Abstract
This paper is concerned with the scaleable and systematic analysis of interactive systems. The motivating problem is the procurement of medical devices. In such situations several different manufacturers offer solutions that support a particular clinical activity. Apart from cost, which is a dominating factor, the variations between devices are relatively subtle and the consequences of particular design features are not clear from manufacturers' manuals, demonstrations or trial uses. Despite their subtlety these differences can be important to the safety and usability of the device. The paper argues that formal analysis of the range of offered devices can provide a systematic means of comparison. The paper also explores barriers to the use of such techniques, demonstrating how layers of specification may be used to make it possible to reuse common specification. Infusion pumps provide a motivating example. A specific model is described and analysed and comparison between competitive devices is discussed. © Formal Methods for Interactive Systems 2011.

Abstract
Formal reasoning about how users and systems interact poses a difficult challenge. Interactive systems design provides a context in which the subjective area of human understanding meets the objectivity of computer systems logic. We present results of a case study in the use of automated reasoning to aid the formal analysis of interactive systems. We show how we can use human-factors issues to generate properties of interest, and how we can use model checking and theorem proving to analyse our specifications against those properties. This is part of ongoing work in the development of a tool to allow the automatic translation of interactor based specifications into SMV, and in the analysis of the role which different verification techniques might have during the development of interactive systems.

Abstract

Abstract

Abstract

Abstract
In this paper we argue that using verification in interactive systems development is more than just checking whether the specification of the system has all the required properties; and that changing the focus from a global specification into partial, property oriented, specifications can provide a number of advantages and make verification act as an aid to decision making. We also present a compiler that allows for the verification of interactor specifications to be done in SMV, as well as a simple case study where verification is used to inform a design decision.