Rewritable routines in human interaction with public technology

In this paper, the cognitive ergonomics of using public technology is investigated. A methodology for predicting human error with technology has been developed. Predictions from the method (combined with observation of user performance) form the foundation of the concept of ‘rewritable routines’. This is in keeping with the tradition of building models of user cognition on the basis of observed and predicted errors. The concept is introduced and illustrated with examples. Implications for cognitive ergonomics are discussed

Task analysis for error identification: Theory, method and validation

This paper presents the underlying theory of Task Analysis for Error Identification. The aim is to illustrate the development of a method that has been proposed for the evaluation of prototypical designs from the perspective of predicting human error. The paper presents the method applied to representative examples. The methodology is considered in terms of the various validation studies that have been conducted, and is discussed in the light of a specific case study

Comparing verbal media for alarm handling: Speech versus textual displays

The rise of computers in command and control domains has meant that control operations can be performed via desk-based visual display terminals. This trend has also produced the potential to display information to operators in a variety of formats. Of particular interest has been the use of text-based displays for alarm presentation. There are possible limitations to the use of text for alarm presentation, not least of which is the need for a dedicated alarms display screen (or, at least, a display page). Given the capability of computers to synthesize speech, it is possible that speech-based alarms could generate the same information as text-based displays without the need for dedicated screen space. In this paper an experimental comparison of speech-based and text-based displays for presentation of alarms is reported. The findings show that speech leads to longer response times than text displays, but that it has minimal effect on the efficacy of fault handling. The results are discussed within the alarm initiated activities framework and implications for alarm system design are outlined

Elaborating the frames of data-frame theory

As an explanation of sensemaking, data-frame theory has proven to be popular, influential and useful. Despite its strengths however, we propose some weaknesses in the way that the concept of a ‘frame’ could be interpreted. The weaknesses relate to a need to clearly contrast what we refer to as ‘generic’ vs. ‘situation-specific’ belief structures and the idea that multiple generic belief structures may be utilized in the construction of embedded situation-specific beliefs. Neither weakness is insurmountable, and we propose a model of sensemaking based on the idea of spreading activation through associative networks as a concept that provides a solution to this. We explore the application of this idea using the notion of activation to differentiate generic from situation specific beliefs

WESTT (Workload, Error, Situational Awareness, Time and Teamwork): An analytical prototyping system for command and control

Modern developments in the use of information technology within command and control allow unprecedented scope for flexibility in the way teams deal with tasks. These developments, together with the increased recognition of the importance of knowledge management within teams present difficulties for the analyst in terms of evaluating the impacts of changes to task composition or team membership. In this paper an approach to this problem is presented that represents team behaviour in terms of three linked networks (representing task, social network structure and knowledge) within the integrative WESTT software tool. In addition, by automating analyses of workload and error based on the same data that generate the networks, WESTT allows the user to engage in the process of rapid and iterative “analytical prototyping”. For purposes of illustration an example of the use of this technique with regard to a simple tactical vignette is presented

A resources model for distributed sensemaking

In the field of Naturalistic Decision Making, the Data-Frame Model (DFM) has proven to be a popular and useful way of thinking about sensemaking. DFM provides a parsimonious account of how ‘sensemakers’ interact with the data in their environment in order to make sense of what is happening. In this paper, however, we argue that it is useful to elaborate DFM in several ways. We begin by arguing for the idea of sensemaking as a quest for coherence, an idea that we see as entirely consistent with the DFM. We then present some examples of sensemaking studies and use these to motivate a Distributed Resources Model of Sensemaking. This model uses the notion of resources for action, as resources that can be flexibly drawn upon in both choosing courses of action and accounting for the actions of oneself and of others (as opposed to prescriptions or mechanisms that determine behaviour in any strict way). It describes resources involved in sensemaking in terms of three domains: Knowledge and Beliefs, Values and Goals, and Action. Knowledge and beliefs are concerned with how things are; Values and Goals are concerned with how things are desired to be; and Action provides the means for redressing the gap. Central to the model is the idea that these resources can be distributed across a cognitive work system across actors and representational media. Hence, it aims to provide a framework for analysing sensemaking as Distributed Cognition

Count three for wear able computers

This paper is a postprint of a paper submitted to and accepted for publication in the Proceedings of the IEE Eurowearable 2003 Conference, and is subject to Institution of Engineering and Technology Copyright. The copy of record is available at the IET Digital Library. A revised version of this paper was also published in Electronics Systems and Software, also subject to Institution of Engineering and Technology Copyright. The copy of record is also available at the IET Digital Library.A description of 'ubiquitous computer' is presented. Ubiquitous computers imply portable computers embedded into everyday objects, which would replace personal computers. Ubiquitous computers can be mapped into a three-tier scheme, differentiated by processor performance and flexibility of function. The power consumption of mobile devices is one of the most important design considerations. The size of a wearable system is often a design limitation

The Duality of Subtyping

Subtyping is a concept frequently encountered in many programming languages and calculi. Various forms of subtyping exist for different type system features, including intersection types, union types or bounded quantification. Normally these features are designed independently of each other, without exploiting obvious similarities (or dualities) between features. This paper proposes a novel methodology for designing subtyping relations that exploits duality between features. At the core of our methodology is a generalization of subtyping relations, which we call Duotyping. Duotyping is parameterized by the mode of the relation. One of these modes is the usual subtyping, while another mode is supertyping (the dual of subtyping). Using the mode it is possible to generalize the usual rules of subtyping to account not only for the intended behaviour of one particular language construct, but also of its dual. Duotyping brings multiple benefits, including: shorter specifications and implementations, dual features that come essentially for free, as well as new proof techniques for various properties of subtyping. To evaluate a design based on Duotyping against traditional designs, we formalized various calculi with common OOP features (including union types, intersection types and bounded quantification) in Coq in both styles. Our results show that the metatheory when using Duotyping does not come at a significant cost: the metatheory with Duotyping has similar complexity and size compared to the metatheory for traditional designs. However, we discover new features as duals to well-known features. Furthermore, we also show that Duotyping can significantly simplify transitivity proofs for many of the calculi studied by us

The Duality of Subtyping (Artifact)

This artifact contains the Coq formalization associated with the paper The Duality of Subtyping submitted in ECOOP 2020. This document explains how to run the Coq formalization. Artifact can either be compiled in the pre-built docker image with all the dependencies installed or it could be built from the scratch. Sections 1-7 explain the basic information about the artifact. Section A explains how to get the docker image for the artifact. Section B explains the prerequisites and the steps to run coq files from scratch. Section C explains coq files briefly. Section D shows the correspondence between important lemmas discussed in paper and their respective Coq formalization. The term MonoTyping used in artifact corresponds to the standard subtyping systems

Defense against Sybil attack in the initial deployment stage of vehicular ad hoc network based on roadside unit support

In this paper, we propose two certificate mechanisms for preventing the Sybil attack in a vehicular ad hoc network (VANET): the timestamp series approach and the temporary certificate approach. We focus on an early-stage VANET when the number of smart vehicles is only a small fraction of the vehicles on the road and the only infrastructure components available are the roadside units (RSUs). Our approach does not require a dedicated vehicular public key infrastructure to certify individual vehicles but RSUs are the only components issuing certificates. The vehicles can obtain certificates by simply driving by RSUs, without the need to pre-register at a certificate authority. The timestamp series approach exploits the fact that because of the variance of the movement patterns of the vehicles, it is extremely rare that the two vehicles pass by a series of RSUs at exactly the same time points. The vehicles obtain a series of certificates signed by the RSUs, which certify their passing by at the RSU at a certain time point. By exploiting the spatial and temporal correlation between vehicles and RSUs, we can detect the Sybil attack by checking the similarity of timestamp series. In the temporary certificate-based approach, an RSU issues temporary certificates valid only in a particular area for a limited time. To guarantee that each vehicle is assigned only a single certificate, at the issuance of the first certificate, it is required that the RSU physically authenticate the vehicle. When driving by the subsequent RSUs, however, the certificate can be updated in a chained manner. By guaranteeing that each vehicle is issued a single certificate in a single area, the Sybil attack is prevented. We provide mathematical analysis and simulation for the timestamp series approach. The simulation shows that it works with a small false-positive rate in simple roadway architecture