1

Formal Notations and Tools for addressing both Safety and Usability concerns for

Interactive Systems

Philippe Palanque

LIIHS-IRIT

University Paul Sabatier

Toulouse - France

2

Overview of LIIHS-IRIT (1)

Research themes Software Engineering for Human-Computer Interaction Formal description techniques and tools Visual notations More dealing with modeling power than with usability of

notations

Application domains Air traffic control Military systems (command & control systems) Web applications

3

Overview of LIIHS-IRIT (2)

LIIHS 6 tenured people mainly HCI (CS and human factors) 5 PhD students IRIT about 400 people (mainly in CS)

Current projects RTN ADVISES (Analysis Design and Validation of

Interactive Safety-critical Error-tolerant Systems) 4 years (starting 11/2002)

MISCC (Multimodal Interactive Systems for Command and Control) 3 years starting 01/2003

SPIDER Web (Specification and Prototyping for user Interface Design, Engineering and Re-engineering for the Web ) started July 2002 (2 years)

4

We are what we publish ;-) Human-Computer Interaction

BCS HCI, DSVIS, EHCI, HCI Aeronautics, INTERACT, Interacting with Computers

Objects Technology OOPSLA, ECOOP, DOA

Formal Methods ATPN (Petri Net conference), FMOODS

Visual Languages Int. Journal on Visual Languages and Computing

Model-Based Approaches CADUI, TAMODIA, IEEE Rapid System Prototyping

Web Applications Human Factors and the Web

5

Main Results Relevant to EUD-Net

PetShop A formal notation: ICOs An interactive editor: PetShop

User-centered design methods Linking tasks, scenarios, system and user models Design rationale (not presented here)

Vilage (work with S. Chatty at CENA) A notation: Whizz An editor: Whizz'ed

6

Widget Event Service

Place Type

Planes Plane LabeClick userAssume

AssumedPlanes

Plane ButtonClick userOpenMenu

3)Activation

ObCS Element Feature Rendering method

Place Planes token <p> entered

p.show()4)Rendering

2)Behaviour1)Presentation

7

PetShop Highly interactive tool support for the ICO notation

Formal methods can be usable (and useful beyond n! calculation)

“Shortening the Path from Specification to Prototype” … to practically nothing

Model-Based The specification model is embedded and interpreted at

run-time WYMIWYR (what you model is what you run) to reduce gaps in interpretation (Norman's model)

No “Modes” : no “automation surprises” The model is editable and interpretable at any time Allows for interactive prototyping of new interaction

scenarios

8

Requirements

Specification

Architecture design

Detailed design

Unitary tests

Implementation and test

Maintenance

Validation

Coding

Preliminary needs

PrototypeUser's evaluation

noadequate ?

yes Requirements

Final System

RequirementsFormal specifications

Hi-fidelity prototype

Software Architecture

& verification

PetShop

9

User Centered Design Methods

Mapping

Input

Task model

Scenario

CTTE

Formal Description of

the System

High-fidelityprototyping

PetShop

10

VILAGE (1)

Initially developed for Air Traffic Controllers Interactive prototyping of highly interactive

applications (post-WIMP) Build and test prototypes in a modeless way

11

VILAGE (1)

A data flow model

A set of basic building bricks

Strongly typed connection

Event listeners

Tempo SegmentTrajectoire

POINT POINT

12

VILAGE (3)

Editing Zone Simulation Zone

Tool Palete

Dialogue Zone

13

Safety Critical Interactive Systems

Safety Critical Systems Software Engineers System centered Reliability Safety requirements

(certification) Formal specification Verification / Proof Waterfall model / structured Archaic interaction

techniques

Interactive Systems Usability experts User centered Usability Human factors Task analysis & modeling Evaluation Iterative process / Prototyping Novel Interaction techniques

14

What are we aiming at ?

Kind of applications (one application, every kind of applications)

Kind of User Interfaces (basic, complex) Kind of users (skills, expertise in the domain, …)

Spreadsheets are really good for building a fairly reduced kind of application, basic UI and by a significant amount of users

L. Lamport "Automaton is a formal description technique dedicated to the specification of stacks