NASA CR-187638 f S j 1990 RESEARCH REPORTS / NASA/ASEE SUMMER FACULTY FELLOWSHIP PROGRAM JOHN F. KENNEDY SPACE CENTER AND UNIVERSITY OF CENTRAL FLORIDA r (NA_A-C_-1670_) RrSFAnC H REPURT?: !o90 NQ[-20022 _AS_/A_FE S|3MM_R FACULTv F_LLn_RfIIP pR_RA_ --[.4_U-- Fins] iKep_r _, Jun. - Auq. 1990 (NASA) N9i-20035 .52o p CSCL 051 Unclas G3/'_9 0001774 •*AIi.--ur--Jlk, NASA ¢_ I_l___ _o _Ip_?e_,dAeri°n_rat;Csand 1990 RESEARCH REPORTS NASA/ASEE SUMMER FACULTY FELLOWSHIP PROGRAM JOHN F. KENNEDY SPACE CENTER UNIVERSITY OF CENTRAL FLORIDA EDITORS: Dr. Loren A. Anderson Associate Professor of Engineering University of Central Florida Dr. Mark A. Beymer Systems Training and Employee Development Branch Kennedy Space Center PREPARED FOR: John F. Kennedy Space Center Merritt Island, Florida NASA Grant NGT-60002 Supplement: 4 Contractor Report No. CR- 187638 September 1990 V PREFACE This document is a collection of technical reports on research conducted by the participants in the 1990 NASA/ASEE Summer Faculty Fellowship Program at Kennedy Space Center (KSC). This was the sixth year that a NASA/ASEE program has been conducted at KSC. The I990 program was administered by the University of Central Florida in cooperation with KSC. The program was operated under the auspices of the American Society for Engineering Education (ASEE) with sponsorship and funding from the Office of Educa- tional Affairs, NASA Headquarters, Washington, D.C. The KSC program was one of nine such Aeronautics and Space Research Programs funded by NASA Headquarters in 1990. The basic common objectives of the NASA/ASEE Summer Faculty Fellowship Program are: a. To further the professional knowledge of qualified engineering and science faculty members; b+ To stimulate an exchange of ideas between participants and NASA; Co To enrich and refresh the research and teaching activities of participants' institu- tions; and, do To contribute to the research objectives of the NASA centers. The KSC Faculty Fellows spent ten weeks (June 4 through August 10, 1990) working with NASA scientists and engineers on research of mutual interest to the University faculty member and the NASA colleague. The editors of this document were responsible for selecting appropriately qualified faculty to address some of the many problems of current interest to NASA/KSC. A separate document reports on the administration aspects of the 1990 program. The NASA/ASEE program is basically a two-year program to allow in- depth research by the University faculty member. In most cases a faculty member has developed a close working relationship with a particular NASA group that has provided funding beyond the two-year limit. v TABLE OF CONTENTS I° AUERNHEIMER, Breut J. "Formal Specification of Human Computer Interfaces" II. BATES, Harry E. 29 "Study of Wavelength Division Multiplexing as a Means of Increasing the Number of ChanneLs in Multimode Fiber Optic Communication Links" IgI. CALLE, Luz M. 65 "Electrochemical Impedance Spectroscopy of Metal Alloys in the Space Transporta- tion System Launch Environment" IV. COREY, Kenneth A. 115 "Carbon Dioxide and Water Exchange of a Soybean Stand Grown in the Biomass Production Chamber" V° FENNER, james H. 142 "Rocket-Triggered Lightning Strikes and Forest Fire Ignition" VI, KALU, Alex O. 169 "An Expansion Plan for the 60 Hz Power Distribution System at KSC: LC-39 Substations Load Allocation Plan" VII. LU, Chu-Ho 197 "Study of the Available Finite Element Software Packages at KSC" VIII. LUDWIG, David A. 222 "Carotid-Cardiac Baroreflex Influence on Forearm Vascular Resistance During Low Level LBNP" ii 244 IX. MAURITZEN, David W. "Rocket Noise Filtering System Using Digital Filters" 276 Xo MEHTA, Narinder K. "Low Level Vapor Verification Of Monomethyl Hydrazine" 308 XI, SCHLEIER, Howard "Correlation of Leak Rates of Various Fluids with the Leak Rate of an Inert Gas in the Same Configuration" XII. SKINNER, S. Ballou 339 "A Flammability Study of Thin Plastic Film Materials" 380 XIII° TAWFIK, Hazem "Some Aspects of Robotics Calibration, Design and Control" 416 XIV. TAYLOR, Delbert J. "Evaluation of the Effect of Low Strain Rate Over Time on Titanium Hose Clamps Used in the Orbiter" 432 XV. THINH, Ngo D. "LOw Ftow Vortex Shedding Flowmeter for Hypergolics/All Media" 462 XVI. TONKAY, Gregory L. "Robot Tracking System Improvements and Visual Calibration of Orbiter Position for Radiator Inspection" 488 XVII° WHITLOW, Jonathan E. "Modeling of Flow Systems for Implementation Under KATE" iii = -- N91-20023 1990 NASA/ASEE SUMMER FACULTY FELLOWSHIP PROGRAM JOHN F. KENNEDY SPACE CENTER UNIVERSITY OF CENTRAL FLORIDA FORMAL SPECIFICATION OF HUMAN-COMPUTER INTERFACES PREPARED BY: Dr. Brent Auernheimer ACADEMIC RANK: Associate Professor UNIVERSITY AND DEPARTMENT: California State University - Fresno Department of Computer Science NASA/KSC DMSION: Data Systems BRANCH: Real Time Systems NASA COLLEAGUE: Mr. Les Rostosky DATE: August 10, 1990 CONTRACT NUMBER: University of Central Florida NASA-NGT-60002 Supplement: 4 Acknowledgements The support of my NASA colleaguesOscar Brooks, Steve Bryan, BillDrozdick,Linda Koch, Les Rostosky,BillSloam,Lynn Svedin,and Larry Wilhelm isgratefullyacknowledged. Thanks alsoto Steve Eckmann and Richard Kemmerer of the Universityof California,Santa Barbara for providinghelpfulcomments and ideas. Abstract This report describesa high-levelformal specificationof a human-computer interface.A typicalwindow manager is modeled. Previous work is revlewed and the ASLAN specification languageisdescribed.Top-levelspecificationswrittenin ASLAN fora libraryand a multiwindow interfaceare discussed. 2 Table of Contents I Introduction 1.1 Organization of the Paper 1.2 Specification and Verification Terminology 1.3 Previous Work 1.4 Formal Techniques and the Development of User Interfaces 1.5 Two Views of Specifications 1.6 Testing vs. Proving Specifications II Formal Specification II.1 The Aslan Specification Language II.2 The Aslan Approach H.3 A Specifier-friendly Feature HI. Specification of A iultiwlndow User Interface III.1 Overview III.2 Types III.3 Constants III.4 State Variables III.5 Definitions (Macros) III.6 Initial Conditions III.7 Critical Correctness Requirements III.8 State Transitions III.8.1 Window Closing (Iconifying) III.8.2 Window Opening III.8.3 Window Destruction III.8.4 Window Creation III.8.5 Shifting Input Focus III.8.6 Moving Windows IH.8.7 Window Resizing IH.8.8 Window Restacking IV Concluding Remarks 3 !. Introduction 1.1 Organization of _the Paper This paper documents an attempt to formally specify a mu]tiwindow user interface. The paper is organized as follows: Section I briefly reviews the foundation laid in last summer'8 work and discusses motiva- tions and expected results of using formal specification techniques on user interfaces. Section II 1 introduces the ASLAN formal specification language through the example in Appendix A. Section III is a detailed look at an abstract specification of a typical mu!tiwindow interface. The formal specification discussed in Section HI is in Appendix B. Finally, Section IV contains concluding remarks and recommendations. 1.2 Specification and Verification Terminology Specifications are statements about the functionality of a system. Specifications express what is a system is to accomplish, not how it is to do it. In this paper, formal specifications are assertions about the behavior of a system. Critical correctness criteria are assertions that the specification and _ refinements and implementations are to satisfy, Formal verification techniques demonstrate that implementations satisfy their specifications. In addition, it is useful to show that specifications meet their critical correctness criteria. This is sometimes called design verification. Neumann explains [12]: Formal verificationhas oftenbeen talkedabout as a techniquefordemonstrating consistencybetween code and assertionsabout that code, in some casesbetween code and specifications.Somewhat lesspopular has been the easiernotion of using formal verificationto demonstrate that a set of formal specificationsis consistent with itsformallyaydomatizedrequirements,i.e.,carryingout designverification. 1.3 Previous Work This report describes a contiuuatlon of work on forma_sms for user interface specification and design described in [1], That work examined several recent research results in human- computer interaction (HCI) that may be applicable to NASA applications. One of the results examined was the formal specification of direct manipulation user interfaces for a secure military message system [7, 8]. [1] also contains an introduction to formal specification and verification including objections to the approach and reasonable expectations, It was recommended that a pilot study using formal techniques on a small, well-defined piece of a user interface be done. The subsystem to be specified should have clear, high-level correctness properties that must be met. The specification given in Appendix B of this paper is the portion of a user interface that manipulates windows. The correctness property that must be maintained is that users are not allowed to 1The information in II.2 and Appendix A _ ba_d on a portion of a paper by the author and Daniel Stearns, _UsingtheASLANspecificationlanguageinundergraduatesoftwareengineeringcourses,_ submittedtoComputer Science Education, July 1990 4 move, close,or resizecertainwindows. This correctnessproperty was derived from current interfaceprototypesdeveloped at NASA KSC. Using formal specificationtechniquesiscostly.Benefitsare