Your SlideShare is downloading. ×
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Cynitha.null
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Cynitha.null

14,556

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
14,556
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Best Practices for Reliable and Robust Human Systems Integration Dr. Cynthia H. Null NASA Technical FellowNASA Engineering and Safety Center Program Management C. Null 1 Challenge Conference 2008
  • 2. Outline• Human Factors Design Philosophy• Model of Human Factors in System Design• Design Processes• Summary C. Null 2
  • 3. Human System Integration• Systems level approach• Design for robustness for the life of the program – Design – Build – Test – Operate – Maintain – Retire• Reliability is an attribute of the product• Reliability is an attribute of operational processes C. Null 3
  • 4. Which humans do we design for?• From a human factors viewpoint Crewmembers Not just for Controllers Training personnel human space flight. Manufacturing personnel Maintenance personnel Ground operations Ground testing are apart of the spacecraft system.• All elements of the system are influenced by human performance.• Human performance is influenced by the system design. C. Null 4
  • 5. Human Factors Design Principles1. System demands are compatible with human capabilities and limitations.2. System enables utilization of human capabilities in non-routine and unpredicted situations.3. System can tolerate and recover from human errors. C. Null 5
  • 6. Environment Human Capabilities• Physical •Operations Concept • Abstraction • Noise •Command & Control • Problem Solving • Vibration •Geographic Distribution • Creativity • G-level •Nominal • Cope with novel situations • Climate •Off-nominal • • • Illumination •Unexpected • • Access• Organization • Culture • Communication • Responsibilities • Authority Tasks / Goals System Capabilities • Requirements • Monitoring • Moderators • Control • Procedures • Interfaces • Decision Aids • Robotics • Interfaces • Automation • Human-Human • C. Null 6 • • Human-system •
  • 7. Simplified Model • Human Capabilities AbstractionEnvironment • Problem Solving• Physical • Creativity• Operational Concept • Cope with surprises• Organization Subsystems Humans Displays Human Sensation Machines Cognition Human TASKS Input Devices Human Actions System Capabilities Tasks• Monitoring • Requirements• Control • Moderators• Interfaces • Interfaces• Robotics •Human-Human Null C. 7• Automation •Human-system
  • 8. Simplified Model Human CapabilitiesEnvironment Sensation/Perception• Physical • Vision • Vestibular• Operational Concept • Audition • Kinesthesia• Organization • Tactile • Taste/smell Subsystems Humans Displays Human Sensation Cognition • Attention Machines Cognition Human • Memory • Information processing TASKS • Decision making • Action Initiation Tasks Input Devices Human Actions • Requirements • Moderators System Capabilities • Interfaces• Monitoring Human Actions •Human-Human• Control • Motor coordination •Human-system• Interfaces • Object manipulation• Robotics • Speech C. Null 8• Automation
  • 9. Simplified Model Displays Human Capabilities • Display Response • Abstraction •Visual • Problem Solving •Sound • CreativityEnvironment • Initiates Queries • Cope with surprises• Physical• Operational Concept Subsystems Humans• Organization Displays Human Sensation Machines• Process Data Machines Cognition Human• Perform procedures• Stores data• Retrieves data TASKS• Transmits responses• Control Input Devices Human Actions Input Devices Tasks System • Sensors • Requirements • Controls, switches • Moderators Capabilities • Keyboard, mouse, etc. • Interfaces • Touch-screen C. Null 9 •Human-Human • Voice recognition •Human-system
  • 10. Fallacy: Human Factors Is Just Common Sense• Designs are not only built to requirements but may have hidden assumptions or demands• Simple example of mismatch between human capabilities and tool operation – PDA, cell phone & camera displays use small, efficient LCDs – PDAs have thumb- controlled keyboards C. Null 10
  • 11. It is common to hear• Automation will: – Reduce human workload – Simplify tasks performed by humans – Reduce training requirements – Reduced human error• However, Aviation Automation has: – Changed the human tasks, often increasing the complexity – Moved tasks from control to monitoring, but not simpler – Often increased training (systems are more complicated) – Changed types of errors – Increased concurrence of tasks C. Null 11
  • 12. It is common to hear:• If the design isn’t perfect we can train – However, under stress or time constraints trained behavior may fail• We will find any issues during training, and design procedures to eliminate the issue – Simulation training may not discover the interactions with the tools and environment – Changing procedures may not be enough – Usually too late (or too expensive) to impact design C. Null 12
  • 13. Fallacy: Design Deficiencies will beuncovered in human-in-loop testing or training• Example: STS-49• Capture, installation of new perigee kick motor & release of an Intelsat-VI satellite View of Robotic Arm Operator C. Null 13
  • 14. STS-49 Attaching Capture Bar To Intelsat-VIPracticing 3-Person Satellite Grab Performing 3-Person Satellite Grab C. Null 14
  • 15. Design ProcessesProminent in heritage systems are human-system integration responsibilities• DDT&E of – “active” interfaces (displays and controls) – “passive” interfaces with vehicle (seating, restraints, lighting)• Ensure reliable operations in space environment C. Null 15
  • 16. Apollo’s Display and Control Systems Requirements (a few)• No single display or control failure would jeopardize the safety or the flight crew or be cause for an abort.• Information would be presented so as to permit rapid assessment of critical system status without resorting to extensive troubleshooting procedures to identify malfunctions• All D&C used during accelerated flight would be designed for operation by a pressure-suited fully restrained crewman• Automatic systems would be used to obtain precision, to speed response, or to relieve the crewmen of tedious tasks: but all automatic control modes would have a manual backup C. Null 16
  • 17. D = Design, B= Build, O= Operate, M= Maintain, T= Train C. Null 17
  • 18. HFE methods & tools as a part of overall design process Testing is critical HFE ActivitiesPlanning HFE HSI Design Training Verification Performance & & Monitoring Analyses Function Analysis Integration ValidationConcept of Ops Human-System Task Analysis Concept Design Systems performance ContinuousEndpoint Vision Approach Human in Loop Detailed Design testing improvement • • • • • • Testing and • • • • Integration Simulation Nominal & Off- • Evaluation • • nominal • HFE Guidelines • HFE Process • HSI Design C. Null 18 Overall Engineering Design Process
  • 19. HSI System Development C. Null 19
  • 20. Human Factors Design Principles1. System demands are compatiblewith human capabilities and limitations. C. Null 20
  • 21. “Top-Down” High-level mission and goals Define functions necessary to achieve the goalsAllocate functions to human and system resources Decompose functions into tasksAnalyze tasks to define performance requirements Design detailed HSI, procedures, and training C. Null 21
  • 22. “Bottom-Up”• Prototype human activities (including modeling)• Identify human performance variability and human error potential• Design interfaces, tools, training, etc. C. Null 22
  • 23. Example: Two Approach ModesPlanned approach: Track/Flight Path Angle mode: input: -3.3° 5000ft input: -3.3° -800 ft/min Mt (2700ft) Actual approach: Heading/Vertical Speed; input: -3300 ft/min 5000ft input: -13,6° -3300 ft/min Mt (2700ft) Eventual Crash C. Null 23
  • 24. Wrong Mode–Spot The Difference C. Null 24
  • 25. Design trades• Design trades are a fact of designing complex systems• HFE helps make explicit the trades that effect human performance and thus effect system performance and reliability C. Null 25
  • 26. Humans Will Adapt Find New Ways To Solve Problems Humans Can Cope with Uncertainty• But at what cost?• These characteristics are something we rely on – As individuals – As designers• It is this creativity that adds reliability to complex systems C. Null 26
  • 27. Human Factors Design Principles2. System enables utilization of human capabilities in non-routine and unpredicted situations Non-routine Unpredicted* Procedures * Information is KEY* Training * Transparent systems * Diagnosis support C. Null 27
  • 28. Apollo 13“Houston, we’ve had a problem” C. Null 28
  • 29. Human Factors Design Principles3. System can tolerate and recover from human errors **** Let me note: The human error mitigations: Must not reduce humans ability to cope with the unpredicted. Must not leave humans unaware of automatic actions, operational modes or system status. C. Null 29
  • 30. Human Error and Reliability Analysis Fault Tree Analysis (Top-Down)1. What catastrophic outcomes could occur?2. What event/error sequences and combinations could lead to each outcome? 1. Identify3. Are there scenarios when one or two human critical human error could lead to a catastrophic outcome? risks Human Factors Process failure 2. Formulate Modes and Effects Analysis responses (Bottom-Up)1. How will humans interact with the system?2. What errors could occur?3. What consequence would result from these errors? C. Null 30
  • 31. 1997 MIR- Progress Collision• During 4 months preceding event, crew stressed by frequent system failures• Near-miss during an Toru- assisted docking• Low contrast and poor resolution of the Toru display• Kurs radar shutdown decreased spatial C. Null 31 awareness
  • 32. People Create Safe Operations• Rarely is human operator error in complex systems the proximate cause of the failure.• In complex operations human error is often the symptom of deeper system design issues.• Human error is not random. Error is systematically connected to features of tool’s, task’s and operating environment• People are vital to system safety. C. Null 32
  • 33. Design PrinciplesSystem Life 1. Human 2. Off- 3. ErrorCycle Phase Capabilities nominal TolerantManufacture Objectively define Hazard analysis. Components designed and evaluate skill. to make incorrect assembly difficult.Test Tasks are within System keeps Independent test human perceptual operators in the verification. envelope. loop.Operate System demands System keeps Appropriate interlocks, are consistent with operators in the make it difficult to do human performance loop. dangerous things. standards. Permits humans to take control.Maintain Maintenance tasks Non-routine Avoid simultaneous are within human trouble-shooting maintenance of capabilities. and repair is redundant systems. possible. C. Null 33
  • 34. Some General Characteristics of a Well Designed Human-System Interface• Accurately represents the system• Meets user expectations• Support task performance• Minimizes distractions• Balances workload• Is tolerant to error• Is consistent• Provides timely information and feedback• Provides access to explanations when needed• Verified through extensive human-in-loop C. Null 34 testing, including off-nominal scenarios
  • 35. Human Factors to Reliable Systems• System view – Human as part of system – Environment context• Designs for nominal, off-nominal & unexpected• Matches tasks and tools to human capabilities & limitations• Data driven—human-system performance testing is key to success• Requires curious skeptic with knowledge of human capabilities C. Null 35
  • 36. Examples C. Null 36
  • 37. Design for Maintainability• Physical access• Visual access• Tooling access• Modularity• Error-proofing• Labeling C. Null 37
  • 38. Fastener Starter• HF-PFEMA uncovered high potential FOD issue Shuttle Dome Heat Shield Installation Process• Developed Fastener Starter by incorporating – task requirements – user preferences – flight hardware constraints – lessons learned from evaluations of currently available tools• Tested with technicians simulating hardware installation – evaluated the tools performance (parts dropped) – the technicians efficiency – subjective rating of the tool. C. Null 38
  • 39. Fastener Starter• Firmly grips and holds a single screw, bolt, nut, washer, spacer, or any combination of these parts.• Compact size allows it to be used effectively in cramped, difficult-to-see locations Fastener Starter Holding a Screw C. Null 39

×