| 4.1. Usability in the Software and Hardware Life CycleProperly applied, HCI methods   and techniques elicit and identify the useful information in each phase of the project life cycle    . These activities can facilitate a more accurate and complete project definition during the requirements phase and an improved project design during the design phase. During the development phase, they can improve solution performance and reduce development time and costs. The benefits of HCI and usability activities continue after release, including increased user productivity and satisfaction, reduced training, support, and error recovery costs, increased sales and revenue, and reduced maintenance costs. 4.1.1. Unique Aspects of HCI and Usability in the Privacy and Security DomainAlthough many HCI techniques are general, there are unique aspects in the design of privacy and security systems that present challenges and opportunities. First, a key issue to consider is that security and privacy are rarely the user's main goal. Users value and want security and privacy, of course, but they regard them as only secondary to completing primary tasks like completing an online banking transaction or ordering medications. Users would like privacy and security systems and controls to be as transparent as possible. On the other hand, users want to be in control of the situation and understand what is happening. Therein lies the rub. As a consequence, the display of information and the interaction methods related to security and privacy need to be accessible if and when desired by the user, but they shouldn't get in the way. Second, as more of people's interactions in daily life involve the use of computing technology and sensitive information, disparate types of users must be accommodated. Security solutions in particular have historically been designed with a highly trained technical user in mind. The user community has broadened extensively as organizational business processes have come to include new types of roles and users in the security and privacy area. Many compliance and policy roles in organizations are handled by legal and business process experts who have limited technical skills. Moreover, the end user base includes virtually everyone in the population. The functionality provided by the system for people with different roles must accommodate the skill sets of each. Security and privacy are requirements for doing business as an organization and must be done well, or the organization may lose the user as a customeror worse. | KEY REFERENCE BOOKS IN THE HCI FIELDPlease consult these books for additional information; there is a wealth of knowledge and experience contained in them. Bias, R., Cost-Justifying Usability: An Update for the Internet Age, 2nd Edition (London: Academic Press, 2005). This book provides methods for calculating the value of HCI work and many case studies and perspectives across a variety of domains.Beyer, H. and Holtzblatt, K., Contextual Design (New York: Morgan Kaufmann, 1997). This practitioner guide outlines a method for identification of user requirements through unobtrusive observation of users in the field and instruction on analysis of that data for the design of usable systems.Diaper, D. and Stanton, N., The Handbook of Task Analysis for Human-Computer Interaction (Hillsdale, NJ: Erlbaum, 2003). This handbook provides instruction on how to complete task analysis in a variety of domains and information on user tasks identified in key past research.Helander, M., Handbook of Human Computer Interaction (Amsterdam: Elsevier, 1988). This reference book provides a synthesis of HCI theory, methods, and research in many different domains and from many perspectives. It contains seminal chapters not found elsewhere.Helander, M., Landauer, T., and Prabhu, P. (eds.), Handbook of Human-Computer Interaction, 2nd Completely Revised Edition (Amsterdam: Elsevier, 1997). This is an update of this key reference book.Jacko, J. and Sears, A. (eds.), The Human-Computer Interaction Handbook (Hillsdale, NJ: Erlbaum, 2003). This is a key reference book with the most up-to-date synthesis of HCI theory, methods, and research and its application to a wide variety of domains.Mayhew, D., The Usability Engineering Lifecycle: A Practitioner's Handbook for User Interface Design (San Diego: Academic Press, 1999). This is a practical guide on how to conduct HCI work as part of the development life cycle.Preece, J., Human Computer Interaction (Wokingham, U.K.: Addison Wesley, 1994). This book provides an introduction and overview of the HCI field. This text is used in university courses.Rubin, J., Handbook of Usability TestingHow to Plan, Design, and Conduct Effective Tests (New York: John Wiley & Sons, Inc., 1994). This is a practical guide for conducting usability tests of systems.Shneiderman, B. and Plaisant, C., Designing the User Interface (Reading, MA: Addison Wesley, 2004). This is a key text in the field of HCI. It provides an introduction and overview of the field for university students and others interested in the topic.
 | 
 
 Third, the negative impact that usability problems can have is higher for security and privacy applications than for many other types of systems. Complexity is at the very heart of many security and privacy solutions; from an HCI point of view, that complexity is the enemy of success. If a system is so complex that whole groups of users (e.g., technical users, business users, and end users) cannot understand it, costly errors will occur. There is a saying in the HCI field: "If the user cannot understand functionality, it doesn't exist." In the case of security and privacy, sophisticated systems that are badly designed may actually put users at more risk than if less sophisticated solutions were used. So, the increased risk of errors in this domain provides an even greater incentive to include HCI work in system research and development. Fourth, users will need to be able to easily update security and privacy solutions to accommodate frequent changes in legislation and regulations. Different domains (e.g., health care, banking, government) frequently have unique requirements. Systems must be designed to enable easy and effective updates to them. These are some of the challenges that provide a unique focus and strong incentive to include HCI in the system life cycle. You can probably think of more. Let's now discuss in more detail the valuable role that HCI can play. 4.1.2. Usability in RequirementsIt is critical that the project team be able to define the product and product goals clearly and early on. This is called the requirements phase  . From a usability perspective, the product definition should address who the intended users of the product are, the types of tasks for which users will use the product, and the real-world situations (the "context") in which the product will be used. A variety of formal HCI methods are available to identify and define this information. For any specific product, the HCI expert selects the appropriate subset of methods to use, given the time, resources, risk, and business priorities involved. Some of these methods include: 
 Interviews and surveys of end-user requirementsUsed to understand what top concerns and unmet needs customers, target users, and organizational stakeholders would like addressed. When you begin to work in a new domain area, it is critical that you start with end-user interviews and surveys in order to gain firsthand knowledge of the major issues and opportunities from users in their own voices. Typically these surveys involve a fairly large sampleperhaps 30 to 100 participants. Ideally, you begin with a larger survey group and follow up with in-depth interviews of a smaller group of end users and other key stakeholders (e.g., decision makers who will not necessarily use the system). Identification and refinement of the end-user profile occur as part of this work.
 Focus groupsUsed to understand and identify at a high level areas in which there are customer, target user, and other stakeholder concerns and unmet needs. Focus groups can augment surveys. An independent facilitator guides group discussions with samples of end users and probes issues in the domain area in greater depth than surveys are generally able to do. If resources are available, you might use focus groups before you conduct individual interviews.
 Field studies of end-user work contextUsed to understand and observe how current technology and business practices are being employed by users to accomplish their goals today. Find out what's working and what's not. Depending on your resources, expertise, and time available, you might conduct limited field studies to complement and validate the information gained from the preceding methods, or you might use a large sample of field studies to gain all of your information and forego the preceding steps.
 Task analysisUsed to understand the core and infrequent tasks that users need or would like to complete to accomplish their goals. These tasks will be identified during interviews, focus groups, and field studies of end-user work context. The experts gathering the information will probe to gain the context and relative importance of the items in the set of tasks. Also, end users will provide information to help set the usability objectives of the system (see the description of deliverables later in this section).
 Benchmark studiesUsed to understand current or baseline user performance using available manual or automated processes to complete the types of core tasks that the product will address. Benchmark data can be collected during field studies of end users or in controlled laboratory studies. This is critical data that will help you to set the goals for the usability of the new system and enable you to measure the value of the improvement that the new system will deliver. Be sure to collect this data for business cases and other purposes.
 Competitive evaluationsUsed to understand the capabilities available in the marketplace at the current time and identify the strengths and weaknesses of these solutions. As with the benchmark data, this data will help you to quantify the usability objectives and the value of the solution you are going to design; you will also design a better system after you understand the strengths and weaknesses of competitive systems.
 As you can see, there are many kinds of methods that you can use to collect the end-user requirements information. As a result, you must make tradeoffs in how you collect and validate the information based on the time, resources, and skilled personnel that you have available to work on a project. In a perfect world, it would probably be best to do field studies of representative samples of the different types of end users (e.g., based on age, skills, experience, roles) in a representative sample of the locations (e.g., geographic, physical conditions) and contexts (e.g., quiet indoor setting versus a mobile, public, and noisy setting) in which the system would be appropriate for use. Practically speaking, though, there are always constraints. One approach is to triangulate or cross-validate the data: ask the same questions using a variety of methods and determine whether the end users are providing you similar or different data. Thus, starting with an email survey, followed by a sample of in-depth interviews and a sample of field observation of end users, you could validate the emerging end-user requirements while keeping within time and resource constraints. Based on the analysis of   the data from the usability engineering activities during the requirements phase described earlier, the project team will have the following deliverables: 
 End-user requirements definitionThe complete description of what is needed to meet the needs of the user who would like to accomplish certain tasks and goals in a specific domain.
 User profile definitionA description of the target users of the product, including general demographic information and specific information about skills, education, and training necessary to use the product.
 Core task scenariosA small set of task scenarios that describe how the end users will be able to accomplish core tasks with the product to meet their goals.
 Usability objectives specificationA quantitative goal or set of goals that needs to be met for the user to be satisfied and productive using the product.[1] An example is "95% of the users will complete the sign-on task error-free within the first three attempts at the task." The objective should surpass the results of the benchmark testing and competitive evaluations. It should also address a variety of goals: user goals for productivity and satisfaction, business goals for the streamlining of business processes, and organizational goals related to expense and risk (the cost of errors and user support). Usability objectives specification provides a means for clear communication and the development of consensus in the project team for the usability goal of the product. [1] J. Whiteside, J. Bennett, and K. Holtzblatt, "Usability Engineering: Our Experience and Evolution," in M. Helander (ed.), Handbook of Human Computer Interaction, (Amsterdam: Elsevier, 1988).
 These deliverables contribute to a clear and thoughtful statement about the scope of the development project, and clear objectives and measures with which to judge the success of designing and developing a usable product for the target users. HCI work in the requirements phase frequently improves communication within the development team and brings about consensus with respect to product definition in clear and quantitatively measurable terms. On numerous occasions, early HCI work on end-user requirements has surfaced large or complex issues and conflicting goals among the development team that could be resolved relatively quickly and at a cost that is much lower during the concept phase than it would be during system test or after release.[2] [2] C. Karat, "A Business Case Approach to Usability Cost-Justification for the Web," in R. Bias and D. Mayhew (eds.), Cost-Justifying Usability (London: Academic Press, 2005).
 Of course, conflicting goals may also exist in the customer organization. Discussions during the requirements phase can provide the opportunity to highlight and resolve these differences. 4.1.3. Usability in Design and DevelopmentDuring the design and development phases, the project team needs to create a clear, high-level design for the product that will be implemented during development. From an HCI perspective, the key activities during these phases are: 
 Initial design developmentBased on the results of the HCI work during the concept phase, the HCI professional can create an initial user interface   design that covers the interaction methods and flow that users will employ to complete the core task scenarios. This design will guide the development of prototypes  , provide feedback to the development team, and give the project architect needed information for the system architecture.
 Ongoing data from usersAlthough there is a tendency to view gathering user data as an isolated activity, design and development require information from users on an ongoing basis. HCI professionals can and should be responsible for involving target system users with the development team on an ongoing basis throughout the life cycle. Users can participate in design walkthroughs and field and laboratory evaluations of prototypes. These sessions can be a valuable tool for understanding user needs and developing a system that addresses them.
 Prototype development (low, medium, and high fidelity)The HCI professional can create a prototype of the user interface for the solution that illustrates how the end user would complete core task scenarios. Low-fidelity prototypes created early in the design and development phases might consist of static screenshots with a scenario script that walks target users through the completion of tasks. These early prototypes let the project team collect information from target users about macro-level design issues. As the design is refined, the project team can create medium-fidelity prototypes or high-fidelity prototypes that let target users have hands-on experience and provide finer-grained feedback on design issues and tradeoffs. A medium-fidelity prototype generally has certain paths through the overall design (that correspond to certain tasks) and the interaction methods (i.e., data input or access through use of voice, touch, keyboard and mouse, biometrics) working in a realistic manner, although the frontend may or may not be integrated in a real-time manner with the backend of the system. A high-fidelity prototype is a fully functional prototype of the system and may be the alpha-level version of the actual system code.
 Design walkthroughs with small groups of usersThe HCI professional can facilitate design walkthrough sessions with small groups of target users. These walkthroughs are generally conducted early in the design and development phase with low-fidelity prototypes or static screenshots. It may be very valuable to iterate on the initial design and conduct a second round of design walkthrough sessions with new samples of target users to validate the design decisions made after the first round. The target users will be able to provide data on specific aspects and capabilities of the solution, as well as the usability of the system and their satisfaction with it. Target users will also provide information essential to updating the task scenarios and user profiles.
 Heuristic evaluations and other types of inspectionsThe project team may recruit HCI professionals who have expertise in the specific domain in order to have them adopt the role or roles of the target users of the system, to conduct heuristic reviews of the prototypes, and to identify issues for the project team to address. Think of these professionals as "double experts." The heuristic review consists of the experts completing the core user scenarios in the roles of the various target users and identifying usability   problems that people in those roles will face with the current design of the system. The project team may also find it valuable to have these experts review competitive offerings so that the team has additional input on how their product is likely to compare to the current competition.
 Usability tests (laboratory or field) with individual usersDuring development, HCI professionals can run usability evaluation sessions with one target user at a time employing medium- to high-fidelity prototypes of the solution that enable the users to have hands-on experience in using the prototyped system to complete their core task scenarios. These sessions may be conducted in a controlled usability laboratory where there is often a one-way mirror, letting members of the development team and other stakeholders observe the user interacting with the prototype firsthand. Alternatively, sessions may be conducted in the field. Although the field may have poor lighting, noise, interruptions, and a lack of privacy, it does represent the environment where the product will be deployed: testing the product in the field helps the development team to identify issues that are likely to be important later. Consider the tradeoffs between laboratory and field usability tests. If possible, it is best to use both types of tests in this phase of the project. During these user sessions, the team should collect a variety of data including qualitative information (e.g., how hard it is to learn, their experience in using the system, and their satisfaction with it) and their quantitative performance data (e.g., time on task, completion rate, error-free rate). This data will enable the project team to determine where they stand in terms of meeting the product's usability objectives. It is best to iterate on the design and collect the usability evaluation data until the usability objectives are reached. In practice, business needs and tradeoffs are made, and the data will provide a useful basis on which to make these decisions. Performance data can also be used to determine the severity rating of the different identified issues through use of a Problem Severity Classification Matrix  ,[3] which we describe in more detail in the first case study later in this chapter. The team can also learn whether the system as designed is good enough that the target user would like to use it, would purchase it, and how they would incorporate it into their lives. This more detailed and in-context design information from target users is very valuable and enables the project team to complete the micro-level design of the solution. From a project planning standpoint, consider that the usability tests in the design and development phases can be scheduled to dovetail with the appropriate unit, integration, and system testing. [3] C. Karat, R. Campbell, and T. Fiegel, "Comparison of Empirical Testing and Walkthrough Methods in User Interface Evaluation," Human Factors in Computing SystemsCHI 92 Conference Proceedings (New York: ACM, 1992), 397404.
 Prototype redesignAfter a round of usability evaluation, analyze the data and present it to the project team. The whole project team can contribute to the decision-making process about which issues to tackle and how to redesign parts of the system to address them. A discussion of the problem priorities and of the different approaches to resolve those problems can be quite productive when drawing on the different skills and experience of the team members.
 In the design and development phases, the main goal is to move from a fairly high-level design based on the early HCI activities in the requirements phase to a user-validated design of a highly usable system. The validated design has sufficient detail for development of the system. Usability problems in the early design are detected and resolved, and the final version of the system should meet all defined usability objectives prior to release. Based on the analysis of the data from the usability engineering activities described earlier during the design and development phases, the project team will have the following deliverables: 
 Validated and usable user interface designThe project team can be confident that the user interface design will be successful in deployment and release based on the iterative design and evaluation with target users during the design and development phases. The validation of   the design with the target users demonstrates that all significant user requirements are addressed by the system. The validation will be based on meeting the usability objectives set for the system. These will be assessed based on user performance with the system and satisfaction ratings of the system by target users during the usability evaluation of the latest iteration of the system design.
 Validated user model of the task flowUnderlying the interface design is a model of how the target users perceive the task and their views of the flow of the task to reach the desired goal. In addition, user errors made during usability evaluation sessions are priceless to HCI practitioners in terms of highlighting differences or confusions in the design as it relates to the user model. This helps the entire project team understand and gain consensus about the design.
 Validated and updated core user task scenariosThe user task scenarios will be refined and validated during the iterative usability   evaluations in the design and development phases of the project. The project team can be very comfortable that they are addressing the critical tasks of their target users.
 Validated and updated system requirements documentAs part of the usability activities in the design and development phases, information emerges that will be used to update and validate the system requirements. This occurs through the technical discussions about the project goals, the analysis of tasks to be completed using the system, and the results of the usability evaluations.
 Validated and updated user profilesThe usability work with target users in the design and development phases provides an up-to-date and clear definition of the target users. The project team can be comfortable that they are developing the product for the correctly defined, intended users. This information is very valuable for communication and marketing purposes.
 Objective performance data about achievement of usability objectivesThe project team will know exactly where they stand at the end of the development phase in terms of reaching the product usability objectives. As mentioned previously, in practice, tradeoffs are made in reaching these goals. The usability data provides very valuable data for these decision-making purposes.
 User interface style guideIf the organization is going to be developing a series of products in a particular market niche for a similar set of target users, it may be valuable to capture the high-level design decisions made for the user interface for use by other teams. In this way, the initial work with users during the concept phase can be leveraged.
 4.1.4. Usability in PostreleaseDuring prerelease beta-testing and after release of the final version of the product, the product team needs to be informed of feedback from the customers who are using the product. This feedback will help the team maintain the product and can be very helpful in understanding when a new release is required. From an HCI perspective, the key activities in this phase are: 
 Collection and analysis of customer data using online toolsTools of this kind enable remote data collection and usability evaluation. With customer consent, online tools may collect usage data through unobtrusive means and may also pop up questionnaires to collect explicit feedback from users at certain points in the use of a product. Data from these online tools can be analyzed and may highlight important issues that HCI practitioners need to follow up on with customers in individual and small group HCI work in laboratory and field settings.
 Analysis of customer support calls regarding the productAs stated earlier, the customer support calls provide another channel for customer feedback to the product team. The HCI practitioner can work with the product team to prioritize the issues and requests. As time goes by after the release of the product, these calls may provide information that signals when a new release of the product is necessary.
 Analysis of user comments in email, list serves, or web forums about the productThese are further channels for customer feedback about problems and for the identification of new or extended capabilities that are needed to address the customers' needs.
 Collection and analysis of survey and questionnaire data from users or through user group meetingsThe activities described earlier may be supplemented by telephone or written surveys of customers about their satisfaction with the product and any issues or requests for new functionality that they would like to communicate to the product team. Having regularly scheduled user group meetings that customers can attend is another way to collect information about problems with the current product or new customer requirements regarding usability or functionality that evolve in the changing world in which we live.
 Based on the customer data from these HCI activities in prerelease and postrelease or maintenance phases, the product team will have up-to-date and accurate information about customer satisfaction and any problems or unmet needs regarding the usability and functionality of the product. The methods described in this section may be used in parallel to collect user data on issues with the system and new emerging requirements. As mentioned previously, it would be best to cross-validate user issues and new requirements through communication with users through multiple channels. If possible, periodic user group meetings (virtual or face-to-face) supplemented with user data from one or two other channels would be very valuable for the product team to have access to. With the overview of usability in the software and hardware life cycle as context, we turn next to an examination of two case studies where HCI work was and is part of the life cycle (references to activities described earlier are shown in italics). Here we identify the variety of positive impacts that the work has provided. The first case study concerns HCI work on a security application, and the second case study describes HCI activities in a two-year privacy research project. The security case study describes a project where the HCI work on the system began when the project was well underway in the design and development phase. Although that security case study occurred some time ago, the fundamental lessons and flow of the significant HCI work on the project still remain true today. In the privacy technology case study, an example is provided of system development where HCI is incorporated as a critical component of the project beginning in the requirements phase. |