently incomplete *} 8 | 9 | alphabet my_state = 10 | s :: "int set" 11 | q :: "int list" 12 | 13 | abbreviation Inv_A :: "my_state upred" where 14 | "Inv_A \ finite\<^sub>u(&s)" 15 | 16 | definition Init_A :: "my_state hrel_des" where 17 | [upred_defs]: "Init_A = (true \\<^sub>n ($s\ =\<^sub>u {}\<^sub>u))" 18 | 19 | abbreviation "pre_Add_A(x) \ Inv_A \ \x\ \\<^sub>u &s" 20 | 21 | definition Add_A :: "int \ my_state hrel_des" where 22 | [upred_defs]: "Add_A(x) = (pre_Add_A(x) \\<^sub>n ($s\ =\<^sub>u $s \\<^sub>u {\x\}\<^sub>u))" 23 | 24 | abbreviation "pre_Del_A(x) \ Inv_A \ \x\ \\<^sub>u &s" 25 | 26 | definition Del_A :: "int \ my_state hrel_des" where 27 | [upred_defs]: "Del_A(x) = (pre_Del_A(x) \\<^sub>n ($s\ =\<^sub>u $s - {\x\}\<^sub>u))" 28 | 29 | abbreviation Inv_C :: "my_state upred" where 30 | "Inv_C \ distinct\<^sub>u(&q)" 31 | 32 | definition Init_C :: "my_state hrel_des" where 33 | [upred_defs]: "Init_C = (true \\<^sub>n ($q\ =\<^sub>u \\))" 34 | 35 | abbreviation "pre_Add_C(x) \ Inv_C \ \x\ \\<^sub>u ran\<^sub>u(&q)" 36 | 37 | definition Add_C :: "int \ my_state hrel_des" where 38 | [upred_defs]: "Add_C(x) = (pre_Add_C(x) \\<^sub>n ($q\ =\<^sub>u $q ^\<^sub>u \\x\\))" 39 | 40 | abbreviation "pre_Del_C(x) \ Inv_C \ \x\ \\<^sub>u ran\<^sub>u(&q)" 41 | 42 | definition Del_C :: "int \ my_state hrel_des" where 43 | [upred_defs]: "Del_C(x) = (pre_Del_C(x) \\<^sub>n ($q\ =\<^sub>u $q \\<^sub>u (- {\x\}\<^sub>u)))" 44 | 45 | definition Abs :: "my_state upred" where 46 | [upred_defs]: "Abs = (distinct\<^sub>u(&q) \ &s =\<^sub>u ran\<^sub>u(&q))" 47 | 48 | lemma Del_Del: "(Del_A(x) ;; Del_A(x)) = \\<^sub>D" 49 | by (rel_auto) 50 | 51 | lemma Add_commute: 52 | assumes "x \ y" 53 | shows "(Add_A(x) ;; Add_A(y)) = (Add_A(y) ;; Add_A(x))" 54 | using assms by (rel_auto) 55 | 56 | end -------------------------------------------------------------------------------- /tutorial/utp_hello_world.thy: -------------------------------------------------------------------------------- 1 | section \ Simple UTP Test \ 2 | 3 | theory utp_hello_world 4 | imports "UTP.utp_easy_parser" 5 | begin 6 | 7 | text \ Create a basic state space with one variable \ 8 | 9 | alphabet state = 10 | x :: int 11 | 12 | text \ Prove a simple relational equality \ 13 | 14 | theorem hello_world: "(x := 1 ;; x := x + 2) = (x := 3)" 15 | by (rel_auto) 16 | 17 | end -------------------------------------------------------------------------------- /tutorial/utp_lens_demo.thy: -------------------------------------------------------------------------------- 1 | theory utp_lens_demo 2 | imports "../theories/utp_designs" 3 | begin 4 | 5 | alphabet person = 6 | surname :: string 7 | forename :: string 8 | dateOfBirth :: "nat * nat * nat" 9 | 10 | alphabet myst = 11 | x :: nat 12 | y :: person 13 | z :: "int list" 14 | 15 | lemma "(\ x \ &x >\<^sub>u 1) = true" 16 | by (rel_auto) 17 | 18 | lemma "(\ x \ &x >\<^sub>u 1) = true" 19 | apply (rel_simp) 20 | nitpick 21 | oops 22 | 23 | lemma "x := 1 ;; x := (&x + 1) = x := 2" 24 | by (rel_auto) 25 | 26 | lemma "x := 1 ;; x := (&x + 2) = x := 2" 27 | apply (rel_auto) 28 | oops 29 | 30 | lemma "x := (&x - 5) wp (&x >\<^sub>u 10) = (&x >\<^sub>u 15)" 31 | apply (simp add: wp) 32 | apply (subst_tac) 33 | apply (pred_auto) 34 | done 35 | 36 | lemma "(true \\<^sub>n x := 1) ;; ((&x >\<^sub>u 1) \\<^sub>n y := &y) = \\<^sub>D" 37 | apply (simp add: ndesign_composition_wp) 38 | apply (simp add: wp) 39 | apply (subst_tac) 40 | apply (pred_auto) 41 | done 42 | 43 | term "x +\<^sub>L y" 44 | 45 | lemma "x \ y" 46 | by (simp) 47 | 48 | lemma "x +\<^sub>L y \ z" 49 | by (simp) 50 | 51 | term "surname ;\<^sub>L y" 52 | 53 | term "y:surname := \''Foster''\ ;; y:dateOfBirth := (02, 02, &x)\<^sub>u" 54 | 55 | lemma "(surname ;\<^sub>L y) \\<^sub>L y" 56 | by (simp) 57 | 58 | lemma "x +\<^sub>L y +\<^sub>L z \\<^sub>L 1\<^sub>L" 59 | oops 60 | end -------------------------------------------------------------------------------- /utp/.gitignore: -------------------------------------------------------------------------------- 1 | # Ignore output directory for Isabelle/HOL proof documents. 2 | output 3 | -------------------------------------------------------------------------------- /utp/document/document.sty: -------------------------------------------------------------------------------- 1 | % Support the outer command "paragraph {* *}". 2 | 3 | %%%%%%%%%%% 4 | % Colours % 5 | %%%%%%%%%%% 6 | 7 | \newcommand{\red}[1]{{\color{Red}#1}} 8 | \newcommand{\blue}[1]{{\color{Blue}#1}} 9 | \newcommand{\green}[1]{{\color{Green}#1}} 10 | \newcommand{\grey}[1]{{\color{Gray}#1}} 11 | \newcommand{\purple}[1]{{\color{Purple}#1}} 12 | 13 | %%%%%%%%%%%%%%%%%%%%%%% 14 | % Document Management % 15 | %%%%%%%%%%%%%%%%%%%%%%% 16 | 17 | \newcommand{\todo}[1]{\textbf{TODO}:~\red{#1}} 18 | \newcommand{\note}[1]{\textbf{NOTE}:~\green{#1}} 19 | \newcommand{\fixme}[1]{\textbf{FIXME}:~\blue{#1}} 20 | -------------------------------------------------------------------------------- /utp/document/isabelletags.sty: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /utp/document/pdfsetup.sty: -------------------------------------------------------------------------------- 1 | %% 2 | %% default hyperref setup (both for pdf and dvi output) 3 | %% 4 | 5 | \usepackage{color} 6 | \definecolor{linkcolor}{rgb}{0,0,0.5} 7 | \usepackage[colorlinks=true,linkcolor=linkcolor,citecolor=linkcolor,filecolor=linkcolor,pagecolor=linkcolor,urlcolor=linkcolor]{hyperref} 8 | -------------------------------------------------------------------------------- /utp/examples/factorial.thy: -------------------------------------------------------------------------------- 1 | theory factorial 2 | imports "UTP.utp" 3 | begin 4 | 5 | utp_lit_vars 6 | 7 | alphabet sfact = x::nat y::nat 8 | 9 | definition pfact :: "nat \ sfact hrel" where 10 | "pfact X = 11 | x := X ;; y := 1 ;; 12 | while x > 1 invr y * fact(x) = fact(X) 13 | do y := y * x ;; x := x - 1 od" 14 | 15 | lemma "TRY(id\<^sub>s \ pfact 4)" 16 | unfolding pfact_def 17 | apply (sym_eval) oops 18 | 19 | lemma pfact_correct: "\<^bold>{true\<^bold>} pfact X \<^bold>{y = fact(X)\<^bold>}" 20 | unfolding pfact_def 21 | apply (hoare_auto) 22 | apply (metis diff_Suc_Suc diff_zero fact_diff_Suc less_SucI mult.assoc) 23 | apply (metis fact_0 fact_Suc_0 less_Suc0 linorder_neqE_nat mult.right_neutral) 24 | done 25 | 26 | 27 | end -------------------------------------------------------------------------------- /utp/examples/find_replace.thy: -------------------------------------------------------------------------------- 1 | section \ Find and Replace Algorithm \ 2 | 3 | theory find_replace 4 | imports "UTP.utp" 5 | begin 6 | 7 | utp_lit_vars 8 | 9 | alphabet ss = arr::"nat \ string" occ::"nat" i::"nat" 10 | 11 | definition find_replace :: 12 | "(nat \ string) \ nat \ string \ string \ ss hrel" where 13 | "find_replace A len mtc rpl = 14 | arr := A ;; i := 0 ;; occ := 0 ;; 15 | while i < len 16 | invr arr = (\ k. if k < i \ A k = mtc then rpl else A k) 17 | \ occ = length (filter ((=) mtc) (map A [0.. i \ len 18 | do 19 | if (arr i = mtc) then arr[i] := rpl ;; occ := occ + 1 20 | else arr[i] := arr i 21 | fi ;; i := i + 1 22 | od" 23 | 24 | lemma find_replace_inv: 25 | "\<^bold>{true\<^bold>} 26 | find_replace A len mtc rpl 27 | \<^bold>{arr = (\ k. if k < i \ A k = mtc then rpl else A k)\<^bold>}" 28 | unfolding find_replace_def 29 | by (hoare_split, rel_auto', metis less_Suc_eq) 30 | 31 | lemma find_replace_prop1: 32 | "\<^bold>{true\<^bold>} find_replace A len mtc rpl \<^bold>{\ i < len. arr(i) = (rpl \ A(i) = mtc \ A(i)) \<^bold>}" 33 | unfolding find_replace_def by (hoare_auto, metis less_Suc_eq) 34 | 35 | lemma find_replace_prop2: 36 | "\<^bold>{true\<^bold>} find_replace A len mtc rpl \<^bold>{occ = length (filter ((=) mtc) (map A [0..}" 37 | unfolding find_replace_def by (hoare_auto, metis less_Suc_eq) 38 | 39 | 40 | 41 | end -------------------------------------------------------------------------------- /utp/examples/gcd.thy: -------------------------------------------------------------------------------- 1 | section \ Greatest Common Divisor \ 2 | 3 | theory gcd 4 | imports "UTP.utp" 5 | begin 6 | 7 | alphabet gcd_ss = 8 | x :: int 9 | y :: int 10 | 11 | abbreviation gcd_prog :: "int \ int \ gcd_ss hrel" where 12 | "gcd_prog X Y \ 13 | x := \X\ ;; 14 | y := \Y\ ;; 15 | while \ (x = y) 16 | invr x > 0 \ y > 0 \ gcd x y = gcd \X\ \Y\ 17 | do 18 | if x > y 19 | then x := x - y 20 | else y := y - x 21 | fi 22 | od" 23 | 24 | lemma "TRY(id\<^sub>s \ gcd_prog 6 21)" 25 | apply (sym_eval) 26 | oops 27 | 28 | lemma gcd_verify: 29 | "\\X\ > 0 \ \Y\ > 0\ gcd_prog X Y \x = gcd \X\ \Y\\\<^sub>u" 30 | oops 31 | 32 | end -------------------------------------------------------------------------------- /utp/examples/local_var.thy: -------------------------------------------------------------------------------- 1 | subsection \ Local Variables \ 2 | 3 | theory local_var 4 | imports "UTP.utp" 5 | begin 6 | 7 | utp_lit_vars 8 | 9 | text \ State space of global variables. \ 10 | 11 | alphabet global = x :: int y :: int 12 | 13 | abbreviation swap :: "global hrel" where 14 | "swap \ var z :: int in all\<^sub>L \ z := x ;; x := y ;; y := &z" 15 | 16 | lemma swap_wp: "swap wp (x = Y \ y = X) = \<^U>(y = Y \ x = X)" 17 | by (simp add: vblock_def wp usubst unrest) 18 | 19 | lemma swap_hoare: "\<^bold>{x = X \ y = Y\<^bold>} swap \<^bold>{x = Y \ y = X\<^bold>}" by (rel_auto) 20 | 21 | lemma swap_alt_def: "swap = (x, y) := (y, x)" by (rel_auto) 22 | 23 | end -------------------------------------------------------------------------------- /utp/examples/max_list.thy: -------------------------------------------------------------------------------- 1 | theory max_list 2 | imports "UTP.utp" 3 | begin 4 | 5 | alphabet max_st = 6 | i :: nat 7 | result :: nat 8 | xs :: "nat list" 9 | 10 | abbreviation maximum :: "nat list \ max_st hrel" where 11 | "maximum list \ 12 | xs := \list\ ;; 13 | if (length xs = 0) 14 | then 15 | result := 0 16 | else 17 | result := xs ! 0 ;; 18 | i := 1 ;; 19 | while i < length xs 20 | invr xs = \list\ \ i > 0 \ result = Max(set(take i xs)) 21 | do 22 | if xs ! i > result 23 | then result := xs ! i ;; i := i + 1 24 | else i := i + 1 25 | fi 26 | od 27 | fi" 28 | 29 | 30 | lemma "TRY(id\<^sub>s \ maximum [4,3,7,1,12,8])" 31 | apply (sym_eval) 32 | oops 33 | 34 | lemma "list \ [] \ \true\ maximum list \result = Max(set(\list\))\\<^sub>u" 35 | apply (hoare_auto) 36 | apply (auto simp add: take_Suc_conv_app_nth) 37 | oops 38 | 39 | end -------------------------------------------------------------------------------- /utp/examples/quicksort.thy: -------------------------------------------------------------------------------- 1 | subsection \ Quicksort \ 2 | 3 | theory quicksort 4 | imports "UTP.utp" 5 | begin 6 | 7 | declare length_list_augment_2 [simp] 8 | 9 | abbreviation rforloop :: "('a::{ord,plus,one} \ 's) \ ('a, 's) uexpr \ ('a, 's) uexpr \ 's hrel \ 's hrel" 10 | ("for _ := _ to _ do _ od") 11 | where "rforloop x i j P \ x := i ;; while &x \ j do P ;; x := &x + 1 od" 12 | 13 | abbreviation rforloop_inv :: "('a::{ord,plus,one} \ 's) \ ('a, 's) uexpr \ ('a, 's) uexpr \ 's upred \ 's hrel \ 's hrel" 14 | ("for _ := _ to _ invr _ do _ od") 15 | where "rforloop_inv x i j I P \ x := i ;; while &x \ j invr I do P ;; x := &x + 1 od" 16 | 17 | utp_lift_notation rforloop (1 2) 18 | 19 | utp_lift_notation rforloop_inv (1 2 3) 20 | 21 | utp_lit_vars 22 | 23 | alphabet global = 24 | A :: "int list" 25 | pivot :: int 26 | i :: nat 27 | j :: nat 28 | 29 | (* 30 | alphabet local = global + 31 | pivot :: int 32 | i :: nat 33 | j :: nat 34 | 35 | abbreviation lv :: " \ local" where 36 | "lv \ \ view = (global.base\<^sub>L :: (global \ local)), coview = global.more\<^sub>L \" 37 | 38 | lemma sym_lens_lv [simp]: "sym_lens lv" 39 | by (rule sym_lens.intro, simp_all) 40 | *) 41 | 42 | abbreviation "partition_inv p r \ 43 | U(i < j \ j \ p \ p \ r \ r < length A \ (\ k. k < length A \ 44 | (p \ k \ k \ i \ A!k \ pivot) 45 | \ (i + 1 \ k \ k \ j - 1 \ pivot < A!k) 46 | \ (k = r \ A!k = pivot)))" 47 | 48 | abbreviation partition :: "nat \ nat \ global hrel" where 49 | "partition p r \ 50 | pivot := A!r ;; 51 | i := (p - 1) ;; 52 | for j := p to r - 1 53 | invr @(partition_inv p r) 54 | do 55 | if (A ! j) \ pivot then 56 | i := i + 1 ;; 57 | (A[j], A[i]) := (A!i, A!j) 58 | fi 59 | od ;; 60 | (A[i+1], A[r]) := (A!r, A!i+1)" 61 | 62 | lemma "\@(partition_inv p r)\ 63 | while j \ r - 1 64 | invr @(partition_inv p r) 65 | do 66 | if (A ! j) \ pivot then 67 | i := i + 1 ;; 68 | (A[j], A[i]) := (A!i, A!j) 69 | fi ;; 70 | j := j + 1 71 | od 72 | \@(partition_inv p r)\\<^sub>u" 73 | apply (rule while_invr_hoare_r) 74 | apply (hoare_split) 75 | apply (rel_auto') 76 | oops 77 | 78 | end 79 | -------------------------------------------------------------------------------- /utp/examples/sum_list.thy: -------------------------------------------------------------------------------- 1 | section \ Summing a List \ 2 | 3 | theory sum_list 4 | imports "UTP.utp" 5 | begin 6 | 7 | text \ We first create a state space with the variables the program needs. \ 8 | 9 | alphabet st_sum_list = 10 | i :: nat 11 | xs :: "int list" 12 | ans :: int 13 | 14 | text \ Next, we define the program as by a homogeneous relation over the state-space type. \ 15 | 16 | abbreviation Sum_List :: "st_sum_list hrel" where 17 | "Sum_List \ 18 | i := 0 ;; 19 | ans := 0 ;; 20 | while (i < length xs) invr (ans = list_sum(take i xs)) 21 | do 22 | ans := ans + xs ! i ;; 23 | i := i + 1 24 | od" 25 | 26 | text \ Next, we symbolically evaluate some examples. \ 27 | 28 | lemma "TRY([&xs \\<^sub>s \[4,3,7,1,12,8]\] \ Sum_List)" 29 | apply (sym_eval) oops 30 | 31 | text \ Finally, we verify the program. \ 32 | 33 | theorem Sum_List_sums: 34 | "\xs = \XS\\ Sum_List \ans = list_sum(xs)\\<^sub>u" 35 | by (hoare_auto, metis add.foldr_snoc take_Suc_conv_app_nth) 36 | 37 | end -------------------------------------------------------------------------------- /utp/models/axm/utp_axm.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp_axm.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@gmail.com *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 11 Jun 2022 *) 8 | 9 | section \Meta-Theory for UTP with Axiomatic Variables\ 10 | 11 | theory utp_axm 12 | imports 13 | UTP1.utp 14 | utp_avar 15 | begin end 16 | -------------------------------------------------------------------------------- /utp/models/deep/utp_deep.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp_deep.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 22 Mar 2017 *) 8 | 9 | section \ Meta-Theory for UTP with Deep Variables \ 10 | 11 | theory utp_deep 12 | imports 13 | UTP1.utp 14 | utp_dvar 15 | begin end 16 | -------------------------------------------------------------------------------- /utp/uexpr_rep_eq.ML: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: uexpr_rep_eq.ML *) 4 | (* Authors: Simon Foster & Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | (* LAST REVIEWED: 2 Mar 2017 *) 8 | 9 | (* UEXPR_REP_EQ Signature *) 10 | 11 | signature UEXPR_REP_EQ = 12 | sig 13 | val get_uexpr_rep_eq_thms : theory -> thm list 14 | val read_uexpr_rep_eq_thms : theory -> theory 15 | end; 16 | 17 | (* uexpr_rep_eq Structure *) 18 | 19 | structure uexpr_rep_eq : UEXPR_REP_EQ = 20 | struct 21 | (* Theory Data to store the relevant transfer laws. *) 22 | 23 | structure UTP_Tactics_Data = Theory_Data ( 24 | type T = thm list; 25 | val empty = []; 26 | val extend = I; 27 | val merge = Thm.merge_thms; 28 | ); 29 | 30 | val get_uexpr_rep_eq_thms = UTP_Tactics_Data.get; 31 | val put_uexpr_rep_eq_thms = UTP_Tactics_Data.put; 32 | 33 | val uexpr_rep_eq_query = 34 | let val query_string = "name:\"rep_eq\" \"Rep_uexpr ?e = ?t\"" in 35 | Find_Theorems.read_query Position.none query_string 36 | end; 37 | 38 | fun read_uexpr_rep_eq_thms thy = 39 | let val ctx = Proof_Context.init_global thy; 40 | val facts = Find_Theorems.find_theorems_cmd 41 | ctx NONE (SOME 50000) true uexpr_rep_eq_query; 42 | in 43 | (put_uexpr_rep_eq_thms (map snd (snd facts)) thy) 44 | end; 45 | end; -------------------------------------------------------------------------------- /utp/utp.thy: -------------------------------------------------------------------------------- 1 | (******************************************************************************) 2 | (* Project: The Isabelle/UTP Proof System *) 3 | (* File: utp.thy *) 4 | (* Authors: Simon Foster and Frank Zeyda (University of York, UK) *) 5 | (* Emails: simon.foster@york.ac.uk and frank.zeyda@york.ac.uk *) 6 | (******************************************************************************) 7 | 8 | section \ Meta-theory for the Standard Core \ 9 | 10 | theory utp 11 | imports 12 | utp_var 13 | utp_expr 14 | utp_expr_insts 15 | utp_expr_funcs 16 | utp_unrest 17 | utp_usedby 18 | utp_subst 19 | utp_meta_subst 20 | utp_alphabet 21 | utp_lift 22 | utp_pred 23 | utp_pred_laws 24 | utp_recursion 25 | utp_dynlog 26 | utp_rel 27 | utp_rel_laws 28 | utp_sequent 29 | utp_state_parser 30 | utp_lift_parser 31 | utp_lift_pretty 32 | utp_sym_eval 33 | utp_tactics 34 | utp_frame 35 | utp_hoare 36 | utp_wlp 37 | utp_wp 38 | utp_sp 39 | utp_theory 40 | utp_concurrency 41 | utp_collection 42 | utp_rel_opsem 43 | utp_blocks 44 | utp_definition 45 | utp_schema 46 | begin recall_syntax end -------------------------------------------------------------------------------- /utp/utp_definition.thy: -------------------------------------------------------------------------------- 1 | section \ Definition Command for UTP \ 2 | 3 | theory utp_definition 4 | imports "utp_pred" 5 | keywords "utp_def" :: "thy_decl_block" 6 | begin 7 | 8 | text \ A first attempt at a definition command for UTP that (1) uses the lifting parser for the 9 | expression on the RHS and (2) adds the definitional equation to @{thm upred_defs}. \ 10 | 11 | ML \ 12 | structure UTP_Def = 13 | struct 14 | 15 | fun mk_utp_def_eq ctx term = 16 | case (Type.strip_constraints term) of 17 | Const (@{const_name "HOL.eq"}, b) $ c $ t => 18 | @{const Trueprop} $ (Const (@{const_name "HOL.eq"}, b) $ c $ utp_lift ctx t) | 19 | _ => raise Match; 20 | 21 | val upred_defs = [[Token.make_string (Binding.name_of @{binding upred_defs}, Position.none)]]; 22 | 23 | fun utp_def attr decl term ctx = 24 | Specification.definition 25 | (Option.map (fn x => fst (Proof_Context.read_var x ctx)) decl) [] [] 26 | ((fst attr, map (Attrib.check_src ctx) (upred_defs @ snd attr)), mk_utp_def_eq ctx term) ctx 27 | 28 | end 29 | 30 | val _ = 31 | let 32 | open UTP_Def; 33 | in 34 | Outer_Syntax.local_theory \<^command_keyword>\utp_def\ "UTP constant definition" 35 | (Scan.option Parse_Spec.constdecl -- (Parse_Spec.opt_thm_name ":" -- Parse.prop) -- 36 | Parse_Spec.if_assumes -- Parse.for_fixes >> (fn (((decl, (attr, term)), _), _) => 37 | (fn ctx => snd (utp_def attr decl (Syntax.parse_term ctx term) ctx)))) 38 | end 39 | \ 40 | 41 | end -------------------------------------------------------------------------------- /utp/utp_full.thy: -------------------------------------------------------------------------------- 1 | section \ Meta-theory for the Standard Core with Overloaded Constructs \ 2 | 3 | theory utp_full 4 | imports utp utp_expr_ovld 5 | begin end -------------------------------------------------------------------------------- /utp/utp_schema.thy: -------------------------------------------------------------------------------- 1 | section \ UTP Schema Types \ 2 | 3 | theory utp_schema 4 | imports "utp_definition" 5 | keywords "schema" :: "thy_decl_block" 6 | begin 7 | 8 | text \ Create a type with invariants attached; similar to a Z schema. \ 9 | 10 | (* TODO: Allow names for each invariant *) 11 | 12 | ML \ 13 | val _ = 14 | Outer_Syntax.command @{command_keyword schema} "define a new schema type" 15 | ((Parse.type_args_constrained -- Parse.binding) -- 16 | (@{keyword "="} |-- Scan.option (Parse.typ --| @{keyword "+"}) -- 17 | Scan.repeat1 Parse.const_binding) -- Scan.optional (@{keyword "where"} |-- (Scan.repeat1 (Scan.option (Parse.binding --| Parse.$$$ ":") |-- Parse.term))) ["true"] 18 | >> (fn ((x, (y, z)), ts) => 19 | let (* Get the new type name *) 20 | val n = Binding.name_of (snd x) 21 | (* Produce a list of type variables *) 22 | val varl = fold (fn _ => fn y => "_, " ^ y) (1 upto length (fst x)) "'a" 23 | (* Name for the new invariant *) 24 | val invn = n ^ "_inv" 25 | val itb = Binding.make (invn ^ "_def", Position.none) 26 | val upred = Lexicon.unmark_type @{type_syntax upred} 27 | val ib = (SOME (Binding.make (invn, Position.none), SOME ("((" ^ varl ^ ")" ^ n ^ "_scheme) " ^ upred), NoSyn)) 28 | open HOLogic in 29 | Toplevel.theory 30 | (Lens_Utils.add_alphabet_cmd x y z 31 | #> Named_Target.theory_map 32 | (fn ctx => 33 | let val invs = Library.foldr1 HOLogic.mk_conj (map (Syntax.parse_term ctx) ts) 34 | val sinv = case y of 35 | NONE => invs | 36 | SOME t => case (Syntax.parse_typ ctx t) of 37 | Type (n, _) => (case (Syntax.parse_term ctx (n ^ "_inv")) of 38 | Const (\<^syntax_const>\_type_constraint_\, _) $ Const (n', _) => HOLogic.mk_conj (Const (n', dummyT), invs) | _ => invs) | 39 | _ => invs 40 | in 41 | snd (UTP_Def.utp_def (itb, []) ib (mk_eq (Free (invn, dummyT), sinv)) ctx) 42 | end) 43 | #> Named_Target.theory_map 44 | (fn ctx => 45 | let val Const (cn, _) = Syntax.read_term ctx invn 46 | val varl = 47 | if (length (fst x) = 0) 48 | then "" 49 | else "(" ^ foldr1 (fn (x, y) => "_, " ^ x) (map (fn _ => "_") (1 upto length (fst x))) ^ ") " 50 | val ty = Syntax.read_typ ctx (varl ^ n ^ " " ^ upred) in 51 | Specification.abbreviation Syntax.mode_default (SOME (Binding.make (n, Position.none), SOME ty, NoSyn)) [] (Logic.mk_equals (Free (n, dummyT), Const (cn, dummyT))) false ctx 52 | end) 53 | ) 54 | end)); 55 | \ 56 | 57 | end -------------------------------------------------------------------------------- /utp/utp_sequent.thy: -------------------------------------------------------------------------------- 1 | section \ Sequent Calculus \ 2 | 3 | theory utp_sequent 4 | imports utp_pred_laws 5 | begin 6 | 7 | definition sequent :: "'\ upred \ '\ upred \ bool" (infixr "\" 15) where 8 | [upred_defs]: "sequent P Q = (Q \ P)" 9 | 10 | utp_lift_notation sequent 11 | 12 | abbreviation sequent_triv ("\ _" [15] 15) where "\ P \ (true \ P)" 13 | 14 | translations 15 | "\ P" <= "true \ P" 16 | 17 | text \ Conversion of UTP sequent to Isabelle proposition \ 18 | 19 | lemma sequentI: "\ \ s. \\\\<^sub>e s \ \\\\<^sub>e s \ \ \ \ \" 20 | by (rel_auto) 21 | 22 | lemma sTrue: "P \ true" 23 | by pred_auto 24 | 25 | lemma sAx: "P \ P" 26 | by pred_auto 27 | 28 | lemma sNotI: "\ \ P \ false \ \ \ \ P" 29 | by pred_auto 30 | 31 | lemma sConjI: "\ \ \ P; \ \ Q \ \ \ \ P \ Q" 32 | by pred_auto 33 | 34 | lemma sImplI: "\ P \ \ \ Q \ \ \ \ (P \ Q)" 35 | by pred_auto 36 | 37 | lemma sAsmDisj: 38 | "\ A \ C; B \ C \ \ A \ B \ C" 39 | by (rel_auto) 40 | 41 | lemma sDisjI1: "P \ Q \ P \ (Q \ R)" 42 | by (rel_auto) 43 | 44 | lemma sDisjI2: "P \ R \ P \ (Q \ R)" 45 | by (rel_auto) 46 | 47 | lemma sVarEqI: 48 | assumes "wb_lens x" "(&x = v \ P) \ (Q\v/&x\)" 49 | shows "(&x = v \ P) \ Q" 50 | using assms by (rel_simp, metis wb_lens.get_put) 51 | 52 | lemma sWk: "\ `Q \ P`; P \ R \ \ Q \ R" 53 | by (rel_auto) 54 | 55 | lemma sWk1: "P \ R \ P \ Q \ R" 56 | by (rel_auto) 57 | 58 | lemma sWk2: "Q \ R \ P \ Q \ R" 59 | by (rel_auto) 60 | 61 | end -------------------------------------------------------------------------------- /utp/utp_spec.thy: -------------------------------------------------------------------------------- 1 | section {* Weakest Pre- and Postspecification *} 2 | 3 | theory utp_spec 4 | imports utp_rel_laws 5 | begin 6 | 7 | subsection {* Weakest Prespecification *} 8 | 9 | definition wpre :: "'a hrel \ 'a hrel \ 'a hrel" (infixl "\\" 70) where 10 | [upred_defs]: "Q \\ R = \ { Y. R \ Y ;; Q}" 11 | 12 | lemma wpre_sol1: "R \ (Q \\ R) ;; Q" 13 | by (rel_auto) 14 | 15 | lemma wpre_sol2: "Q \\ (P ;; Q) \ P" 16 | by (rel_auto) 17 | 18 | lemma wpre_id: "(P \\ P) \ II" 19 | by (metis seqr_left_unit wpre_sol2) 20 | 21 | lemma wpre_skip: "P = II \\ P" 22 | by (rel_auto) 23 | 24 | lemma wpre_galois: "R \ P ;; Q \ Q \\ R \ P" 25 | by (rel_blast) 26 | 27 | lemma wpre_seq: "(P ;; Q) \\ R = P \\ (Q \\ R)" 28 | by (rule antisym, (metis (no_types, lifting) seqr_assoc wpre_galois wpre_sol1)+) 29 | 30 | lemma wpre_choice: "(P \ Q) \\ R = (P \\ R \ Q \\ R)" 31 | apply (rule antisym) 32 | apply (metis (no_types, lifting) semilattice_sup_class.le_sup_iff upred_semiring.distrib_left utp_pred_laws.le_inf_iff wpre_galois wpre_sol1) 33 | apply (metis conj_comm semilattice_sup_class.le_supI upred_semiring.distrib_left utp_pred_laws.inf_le2 wpre_galois) 34 | done 35 | 36 | text {* We cannot write the weakest prespecification as a weakest precondition construction *} 37 | 38 | lemma "Q \\ R = (\ (Q ;; (\ R)))" 39 | apply (rel_auto) 40 | nitpick 41 | oops 42 | 43 | lemma "R \ P ;; Q \ (\ Q ;; (\ R)) \ P" 44 | apply (rel_auto) 45 | nitpick 46 | oops 47 | 48 | subsection {* Weakest Postspecification *} 49 | 50 | definition wpost :: "'a hrel \ 'a hrel \ 'a hrel" (infixl "\<^bold>'/" 70) where 51 | [upred_defs]: "Q \<^bold>/ R = \ { Y. R \ Q ;; Y}" 52 | 53 | lemma wpost_galois: "R \ P ;; Q \ P \<^bold>/ R \ Q" 54 | by (rel_blast) 55 | 56 | end -------------------------------------------------------------------------------- /vdm-sl/examples/Alarm.thy: -------------------------------------------------------------------------------- 1 | section {* Encoding of the Alarm example in Isabelle/UTP *} 2 | 3 | theory Alarm 4 | imports "../VDM" 5 | begin 6 | 7 | type_synonym Period = real 8 | type_synonym Expert = real 9 | 10 | alphabet Plant = vlocal + 11 | staff :: "Expert set" 12 | schedule :: "Period \ Expert set" 13 | 14 | declare Plant.defs [simp] 15 | 16 | abbreviation "mk_Plant \ vuop (bpfun' Plant.make)" 17 | 18 | abbreviation 19 | "inv_Plant \ (\\<^sub>v (rng\<^sub>v(&\<^sub>vschedule)) \\<^sub>v &\<^sub>vstaff \\<^sub>v (\\<^sub>v exs \ rng\<^sub>v(&\<^sub>vschedule) \ \exs\\<^sub>v <>\<^sub>v {}\<^sub>v))" 20 | 21 | abbreviation 22 | "init_Plant \ (staff :=\<^sub>v {}\<^sub>v ;; schedule :=\<^sub>v \\\\<^sub>v)" 23 | 24 | text {* init_Plant establishes the invariant *} 25 | 26 | lemma init_Plant_est: "(true \\<^sub>r \ \ inv_Plant \\<^sub>v \\<^sub>>) \ init_Plant" 27 | oops 28 | 29 | abbreviation 30 | "addExpert \ val e :: Expert \\<^sub>N [pre &\<^sub>ve \\<^sub>v &\<^sub>vstaff post true\<^sub>v body staff :=\<^sub>v (&\<^sub>vstaff \\<^sub>v {&\<^sub>ve}\<^sub>v)]\<^sub>v" 31 | 32 | abbreviation 33 | "Assign \ val e :: Expert, val p :: Period \\<^sub>N 34 | [pre (&\<^sub>ve \\<^sub>v &\<^sub>vstaff \\<^sub>v &\<^sub>vp \\<^sub>v dom\<^sub>v(&\<^sub>vschedule)) 35 | post $\<^sub>ve\ \\<^sub>v $\<^sub>vschedule\($\<^sub>vp)\<^sub>v 36 | body schedule(&\<^sub>vp) :=\<^sub>v ({&\<^sub>ve}\<^sub>v \\<^sub>v (&\<^sub>vschedule(&\<^sub>vp)\<^sub>v))]\<^sub>v" 37 | 38 | lemma Assign_pres_inv: 39 | "Assign(e,p) \ \ inv_Plant \\<^sub>v \\<^sub>n \ \ inv_Plant \\<^sub>v \\<^sub>>" 40 | oops 41 | 42 | lemma addExpert_twice: "(addExpert(\x\) ;; addExpert(\x\)) = \\<^sub>D" 43 | apply (rule wpd_H3_eq_intro) 44 | apply (simp_all add: closure wp) 45 | apply (simp add: val_parm_def ndes_assigns_def) 46 | apply (simp add: wp closure usubst) 47 | oops 48 | 49 | lemma "(\ inv_Plant \\<^sub>v \p\\<^sub>v \\<^sub>v dom\<^sub>v(&\<^sub>vschedule) \\<^sub>v \\<^sub>n \ \ inv_Plant \\<^sub>v \\<^sub>>) 50 | \ (schedule(\p\\<^sub>v) :=\<^sub>v ({\e\\<^sub>v}\<^sub>v \\<^sub>v (&\<^sub>vschedule(\p\\<^sub>v)\<^sub>v)))" 51 | apply (simp add: vassign_uvar_def) 52 | apply (rule ndesign_refine_intro) 53 | oops 54 | end --------------------------------------------------------------------------------