PVSio-web 2.0: Joining PVS to HCI

  • Paolo MasciEmail author
  • Patrick Oladimeji
  • Yi Zhang
  • Paul Jones
  • Paul Curzon
  • Harold Thimbleby
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9206)


PVSio-web is a graphical environment for facilitating the design and evaluation of interactive (human-computer) systems. Using PVSio-web, one can generate and evaluate realistic interactive prototypes from formal models. PVSio-web has been successfully used over the last two years for analyzing commercial, safety-critical medical devices. It has been used to create training material for device developers and device users. It has also been used for medical device design, by both formal methods experts and non-technical end users.

This paper presents the latest release of PVSio-web 2.0, which will be part of the next PVS distribution. The new tool architecture is discussed, and the rationale behind its design choices are presented.


Prototyping User interface analysis Practical formal tools 



This work is part of CHI+MED (EPSRC grant [EP/G059063/1]). The authors would like to thank SRI International, in particular John Rushby, Sam Owre and Natarajan Shankar for supporting the development of our tool.

Disclaimer. The mention of commercial products, their sources, or their use in connection with material reported herein is not to be construed as either an actual or implied endorsement of such products by the U.S. Department of Health and Human Services.


  1. 1.
    Simone, L.: Software-related recalls: an analysis of records. Biomed. Instrum. Technol. 47(6), 514–522 (2013)MathSciNetCrossRefGoogle Scholar
  2. 2.
    US Food and Drug Administration (FDA), Manufacturer and User Facility Device Experience Database (MAUDE).
  3. 3.
    Gelman, G., Feigh, K., Rushby, J.: Example of a complementary use of model checking and human-performance simulation. IEEE Trans. Hum. Mach. Syst. 44(5), 576–590 (2014)CrossRefGoogle Scholar
  4. 4.
    Millett, L., Thomas, M., Jackson, D., et al.: Software for Dependable Systems: Sufficient Evidence?. National Academies Press, Washington, DC (2007)Google Scholar
  5. 5.
    Owre, S., Rushby, J., Shankar, N.: PVS: a prototype verification system. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 748–752. Springer, Heidelberg (1992) Google Scholar
  6. 6.
    PVS Specification and Verification System – GitHub repository.
  7. 7.
    PVSio-web - Interactive human-computer systems modelling and prototyping tool.
  8. 8.
    Heitmeyer, C., Kirby, J., Labaw, B., Bharadwaj, R.: SCR: a toolset for specifying and analyzing software requirements. In: Vardi, M.Y., Hu, A.J. (eds.) CAV 1998. LNCS, vol. 1427, pp. 526–531. Springer, Heidelberg (1998) CrossRefGoogle Scholar
  9. 9.
  10. 10.
    Thimbleby, H., Gow, J.: Applying graph theory to interaction design. In: Gulliksen, J., Harning, M.B., van der Veer, G.C., Wesson, J. (eds.) EIS 2007. LNCS, vol. 4940, pp. 501–519. Springer, Heidelberg (2008) Google Scholar
  11. 11.
    Palanque, P., Ladry, J.-F., Navarre, D., Barboni, E.: High-Fidelity Prototyping of Interactive Systems Can Be Formal Too. In: Jacko, J.A. (ed.) HCI International 2009, Part I. LNCS, vol. 5610, pp. 667–676. Springer, Heidelberg (2009) Google Scholar
  12. 12.
    Campos, J., Harrison, M.: Interaction engineering using the IVY tool. In: Proceedings of the ACM SIGCHI Symposium on Engineering Interactive Computing Systems (EICS09), pp. 35–44. ACM (2009)Google Scholar
  13. 13.
    Hatcliff, J., Dwyer, M.B., Păsăreanu, C.S.: Foundations of the Bandera abstraction tools. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 172–203. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  14. 14.
    Dutle, A.M., Muñoz, C.A., Narkawicz, A.J., Butler, R.W.: Software validation via model animation. In: Blanchette, J.C., Kosmatov, N. (eds.) TAP 2015. LNCS, vol. 9154, pp. 92–108. Springer, Heidelberg (2015) CrossRefGoogle Scholar
  15. 15.
    Muñoz, C.: Rapid prototyping in PVS, Technical report NIA Report No. 2003–03, NASA/CR-2003-212418. National Institute of Aerospace (2003)Google Scholar
  16. 16.
    Masci, P., Zhang, Y., Jones, P., Curzon, P., Thimbleby, H.: Formal verification of medical device user interfaces using PVS. In: Gnesi, S., Rensink, A. (eds.) FASE 2014 (ETAPS). LNCS, vol. 8411, pp. 200–214. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  17. 17.
    Masci, P., Oladimeji, P., Curzon, P., Thimbleby, H.: Tool demo: Using PVSio-web to demonstrate software issues in medical user interfaces. In: 4th International Symposium on Foundations of Healthcare Information Engineering and Systems (FHIES 2014) (2014)Google Scholar
  18. 18.
    Masci, P., Ayoub, A., Curzon, P., Harrison, M., Lee, I., Thimbleby, H.: Verification of interactive software for medical devices: PCA infusion pumps and FDA regulation as an example. In: EICS2013, 5th ACM SIGCHI Symposium on Engineering Interactive Computing Systems. ACM Digital Library (2013)Google Scholar
  19. 19.
    Masci, P., Ayoub, A., Curzon, P., Lee, I., Sokolsky, O., Thimbleby, H.: Model-based development of the generic PCA infusion pump user interface prototype in PVS. In: Bitsch, F., Guiochet, J., Kaâniche, M. (eds.) SAFECOMP. LNCS, vol. 8153, pp. 228–240. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  20. 20.
    Masci, P., Rukšėnas, R., Oladimeji, P., Cauchi, P., Gimblett, A., Li, Y., Curzon, P., Thimbleby, H.: The benefits of formalising design guidelines: a case study on the predictability of drug infusion pumps. Innovations Syst. Softw. Eng. 11(2), 73–93 (2013)CrossRefGoogle Scholar
  21. 21.
    Harrison, M., Masci, P., Campos, J., Curzon, P.: Demonstrating that medical devices satisfy user related safety requirements. In: 4th International Symposium on Foundations of Healthcare Information Engineering and Systems (FHIES 2014) (2014)Google Scholar
  22. 22.
    Masci, P.: Design issues in medical user interfaces.
  23. 23.
    Masci, P.: Data entry issues in medical devices. Seminar given within the Washington Adventist Hospital’s Continuing Medical Education (CME) Program (2014)Google Scholar
  24. 24.
    Krasner, G., Pope, S.: A description of the model-view-controller user interface paradigm in the Smalltalk-80 system. J. Object Oriented Program. 1(3), 26–49 (1988)Google Scholar
  25. 25.
    Harel, D.: Statecharts: a visual formalism for complex systems. Sci. Comput. Program. 8, 231–274 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Shankar, N., Owre, S.: Principles and pragmatics of Subtyping in PVS. In: Bert, D., Choppy, C., Mosses, P.D. (eds.) WADT 1999. LNCS, vol. 1827, pp. 37–52. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  27. 27.
    Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-oriented Software. Pearson Education, Upper Saddle River (1994) Google Scholar
  28. 28.
    Masci, P., Zhang, Y., Jones, P., Oladimeji, P., D’Urso, E., Bernardeschi, C., Curzon, P., Thimbleby, H.: Combining PVSio with Stateflow. In: Badger, J.M., Rozier, K.Y. (eds.) NFM 2014. LNCS, vol. 8430, pp. 209–214. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  29. 29.
    Bernardeschi, C., Domenici, A., Masci, P.: Integrated simulation of implantable cardiac pacemaker software and heart models. In: 2nd International Conference on Cardiovascular Technologies (CARDIOTECHNIX 2014). ScitePress Digital Library (2014).
  30. 30.
  31. 31.
    Jison - JavaScript Parser Generator.
  32. 32.
    Handlebars Semantic Templates.
  33. 33.
    Bowen, J., Reeves, S.: Modelling safety properties of interactive medical systems. In: Proceedings of the 5th ACM SIGCHI Symposium on Engineering Interactive Computing Systems, EICS 2013, pp. 91–100. ACM (2013)Google Scholar
  34. 34.
    Masci, P., Couto, L., Larsen, P., Curzon, P.: Integrating the PVSio-web modelling and prototyping environment with Overture. In: 13th Overture Workshop, Satellite Event of FM 2015 (2015)Google Scholar
  35. 35.
    CodeMirror text editor for web browsers.
  36. 36.
    D3.js JavaScript library for dynamic creation and control of graphical elements.
  37. 37.
    Oladimeji, P., Masci, P., Curzon, P., Thimbleby, H.: PVSio-web: a tool for rapid prototyping device user interfaces in PVS. In: 5th International Workshop on Formal Methods for Interactive Systems (FMIS 2013) (2013).
  38. 38.
    JSLint - JavaScript Code Quality Tool.
  39. 39.
    Jasmine - JavaScript Testing Tool.
  40. 40.
    Download statistics for package pvsio-web.
  41. 41.
    Hall, B., Bhatt, D.: Formal Specification and Verification of Human Interactive Interfaces Incorporating Voice Control. Project Proposal, Honeywell (2013)Google Scholar
  42. 42.
    Medical devices and HCI. Full day tutorial at NordiCHI (2014).
  43. 43.
    Masci, P.: Design and analysis of software for interactive medical devices. Ph.D. module at University of Pisa (2014).
  44. 44.
    Robb, N.: Exploring Aspects of Automated Test Generation on Models. Waikato University, New Zealand, Honour Project (2015)Google Scholar
  45. 45.
    Pascoe, I.: Usability study of a system that models interactive systems. Waikato University, New Zealand, Honour Project (2015)Google Scholar
  46. 46.
    D’Urso, E.: Emulink: a graphical modelling environment for PVS, Master’s thesis. University of Pisa, Italy (2014)Google Scholar
  47. 47.
    Faria, C.: Web-base user interface prototyping and simulation, Master’s thesis. University of Minho, Portugal (2014)Google Scholar
  48. 48.
  49. 49.
    de Moura, L., Owre, S., Rueß, H., Rushby, J., Shankar, N., Sorea, M., Tiwari, A.: SAL 2. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 496–500. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  50. 50.
    Platzer, A., Quesel, J.-D.: KeYmaera: a hybrid theorem prover for hybrid systems (system description). In: Armando, A., Baumgartner, P., Dowek, G. (eds.) IJCAR 2008. LNCS (LNAI), vol. 5195, pp. 171–178. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  51. 51.
    Behrmann, G., David, A., Larsen, K., Hakansson, J., Petterson, P., Yi, W., Hendriks, M.: Uppaal 4.0. In: Third International Conference on Quantitative Evaluation of Systems. QEST 2006, pp. 125–126. IEEE (2006)Google Scholar

Copyright information

© Springer International Publishing Switzerland (outside the US) 2015

Authors and Affiliations

  • Paolo Masci
    • 1
    Email author
  • Patrick Oladimeji
    • 3
  • Yi Zhang
    • 2
  • Paul Jones
    • 2
  • Paul Curzon
    • 1
  • Harold Thimbleby
    • 3
  1. 1.Queen Mary University of LondonLondonUK
  2. 2.U.S. Food and Drug AdministrationSilver SpringUSA
  3. 3.Swansea UniversitySwanseaUK

Personalised recommendations