Avoid Errors Human Factors Systems Errors


204297.qxd 1/27/04 11:44 PM Page 46
E V I R O N ME N T A L
HE A L T H & S A F E T Y
Avoid Errors
Part 2 The Human Factor and System Errors
By Bill Mostia Jr.
Take a systems approach, analyzing examines human factors in greater caused by human error, or were system
human factors, ergonomics, culture, facil- depth, and outlines different ways to use errors at fault? In system errors,
ity design, and management systems them to reduce the likelihood of errors human error is only part of a much
When you read in the newspaper larger problem. Typically, flawed sys-
n September s issue, Part 1 discussed that an airplane crash occurred because tems will fail to take  human factors
how people make errors and some of  pilot error, or when you hear that a into account. Yet, few companies today
Iways to minimize these errors in process plant made off-spec product take a systematic approach to minimiz-
process plant design, instrumentation because of a miscue by an operator, ask ing human error (bar chart).
and operations. This final installment yourself:  Were these accidents really To analyze human errors, one must
apply relevant information about
Systemic error-reduction is needed human behavior and characteristics.
One must also define human character-
istics that can be applied to people who
100
93%
are interacting with systems and
devices. Both of these concepts are
included in  human factors.
80
Some human factors are based on a
person s physical and mental limita-
tions or inherent behavior. Others
60 can be based on psychological or socio-
50% logical factors. Human-to-human
interaction is based on psychology,
43%
while sociological factors such as
36% 36%
40
group dynamics can be culturally or
ethnically based.
21% 21%
Culture-based human factors can
20
stem from the local culture, for exam-
ple, of a plant or area, or may be ethnic-
0% or society-based.
0 Each facility has its own way of
Design Guidlines Process Metrics Simulation
FMEA Documentation Error Proofing
Review Maps & Testing
doing things or responding to change
or other stimuli. One cultural problem
A recent survey of companies in the U.S. and Japan found that few are taking a systemic approach to is the  not invented here syndrome, in
reducing human error, and even fewer are using novel techniques such as Poka Yoke, a technique devel- which people take no interest in  best
oped in Japan that is widely used by the world s discrete manufacturing industries practices outside of their organization
Source: Chao, Survey of 50 U.S. and Japanese Companies, cited in  Traditional Methods to Control Human Risk, NASA, or have no curiosity about how other
9/18/2002, p. 19. people do things. Another is the  it
November 2003 www.chemicalprocessing.com
204297.qxd 1/27/04 11:44 PM Page 47
E V I R O N ME N T A L
HE A L T H & S A F E T Y
can t happen here syndrome, in which Human factors exist everywhere in while ignoring underlying human fac-
people are extremely resistant the lifecycle of a process plant or tors. This is taking the easy way out,
to change. instrument system. Anything that can and won t improve safety or quality.
An ethnic- or society-based culture cause difficulties during implementa- Consideration of human factors and
reflects the norms for the ethnic or soci- tion, operation, and maintenance can their effects should be part of the lifecy-
ety group. A cultural human factor, for lead to human factor-facilitated errors. cle of any process plant or control or
example, might be the way people read. If you ignore how people really instrumentation system. In fact, human
English is read from left to right while work and think when you re developing factors should be considered in all
some other languages, such as Arabic, are design, operation, and maintenance designs, procedures, and practices as a
read from right to left. Another such cul- procedures, practices, and systems, value-added practice and in some cases
tural factor is that some societies prefer you re only facilitating errors and poor a matter of law. OSHA regulation 29
group consensus over individual action. performance. Examples would be fail- CFR 1910.119, Process Safety Manage-
Human factors also can be situational, ing to do upfront engineering and ment (PSM), for example, requires that
depending on the way people interact
with a particular situation or set of condi-
tions. For example, one plant might Mechanical failure doesn t tell the whole story
arrange process equipment for a particu-
3000
lar operation in one way, while another
might arrange it differently. Similarly, one
plant might assign a large group for a spe-
2500
cific operation, and another, a small
ARIP= Accidental Release Information Program
number of people. These differences
HSEES= Hazardous Substances Emergency
would affect the way that each plant
Events Surveillance
2000
reacted to a particular situation. RMP= Risk Management Plans
MARS= Major Accident Report System
Not all human factors are bad
1500
Some human factors are good, such as
those that may minimize errors or
improve performance. 1000
Others, however, can cause errors.
Consider:
500
" management systems (communica-
tion, training, scheduling, culture,
style, work load, etc.),
0
" procedures (response to upset, opera-
Mechanical/Equipment Human/Operator Error None, other, unknown,
tional procedures, plant practices,
Failure multiple
etc.),
Initiating Event
" physical factors (ergonomics),
" organization (presentation, order, Extracted from four separate EPA databases, these data on chemical plant accidents show the respec-
structure, etc.), and tive roles played by mechanical failure and human error as an initiating event. Note that mechanical fail-
" facility design (equipment, controls, ure is almost twice as likely as human error to initiate an accident. However, these data were compiled
environment, etc.) [1]. before detailed analyses had been completed. Consider system errors or deficiencies in human factors
Also bear in mind how people process that may have led to the mechanical failure
information. Ask yourself the following: Mary Kay O Connor Institute for Process Safety
" How much information can a person
process at a time? design work properly for a new process the process hazards analysis (PHA)
" How quickly can a human being control system, having a poor change- address human factors.
process information? management system, supervising Errors may be classified by whether
" What role do short-term and long- operators inadequately, using overly they affect safety or not. Safety errors
term memory play? complex instrument operation or may result in an accident, a near miss or
" How do people handle complex situ- work procedures, or placing an instru- an accident waiting to happen. Safety
ations? ment in a location where it difficult to errors caused by humans in safety
" What role does individual mindset work on. instrumented systems (SIS) are called
play? Facilities or organizations are often  systematic errors. In an often-cited
" How do human interactions or guilty of  scapegoat syndrome, blam- study of control and safety system fail-
 group think affect behavior? ing one individual s errors for accidents ures by the U.K. s OSHA-equivalent, the
www.chemicalprocessing.com November 2003
Number of Releases
204297.qxd 1/27/04 11:44 PM Page 48
E V I R O N ME N T A L
E
HE A LF E A T URA F E T Y
T H & S
Health and Safety Executive, 85% were ties for error or minimize their effects, are provided in tables while the propor-
attributed to failure to set the proper notes safety authority Trevor Kletz [3]. tioning effect is determined by the per-
specification, changes after commission- " Tolerance: This involves a situation son doing the analyses.
ing, installation and commissioning, and in which errors are expected, but the The role that automatic protection, or
design and implementation, while only system is designed to tolerate them. error-tolerant systems, should play in
15% were associated with operation and An example could be an operator reducing human error remains a ques-
maintenance errors [2]. Attributing prompt to verify any number tion. Some reports [5] indicate that
errors to equipment failure (Bar graph p. entered  the system assumes that inducing automatic protections has actu-
47) may hide their real source. the operator may enter a wrong ally raised the amount of human error.
number into a human-machine One conclusion is that, with known auto-
Reducing human error interface. matic protections in place, operators may
In dealing with human error, one can " Mitigation: When this approach is be prone to more risk taking, either indi-
take one of the following approaches: taken, systems are put in place to vidually or in their operating philosophy.
" Prevention: With this approach, mitigate the effects of an error. An If true, this merits close evaluation of the
errors can be viewed in different example would be building a dike human factors involved.
contexts: either considered from the around a process vessel to contain In conclusion, human error occurs all
outset, when they occur, or only liquid from overfilling the time. People are yelled at, chastised,
when they create consequences. " Lifecycle approach: Taking a systems criticized, but many companies today
In the first context, errors are pre- approach to design, examining engi- have no systematic method for reducing
vented only if they are not made at all. neering and administrative controls, error. Don t assume that normal manage-
An obviously efficient, if difficult, way training and human factors. ment or supervisory systems will solve
to keep errors out of a system, it The lifecycle approach is particularly the problem. Indeed, they may create
demands using a  Do it right the first useful for reducing human errors in human factors that facilitate error. CP
time, every time approach. This is a instrumentation systems. With this
front-end process. Highly motivated, approach, there is a formal lifecycle for William L. (Bill) Mostia Jr., PE, of safety
competent people are required to design, installation, operation, and consultants Exida has more than 25
implement this type of approach, and to maintenance. This type of approach can years experience applying safety, instru-
reduce human-factors-facilitated errors. use all the methods above to reduce or mentation, and control systems in
In the second context, it is assumed minimize human error, but formalizes process facilities. He can be reached at
that errors will enter the system, but that their use. An example of this approach wmostia@exida.com.
each one should be caught before it can to a system is given in ISA 84.01,  Appli-
have a negative effect. This is a back-end cation of Safety Instrumented Systems
References:
process and is less efficient than the first for the Process Industry.
option. Review and supervision processes
are the key to reduce this type of error. Cost and probability of errors 1.  Considering Human Factors in
Unfortunately, these processes are often To quantify the probability of human Process Plant Risk and Hazard
somewhat informal, have no organized error, we somehow must quantify the Analysis, Fred L Leverenz Jr. & G.
methodology in reducing errors, and sel- propensity of humans to make errors Brandley Chadwell, Battelle Memor-
dom consider human factors. under the conditions of interest. Since ial Institute, Columbus, Ohio.
" Anticipation: A potential error is we are dealing with the complexity of 2. Safety Shutdown Systems: Design,
identified and the opportunity for human actions, this is somewhat diffi- Analysis and Justification, Paul
the error to arise is minimized or cult. However, methods have been Gruhn & Harry L. Cheddie, ISA,
eliminated. developed, including: Research Triangle Park, N.C.
Some examples of anticipation in action " Human Error Assessment and Reduc- 3.  An Engineer s View of Human
are: revising an overly complex procedure tion Technique (HEART) Error, Trevor A. Kletz, Dept. of
to a simpler one; creating a procedure to " Technique for Human Error Rate Pre- Chemical Engineering, Loughbor-
control safety system bypasses to assure diction (THERP), and ough University, Loughborough,
that a bypass is not inadvertently left " Empirical Technique to Estimate England.
engaged; and placing an interlock to pre- Operator Errors (TESEO). 4. Reliability Maintainability and Risk,
vent an operator from taking an action A discussion of these methods can be David J. Smith, Butterworth-Heine-
unless some condition is satisfied. found in Reference 4. man, Boston.
 Some errors can be prevented by HEART, developed by J.C. Williams 5.  The Role of Fault-Tolerant Design
better training, or increased supervi- in the early 1980s, quantifies human In Minimizing Risk, C.W. Johnson,
sion, but the most effective action we error into a probability of the error, an Dept. of Computer Science, Univer-
can take is to design our plants and error-producing condition multiplier, sity of Glasgow, Glasgow, Scotland.
methods so as to reduce the opportuni- and a proportioning effect. The first two
Reprinted from CHEMICAL PROCESSING, 11/2003
204297.qxd 1/27/04 11:44 PM Page 49
Form D351108x 012 / 5K AQ/ 11/03


Wyszukiwarka