Embed Size (px)
Citation preview
Chalmers University of Technology
What Constitutes a Well-designed Alarm System?
Anna Thunberg and Anna-Lisa OsvalderDivision Design, Chalmers University of Technology
Gothenburg, Sweden
Chalmers University of Technology
Chalmers University of Technology, Gothenburg, Sweden
• Chalmers is a multifaceted academic and postgraduate University that conducts Researchand Education across a wide front within the areas of technology, natural science and architecture.
• Master of Science in Industrial DesignEngineering and Research in the field of Human Factors Engineering.
Chalmers University of Technology
Teaching & Ongoing Research
Medical Technology Vehicle Ergonomics Control Room Design
Development of Safe and User-Friendly Products/Systems
Human-Machine Interaction - Ergonomics - Technical Psychology
Chalmers University of Technology
Introduction
Background• Safety an important issue in nuclear power
– Safe and efficient operation needed
• Increasing risk of disturbances– Operation close to alarm limits
• Deficient alarm systems have contributed to seriousness of incidents
• Systems developed to aid the operator often have opposite effects
Chalmers University of Technology
IntroductionResearch Project: Alarm Systems
Stage 1 Stage 2 Stage 3
Year(2004-08)
1 2-3 4-5
ObjectivesCompile information
and compare different industries
Perform theoretical and empirical studies of alarm systems, operator’s work and performance, and the operator’s information and
monitoring process
Develop and evaluate alarm
design presentation
Expected results
Identify future research issues
Develop design principles for alarms
New alarm designs
Chalmers University of Technology
Introduction
Purpose and AimPurpose:• Improve alarm system design• Facilitate the operator’s perspective in
alarm design
Aim:• Develop alarm system design
guidelines which considers the operator’s abilities and limitations
• Develop, evaluate and design new alarm system
Chalmers University of Technology
Introduction
Delimitations• Swedish plants• Hybrid control rooms• Modernisations of control
rooms• Upgrades of alarm systems • Condensate and feed water
pump systems
Chalmers University of Technology
Introduction
Alarm Design Guidelines Problems• Difficult to use general alarm
design guidelines• Huge amount of guidance• Different operator roles and
working situations set different demands
• Several guidelines are not applicable (or less important) to modernisation projects
• Guidelines are not adapted to different design stages
Chalmers University of Technology
Methodology
• Compilation of existing guidance– NUREG 0700
Human-system interface design review guidelines• Chapter 4 Alarm Systems
– HPR-354Recommendations to alarm systems and lessons learnt on alarm system implementation
– IEC 62241 Nuclear power units – Main control room – Alarm functions and presentation
Chalmers University of Technology
Methodology
• Independent evaluation of guidanceof human factors experts – Experience of several risk
assessments and usability studies of control room design in Swedish NPP control rooms and other applications
• Common assessment and compilation
Chalmers University of Technology
Methodology
Grouping of Alarm Design GuidelinesDesign stage
RecommendationGeneral -
philosophyAttend to existing
designConceptual
designDetailed design
Basic
Layout
Interaction
Documentation, maintenanceProcedures
Physical CR layout
Signal processing
Design process
Chalmers University of Technology
Results
General Guidelines
• Important as guiding-star but not project specific
• Should establish the basis for a plant alarm philosophy
Chalmers University of Technology
Results
General GuidelinesGeneral - philosophy
BasicLayoutInteractionDocumentation, maintenance
Procedures
Physical CR layoutSignal processing
The grouping rules should be clear and consistent with operator's usage
Design process
Every alarm shall require an operator responseA main alarm display shall be providedNavigation in alarm displays should be quick and easyClear roles and responsibilities shall be established for maintaining and improving the systemAlarm response procedure should be available for each and every alarmAll operating staff should be able to see essential alarms for the overall plant operation
Human factors criteria shall be systematically applied
Chalmers University of Technology
Results
Grouping of Alarm Design GuidelinesDesign stage
RecommendationGeneral -
philosophyAttend to
existing designConceptual
designDetailed design
BasicLayoutInteractionDocumentation, maintenanceProceduresPhysical CR layout
Signal processing
Design process
Chalmers University of Technology
Results
Design Guidelines1. Consideration to existing design
- Important that the operator experiences the system as one and not as several subsystems
2. Conceptual design guidelines- Guidance for the conceptual design stage
3. Detailed design guidelines- Guidance for the detailed design stage
Chalmers University of Technology
Results
Design Guidelines – Existing Design• The operator should understand the new system as
one system and not as consisting of several subsystems
• Existing design features can override alarm design guidance– Annunciation of alarms
• Audio signals• Flash rates
– Arrangement of alarms– Use of abbreviations– Alarm management
Chalmers University of Technology
Results
Grouping of Alarm Design GuidelinesDesign stage
RecommendationGeneral -
philosophyAttend to
existing designConceptual
designDetailed design
BasicLayoutInteractionDocumentation, maintenanceProceduresPhysical CR layout
Signal processing
Design process
Chalmers University of Technology
Results
Design Guidelines – Conceptual Design• Guidelines applicable to conceptual design:
– Alarms that have higher importance or greater safety significance should be given greater priority in their presentation than less important or significant alarm
– The operators should have access to ARP from the location at which the alarm messages are read
– Spatially dedicated, continuously visible alarm displays should be considered for:
• Alarms that require short-term response, • The most important alarms used in diagnosing and responding
to plant upsets, and• The most important alarms used to maintain an overview of
plant and system status
Chalmers University of Technology
Results
Grouping of Alarm Design GuidelinesDesign stage
RecommendationGeneral -
philosophyAttend to
existing designConceptual
designDetailed design
BasicLayoutInteractionDocumentation, maintenanceProceduresPhysical CR layout
Signal processing
Design process
Chalmers University of Technology
Results
Design Guidelines – Detailed Design• Guidance for the detailed design stage
– System response tie should not exceed 2 sec.– A separation (e.g. blank row or horizontal line)
should be inserted every four or five lines in VDU alarm message display
– When information is coded by the pitch of narrow-band signals (i.e., tones), no more than three frequencies should be used
– The bright state of alarms on VDU displays should be at least 100 percent brighter than the normal state
– Redundant codes (e.g., color and location) should be used for alarms that require rapid action
Chalmers University of Technology
Results
Grouping of Alarm Design GuidelinesDesign stage
RecommendationGeneral -
philosophyAttend to
existing designConceptual
designDetailed design
BasicLayoutInteractionDocumentation, maintenanceProceduresPhysical CR layout
Signal processing
Design process
Chalmers University of Technology
Presentation of Results
• Results presented in tables • Grouped with similar guidance• Shading marks design stageNo. Guideline
2-2 The alarm presentations shall be controlled with functions designed to ensure that the operators have noticed each alarm.
2-2.1 The following alarm control functions should be provided:- Silence, Acknowledge, Ringback, Reset, Reflash
2-3 Provide a common spatially dedicated continuously visible alarm display for safety critical alarms.
2-3.1 The alarm display for safety critical alarms should be visible from all operator work stations.
Chalmers University of Technology
Conclusions
• Most guidelines are applicable both for new and modernised alarm systems
• General design guidelines should be documented in an alarm philosophy and used as a basis for all control room issues.
• Modernisation projects set specific requirements – Consideration to the operators’ previous experience and
knowledge– Consistency in the design
• Include development of procedures and training in the design to ensure efficient operation and consistency
Chalmers University of Technology
Effects
• Division of alarm system design guidelines increases the usability– Indicate design stage– Point out important consistency
requirements– Clearer responsibilities between utility and
contractor• Which information is needed and when, from
whom?
– Can facilitate evaluation of alarm systems
Chalmers University of Technology
Final validation
• Validation of the alarm design guidelines– Utilize the guidelines when developing
an alarm system for the condensate and feed water systems of a BWR in Sweden
– Evaluation of the guidelines by experienced control room designers from different nuclear power plants
Chalmers University of Technology
Research Project: Alarm Systems
Stage 1 Stage 2 Stage 3
Year(2004-08)
1 2-3 4-5
ObjectivesCompile information
and compare different industries
Perform theoretical and empirical studies of alarm systems, operator’s work and performance, and the operator’s information and
monitoring process
Develop and evaluate alarm
design presentation
Expected results
Identify future research issues
Develop design principles for alarms
New alarm designs
