let s be State of SCM+FSA ; :: thesis: for I being Program of SCM+FSA st I is_closed_on Initialize s & I is_halting_on Initialize s holds
IExec (I ';' (Stop SCM+FSA )),s = (IExec I,s) +* (Start-At (card I),SCM+FSA )
let I be Program of SCM+FSA ; :: thesis: ( I is_closed_on Initialize s & I is_halting_on Initialize s implies IExec (I ';' (Stop SCM+FSA )),s = (IExec I,s) +* (Start-At (card I),SCM+FSA ) )
assume A1: I is_closed_on Initialize s ; :: thesis: ( not I is_halting_on Initialize s or IExec (I ';' (Stop SCM+FSA )),s = (IExec I,s) +* (Start-At (card I),SCM+FSA ) )
set s2 = s +* (Initialized (I ';' (Stop SCM+FSA )));
set s1 = s +* (Initialized I);
assume A2: I is_halting_on Initialize s ; :: thesis: IExec (I ';' (Stop SCM+FSA )),s = (IExec I,s) +* (Start-At (card I),SCM+FSA )
s +* (Initialized I) = (Initialize s) +* (I +* (Start-At 0 ,SCM+FSA )) by Th13;
then A3: ProgramPart (s +* (Initialized I)) halts_on s +* (Initialized I) by A2, SCMFSA7B:def 8;
( ProgramPart (s +* (Initialized (I ';' (Stop SCM+FSA )))) halts_on s +* (Initialized (I ';' (Stop SCM+FSA ))) & LifeSpan (s +* (Initialized (I ';' (Stop SCM+FSA )))) = (LifeSpan (s +* (Initialized I))) + 1 ) by A1, A2, Lm4;
then A4: Result (s +* (Initialized (I ';' (Stop SCM+FSA )))) = Comput (ProgramPart (s +* (Initialized (I ';' (Stop SCM+FSA ))))),(s +* (Initialized (I ';' (Stop SCM+FSA )))),((LifeSpan (s +* (Initialized I))) + 1) by AMI_1:122;
then DataPart (Result (s +* (Initialized (I ';' (Stop SCM+FSA ))))) = DataPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),(LifeSpan (s +* (Initialized I)))) by A1, A2, Lm4;
then A5: DataPart (Result (s +* (Initialized (I ';' (Stop SCM+FSA ))))) = DataPart (Result (s +* (Initialized I))) by A3, AMI_1:122
.= DataPart ((Result (s +* (Initialized I))) +* (Start-At (card I),SCM+FSA )) by Th10 ;
IC (Result (s +* (Initialized (I ';' (Stop SCM+FSA ))))) = card I by A1, A2, A4, Lm4
.= IC ((Result (s +* (Initialized I))) +* (Start-At (card I),SCM+FSA )) by AMI_1:111 ;
then A6: Result (s +* (Initialized (I ';' (Stop SCM+FSA )))),(Result (s +* (Initialized I))) +* (Start-At (card I),SCM+FSA ) equal_outside NAT by A5, Th6;
dom (s | NAT ) = NAT by Th3;
then A7: (Result (s +* (Initialized (I ';' (Stop SCM+FSA ))))) +* (s | NAT ) = ((Result (s +* (Initialized I))) +* (Start-At (card I),SCM+FSA )) +* (s | NAT ) by A6, FUNCT_7:108;
A8: dom (s | NAT ) misses dom (Start-At (card I),SCM+FSA ) by Th12;
thus IExec (I ';' (Stop SCM+FSA )),s = (Result (s +* (Initialized (I ';' (Stop SCM+FSA ))))) +* (s | NAT ) by SCMFSA6B:def 1
.= (Result (s +* (Initialized I))) +* ((Start-At (card I),SCM+FSA ) +* (s | NAT )) by A7, FUNCT_4:15
.= (Result (s +* (Initialized I))) +* ((s | NAT ) +* (Start-At (card I),SCM+FSA )) by A8, FUNCT_4:36
.= ((Result (s +* (Initialized I))) +* (s | NAT )) +* (Start-At (card I),SCM+FSA ) by FUNCT_4:15
.= (IExec I,s) +* (Start-At (card I),SCM+FSA ) by SCMFSA6B:def 1 ; :: thesis: verum