Model checking for programming languages using VeriSoft
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Brahms: simulating practice for work systems design
International Journal of Human-Computer Studies
Software Engineering Economics
Software Engineering Economics
Hybrid agent-based simulation for analyzing the national airspace system
Proceedings of the 33nd conference on Winter simulation
PRISM: Probabilistic Symbolic Model Checker
TOOLS '02 Proceedings of the 12th International Conference on Computer Performance Evaluation, Modelling Techniques and Tools
CHI '03 Extended Abstracts on Human Factors in Computing Systems
Software model checking takes off
Communications of the ACM
Toward a wider use of formal methods for aerospace systems design and verification
International Journal on Software Tools for Technology Transfer (STTT)
Enhanced operator function model: a generic human task behavior modeling language
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Automated framework for formal operator task analysis
Proceedings of the 2011 International Symposium on Software Testing and Analysis
New challenges in certification for aircraft software
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
Simulating activities: Relating motives, deliberation, and attentive coordination
Cognitive Systems Research
Pilot interaction with TCAS and air traffic control
Proceedings of the 2nd International Conference on Application and Theory of Automation in Command and Control Systems
A Systematic Approach to Model Checking Human–Automation Interaction Using Task Analytic Models
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
A synergistic and extensible framework for multi-agent system verification
Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems
| Hi-index | 0.00 |
The on-going transformation from the current US Air Traffic System (ATS) to the Next Generation Air Traffic System (NextGen) will force the introduction of new automated systems and most likely will cause automation to migrate from ground to air. This will yield new function allocations between humans and automation and therefore change the roles and responsibilities in the ATS. Yet, safety in NextGen is required to be at least as good as in the current system. We therefore need techniques to evaluate the safety of the interactions between humans and automation. We think that current human factor studies and simulation-based techniques will fall short in front of the ATS complexity, and that we need to add more automated techniques to simulations, such as model checking, which offers exhaustive coverage of the non-deterministic behaviors in nominal and off-nominal scenarios. In this work, we present a verification approach based both on simulations and on model checking for evaluating the roles and responsibilities of humans and automation. Models are created using Brahms (a multi-agent framework) and we show that the traditional Brahms simulations can be integrated with automated exploration techniques based on model checking, thus offering a complete exploration of the behavioral space of the scenario. Our formal analysis supports the notion of beliefs and probabilities to reason about human behavior. We demonstrate the technique with the Überlingen accident since it exemplifies authority problems when receiving conflicting advices from human and automated systems.