Common use of Flow Refinement Clause in Contracts

Flow Refinement. We use the traces refinement notion [10] to define the refinement relation for flow expressions. To keep flow events in agreement with machine events, some renaming is applied before comparing flow traces: fa ± fc ⇔ traces(R∗(fc \ En)) ⊆ traces(fa) eventually a F∗ b after a eventually b reachable jstart F∗ b b is reachable always reachable ∀e ·j start F∗ e ⇒ e F∗ b b is always reachable liveness ∀e ·j start F∗ e ⇒ ∃n · {b} = Fn(e) b keeps happening

Flow Refinement. We use the traces refinement notion [109] to define the refinement relation for flow expressions. To keep flow events in agreement with machine events, some renaming is applied before comparing flow traces: fa ± fc ⇔ traces(R∗(fc \ En)) ⊆ traces(fa) eventually a F∗ b after a eventually b reachable jstart F∗ b b is reachable always reachable ∀e ·j start F∗ e ⇒ e F∗ b b is always reachable reachable(e) b keeps happening liveness ∀e ·j start F∗ e ⇒ ∃n · {b} = Fn(e) b keeps happeningFn