The operator's mental activities involved in the operation under hazard is described in the model of problem solving .... Accordingly, the operator's tasks are:

1. Exception detection: the specifications should include rules defining normal behavior in each scenario. The design should include means (such as the hazard Detector described in the Implementation section) to detect instances of violation of these rules.
2. Hazard recognition: the specifications should include details about the risk levels of all known expected exceptions, and the alarms provided with the various risk levels. The design should ensure that an alarm signal is generated, and that the operators can recognize the risk level immediately, so that they can prioritize the new hazard in their ongoing tasks.
3. Troubleshooting: the specifications should include procedures enabling the operator to identify the threats, and understand better their risks. The design should include means for the operators to associate the procedures to the hazards.
4. Recovery: the specifications should include procedures for fixing the problem, and the design should include means for the operators to find the proper procedure.
5. Safe-mode operation: the specification should include details about the conditions for safe-mode operation, the subset of operations essential in safe mode, and those that should be avoided.
6. Resumption: Normally, resumption should be allowed as soon as the system situation resumes compliance with the operational rules. Exceptions to this guideline might better be transformed to changes in the constraints.

Related topic

Updated on 26 May 2016.