Up to index of Isabelle/HOL/HOL-Complex/CSP/CSP_T
theory CSP_T_law_ref (*-------------------------------------------*
| CSP-Prover on Isabelle2004 |
| December 2004 |
| June 2005 (modified) |
| September 2005 (modified) |
| |
| CSP-Prover on Isabelle2005 |
| October 2005 (modified) |
| |
| Yoshinao Isobe (AIST JAPAN) |
*-------------------------------------------*)
theory CSP_T_law_ref = CSP_T_law_basic:
(*****************************************************************
1. rules for refinement
*****************************************************************)
(*-------------------------------------------------------*
| decompose Internal choice |
*-------------------------------------------------------*)
(*** or <= ***) (* unsafe *)
lemma cspT_Int_choice_left1:
"P1 <=T Q ==> P1 |~| P2 <=T Q"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
lemma cspT_Int_choice_left2:
"P2 <=T Q ==> P1 |~| P2 <=T Q"
apply (rule cspT_rw_left)
apply (rule cspT_commut)
by (simp add: cspT_Int_choice_left1)
(*** <= and ***) (* safe *)
lemma cspT_Int_choice_right:
"[| P <=T Q1 ; P <=T Q2 |]
==> P <=T Q1 |~| Q2"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
(*-------------------------------------------------------*
| decompose Replicated internal choice |
*-------------------------------------------------------*)
(*** EX <= ***) (* unsafe *)
lemma cspT_Rep_int_choice0_left:
"(EX c. c:C & Pf c <=T Q)
==> !! :C .. Pf <=T Q"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
lemma cspT_Rep_int_choice0_left_x:
"[| x:C ; Pf x <=T Q |]
==> !! :C .. Pf <=T Q"
apply (rule cspT_Rep_int_choice0_left)
by (fast)
lemma cspT_Rep_int_choice_fun_left:
"[| inj f ; (EX a. a:X & Pf a <=T Q) |]
==> !!<f> :X .. Pf <=T Q"
apply (simp add: Rep_int_choice_fun_def)
apply (rule cspT_Rep_int_choice0_left)
apply (force)
done
lemma cspT_Rep_int_choice_fun_left_x:
"[| inj f ; x:X ; Pf x <=T Q |]
==> !!<f> :X .. Pf <=T Q"
apply (rule cspT_Rep_int_choice_fun_left)
by (auto)
lemma cspT_Rep_int_choice2_left:
"(EX X. X:Xs & Pf X <=T Q)
==> !set :Xs .. Pf <=T Q"
by (simp add: cspT_Rep_int_choice_fun_left)
lemma cspT_Rep_int_choice3_left:
"(EX n. n:N & Pf n <=T Q)
==> !nat :N .. Pf <=T Q"
by (simp add: cspT_Rep_int_choice_fun_left)
lemma cspT_Rep_int_choice1_left:
"(EX a. a:X & Pf a <=T Q)
==> ! :X .. Pf <=T Q"
apply (simp add: Rep_int_choice_com_def)
apply (rule cspT_Rep_int_choice2_left)
apply (elim conjE exE)
apply (rule_tac x="{a}" in exI)
apply (simp)
done
lemma cspT_Rep_int_choice_f_left:
"[| inj f ; (EX a. a:X & Pf a <=T Q) |]
==> !<f> :X .. Pf <=T Q"
apply (simp add: Rep_int_choice_f_def)
apply (rule cspT_Rep_int_choice1_left)
apply (erule exE)
apply (rule_tac x="f a" in exI)
apply (simp)
done
(* x *)
lemma cspT_Rep_int_choice2_left_x:
"[| x:Xs ; Pf x <=T Q |]
==> !set :Xs .. Pf <=T Q"
by (simp add: cspT_Rep_int_choice_fun_left_x)
lemma cspT_Rep_int_choice3_left_x:
"[| x:N ; Pf x <=T Q |]
==> !nat :N .. Pf <=T Q"
by (simp add: cspT_Rep_int_choice_fun_left_x)
lemma cspT_Rep_int_choice1_left_x:
"[| x:X ; Pf x <=T Q |]
==> ! :X .. Pf <=T Q"
apply (simp add: Rep_int_choice_com_def)
apply (rule cspT_Rep_int_choice2_left_x[of "{x}"])
apply (simp)
apply (simp)
done
lemma cspT_Rep_int_choice_f_left_x:
"[| inj f ; x:X ; Pf x <=T Q |]
==> !<f> :X .. Pf <=T Q"
apply (simp add: Rep_int_choice_f_def)
apply (rule cspT_Rep_int_choice1_left)
apply (rule_tac x="f x" in exI)
apply (simp)
done
lemmas cspT_Rep_int_choice_left = cspT_Rep_int_choice0_left
cspT_Rep_int_choice1_left
cspT_Rep_int_choice2_left
cspT_Rep_int_choice3_left
cspT_Rep_int_choice_f_left
lemmas cspT_Rep_int_choice_left_x = cspT_Rep_int_choice0_left_x
cspT_Rep_int_choice1_left_x
cspT_Rep_int_choice2_left_x
cspT_Rep_int_choice3_left_x
cspT_Rep_int_choice_f_left_x
(*** <= ALL ***) (* safe *)
lemma cspT_Rep_int_choice0_right:
"[| !!c. c:C ==> P <=T Qf c |]
==> P <=T !! :C .. Qf"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
lemma cspT_Rep_int_choice0_rightE:
"[| P <=T !! :C .. Qf ;
ALL c:C. P <=T Qf c ==> R
|] ==> R"
apply (simp add: cspT_semantics)
apply (simp add: subdomT_iff)
apply (simp add: in_traces)
apply (force)
done
(* f *)
lemma cspT_Rep_int_choice_fun_right:
"[| inj f ; !!a. a:X ==> P <=T Qf a |]
==> P <=T !!<f> :X .. Qf"
apply (simp add: Rep_int_choice_fun_def)
apply (rule cspT_Rep_int_choice0_right)
apply (force)
done
lemma cspT_Rep_int_choice_fun_rightE:
"[| P <=T !!<f> :X .. Qf ; inj f ;
ALL a:X. P <=T Qf a ==> R
|] ==> R"
apply (simp add: Rep_int_choice_fun_def)
apply (erule cspT_Rep_int_choice0_rightE)
apply (force)
done
(* 1,2,3,f *)
lemma cspT_Rep_int_choice2_right:
"[| !!X. X:Xs ==> P <=T Qf X |]
==> P <=T !set :Xs .. Qf"
by (simp add: cspT_Rep_int_choice_fun_right)
lemma cspT_Rep_int_choice3_right:
"[| !!n. n:N ==> P <=T Qf n |]
==> P <=T !nat :N .. Qf"
by (simp add: cspT_Rep_int_choice_fun_right)
lemma cspT_Rep_int_choice1_right:
"[| !!a. a:X ==> P <=T Qf a |]
==> P <=T ! :X .. Qf"
apply (simp add: Rep_int_choice_com_def)
apply (rule cspT_Rep_int_choice2_right)
apply (force)
done
lemma cspT_Rep_int_choice_f_right:
"[| inj f ; !!a. a:X ==> P <=T Qf a |]
==> P <=T !<f> :X .. Qf"
apply (simp add: Rep_int_choice_f_def)
apply (rule cspT_Rep_int_choice1_right)
apply (simp add: image_iff)
apply (elim bexE)
apply (simp)
done
(* 1,2,3,f E *)
lemma cspT_Rep_int_choice2_rightE:
"[| P <=T !set :Xs .. Qf ;
ALL X:Xs. P <=T Qf X ==> R
|] ==> R"
apply (erule cspT_Rep_int_choice_fun_rightE)
by (auto)
lemma cspT_Rep_int_choice3_rightE:
"[| P <=T !nat :N .. Qf ;
ALL n:N. P <=T Qf n ==> R
|] ==> R"
apply (erule cspT_Rep_int_choice_fun_rightE)
by (auto)
lemma cspT_Rep_int_choice1_rightE:
"[| P <=T ! :X .. Qf ;
ALL a:X. P <=T Qf a ==> R
|] ==> R"
apply (simp add: Rep_int_choice_com_def)
apply (erule cspT_Rep_int_choice2_rightE)
apply (force)
done
lemma cspT_Rep_int_choice_f_rightE:
"[| P <=T !<f> :X .. Qf ; inj f ;
[| ALL a:X. P <=T Qf a |] ==> R
|] ==> R"
apply (simp add: Rep_int_choice_f_def)
apply (erule cspT_Rep_int_choice1_rightE)
apply (simp add: image_iff)
done
lemmas cspT_Rep_int_choice_right
= cspT_Rep_int_choice0_right
cspT_Rep_int_choice1_right
cspT_Rep_int_choice2_right
cspT_Rep_int_choice3_right
cspT_Rep_int_choice_f_right
lemmas cspT_Rep_int_choice_rightE
= cspT_Rep_int_choice0_rightE
cspT_Rep_int_choice1_rightE
cspT_Rep_int_choice2_rightE
cspT_Rep_int_choice3_rightE
cspT_Rep_int_choice_f_rightE
(*-------------------------------------------------------*
| decomposition with subset |
*-------------------------------------------------------*)
(*** Rep_int_choice ***) (* unsafe *)
lemma cspT_Rep_int_choice0_subset:
"[| C2 <= C1 ; !!c. c:C2 ==> Pf c <=T Qf c |]
==> !! :C1 .. Pf <=T !! :C2 .. Qf"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
lemma cspT_Rep_int_choice_fun_subset:
"[| inj f ; Y <= X ; !!a. a:Y ==> Pf a <=T Qf a |]
==> !!<f> :X .. Pf <=T !!<f> :Y .. Qf"
apply (simp add: Rep_int_choice_fun_def)
apply (rule cspT_Rep_int_choice0_subset)
apply (force)
apply (force)
done
lemma cspT_Rep_int_choice2_subset:
"[| Ys <= Xs ; !!X. X:Ys ==> Pf X <=T Qf X |]
==> !set :Xs .. Pf <=T !set :Ys .. Qf"
by (simp add: cspT_Rep_int_choice_fun_subset)
lemma cspT_Rep_int_choice3_subset:
"[| N2 <= N1 ; !!n. n:N2 ==> Pf n <=T Qf n |]
==> !nat :N1 .. Pf <=T !nat :N2 .. Qf"
by (simp add: cspT_Rep_int_choice_fun_subset)
lemma cspT_Rep_int_choice1_subset:
"[| Y <= X ; !!a. a:Y ==> Pf a <=T Qf a |]
==> ! :X .. Pf <=T ! :Y .. Qf"
apply (simp add: Rep_int_choice_com_def)
apply (rule cspT_Rep_int_choice2_subset)
apply (auto)
done
lemma cspT_Rep_int_choice_f_subset:
"[| inj f ; Y <= X ; !!a. a:Y ==> Pf a <=T Qf a |]
==> !<f> :X .. Pf <=T !<f> :Y .. Qf"
apply (simp add: Rep_int_choice_f_def)
apply (rule cspT_Rep_int_choice1_subset)
apply (auto simp add: image_def)
done
lemmas cspT_Rep_int_choice_subset
= cspT_Rep_int_choice0_subset
cspT_Rep_int_choice1_subset
cspT_Rep_int_choice2_subset
cspT_Rep_int_choice3_subset
cspT_Rep_int_choice_f_subset
(*** ! x:X .. and ? -> ***)
lemma cspT_Int_Ext_pre_choice_subset:
"[| Y ~={} ; Y <= X ; !!a. a:Y ==> Pf a <=T Qf a |]
==> ! x:X .. (x -> Pf x) <=T
? :Y -> Qf"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
lemmas cspT_decompo_subset = cspT_Rep_int_choice_subset
cspT_Int_Ext_pre_choice_subset
(*-------------------------------------------------------*
| decompose external choice |
*-------------------------------------------------------*)
lemma cspT_Ext_choice_right:
"[| P <=T Q1 ;
P <=T Q2 |]
==> P <=T Q1 [+] Q2"
apply (simp add: cspT_semantics)
apply (rule, simp add: in_traces)
apply (force)
done
end
lemma cspT_Int_choice_left1:
P1.0 <=T Q ==> P1.0 |~| P2.0 <=T Q
lemma cspT_Int_choice_left2:
P2.0 <=T Q ==> P1.0 |~| P2.0 <=T Q
lemma cspT_Int_choice_right:
[| P <=T Q1.0; P <=T Q2.0 |] ==> P <=T Q1.0 |~| Q2.0
lemma cspT_Rep_int_choice0_left:
∃c. c ∈ C ∧ Pf c <=T Q ==> !! :C .. Pf <=T Q
lemma cspT_Rep_int_choice0_left_x:
[| x ∈ C; Pf x <=T Q |] ==> !! :C .. Pf <=T Q
lemma cspT_Rep_int_choice_fun_left:
[| inj f; ∃a. a ∈ X ∧ Pf a <=T Q |] ==> !!<f> :X .. Pf <=T Q
lemma cspT_Rep_int_choice_fun_left_x:
[| inj f; x ∈ X; Pf x <=T Q |] ==> !!<f> :X .. Pf <=T Q
lemma cspT_Rep_int_choice2_left:
∃X. X ∈ Xs ∧ Pf X <=T Q ==> !set :Xs .. Pf <=T Q
lemma cspT_Rep_int_choice3_left:
∃n. n ∈ N ∧ Pf n <=T Q ==> !nat :N .. Pf <=T Q
lemma cspT_Rep_int_choice1_left:
∃a. a ∈ X ∧ Pf a <=T Q ==> ! :X .. Pf <=T Q
lemma cspT_Rep_int_choice_f_left:
[| inj f; ∃a. a ∈ X ∧ Pf a <=T Q |] ==> !<f> :X .. Pf <=T Q
lemma cspT_Rep_int_choice2_left_x:
[| x ∈ Xs; Pf x <=T Q |] ==> !set :Xs .. Pf <=T Q
lemma cspT_Rep_int_choice3_left_x:
[| x ∈ N; Pf x <=T Q |] ==> !nat :N .. Pf <=T Q
lemma cspT_Rep_int_choice1_left_x:
[| x ∈ X; Pf x <=T Q |] ==> ! :X .. Pf <=T Q
lemma cspT_Rep_int_choice_f_left_x:
[| inj f; x ∈ X; Pf x <=T Q |] ==> !<f> :X .. Pf <=T Q
lemmas cspT_Rep_int_choice_left:
∃c. c ∈ C ∧ Pf c <=T Q ==> !! :C .. Pf <=T Q
∃a. a ∈ X ∧ Pf a <=T Q ==> ! :X .. Pf <=T Q
∃X. X ∈ Xs ∧ Pf X <=T Q ==> !set :Xs .. Pf <=T Q
∃n. n ∈ N ∧ Pf n <=T Q ==> !nat :N .. Pf <=T Q
[| inj f; ∃a. a ∈ X ∧ Pf a <=T Q |] ==> !<f> :X .. Pf <=T Q
lemmas cspT_Rep_int_choice_left:
∃c. c ∈ C ∧ Pf c <=T Q ==> !! :C .. Pf <=T Q
∃a. a ∈ X ∧ Pf a <=T Q ==> ! :X .. Pf <=T Q
∃X. X ∈ Xs ∧ Pf X <=T Q ==> !set :Xs .. Pf <=T Q
∃n. n ∈ N ∧ Pf n <=T Q ==> !nat :N .. Pf <=T Q
[| inj f; ∃a. a ∈ X ∧ Pf a <=T Q |] ==> !<f> :X .. Pf <=T Q
lemmas cspT_Rep_int_choice_left_x:
[| x ∈ C; Pf x <=T Q |] ==> !! :C .. Pf <=T Q
[| x ∈ X; Pf x <=T Q |] ==> ! :X .. Pf <=T Q
[| x ∈ Xs; Pf x <=T Q |] ==> !set :Xs .. Pf <=T Q
[| x ∈ N; Pf x <=T Q |] ==> !nat :N .. Pf <=T Q
[| inj f; x ∈ X; Pf x <=T Q |] ==> !<f> :X .. Pf <=T Q
lemmas cspT_Rep_int_choice_left_x:
[| x ∈ C; Pf x <=T Q |] ==> !! :C .. Pf <=T Q
[| x ∈ X; Pf x <=T Q |] ==> ! :X .. Pf <=T Q
[| x ∈ Xs; Pf x <=T Q |] ==> !set :Xs .. Pf <=T Q
[| x ∈ N; Pf x <=T Q |] ==> !nat :N .. Pf <=T Q
[| inj f; x ∈ X; Pf x <=T Q |] ==> !<f> :X .. Pf <=T Q
lemma cspT_Rep_int_choice0_right:
(!!c. c ∈ C ==> P <=T Qf c) ==> P <=T !! :C .. Qf
lemma cspT_Rep_int_choice0_rightE:
[| P <=T !! :C .. Qf; ∀c∈C. P <=T Qf c ==> R |] ==> R
lemma cspT_Rep_int_choice_fun_right:
[| inj f; !!a. a ∈ X ==> P <=T Qf a |] ==> P <=T !!<f> :X .. Qf
lemma cspT_Rep_int_choice_fun_rightE:
[| P <=T !!<f> :X .. Qf; inj f; ∀a∈X. P <=T Qf a ==> R |] ==> R
lemma cspT_Rep_int_choice2_right:
(!!X. X ∈ Xs ==> P <=T Qf X) ==> P <=T !set :Xs .. Qf
lemma cspT_Rep_int_choice3_right:
(!!n. n ∈ N ==> P <=T Qf n) ==> P <=T !nat :N .. Qf
lemma cspT_Rep_int_choice1_right:
(!!a. a ∈ X ==> P <=T Qf a) ==> P <=T ! :X .. Qf
lemma cspT_Rep_int_choice_f_right:
[| inj f; !!a. a ∈ X ==> P <=T Qf a |] ==> P <=T !<f> :X .. Qf
lemma cspT_Rep_int_choice2_rightE:
[| P <=T !set :Xs .. Qf; ∀X∈Xs. P <=T Qf X ==> R |] ==> R
lemma cspT_Rep_int_choice3_rightE:
[| P <=T !nat :N .. Qf; ∀n∈N. P <=T Qf n ==> R |] ==> R
lemma cspT_Rep_int_choice1_rightE:
[| P <=T ! :X .. Qf; ∀a∈X. P <=T Qf a ==> R |] ==> R
lemma cspT_Rep_int_choice_f_rightE:
[| P <=T !<f> :X .. Qf; inj f; ∀a∈X. P <=T Qf a ==> R |] ==> R
lemmas cspT_Rep_int_choice_right:
(!!c. c ∈ C ==> P <=T Qf c) ==> P <=T !! :C .. Qf
(!!a. a ∈ X ==> P <=T Qf a) ==> P <=T ! :X .. Qf
(!!X. X ∈ Xs ==> P <=T Qf X) ==> P <=T !set :Xs .. Qf
(!!n. n ∈ N ==> P <=T Qf n) ==> P <=T !nat :N .. Qf
[| inj f; !!a. a ∈ X ==> P <=T Qf a |] ==> P <=T !<f> :X .. Qf
lemmas cspT_Rep_int_choice_right:
(!!c. c ∈ C ==> P <=T Qf c) ==> P <=T !! :C .. Qf
(!!a. a ∈ X ==> P <=T Qf a) ==> P <=T ! :X .. Qf
(!!X. X ∈ Xs ==> P <=T Qf X) ==> P <=T !set :Xs .. Qf
(!!n. n ∈ N ==> P <=T Qf n) ==> P <=T !nat :N .. Qf
[| inj f; !!a. a ∈ X ==> P <=T Qf a |] ==> P <=T !<f> :X .. Qf
lemmas cspT_Rep_int_choice_rightE:
[| P <=T !! :C .. Qf; ∀c∈C. P <=T Qf c ==> R |] ==> R
[| P <=T ! :X .. Qf; ∀a∈X. P <=T Qf a ==> R |] ==> R
[| P <=T !set :Xs .. Qf; ∀X∈Xs. P <=T Qf X ==> R |] ==> R
[| P <=T !nat :N .. Qf; ∀n∈N. P <=T Qf n ==> R |] ==> R
[| P <=T !<f> :X .. Qf; inj f; ∀a∈X. P <=T Qf a ==> R |] ==> R
lemmas cspT_Rep_int_choice_rightE:
[| P <=T !! :C .. Qf; ∀c∈C. P <=T Qf c ==> R |] ==> R
[| P <=T ! :X .. Qf; ∀a∈X. P <=T Qf a ==> R |] ==> R
[| P <=T !set :Xs .. Qf; ∀X∈Xs. P <=T Qf X ==> R |] ==> R
[| P <=T !nat :N .. Qf; ∀n∈N. P <=T Qf n ==> R |] ==> R
[| P <=T !<f> :X .. Qf; inj f; ∀a∈X. P <=T Qf a ==> R |] ==> R
lemma cspT_Rep_int_choice0_subset:
[| C2.0 ⊆ C1.0; !!c. c ∈ C2.0 ==> Pf c <=T Qf c |] ==> !! :C1.0 .. Pf <=T !! :C2.0 .. Qf
lemma cspT_Rep_int_choice_fun_subset:
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !!<f> :X .. Pf <=T !!<f> :Y .. Qf
lemma cspT_Rep_int_choice2_subset:
[| Ys ⊆ Xs; !!X. X ∈ Ys ==> Pf X <=T Qf X |] ==> !set :Xs .. Pf <=T !set :Ys .. Qf
lemma cspT_Rep_int_choice3_subset:
[| N2.0 ⊆ N1.0; !!n. n ∈ N2.0 ==> Pf n <=T Qf n |] ==> !nat :N1.0 .. Pf <=T !nat :N2.0 .. Qf
lemma cspT_Rep_int_choice1_subset:
[| Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! :X .. Pf <=T ! :Y .. Qf
lemma cspT_Rep_int_choice_f_subset:
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !<f> :X .. Pf <=T !<f> :Y .. Qf
lemmas cspT_Rep_int_choice_subset:
[| C2.0 ⊆ C1.0; !!c. c ∈ C2.0 ==> Pf c <=T Qf c |] ==> !! :C1.0 .. Pf <=T !! :C2.0 .. Qf
[| Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! :X .. Pf <=T ! :Y .. Qf
[| Ys ⊆ Xs; !!X. X ∈ Ys ==> Pf X <=T Qf X |] ==> !set :Xs .. Pf <=T !set :Ys .. Qf
[| N2.0 ⊆ N1.0; !!n. n ∈ N2.0 ==> Pf n <=T Qf n |] ==> !nat :N1.0 .. Pf <=T !nat :N2.0 .. Qf
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !<f> :X .. Pf <=T !<f> :Y .. Qf
lemmas cspT_Rep_int_choice_subset:
[| C2.0 ⊆ C1.0; !!c. c ∈ C2.0 ==> Pf c <=T Qf c |] ==> !! :C1.0 .. Pf <=T !! :C2.0 .. Qf
[| Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! :X .. Pf <=T ! :Y .. Qf
[| Ys ⊆ Xs; !!X. X ∈ Ys ==> Pf X <=T Qf X |] ==> !set :Xs .. Pf <=T !set :Ys .. Qf
[| N2.0 ⊆ N1.0; !!n. n ∈ N2.0 ==> Pf n <=T Qf n |] ==> !nat :N1.0 .. Pf <=T !nat :N2.0 .. Qf
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !<f> :X .. Pf <=T !<f> :Y .. Qf
lemma cspT_Int_Ext_pre_choice_subset:
[| Y ≠ {}; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! x:X .. x -> Pf x <=T ? :Y -> Qf
lemmas cspT_decompo_subset:
[| C2.0 ⊆ C1.0; !!c. c ∈ C2.0 ==> Pf c <=T Qf c |] ==> !! :C1.0 .. Pf <=T !! :C2.0 .. Qf
[| Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! :X .. Pf <=T ! :Y .. Qf
[| Ys ⊆ Xs; !!X. X ∈ Ys ==> Pf X <=T Qf X |] ==> !set :Xs .. Pf <=T !set :Ys .. Qf
[| N2.0 ⊆ N1.0; !!n. n ∈ N2.0 ==> Pf n <=T Qf n |] ==> !nat :N1.0 .. Pf <=T !nat :N2.0 .. Qf
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !<f> :X .. Pf <=T !<f> :Y .. Qf
[| Y ≠ {}; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! x:X .. x -> Pf x <=T ? :Y -> Qf
lemmas cspT_decompo_subset:
[| C2.0 ⊆ C1.0; !!c. c ∈ C2.0 ==> Pf c <=T Qf c |] ==> !! :C1.0 .. Pf <=T !! :C2.0 .. Qf
[| Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! :X .. Pf <=T ! :Y .. Qf
[| Ys ⊆ Xs; !!X. X ∈ Ys ==> Pf X <=T Qf X |] ==> !set :Xs .. Pf <=T !set :Ys .. Qf
[| N2.0 ⊆ N1.0; !!n. n ∈ N2.0 ==> Pf n <=T Qf n |] ==> !nat :N1.0 .. Pf <=T !nat :N2.0 .. Qf
[| inj f; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> !<f> :X .. Pf <=T !<f> :Y .. Qf
[| Y ≠ {}; Y ⊆ X; !!a. a ∈ Y ==> Pf a <=T Qf a |] ==> ! x:X .. x -> Pf x <=T ? :Y -> Qf
lemma cspT_Ext_choice_right:
[| P <=T Q1.0; P <=T Q2.0 |] ==> P <=T Q1.0 [+] Q2.0