 
Summary: A Coinductive Formulation of the ``Coinduction
Theorem'' by Michael and Appel
Andreas Abel \Lambda
June 26, 2000
1 Inductive Treatment of Safety
In [MA00] Neophytos G. Michael and Andrew W. Appel introduce machine
safety for a transition relation 7! on the set of machine states S as follows:
Safe(s) :() 8s 0 : s 7! \Lambda s 0 ) 9s 00 : s 0 7! s 00
This expresses that a state is safe if after a finite number of transitions starting
from this state there is still one more possible transition. Given an invariant
Inv ` S, written Inv(s) for s 2 Inv, they define the properties progress and
preservation by:
Prog(Inv) :() 8s: Inv(s) ) 9s 0 : s 7! s 0
Pres(Inv) :() 8s; s 0 : Inv(s) “ s 7! s 0 ) Inv(s 0 )
Prog states that an invariant enables progress if it enables a further transition
step. Pres expresses that the invariant is preserved by the step relation. It is
clear that a progressive and preserved invariant that holds for the initial state
guarantees safety, which they state in the ``coinduction theorem'':
Inv(s 0 ) Prog(Inv) Pres(Inv)
Safe(s 0 )
