Helping the operator in the loop: practical human machine interface principles for safe computer controlled systems

Quantified Score

Visualization

Abstract

This paper addresses a need for practical human machine interface (HMI) design principles for safety-related computer controlled systems. Most HMI design principles and guidelines focus on aspects of usability. Whilst usability is important for reducing the incidence of human error, more is required of a safe human machine interface. A safe HMI design must reduce incidence of human error but equally importantly, it must reduce the consequences of both operator and computer error by helping the operator to mitigate errors. By this, we do not suggest that it is always necessary, or even advisable, to keep an operator in the decision-making path. However, where a human acts as a system component, they should be used as effectively as possible. Good HMI principles and guidelines can help with this. In this paper we firstly examine existing sets of principles and guidelines for HMI design. We then establish a simple model of a computer controlled system with an operator in the loop, and, through hazard analysis, identify those sequences of actions which involve the operator as either cause of, or mitigation for, a hazardous system state. From these sequences, we isolate the operator actions which should be discouraged or facilitated by the HMI, and derive a set of general safe HMI principles. We argue that this approach provides a sound argument for both the necessity and the completeness of our principles. The paper goes on to discuss how the approach may be extended to derived detailed guidelines from the safe HMI principles.