This protection layer is about trigger prevention. The guidelines are about the following failures:

Trigger prevention table

Trigger Prevention
Extreme conditions Robustness
Failure to control the system Primary automation design
Operator's slips Preventing operator's slips
Inconsistent scenario definition Scenario design
Scenario-situation mismatch HM Cooperation design
Operating in unexpected states Defining the primary design scope
Operating not as expected Defining the primary rules
Inter-unit state mismatch Coordination assurance
HM Interaction failure HM interaction design

 

Updated on 17 Dec 2016.