CDR2D[D,T:posreal] : THEORY BEGIN IMPORTING vectors@vectors_2D % 2D Position Position : TYPE = Vect2 p,s,so,si : VAR Position % 2D Relative Velocity Velocity : TYPE = Vect2 v : VAR Velocity % 2D Absolute Velocity (cannot be zero) AbsVelocity : TYPE = Nz_vect2 vo,vop,vi,vip : VAR AbsVelocity % Relative protected area ProtectedZone : set[Position] = {p | sq(p) < sq(D)} % Sets in PVS are charaterictic funtions, e.g., the defintion above is % equivalent to % ProtectedZone(p) : bool = sq(p) < sq(D) conflict?(s,v): bool = EXISTS(t:nnreal|t <= T): ProtectedZone(s+t*v) % Type of CD algorithms CD : TYPE = PRED[[Position,AbsVelocity,Position,AbsVelocity]] % Same as [[Position,AbsVelocity,Position,AbsVelocity]->bool] cd : VAR CD correct?(cd) : bool = FORALL(so,vo,si,vi): conflict?(so-si,vo-vi) IMPLIES cd(so,vo,si,vi) complete?(cd) : bool = FORALL(so,vo,si,vi): cd(so,vo,si,vi) IMPLIES conflict?(so-si,vo-vi) % Type of CR algorithms CR : TYPE = [[Position,AbsVelocity,Position,AbsVelocity]->set[AbsVelocity]] cr: VAR CR independent?(cr) : bool = FORALL(so,vo,si,vi,vop) : conflict?(so-si,vo-vi) AND member(vop,cr(so,vo,si,vi)) IMPLIES NOT conflict?(so-si,vop-vi) coordinated?(cr) : bool = FORALL(so,vo,si,vi,vop,vip) : conflict?(so-si,vo-vi) AND member(vop,cr(so,vo,si,vi)) IMPLIES member(vip,cr(si,vi,si,vi)) IMPLIES NOT conflict?(so-si,vop-vip) cd2d_ever?(s,v): MACRO bool = IF s*v < 0 THEN sq(s*v)-sqv(v)*(sqv(s)-sq(D)) > 0 ELSE sqv(s) < sq(D) ENDIF cd2d_ever(so,vo,si,vi): bool = cd2d_ever?(so-si,vo-vi) cd2d_ever_incomplete : THEOREM NOT complete?(cd2d_ever) cd2d_ever_correct : THEOREM correct?(cd2d_ever) IMPORTING vectors@ECEF, vectors@vect3_basis, vectors@trackAngles_2D % Radius of the earth R : posreal = 6353000 % [m] geo2sxy(lat_ref,lon_ref:real)(lat,lon:real) : Position = LET midlat = (lat_ref+lat)/2, midlon = (lon_ref+lon)/2, refxyz = spherical2xyz(R,midlat,midlon), pxyz = spherical2xyz(R,lat,lon) IN sphere_to_2D_plane(refxyz)(pxyz) gstrk2vxy(gs:posreal,trk:real): AbsVelocity = v_from(trk,gs) END CDR2D interval_examples: THEORY BEGIN IMPORTING interval_arith@strategies g:posreal=9.8 %[m/s^2] v:posreal=250*0.514 %[m/s] tr(phi:(Tan?)): MACRO real = g*tan(phi)/v % Turn rate of an aircraft with a bank angle of 35 degress is greater than % 3 degrees per second tr_35 : LEMMA 3*pi/180 <= tr(35*pi/180) %|- tr_35 : PROOF (numerical) QED G(x:real|x < 1): MACRO real = 3*x/2 - ln(1-x) A_and_S : LEMMA LET x = 0.5828 IN G(x) > 0 %|- A_and_S : PROOF (numerical) QED x : VAR real epsilon : MACRO real = 0.15 % Example from Behzad Akbarpour ex_ba : LEMMA x ## [|-1/2,0|] IMPLIES abs(ln(1+x) - x) - epsilon <= 2*sq(x) %|- ex_ba : PROOF (then (skeep) (numerical :vars (("x" 10)))) QED END interval_examples bernstein_examples: THEORY BEGIN IMPORTING Bernstein@strategy p1 : LEMMA FORALL (x,y:real): -0.5 <= x AND x <= 1 AND -2 <= y AND y <= 1 IMPLIES 4*x^2 - (21/10)*x^4 + (1/3)*x^6 + (x-3)*y - 4*y^2 + 4*y^4 > -3.4 %|- p1 : PROOF (bernstein) QED p2 : LEMMA EXISTS (x,y:real): -0.5 <= x AND x <= 1 AND -2 <= y AND y <= 1 AND 4*x^2 - (21/10)*x^4 + (1/3)*x^6 + (x-3)*y - 4*y^2 + 4*y^4 < -3.39 %|- p2 : PROOF (bernstein) QED D : posreal T : posreal IMPORTING CDR2D[D,T] s : VAR Position v : VAR Velocity cd2d_numeric_conflict: LEMMA -10 <= s`x AND s`x <= -8 AND -10 <= s`y AND s`y <= -8 AND 6 <= v`x AND v`x <= 9 AND 6 <= v`y AND v`y <= 9 AND D>=4 AND D<=6 IMPLIES cd2d_ever?(s,v) END bernstein_examples