我正在尝试在Isabelle中建模一个非常简单的通信协议,并且在尝试证明简化规则时证明失败了。我不确定它试图证明什么或我需要添加什么来帮助它。我还在学习伊莎贝尔并习惯这个过程;我在这里想念的是什么?这是代码:
-dontobfuscate
-dontwarn org.apache.lang.**
-dontwarn com.google.common.**
-dontwarn org.joda.**
这是错误:
theory simple_prot
imports Main
begin
datatype Agent = Server | Friend nat
datatype Hi = ''HelloMessage''
datatype HiAck = ''HelloAck''
datatype Bye = ''ByeMessage''
datatype ByeAck = ''ByeAck''
datatype M = Hi | HiAck | Bye | ByeAck
datatype msg = packet Agent Agent M
datatype event = Says Agent Agent msg
inductive_set ns_public :: "event list set"
where
Nil : "[] ∈ ns_public"
| Hi : "⟦evm1 ∈ ns_public; A ≠ B; Says A B (packet A B Hi) ∉ used ns_public⟧
⟹ Says A B (packet A B Hi) # evm1 ∈ ns_public"
end