Research Article The Gauge Integral Theory in HOL4e traditional veri cation methods, which include...

Hindawi Publishing CorporationJournal of Applied MathematicsVolume 2013 Article ID 160875 7 pageshttpdxdoiorg1011552013160875

Research ArticleThe Gauge Integral Theory in HOL4

Zhiping Shi12 Weiqing Gu1 Xiaojuan Li1 Yong Guan1 Shiwei Ye3

Jie Zhang4 and Hongxing Wei5

1 Beijing Engineering Research Center of High Reliable Embedded System Capital Normal University Beijing 100048 China2 State Key Laboratory of Computer Architecture Institute of Computing Technology Chinese Academy of SciencesBeijing 100190 China

3 College of Information Science and Engineering Graduate University of Chinese Academy of Sciences Beijing 100049 China4College of Information Science and Technology Beijing University of Chemical Technology Beijing 100029 China5 School of Mechanical Engineering and Automation Beijing University of Aeronautics and Astronautics Beijing 100191 China

Correspondence should be addressed to Zhiping Shi shizhipinggmailcom

Received 6 February 2013 Accepted 27 February 2013

Academic Editor Xiaoyu Song

Copyright copy 2013 Zhiping Shi et al This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

The integral is one of the most important foundations for modeling dynamical systems The gauge integral is a generalization ofthe Riemann integral and the Lebesgue integral and applies to a much wider class of functions In this paper we formalize theoperational properties which contain the linearity monotonicity integration by parts the Cauchy-type integrability criterion andother important theorems of the gauge integral in higher-order logic 4 (HOL4) and then use them to verify an inverting integratorThe formalized theorem library has been accepted by the HOL4 authority and will appear in HOL4 Kananaskis-9

1 Introduction

In the recent years hardware and software systems are widelyused in safety critical applications like car highway andair control systems medical instruments and so on Thecost of a failure in these systems is unacceptably high thusmaking it important to make sure of the correctness of thefunctions in design The traditional verification methodswhich include simulation and testing are not sufficientto validate confidence Formal methods can be helpful inproving the correctness of systems Theorem proving is onemethod for performing verification on formal specificationsof systemmodels [1] It allows tomathematically reason aboutsystem properties by representing the behavior of a system inlogic in a general model In this way the specification andimplementation are expressed as the general mathematicalmodel so that all the cases are covered when they are provedto be equivalent

The integral is amathematical tool to solvemany practicalproblems in geometry physics economics electrical systemsand so on In order to formalize dynamic systems sometheorem provers have already formalized integral theorem

library The IsabelleIsar theorem prover has the formal-ization of the Lebesgue integral [2] and the IsabelleHOLhas the formalization of the gauge Integral [3] Cruz-Filipereported a constructive theory of real analysis [4] whichincludes continuous functions and differential integral andtranscendental functions in the COQ theorem prover ThePVS theorem prover has the Riemann integral formalizedby Butler [5] Mhamdi et al [6] formalized the Lebesgueintegration in HOL4 in order to formalize statistical prop-erties of continuous random variables Harrison formalizedthe gauge integral in HOL light [7] Although there are thedefinition of the gauge integral and the fundamental theoremof calculus in HOL4 [7] there are no operation property andother theorems yet

This paper presents the formalization of the completegauge integral theory in HOL4 [8] including linearityinequality integration by parts and the Cauchy-type integra-bility criterion as well as the formal analysis of an integralcircuit based on the formalization The properties of vectorsand matrices are characterized in accordance with linearspace properties In this paper we use HOL4 notations andsome notations are listed in Table 1

2 Journal of Applied Mathematics

Table 1 Some HOL4 notations and their semantics

Meaning HOL notations Standard notationsTruth 119879 119879

Falsity 119865 perp

Negation simt nottDisjunction 1199051 or 1199052 1199051 or 1199052

Conjunction t1andt2 1199051 and 1199052

Implication 1199051==gt 1199052 1199051 rArr 1199052

Equality 1199051=1199052 1199051 = 1199052

forall-quantification 119909 sdot 119905 forall119909 sdot 119905

exist-quantification 119909 sdot 119905 exist119909 sdot 119905

Lambda 119909 sdot 119905 120582119909 sdot 119905

The rest of the paper is organized as follows In Section 2we give an overview of the gauge integral and present theformalization of the properties and theorems in HOL4In Section 3 the formal analysis of an integral circuit ispresented Section 4 concludes the paperThe definitions andtheorems in this paper are described as formalizations inHOL4 and have been verified for correctness using the HOL4theorem prover

2 The Gauge Integral in HOL4

There are many ways of formally defining an integral notall of which are equivalent The differences exist mostly todeal with differing special cases which may not be integrableunder other definitions The definitions include the Newtonintegral the Riemann integral the Lebesgue integral and thegauge integral which had been proposed in different sensesThe gauge integral proposed by Kurzweil and Henstock isa generalization of the Riemann integral and the Lebesgueintegral and it is suitable for wider situations [8] The gaugeintegral is far simpler than the Lebesgue integralmdashit is not tobe preceded by explanations of sigma-algebras and measures[9] but to be based on the special properties of the closedinterval [8] Harrison made a detailed analysis of advantagesof the gauge integral [7]

For any function119891 which may be not a derivative we saythat it has the gauge integral 119868 on the interval [119886 119887] if for any120576 gt 0 there is a gauge 120575 such that for any 120575-fine division theusual Riemann-type sum approaches 119868 are closer than 120576

1003816100381610038161003816100381610038161003816100381610038161003816

119899

sum

119894=0

119891 (119905119894) (119909119894+1

minus 119909119894) minus 119868

1003816100381610038161003816100381610038161003816100381610038161003816

lt 120576 (1)

So the above reasoning shows that a derivative 1198911015840 always has

the gauge integral 119891(119887) minus 119891(119886) over the interval [119886 119887] that isthe fundamental theorem of calculus holds

Definition 1 (the gauge integral) Let 119891 [119886 119887] rarr 119877 be somefunction and let 119881 be some number We say that 119881 is thegauge integral of119891 written119881 = int

119887

119886

119891(119905)119889119905 if for each number120576 gt 0 there exists a corresponding function 120575 [119886 119887] rarr

(0 +infin)with the following property whenever 119899 is a positiveinteger and 119905

0 1199051 1199052 119905

119899and 1199041 1199042 119904

119899are somenumbers

satisfying 119886 = 1199050le 1199041le 1199051le 1199042le 1199052le sdot sdot sdot le 119905

119899minus1le 119904119899le 119905119899=

119887 and 119905119894minus119905119894minus1

lt 120575(119904119894) for all 119894 then |119881minussum

119899

119894=1119891(119904119894)(119905119894minus119905119894minus1

)| lt 120576Definition 1 is formalized in HOL4 as [7]

|minus 119886 119887119891 119896Dint (119886 119887) 119891 119896 lt=gt119890 0 lt 119890 ==gt

119892 gauge (119909119886 lt= 119909 and 119909 lt= 119887) 119892and

119863119901 tdiv (119886 119887) (119863 119901)and fine 119892 (119863 119901) ==gtabs (rsum (119863 119901) 119891 minus 119896) lt 119890

where division (119886 119887)119863 denotes a division119863 on interval [119886 119887]

division (119886 119887)119863 lt=gt

(119863 0 = 119886)and119873(119899119899 lt 119873 ==gt 119863 119899 lt

119863 (SUC 119899))and119899119899 gt= 119873 ==gt (119863 119899 = 119887)

tdiv (119886 119887)(119863 119901) denotes to get any value between twocontiguous dividing points

tdiv (119886 119887)(119863 119901) lt=gt division (119886 119887) 119863and119899119863 119899 lt=

119901 119899 and 119901 119899 lt= 119863(SUC 119899)

The gauge 119864 119892 indicates that 119892 is a measure over a set 119864 (aninterval commonly) formally as

|minus119864 119892 gauge 119864 119892 lt=gt119909119864 119909 ==gt 0 lt 119892 119909

and fine means as follows

|minus119892 119863 119901 fine 119892 (119863 119901) lt=gt119899119899 lt dsize119863 ==gt

119863 (SUC 119899) minus 119863 119899 lt 119892 (119901 119899)

dsize119863 denotes the number of divisions of the intervaldivided by the division 119863

dsize 119863 = 119873119899119899 lt 119873 ==gt 119863 119899 lt

119863(SUC 119899))and119899119899 gt= 119873 ==gt (119863 119899 = 119863 119873)

In sum ldquoDint (119886 119887) 119891 119896rdquo denotes the integral of 119891 on [119886 119887]

is 119896 Then we give the definitions of integrable and integralbased on Definition 1

Definition 2 (integrable) Function119891 is integrable on interval[119886 119887] means that there exist a number 119894 that satisfy Defini-tion 1

Definition 2 is formalized in HOL4 asintegrable = |minus119886 119887119891 integrable (119886 119887) 119891 lt=gt119894 Dint

(119886 119887) 119891 119894

Definition 3 (integral value) A functionrsquos integral value isformalized as follows

integral = |minus119886 119887119891 integral (119886 119887) 119891 = 119894 Dint (119886 119887)119891 119894The relations between the definitions are described in Theo-rems 4 and 5

Theorem 4 (INTEGRABLE DINT) One has|minus119891 119886 119887 integrable (119886 119887) 119891 ==gtDint (119886 119887) 119891 (integral

(119886 119887)119891)

Theorem 5 (DINT INTEGRAL) Consider|minus119891 119886 119887 119894 119886 lt= 119887 andDint (119886 119887)119891 119894 ==gt (integral (119886 119887)119891 =

119894)

Journal of Applied Mathematics 3

Then we formalizes the operational properties of the gaugeintegral [8]

21 Linearity of the Gauge Integral In this subsection theformalizations of the linear properties are presented after therespective mathematical expressions

Theorem 6 (DINT CONST) The integral of a constant func-tion is computed by

int

119887

119886

119888119889119909 = 119888 lowast (119887 minus 119886) (2)

The formalization is as follows

|minus 119886 119887 119888 Dint (119886 119887) (119909119888) (119888 lowast (119887 minus 119886)) (3)

Theorem 7 (DINT 0) The integral of zero is zero

int

119887

119886

0119889119909 = 0 (4)


|minus 119886 119887 Dint (119886 119887) (1199090) 0 (5)

Theorem 8 (DINT NEG) The integral is negated when thefunction is negated

int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

(minus119891 (119909)) 119889119909 = minus119894 (6)


|minus 119891 119886 119887 119894 Dint (119886 119887) 119891 119894 ==gt Dint (119886 119887) (119909 minus 119891 119909) (minus119894)

(7)

Theorem 9 (DINT CMUL) The integral of the product of afunction multiplied by a constant equals the product of theconstant and the integral of the function

int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

119888 lowast 119891 (119909) 119889119909 = 119888 lowast 119894 (8)


|minus 119891 119886 119887 119888 119894 Dint (119886 119887) 119891 119894

==gt Dint (119886 119887) (119909119888 lowast 119891 119909) (119888 lowast 119894)

(9)

Theorem 10 (DINT ADD) The integral of the sum of twofunctions is the sum of the integrals of the two functions

int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) + 119892 (119909)) 119889119909 = 119894 + 119895

(10)


|minus 119891 119892 119886 119887 119894 119895 Dint (119886 119887) 119891 119894 and Dint (119886 119887) 119892 119895

==gt Dint (119886 119887) (119909 119891 119909 + 119892 119909) (119894 + 119895)

(11)

Theorem 11 (DINT SUB) The integral of the difference of twofunctions is the difference of the integrals of the two functions

int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) minus 119892 (119909)) 119889119909 = 119894 minus 119895

(12)

The formalization is as follows|minus 119891 119892 119886 119887 119894 119895 Dint (119886 119887) 119891 119894 and Dint (119886 119887) 119892 119895

==gt Dint (119886 119887) (119909 119891 119909 minus 119892 119909) (119894 minus 119895)

(13)

Theorem 12 (DINT LINEAR) The integral is linear

int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119898 lowast 119891 (119909) + 119899 lowast 119892 (119909)) 119889119909

= 119898 lowast 119894 + 119899 lowast 119895

(14)


==gt Dint (119886 119887) (119909 119898 lowast 119891 119909 + 119899 lowast 119892 119909) (119898 lowast 119894 + 119899 lowast 119895)

(15)

These theorems are proven based on the definition of thegauge integral

22 Inequalities of the Gauge Integral The three inequalitiesare formalized in this subsection

Theorem 13 (upper and lower bounds) An integrable func-tion f over [119886 119887] is necessarily bounded on that interval Thusthere are real numbers119898 and119872 so that119898 le 119891(119909) le 119872 for all119909 in [119886 119887] Since the lower and upper sums of 119891 over [119886 119887] aretherefore bounded by respectively 119898(119887 minus 119886) and 119872(119887 minus 119886) itfollows that

119898(119887 minus 119886) le int

119887

119886

119891 (119909) 119889119909 le 119872 (119887 minus 119886) (16)

The formalization is as followsINTEGRAL MVT LE|minus119891 119886 119887

119886 lt 119887 and (119909 119886 lt= 119909 and 119909 lt= 119887 ==gt 119891 contl119909)and(119909 119886 lt= 119909 and 119909 lt= 119887 ==gt 119898 lt= 119891119909 119891 119909 lt=

119872)==gt119898lowast(119887minus119886) lt= integral (119886 119887) 119891 and integral (119886 119887)119891 lt=

119872 lowast (119887 minus 119886)

Theorem 14 (inequalities between functions) If 119891(119909) le 119892(119909)

for each119909 in [119886 119887] then each of the upper and lower sums of119891 isbounded above by the upper and lower sums of 119892 respectively

int

119887

119886

119891 (119909) 119889119909 le int

119887

119886

119892 (119909) 119889119909 (17)


The formalization is as followsINTEGRAL LE|minus119891 119892 119886 119887 119894 119895

119886 lt= 119887 and integrable (119886 119887) 119891 and integrable (119886 119887)119892 and

(119909 119886 lt= 119909 and 119909 lt= 119887 ==gt 119891 119909 lt= 119892 119909)==gtintegral (119886 119887) 119891 lt= integral (119886 119887) 119892

DINT LE|minus119891119892 119886 119887 119894 119895 119886 lt= 119887 and Dint (119886 119887)119891 119894 andDint(119886 119887)119892119895 and

(119909 119886 lt= 119909 and 119909 lt= 119887 ==gt 119891(119909) lt= 119892(119909))==gt 119894 lt= 119895

Theorem 15 (inequality of absolute value) If 119891 is the gauge-integrable on [119886 119887] then the same is true for |119891| and

100381610038161003816100381610038161003816100381610038161003816

int

119887

119886

119891 (119909) 119889119909

100381610038161003816100381610038161003816100381610038161003816

le int

119887

119886

1003816100381610038161003816119891 (119909)1003816100381610038161003816 119889119909 (18)

The formalization is as followsDINT TRIANGLE|minus119891 119886 119887 119894 119895

119886 lt= 119887 andDint(119886 119887)119891 119894 andDint(119886 119887)(119909abs(119891 119909))119895 ==gt

abs 119894 lt= 119895This theorem could be proved byTheorem 14

23 The Integral of the Pointwise Perturbation and the SpikeFunctions

Theorem 16 (DINT DELTA) The integral of the delta func-tion which equals 1 only at one certain point otherwise keepszero is zero

119891 (119909) = 1 119909 = 119888

0 else 997904rArr int

119887

119886

119891 (119909) 119889119909 = 0 (19)

The formalization is as follows|minus119886 119887 119888 Dint (119886 119887) (119909 if 119909 = 119888 then 1 else 0) 0

Theorem 17 (DINT POINT SPIKE) The two functionswhich are equal except at a certain point have same integrals

forall119909 isin [119886 119887] and 119909 = 119888 997904rArr (119891 (119909) = 119892 (119909)) and int

119887

119886

119891 (119909) 119889119909 = 119894

997904rArr int

119887

119886

119892 (119909) 119889119909 = 119894

(20)

The formalization is as follows|minus119891 119892 119886 119887 119888 119894

(119909 119886 lt= 119909 and 119909 lt= 119887 and 119909 ltgt 119888 ==gt (119891 119909 = 119892 119909)) and

Dint(119886 119887) 119891 119894 ==gt Dint(119886 119887)119892 119894This shows that if one changes a function at one point thenits integral does not change

24 Other Important Properties

Theorem 18 (integrable on subinterval) For all 119888 119889 119886 le 119888and

119888 le 119889 and 119889 le 119887 if 119891 is integrable over [119886 119887] then 119891 is integrableover [119888 119889]


INTEGRABLE SUBINTERVAL|minus119891 119886 119887 119888 119889 119886 lt= 119888 and 119888 lt= 119889 and 119889 lt= 119887 and integrable(119886 119887) 119891 ==gt integrable (119888 119889)119891

In order to prove Theorem 18 the following three lemmasneed to be proved

INTEGRABLE SPLIT SIDES =

|minus 119891119886 119887 119888119886 lt= 119888 and 119888 lt= 119887 and integrable (119886 119887)119891 ==gt

119894 119890 0 lt 119890 ==gt

119892 gauge (119909 119886 lt= 119909 and 119909 lt= 119887) 119892and

1198891 1199011 1198892 1199012tdiv(119886 119888) (11988911199011) and fine 119892(1198891 1199011) and

tdiv(119888 119887) (11988921199012) and fine 119892(1198892 1199012) ==gt

abs (rsum(1198891 1199011)119891+rsum (1198892 1199012)119891 minus 119894) lt

119890

INTEGRABLE SUBINTERVAL LEFT =|minus 119891119886 119887 119888 119886 lt= 119888 and 119888 lt= 119887 and integrable

(119886 119887) 119891 ==gt integrable (119886 119888) 119891

INTEGRABLE SUBINTERVAL RIGHT =|minus 119891119886 119887 119888 119886 lt= 119888and119888 lt= 119887andintegrable (119886 119887) 119891 ==gt

integrable (119888 119887) 119891

The INTEGRABLE SPLIT SIDES is used toprove INTEGRABLE SUBINTERVAL LEFT andINTEGRABLE SUBINTERVAL RIGHT then the theoremINTEGRABLE SUBINTERVAL can be proved by thetransitivity of real number

Theorem 19 (additivity of integration on intervals) If 119887 is anyelement of [119886 119888] then

int

119887

119886

119891 (119909) 119889119909 + int

119888

119887

119891 (119909) 119889119909 = int

119888

119886

119891 (119909) 119889119909 (21)


INTEGRAL COMBINE|minus 119891119886 119887 119888

119886 lt= 119887 and 119887 lt= 119888 and integrable (119886 119888) 119891 ==gt

(integral (119886 119888) 119891 = integral (119886 119887) 119891 +

integral (119887 119888) 119891)

The proof of Theorem 19 is sophisticated We utilize multiplelemmas shown in Table 2The proof is branched based on 119886 lt= 119887 and 119887 lt= 119888 It is easy incase of 119886 = 119887 or 119887 = 119888 In case 119886 lt 119887 and 119887 lt 119888 119887 is the tie point


Table 2 The lemmas provingTheorem 19

Name of lemma Description in HOL4DIVISION LE SUC forall119889 119886 119887 division (a b) d ==gt foralln d n lt= d (SUC n)DIVISION MONO LE forall119889 119886 119887 division (a b) d ==gt forallm nm lt= n ==gt d m lt= d nDIVISION MONO LE SUC forall119889 119886 119887 division (a b) d ==gt foralln d n lt= d (SUC n)

DIVISION INTERMEDIATE forall119889 119886 119887 119888 division (a b) d and a lt= c and c lt= b ==gtexist n n lt= dsize d and d n lt= c and c lt= d (SUC n)

DIVISION DSIZE LE forall 119886 119887 119889 119899 division (a b) d and (d (SUC n) = d n) ==gt dsize d lt= nDIVISION DSIZE GE forall 119886 119887 119889 119899 division (a b) d and d n lt d (SUC n) ==gt SUC n lt= dsize d

DIVISION DSIZE EQ forall 119886 119887 119889 119899 division (a b) d and d n lt d (SUC n) and (d (SUC (SUC n)) = d (SUC n)) ==gt(dsize d = SUC n)

DIVISION DSIZE EQ ALT forall 119886 119887 119889 119899 division (a b) d and (d (SUC n) = d n) and (foralli i lt n ==gt d i lt d (SUC i))==gt (dsize d = n)

of two measure intervals It needs the lemmas of Table 1 toprove interval measure and division fine The proof programconsists of over 400 lines of HOL4 codeThe proof procedureis described as follows

In case 119886 lt 119887and119887 lt 119888 the proof goal is extended as follows

abs (sum (0 dsize 119889) (119899119891 (119901 119899) lowast (119889 (SUC 119899) minus 119889 119899))

minus (119894 + 119895)) lt 119890

(22)

The proof goal transfers by using the fourth lemma

abs (sum (0 119898 + 119899) (119899119891 (119901 119899) lowast (119889 (SUC 119899) minus 119889 119899))

minus (119894 + 119895)) lt 119890

(23)

This lemma is proven with two cases based on 119899 = 0 or 119899 = 0In case of 119899 = 0 the goal is

abs (sum (0 119898) (119899119891 (119901 119899) lowast (119889 (SUC 119899) minus 119889 119899))

+ (119891 (119901 119898) lowast (119889 (SUC 119898) minus 119889 119898) + sum (119898 + 1PRE 119899)

times (119899119891 (119901 119899) lowast (119889 (SUC 119899) minus 119889 119899))) minus (119894 + 119895)) lt 119890

(24)

The goal is rewritten by 119901 119898 = 119887


+ (119891 119887 lowast (119889 (SUC 119898) minus 119889 119898) + sum (119898 + 1PRE 119899)


(25)

Let 1199041 denote sum (0 119898) (119899119891(119901 119899)lowast (119889(SUC 119899)minus119889 119899)) andlet 1199042 denote sum (119898 + 1PRE 119899) (119899119891(119901 119899) lowast (119889 (SUC 119899) minus

119889 119899)) the simplized goal is as follows

abs (1199041 + 119891 119887 lowast (119887 minus 119889 119898) minus 119894)

lt119890

2and abs (1199042 + 119891 119887 lowast (119889 (SUC 119898) minus 119887) minus 119895) lt

119890

2

(26)

For abs (1199041 + 119891 119887 lowast (119887 minus 119889 119898) minus 119894) lt 1198902 we prove it basedon 119889 119898 = 119887 and 119889 119898 = 119887 Similarly for abs (1199042 + 119891 119887 lowast

(119889(SUC 119898) minus 119887) minus 119895) lt 1198902 we prove it based on the cases119889 (SUC 119898) = 119887 or 119889(SUC119898) = 119887 then the goal is proved

Theorem20 (the Cauchy-type integrability criterion) Let119891

[119886 119887] rarr R Then 119891 is integrable over [119886 119887] if and only if forevery 120576 gt 0 there is a gauge 120574 on [119886 119887] such that if119863

1 1198632≪ 120574

then |119878(1198911198631)minus119878(119891119863

2)| lt 120576 where 119878(119891119863) is a Riemann sum

and 1198631 1198632are partitions of [119886 119887]

The formalization is as followsINTEGRABLE CAUCHY|minus 119891119886 119887integrable (119886 119887)119891 lt=gt

119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119887) (1198891 1199011) and fine 119892(1198891 1199011) and

119905div(119886 119887) (1198892 1199012) and fine 119892 (1198892 1199012) ==gt

abs (rsum(1198891 1199011)119891 minus rsum(1198892 1199012)119891) lt 119890The Cauchy criterion indicates that an integrable function isalways convergent for any division on the interval

First of all we should prove that a function for anygauge over the set is 120575-fine we formalized the lemma asGAUGE MIN FINITE

|minus 119904 119892119904 119898(119898 119898 lt= 119899 ==gt gauge 119904 (119892119904 119898))==gt119892gauge 119904 119892 and

119889119901 fine (119889 119901) ==gt 119898 119898 lt= 119899 ==gt fine(119892119904 119898) (119889 119901)

Theorem 21 (limit theorem) Let 119891 [119886 119887] rarr R and assumethat for every 120576 gt 0 there exists an integrable function 119892

[119886 119887] rarr R such that |119891minus119892| le 120576 on [119886 119887]Then119891 is integrableover [119886 119887]


val SUMMING INTEGRATOR = store thm(ldquoSUMMING INTEGRATORrdquoldquox 0lt=x ==gt (integral(0 x) (t (m lowast cos t) + (n lowast sin t)) =m lowast sin x + n lowast(cos 0 minus cos x))rdquoRW TAC std ss[] THEN REWRITE TAC[integral] THENSELECT ELIM TAC THEN CONJ TAC THENL[EXISTS TACldquom lowast sin x + n lowast (cos 0 minus cos x)rdquo THENMATCH MP TAC DINT LINEAR THEN CONJ TAC THENL[SUBGOAL THENldquosin x = sin x minus sin 0rdquoASSUME TAC THENL

[SIMP TAC std ss[SIN 0] THEN REAL ARITH TAC ONCE ASM REWRITE TAC[]] THENMATCH MP TAC FTC1 THEN RW TAC std ss[] THEN

ASM SIMP TAC arith ss[DIFF SIN] ALL TAC] THENSUBGOAL THENldquocos 0 minus cos x = minuscos x minus cos 0rdquoASSUME TAC THENL[REWRITE TAC[REAL SUB NEG2] ALL TAC] THENONCE ASM REWRITE TAC[] THEN HO MATCH MP TAC FTC1 THENASM SIMP TAC std ss[DIFF NEG COS]ALL TAC] THEN

RW TAC std ss[] THENMATCH MP TAC DINT UNIQ THENMAP EVERY EXISTS TAC[ldquo0realrdquoldquoxrealrdquo

ldquo(t (m lowast cos t) + (n lowast sin t))real-gtrealrdquo] THENASM REWRITE TAC[] THENMATCH MP TAC DINT LINEAR THENCONJ TAC THENL[SUBGOAL THEN ldquosin x = sin x minus sin 0rdquoASSUME TAC THENL[SIMP TAC std ss[SIN 0] THEN REAL ARITH TACONCE ASM REWRITE TAC[] THENMATCH MP TAC FTC1 THEN

RW TAC std ss[] THEN ASM SIMP TAC arith ss[DIFF SIN]] ALL TAC] THENSUBGOAL THENldquocos 0 minus cos x = minuscos x minus cos 0rdquoASSUME TAC THENL[REWRITE TAC[REAL SUB NEG2] ONCE ASM REWRITE TAC[]] THEN

HO MATCH MP TAC FTC1 THEN ASM SIMP TAC std ss[DIFF NEG COS])

Algorithm 1 The formalization and proof of SUMMING INTEGRATOR


INTEGRABLE LIMIT|minus119891119886 119887(119890 0 lt 119890 ==gt

119892 (119909 119886 lt= 119909and119909 lt= 119887 ==gt abs(119891 119909minus119892 119909) lt=

119890) and integrable(119886 119887)119892) ==gt

integrable (119886 119887) 119891

In order to make the proof easier we proved theRSUM DIFF BOUND at first

|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and

(119909 119886 lt= 119909 and 119909 lt= 119887 ==gt abs(119891 119909 minus 119892 119909) lt=

119890) ==gt

abs (rsum(119889 119901)119891 minus rsum(119889 119901)119892) lt= 119890 lowast (119887 minus 119886)

Theorem 22 (integrability of continuous functions) If 119891

[119886 119887] rarr R is continuous then 119891 is integrable over [119886 119887]


INTEGRABLE CONTINUOUS|minus119891119886 119887 (119909 119886 lt= 119909 and 119909 lt= 119887 ==gt 119891 contl 119909) ==gtintegrable (119886 119887) 119891

To prove Theorem 22 we first prove the uniform continuitytheorem

119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942

Figure 1 The summing inverting circuit

If 119891 [119886 119887] rarr R is continuous 119891 is uniformly con-tinuous And then the result is given by that the uniformlycontinuous functions are integrable The uniform continuitytheorem is formalized as follows

CONT UNIFORM

|minus119891119886 119887

119886 lt= 119887 and (119909 119886 lt= 119909and119909 lt= 119887 ==gt 119891 contl 119909)==gt

119890 0 lt 119890 ==gt

119889 0 lt 119889and

119909119910 119886 lt= 119909 and 119909 lt= 119887 and 119886 lt= 119910 and 119910 lt=

119887 and abs(119909 minus 119910) lt 119889 ==gt

abs (119891 119909 minus 119891 119910) lt 119890


3 Verifying a Summing Inverting Integrator

In order to illustrate the usefulness of the proposed approachwe use our formalization to analyze a summing integratorIntegration circuits are widely used in electronic circuitsthey are often used for waveform transformation amplifieroffset voltage elimination integral compensation in feedbackcontrol and so on In this section we use the formalizationabove to verify a summing inverting integrator Figure 1shows the basic summing inverting integral circuit

The relation between output and input voltage can bepresent as the following formula

V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)

We assumed the integral constant minus11198771119862 = 119898 minus1119877

2119862 = 119899

then formula 1 can be simplified as the following formula

V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0

(119898 lowast cos 119905 + 119899 lowast sin 119905) 119889119905

= 119898 lowast sin119909 + 119899 lowast (cos 0 minus cos119909) (29)

Formula (29) can be formalized in HOL4 as follows

SUMMING INTEGRATOR|minus119909 0 lt= 119909 ==gt (integral(0 119909) (119905(119898 lowast cos 119905) + (119899 lowast

sin 119905)) = 119898 lowast sin119909 + 119899 lowast (cos 0 minus cos119909))

The detailed formalization and proof are shown inAlgorithm 1

In this proof we employ the linear property of integralDINT LINEAR to divide the integral of the addition oftwo functions into the addition of two integrals of the twofunctions then we prove the two integrals respectively Forinstantiating the input variable 119881

1198941and 119881

1198942 the derivative of

negative cosine is proved in advance

119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)

val DIFF NEG COS = store thm(ldquoDIFF NEGCOSrdquo)ldquo119909 ((119905minus cos 119905) diffl sin(119909)) (119909)rdquoGEN TAC THEN SUBGOAL THENldquosin119909 = minus sin119909

rdquo ASSUME TAC THENL[REWRITE TAC[REAL NEGNEG]ALL TAC]THENONCE ASM REWRITE TAC[] THENMATCH MP TAC DIFF NEG THEN REWRITETAC[DIFF COS])

4 Conclusion

In this paper we presented a higher-order logic formalizationof the gauge integral The major properties of the gaugeintegral including the linearity boundedness monotonicityintegration by parts and Cauchy-type integrability criterionwere formalized and proven in HOL4 and then a formalproving of an inverting integrator was presented The pro-posed integral theorem library has been accepted by HOL4authority and will appear in HOL4 Kananaskis-9

Acknowledgments

The authors thank Professor Jin Shengzhen and Dr JohnHarrison for their helpful suggestions and thank Dr MichaelNorrish for reviewing their gauge integral theorem libraryThis work was supported by the International CooperationProgram on Science and Technology (2010DFB10930 and2011DFG13000) the National Natural Science Foundation ofChina (60873006 61070049 61170304 and 61104035) theNatural Science Foundation of the City of Beijing (4122017)the SampR Key Program of the Beijing Municipal EducationCommission (KZ201210028036) the Open Project Programof State Key Laboratory of Computer Architecture and theOpen Project Program of Guangxi Key Laboratory of TrustedSoftware

References

[1] C Kern and M R Greenstreet ldquoFormal verification in hard-ware design a surveyrdquoACMTransactions onDesignAutomationof Electronic Systems vol 4 no 2 pp 123ndash193 1999

[2] Stefan Richter ldquoFormalizing integration theory with an appli-cation to probabilistic algorithmsrdquo in Proceedings of the 17thInternational Conference on Theorem Proving in Higher OrderLogics (TPHOLs rsquo04) K Slind A Bunker and G Gepalakrish-nan Eds vol 3223 of Lecture Notes in Computer Science pp271ndash286 Springer Park City Utah USA September 2004

[3] J D Fleuriot ldquoOn the mechanization of real analysis inIsabelleHOLrdquo in Theorem Proving in Higher Order Logics pp145ndash161 2000

[4] L Cruz-Filipe Constructive real analysis a type-theoreticalformalization and applications [PhD thesis] University ofNijmegen 2004

[5] R W Butler ldquoFormalization of the integral calculus in the PVStheorem proverrdquo Journal of Formalized Reasoning vol 2 no 1pp 1ndash26 2009

[6] T Mhamdi O Hasan and S Tahar ldquoOn the formalization ofthe Lebesgue integration theory inHOLrdquo in InteracitveTheoremProving vol 6172 of Lecture Notes in Computer Science pp 387ndash402 Springer 2010

[7] J Harrison Theorem Proving with the Real Numbers SpringerHeidelberg Germany 1998

[8] C Swartz Introduction to Gauge Integrals World ScientificSingapore 2001

[9] R A Gordon The Integrals of Lebesgue Denjoy Perron andHenstock vol 4 of Graduate Studies in Mathematics AmericanMathematical Society Providence RI USA 1994

Submit your manuscripts athttpwwwhindawicom

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

MathematicsJournal of


Mathematical Problems in Engineering

Hindawi Publishing Corporationhttpwwwhindawicom

Differential EquationsInternational Journal of

Volume 2014

Applied MathematicsJournal of


Probability and StatisticsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Journal of


Mathematical PhysicsAdvances in

Complex AnalysisJournal of


OptimizationJournal of


CombinatoricsHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of


Operations ResearchAdvances in

Journal of


Function Spaces

Abstract and Applied AnalysisHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

International Journal of Mathematics and Mathematical Sciences


The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014


Algebra

Discrete Dynamics in Nature and Society



Decision SciencesAdvances in

Discrete MathematicsJournal of


Volume 2014 Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Stochastic AnalysisInternational Journal of


Table 1 Some HOL4 notations and their semantics

Meaning HOL notations Standard notationsTruth 119879 119879

Falsity 119865 perp

Negation simt nottDisjunction 1199051 or 1199052 1199051 or 1199052

Conjunction t1andt2 1199051 and 1199052

Implication 1199051==gt 1199052 1199051 rArr 1199052

Equality 1199051=1199052 1199051 = 1199052

forall-quantification 119909 sdot 119905 forall119909 sdot 119905

exist-quantification 119909 sdot 119905 exist119909 sdot 119905

Lambda 119909 sdot 119905 120582119909 sdot 119905

The rest of the paper is organized as follows In Section 2we give an overview of the gauge integral and present theformalization of the properties and theorems in HOL4In Section 3 the formal analysis of an integral circuit ispresented Section 4 concludes the paperThe definitions andtheorems in this paper are described as formalizations inHOL4 and have been verified for correctness using the HOL4theorem prover

2 The Gauge Integral in HOL4

There are many ways of formally defining an integral notall of which are equivalent The differences exist mostly todeal with differing special cases which may not be integrableunder other definitions The definitions include the Newtonintegral the Riemann integral the Lebesgue integral and thegauge integral which had been proposed in different sensesThe gauge integral proposed by Kurzweil and Henstock isa generalization of the Riemann integral and the Lebesgueintegral and it is suitable for wider situations [8] The gaugeintegral is far simpler than the Lebesgue integralmdashit is not tobe preceded by explanations of sigma-algebras and measures[9] but to be based on the special properties of the closedinterval [8] Harrison made a detailed analysis of advantagesof the gauge integral [7]

For any function119891 which may be not a derivative we saythat it has the gauge integral 119868 on the interval [119886 119887] if for any120576 gt 0 there is a gauge 120575 such that for any 120575-fine division theusual Riemann-type sum approaches 119868 are closer than 120576

1003816100381610038161003816100381610038161003816100381610038161003816

119899

sum

119894=0

119891 (119905119894) (119909119894+1

minus 119909119894) minus 119868

1003816100381610038161003816100381610038161003816100381610038161003816

lt 120576 (1)

So the above reasoning shows that a derivative 1198911015840 always has

the gauge integral 119891(119887) minus 119891(119886) over the interval [119886 119887] that isthe fundamental theorem of calculus holds

Definition 1 (the gauge integral) Let 119891 [119886 119887] rarr 119877 be somefunction and let 119881 be some number We say that 119881 is thegauge integral of119891 written119881 = int

119887

119886

119891(119905)119889119905 if for each number120576 gt 0 there exists a corresponding function 120575 [119886 119887] rarr

(0 +infin)with the following property whenever 119899 is a positiveinteger and 119905

0 1199051 1199052 119905

119899and 1199041 1199042 119904

119899are somenumbers

satisfying 119886 = 1199050le 1199041le 1199051le 1199042le 1199052le sdot sdot sdot le 119905

119899minus1le 119904119899le 119905119899=

119887 and 119905119894minus119905119894minus1

lt 120575(119904119894) for all 119894 then |119881minussum

119899

119894=1119891(119904119894)(119905119894minus119905119894minus1

)| lt 120576Definition 1 is formalized in HOL4 as [7]

|minus 119886 119887119891 119896Dint (119886 119887) 119891 119896 lt=gt119890 0 lt 119890 ==gt

119892 gauge (119909119886 lt= 119909 and 119909 lt= 119887) 119892and

119863119901 tdiv (119886 119887) (119863 119901)and fine 119892 (119863 119901) ==gtabs (rsum (119863 119901) 119891 minus 119896) lt 119890

where division (119886 119887)119863 denotes a division119863 on interval [119886 119887]

division (119886 119887)119863 lt=gt

(119863 0 = 119886)and119873(119899119899 lt 119873 ==gt 119863 119899 lt

119863 (SUC 119899))and119899119899 gt= 119873 ==gt (119863 119899 = 119887)

tdiv (119886 119887)(119863 119901) denotes to get any value between twocontiguous dividing points

tdiv (119886 119887)(119863 119901) lt=gt division (119886 119887) 119863and119899119863 119899 lt=

119901 119899 and 119901 119899 lt= 119863(SUC 119899)

The gauge 119864 119892 indicates that 119892 is a measure over a set 119864 (aninterval commonly) formally as

|minus119864 119892 gauge 119864 119892 lt=gt119909119864 119909 ==gt 0 lt 119892 119909

and fine means as follows

|minus119892 119863 119901 fine 119892 (119863 119901) lt=gt119899119899 lt dsize119863 ==gt

119863 (SUC 119899) minus 119863 119899 lt 119892 (119901 119899)

dsize119863 denotes the number of divisions of the intervaldivided by the division 119863

dsize 119863 = 119873119899119899 lt 119873 ==gt 119863 119899 lt

119863(SUC 119899))and119899119899 gt= 119873 ==gt (119863 119899 = 119863 119873)

In sum ldquoDint (119886 119887) 119891 119896rdquo denotes the integral of 119891 on [119886 119887]

is 119896 Then we give the definitions of integrable and integralbased on Definition 1

Definition 2 (integrable) Function119891 is integrable on interval[119886 119887] means that there exist a number 119894 that satisfy Defini-tion 1

Definition 2 is formalized in HOL4 asintegrable = |minus119886 119887119891 integrable (119886 119887) 119891 lt=gt119894 Dint

(119886 119887) 119891 119894

Definition 3 (integral value) A functionrsquos integral value isformalized as follows

integral = |minus119886 119887119891 integral (119886 119887) 119891 = 119894 Dint (119886 119887)119891 119894The relations between the definitions are described in Theo-rems 4 and 5

Theorem 4 (INTEGRABLE DINT) One has|minus119891 119886 119887 integrable (119886 119887) 119891 ==gtDint (119886 119887) 119891 (integral

(119886 119887)119891)

Theorem 5 (DINT INTEGRAL) Consider|minus119891 119886 119887 119894 119886 lt= 119887 andDint (119886 119887)119891 119894 ==gt (integral (119886 119887)119891 =

119894)





int

119887

119886

119888119889119909 = 119888 lowast (119887 minus 119886) (2)




int

119887

119886

0119889119909 = 0 (4)


|minus 119886 119887 Dint (119886 119887) (1199090) 0 (5)


int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

(minus119891 (119909)) 119889119909 = minus119894 (6)



(7)


int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

119888 lowast 119891 (119909) 119889119909 = 119888 lowast 119894 (8)


|minus 119891 119886 119887 119888 119894 Dint (119886 119887) 119891 119894


(9)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) + 119892 (119909)) 119889119909 = 119894 + 119895

(10)



==gt Dint (119886 119887) (119909 119891 119909 + 119892 119909) (119894 + 119895)

(11)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) minus 119892 (119909)) 119889119909 = 119894 minus 119895

(12)



(13)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119898 lowast 119891 (119909) + 119899 lowast 119892 (119909)) 119889119909

= 119898 lowast 119894 + 119899 lowast 119895

(14)



(15)




119898(119887 minus 119886) le int

119887

119886

119891 (119909) 119889119909 le 119872 (119887 minus 119886) (16)




119872 lowast (119887 minus 119886)



int

119887

119886

119891 (119909) 119889119909 le int

119887

119886

119892 (119909) 119889119909 (17)








100381610038161003816100381610038161003816100381610038161003816

int

119887

119886

119891 (119909) 119889119909

100381610038161003816100381610038161003816100381610038161003816

le int

119887

119886

1003816100381610038161003816119891 (119909)1003816100381610038161003816 119889119909 (18)






119891 (119909) = 1 119909 = 119888


119887

119886

119891 (119909) 119889119909 = 0 (19)




119887

119886

119891 (119909) 119889119909 = 119894

997904rArr int

119887

119886

119892 (119909) 119889119909 = 119894

(20)












119894 119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119888) (11988911199011) and fine 119892(1198891 1199011) and

tdiv(119888 119887) (11988921199012) and fine 119892(1198892 1199012) ==gt


119890


(119886 119887) 119891 ==gt integrable (119886 119888) 119891


integrable (119888 119887) 119891



int

119887

119886

119891 (119909) 119889119909 + int

119888

119887

119891 (119909) 119889119909 = int

119888

119886

119891 (119909) 119889119909 (21)





integral (119887 119888) 119891)












minus (119894 + 119895)) lt 119890

(22)



minus (119894 + 119895)) lt 119890

(23)





(24)





(25)




lt119890


119890

2

(26)





1 1198632≪ 120574

then |119878(1198911198631)minus119878(119891119863




119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119887) (1198891 1199011) and fine 119892(1198891 1199011) and

119905div(119886 119887) (1198892 1199012) and fine 119892 (1198892 1199012) ==gt




119889119901 fine (119889 119901) ==gt 119898 119898 lt= 119899 ==gt fine(119892119904 119898) (119889 119901)
















integrable (119886 119887) 119891


|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and


119890) ==gt







119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942



CONT UNIFORM

|minus119891119886 119887


119890 0 lt 119890 ==gt

119889 0 lt 119889and



abs (119891 119909 minus 119891 119910) lt 119890





V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra













int

119887

119886

119888119889119909 = 119888 lowast (119887 minus 119886) (2)




int

119887

119886

0119889119909 = 0 (4)


|minus 119886 119887 Dint (119886 119887) (1199090) 0 (5)


int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

(minus119891 (119909)) 119889119909 = minus119894 (6)



(7)


int

119887

119886

119891 (119909) 119889119909 = 119894 997904rArr int

119887

119886

119888 lowast 119891 (119909) 119889119909 = 119888 lowast 119894 (8)


|minus 119891 119886 119887 119888 119894 Dint (119886 119887) 119891 119894


(9)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) + 119892 (119909)) 119889119909 = 119894 + 119895

(10)



==gt Dint (119886 119887) (119909 119891 119909 + 119892 119909) (119894 + 119895)

(11)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119891 (119909) minus 119892 (119909)) 119889119909 = 119894 minus 119895

(12)



(13)


int

119887

119886

119891 (119909) 119889119909 = 119894 and int

119887

119886

119892 (119909) 119889119909 = 119895

997904rArr int

119887

119886

(119898 lowast 119891 (119909) + 119899 lowast 119892 (119909)) 119889119909

= 119898 lowast 119894 + 119899 lowast 119895

(14)



(15)




119898(119887 minus 119886) le int

119887

119886

119891 (119909) 119889119909 le 119872 (119887 minus 119886) (16)




119872 lowast (119887 minus 119886)



int

119887

119886

119891 (119909) 119889119909 le int

119887

119886

119892 (119909) 119889119909 (17)








100381610038161003816100381610038161003816100381610038161003816

int

119887

119886

119891 (119909) 119889119909

100381610038161003816100381610038161003816100381610038161003816

le int

119887

119886

1003816100381610038161003816119891 (119909)1003816100381610038161003816 119889119909 (18)






119891 (119909) = 1 119909 = 119888


119887

119886

119891 (119909) 119889119909 = 0 (19)




119887

119886

119891 (119909) 119889119909 = 119894

997904rArr int

119887

119886

119892 (119909) 119889119909 = 119894

(20)












119894 119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119888) (11988911199011) and fine 119892(1198891 1199011) and

tdiv(119888 119887) (11988921199012) and fine 119892(1198892 1199012) ==gt


119890


(119886 119887) 119891 ==gt integrable (119886 119888) 119891


integrable (119888 119887) 119891



int

119887

119886

119891 (119909) 119889119909 + int

119888

119887

119891 (119909) 119889119909 = int

119888

119886

119891 (119909) 119889119909 (21)





integral (119887 119888) 119891)












minus (119894 + 119895)) lt 119890

(22)



minus (119894 + 119895)) lt 119890

(23)





(24)





(25)




lt119890


119890

2

(26)





1 1198632≪ 120574

then |119878(1198911198631)minus119878(119891119863




119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119887) (1198891 1199011) and fine 119892(1198891 1199011) and

119905div(119886 119887) (1198892 1199012) and fine 119892 (1198892 1199012) ==gt




119889119901 fine (119889 119901) ==gt 119898 119898 lt= 119899 ==gt fine(119892119904 119898) (119889 119901)
















integrable (119886 119887) 119891


|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and


119890) ==gt







119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942



CONT UNIFORM

|minus119891119886 119887


119890 0 lt 119890 ==gt

119889 0 lt 119889and



abs (119891 119909 minus 119891 119910) lt 119890





V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra
















100381610038161003816100381610038161003816100381610038161003816

int

119887

119886

119891 (119909) 119889119909

100381610038161003816100381610038161003816100381610038161003816

le int

119887

119886

1003816100381610038161003816119891 (119909)1003816100381610038161003816 119889119909 (18)






119891 (119909) = 1 119909 = 119888


119887

119886

119891 (119909) 119889119909 = 0 (19)




119887

119886

119891 (119909) 119889119909 = 119894

997904rArr int

119887

119886

119892 (119909) 119889119909 = 119894

(20)












119894 119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119888) (11988911199011) and fine 119892(1198891 1199011) and

tdiv(119888 119887) (11988921199012) and fine 119892(1198892 1199012) ==gt


119890


(119886 119887) 119891 ==gt integrable (119886 119888) 119891


integrable (119888 119887) 119891



int

119887

119886

119891 (119909) 119889119909 + int

119888

119887

119891 (119909) 119889119909 = int

119888

119886

119891 (119909) 119889119909 (21)





integral (119887 119888) 119891)












minus (119894 + 119895)) lt 119890

(22)



minus (119894 + 119895)) lt 119890

(23)





(24)





(25)




lt119890


119890

2

(26)





1 1198632≪ 120574

then |119878(1198911198631)minus119878(119891119863




119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119887) (1198891 1199011) and fine 119892(1198891 1199011) and

119905div(119886 119887) (1198892 1199012) and fine 119892 (1198892 1199012) ==gt




119889119901 fine (119889 119901) ==gt 119898 119898 lt= 119899 ==gt fine(119892119904 119898) (119889 119901)
















integrable (119886 119887) 119891


|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and


119890) ==gt







119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942



CONT UNIFORM

|minus119891119886 119887


119890 0 lt 119890 ==gt

119889 0 lt 119889and



abs (119891 119909 minus 119891 119910) lt 119890





V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra



















minus (119894 + 119895)) lt 119890

(22)



minus (119894 + 119895)) lt 119890

(23)





(24)





(25)




lt119890


119890

2

(26)





1 1198632≪ 120574

then |119878(1198911198631)minus119878(119891119863




119890 0 lt 119890 ==gt


1198891 1199011 1198892 1199012tdiv(119886 119887) (1198891 1199011) and fine 119892(1198891 1199011) and

119905div(119886 119887) (1198892 1199012) and fine 119892 (1198892 1199012) ==gt




119889119901 fine (119889 119901) ==gt 119898 119898 lt= 119899 ==gt fine(119892119904 119898) (119889 119901)
















integrable (119886 119887) 119891


|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and


119890) ==gt







119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942



CONT UNIFORM

|minus119891119886 119887


119890 0 lt 119890 ==gt

119889 0 lt 119889and



abs (119891 119909 minus 119891 119910) lt 119890





V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra






















integrable (119886 119887) 119891


|minus119886 119887 119889119901 119890119891119892tdiv(119886 119887) (119889 119901) and


119890) ==gt







119862

1198771

1198772

119877119901

119881119900

+

minus1198811198941

1198811198942



CONT UNIFORM

|minus119891119886 119887


119890 0 lt 119890 ==gt

119889 0 lt 119889and



abs (119891 119909 minus 119891 119910) lt 119890





V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra













V119900(119909) = minus

1

119862int

119909

0

[V1198941

(119905)

1198771

+V1198942

(119905)

1198772

] 119889119905 (27)


2119862 = 119899


V0(119909) = int

119909

0

(119898 lowast V1198941

(119905) + 119899 lowast V1198942

(119905)) 119889119905 (28)

When 1198811198941(119905) = cos 119905 119881

1198942(119905) = sin 119905 we can get

119881119900(119909) = int

119909

0








1198941and 119881



119889

119889119905(minus cos 119905)

10038161003816100381610038161003816100381610038161003816119905=119909

= sin119909 (30)



4 Conclusion


Acknowledgments


References

















Volume 2014




Journal of











Journal of


Function Spaces






Algebra
















Volume 2014




Journal of











Journal of


Function Spaces






Algebra









Research Article The Gauge Integral Theory in HOL4e traditional veri cation methods, which include...

Documents

Transcript of Research Article The Gauge Integral Theory in HOL4e traditional veri cation methods, which include...