State Event Models for the Formal Analysis of Human-Machine Interactions

The work described in this paper was motivated by our experience with applying a framework for formal analysis of human-machine interactions (HMI) to a realistic model of an autopilot. The framework is built around a formally defined conformance relation called “full-control” between an actual system and the mental model according to which the system is operated. Systems are well-designed if they can be described by relatively simple, full-control, mental models for their human operators. For this reason, our framework supports automated generation of minimal full-control mental models for HMI systems, where both the system and the mental models are described as labelled transition systems (LTS). The autopilot that we analysed has been developed in the NASA Ames HMI prototyping tool ADEPT. In this paper, we describe how we extended the models that our HMI analysis framework handles to allow adequate representation of ADEPT models. We then provide a property-preserving reduction from these extended models to LTSs, to enable application of our LTS-based formal analysis algorithms. Finally, we briefly discuss the analyses we were able to perform on the autopilot model with our extended framework.

[1]  Axel Lankenau,et al.  A Rigorous View of Mode Confusion , 2002, SAFECOMP.

[2]  Michael D. Harrison,et al.  Model Checking Interactor Specifications , 2001, Automated Software Engineering.

[3]  Stephan Merz,et al.  Model Checking , 2000 .

[4]  Charles Pecheur,et al.  A bisimulation-based approach to the analysis of human-computer interaction , 2009, EICS '09.

[5]  Ann Blandford,et al.  An approach to formal verification of human–computer interaction , 2007, Formal Aspects of Computing.

[6]  Asaf Degani,et al.  Formal Analysis and Automatic Generation of User Interfaces: Approach, Methodology, and an Algorithm , 2007, Hum. Factors.

[7]  Michael D. Harrison,et al.  Systematic Analysis of Control Panel Interfaces Using Formal Tools , 2008, DSV-IS.

[8]  Denis Javaux,et al.  A method for predicting errors when interacting with finite state systems. How implicit learning shapes the user's knowledge of a system , 2002, Reliab. Eng. Syst. Saf..

[9]  Sébastien Combéfis,et al.  A formal framework for the analysis of human-machine interactions , 2013 .

[10]  Rémi Bastide,et al.  Engineering Interactive Systems Through Formal Methods for Both Tasks and System Models , 2001 .

[11]  Harold W. Thimbleby,et al.  Applying Graph Theory to Interaction Design , 2008, EHCI/DS-VIS.

[12]  Ellen J. Bass,et al.  A Systematic Approach to Model Checking Human–Automation Interaction Using Task Analytic Models , 2011, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[13]  Jan Tretmans,et al.  Model Based Testing with Labelled Transition Systems , 2008, Formal Methods and Testing.

[14]  Using Formal Methods to Predict Human Error and System Failures , 2010 .

[15]  Dimitra Giannakopoulou,et al.  Learning system abstractions for human operators , 2011, MALETS '11.

[16]  Axel Lankenau,et al.  Safety-relevant mode confusions - modelling and reducing them , 2005, Reliab. Eng. Syst. Saf..

[17]  Harold W. Thimbleby,et al.  Press on - principles of interaction programming , 2007 .

[18]  Philippe A. Palanque,et al.  A tool-supported design framework for safety critical interactive systems , 2003, Interact. Comput..

[19]  Dimitra Giannakopoulou,et al.  A formal framework for design and analysis of human-machine interaction , 2011, 2011 IEEE International Conference on Systems, Man, and Cybernetics.

[20]  Matthew L Bolton,et al.  Using Task Analytic Models and Phenotypes of Erroneous Human Behavior to Discover System Failures Using Model Checking , 2010, Proceedings of the Human Factors and Ergonomics Society ... Annual Meeting. Human Factors and Ergonomics Society. Annual Meeting.

[21]  Sébastien Combéfis Operational model: integrating user tasks and environment information with system model , 2009, FM 2009.

[22]  Michael S. Feary A Toolset for Supporting Iterative Human Automation: Interaction in Design , 2010 .