The guide recommends that the
gates should
detect any deviations from the
operational procedures, enabling the
operators to
become aware of their
errors, and to reconsider their
risky actions.Not all the operator's errors may be prevented. Sometimes the operators are expected to deviate from the rules. For example, when the operators experience exceptional behavior, or when they encounter a risk due to an external event.
An operator may be authorized to activate special functions, for example, in emergency, which deviate from the operational procedures. However, the operators might also activate these special functions unintentionally, or by mistake .
The guide recommends that the
gates should
detect any deviations from the
operational procedures, enabling the
operators to
become aware of their
errors, and to reconsider their
risky actions.
In the example, the operators are required to read the thermometer continuously, and recognize instances of dangerous temperature. Can they do it reliably?
If the operator are trained well, and we can be sure that they pay attention to the sensor reading continuously, they could do it. However, according to the Human Factors variant of Murphy's Law, the operator's might overlook the thermometer reading, thus becoming unaware of the hazard. In resilient-oriented design, we need to provide special facilities to make sure that the operators pay attention and notice the risky conditions. The machine should notify the operators about the system situation, so that they can recognize when the system is in an exceptional situation.
Updated on 22 Jan 2017.