An Interpretation of Cognitive Theory in Concurrency Theory

Theories of concurrent systems have been extensively investigated in the computer science domain. However, these theories are very general in nature and hence, we would argue, are applicable to many disciplines in which concurrency arises. Furthermore, a number of existing theories of cognitive science are formulated in terms of concurrent subsystems interacting in solving cognitive tasks. In this paper we investigate the application of a (process calculi based) concurrency theory to modelling such a (concurrent) cognitive theory. The cognitive theory chosen is ICS (Interacting Cognitive Subsystems), which we interpret using our process calculus and then we verify some simple behavioural properties of the resulting interpretation. These properties concern the capabilities of the cognitive system to realise deictic reference

Towards Integrated Cognitive and Interface Analysis

AbstractUsing cognitive architectures to analyse the usability of human-computer interfaces is an extensively investigated strategy. A particularly powerful way to perform such analysis is through syndetic modelling, where both the interface and the chosen cognitive model are described in the same specification framework; allowing the combined behaviour of the two to be analysed. This paper proposes LOTOS as a syndetic modelling language. We highlight four reasons why syndetic modelling is so difficult and show how the LOTOS notation addresses each of these four reasons

Attentional capture by meaning: A multi-level modelling study

We present a computational study of attentional capture by meaning, based on Barnard et al's key-distractor attentional blink task. We highlight a sequence of models, from an abstract black-box to a structurally detailed white-box model. Each of these models reproduces the major findings from the key-distractor blink task. We argue that such multi-level modelling gives greater confidence in the theoretical position encapsulated by these models

Modelling rational user behaviour as games between an angel and a demon

Formal models of rational user behavior are essential for user-centered reasoning about interactive systems. At an abstract level, planned behavior and reactive behavior are two important aspects of the rational behavior of users for which existing cognitive modeling approaches are too detailed. In this paper, we propose a novel treatment of these aspects within our formal framework of cognitively plausible behavior. We develop an abstract, formal model of rational behavior as a game between two opponents. Intuitively, an Angel abstractly represents the planning aspects, whereas a Demon represents the reactive aspects of user behavior. The formalization is carried out within the MOCHA framework and is illustrated by simple examples of interactive tasks

Verification-guided modelling of salience and cognitive load

Well-designed interfaces use procedural and sensory cues to increase the cognitive salience of appropriate actions. However, empirical studies suggest that cognitive load can influence the strength of those cues. We formalise the relationship between salience and cognitive load revealed by empirical data. We add these rules to our abstract cognitive architecture, based on higher-order logic and developed for the formal verification of usability properties. The interface of a fire engine dispatch task from the empirical studies is then formally modelled and verified. The outcomes of this verification and their comparison with the empirical data provide a way of assessing our salience and load rules. They also guide further iterative refinements of these rules. Furthermore, the juxtaposition of the outcomes of formal analysis and empirical studies suggests new experimental hypotheses, thus providing input to researchers in cognitive science

Structural usability techniques for dependable HCI.

Since their invention in the middle of the twentieth century, interactive computerised systems have become more and more common to the point of ubiquity. While formal techniques have developed as tools for understanding and proving things about the behaviour of computerised systems, those that involve interaction with human users present some particular challenges which are less well addressed by traditional formal methods. There is an under-explored space where interaction and the high assurances provided by formal approaches meet. This thesis presents two techniques which fit into this space, and which can be used to automatically build and analyse formal models of the interaction behaviour of existing systems. Model discovery is a technique for building a state space-based formal model of the interaction behaviour of a running system. The approach systematically and exhaustively simulates the actions of a user of the system; this is a dynamic analysis technique which requires tight integration with the running system and (in practice) its codebase but which, when set up, can proceed entirely automatically. Theorem discovery is a technique for analysing a state space-based formal model of the interaction behaviour of a system, looking for strings of user actions that have equivalent effects across all states of the system. The approach systematically computes and compares the effects of ever-longer strings of actions, though insights can also arise from strings that are almost equivalent, and also from considering the meaning of sets of such equivalences. The thesis introduces and exemplifies each technique, considers how they may be used together, and demonstrates their utility and novelty, with case studies

Verification of real-time systems : improving tool support

We address a number of limitations of Timed Automata and real-time model-checkers, which undermine the reliability of formal verification. In particular, we focus on the model-checker Uppaal as a representative of this technology. Timelocks and Zeno runs represent anomalous behaviours in a timed automaton, and may invalidate the verification of safety and liveness properties. Currently, model-checkers do not offer adequate support to prevent or detect such behaviours. In response, we develop new methods to guarantee timelock-freedom and absence of Zeno runs, which improve and complement the existent support. We implement these methods in a tool to check Uppaal specifications. The requirements language of model-checkers is not well suited to express sequence and iteration of events, or past computations. As a result, validation problems may arise during verification (i.e., the property that we verify may not accurately reflect the intended requirement). We study the logic PITL, a rich propositional subset of Interval Temporal Logic, where these requirements can be more intuitively expressed than in model-checkers. However, PITL has a decision procedure with a worst-case non-elementary complexity, which has hampered the development of efficient tool support. To address this problem, we propose (and implement) a translation from PITL to the second-order logic WS1S, for which an efficient decision procedure is provided by the tool MONA. Thanks to the many optimisations included in MONA, we obtain an efficient decision procedure for PITL, despite its non-elementary complexity. Data variables in model-checkers are restricted to bounded domains, in order to obtain fully automatic verification. However, this may be too restrictive for certain kinds of specifications (e.g., when we need to reason about unbounded buffers). In response, we develop the theory of Discrete Timed Automata as an alternative formalism for real-time systems. In Discrete Timed Automata, WS1S is used as the assertion language, which enables MONA to assist invariance proofs. Furthermore, the semantics of urgency and synchronisation adopted in Discrete Timed Automata guarantee, by construction, that specifications are free from a large class of timelocks. Thus, we argue that well-timed specifications are easier to obtain in Discrete Timed Automata than in Timed Automata and most other notations for real-time systems.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Verification of real-time systems: improving tool support

We address a number of limitations of Timed Automata and real-time model-checkers, which undermine the reliability of formal verification. In particular, we focus on the model-checker Uppaal as a representative of this technology. Timelocks and Zeno runs represent anomalous behaviours in a timed automaton, and may invalidate the verification of safety and liveness properties. Currently, model-checkers do not offer adequate support to prevent or detect such behaviours. In response, we develop new methods to guarantee timelock-freedom and absence of Zeno runs, which improve and complement the existent support. We implement these methods in a tool to check Uppaal specifications. The requirements language of model-checkers is not well suited to express sequence and iteration of events, or past computations. As a result, validation problems may arise during verification (i.e., the property that we verify may not accurately reflect the intended requirement). We study the logic PITL, a rich propositional subset of Interval Temporal Logic, where these requirements can be more intuitively expressed than in model-checkers. However, PITL has a decision procedure with a worst-case non-elementary complexity, which has hampered the development of efficient tool support. To address this problem, we propose (and implement) a translation from PITL to the second-order logic WS1S, for which an efficient decision procedure is provided by the tool MONA. Thanks to the many optimisations included in MONA, we obtain an efficient decision procedure for PITL, despite its non-elementary complexity. Data variables in model-checkers are restricted to bounded domains, in order to obtain fully automatic verification. However, this may be too restrictive for certain kinds of specifications (e.g., when we need to reason about unbounded buffers). In response, we develop the theory of Discrete Timed Automata as an alternative formalism for real-time systems. In Discrete Timed Automata, WS1S is used as the assertion language, which enables MONA to assist invariance proofs. Furthermore, the semantics of urgency and synchronisation adopted in Discrete Timed Automata guarantee, by construction, that specifications are free from a large class of timelocks. Thus, we argue that well-timed specifications are easier to obtain in Discrete Timed Automata than in Timed Automata and most other notations for real-time systems

Resilience-Building Technologies: State of Knowledge -- ReSIST NoE Deliverable D12

This document is the first product of work package WP2, "Resilience-building and -scaling technologies", in the programme of jointly executed research (JER) of the ReSIST Network of Excellenc