Beruflich Dokumente
Kultur Dokumente
Abstract
A comprehensive process hazard analysis (PHA) needs to address human factors. This paper describes an approach that systematically
identies human error in process design and the human factors that inuence its production and propagation. It is deductive in nature
and therefore considers human error as a top event. The combinations of different factors that may lead to this top event are analysed. It
is qualitative in nature and is used in combination with other PHA methods. The method has an advantage because it does not look at
the operator error as the sole contributor to the human failure within a system but a combination of all underlying factors.
r 2007 Elsevier Ltd. All rights reserved.
Keywords: Process hazard analysis; Human factors; Human error; Analytical hierarchy process
1. Introduction
Statistics show that majority of accidents (over 80%) in
the chemical and petro-chemical industries have human
failure as a primary cause [1,2]. A survey conducted by the
Technische Universitat Berlin (TUB) indicates that 64% of
total incidents are due to human failure [3]. Texas City
Disaster in 1947, Bhopal in 1984, Piper Alpha disaster in
1988 and Texaco Renery re 1994 all have human errors
either as a direct cause or indirect cause. Regulators have
realised that the role of human in the system safety is not
being sufciently addressed and therefore have moved in to
intervene. The Seveso II directive, whose aim is prevention
of major hazards, calls on operating companies to
demonstrate that human factors have adequately been
addressed during the design of a plant. ISO 13407, the
standard for human-centred design processes for interactive
systems states that, The application of human factors and
ergonomics to interactive systems design enhances effectiveness and efciency, improves human working conditions,
and counteracts possible adverse effects of use on human
health, safety and performance [4].
The failure to sufciently address human-related issues
during the process hazard analysis (PHA) is contributed by
two factors. First is that much emphasis has been on the
Corresponding author.
technical design. Most designers are interested in developing process plants with high reliability. Therefore, hazards
arising from the technical failures dominate risk analysis.
Yet, safety of a process plant is inuenced by the quality of
design, operational and organisational factors. Secondly,
most of the work on human failure focuses on symptoms of
human error rather than the underlying causes [5].
Literature review shows that a lot of work has been done
on human error analysis and human error prediction.
Human reliability analysis (HRA) deals with deviation of
numerical operator error probabilities for the use in fault
tree analysis [6]. Not long ago an investigation into
individual accidents usually concluded with an active
failure, that is, a human failure with an immediate adverse
effect [7]. Absolute quantication in HRA tended to be
biased against the actual source of human failure. Moreover, the available HRA data is plagued with uncertainties.
This calls for a more systematic and comprehensive
qualitative method for identifying sources and consequences of human failure. Unless we understand all these
indirect factors that lead to direct human failure, there are
slim prospects of reducing accidents or incidents caused by
operator errors.
This paper introduces a systematic method that goes a
step further than modelling the sharp end human error. It
captures the design and organisational factors that
inuences the operator performance. This methodology
will be used in the PHA to introduce the design/operator
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
1765
ARTICLE IN PRESS
1766
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
1767
Table 1
Human factors areas of interest
Factors
Attributes
Organisation (ORG)
Information (INF)
B1 Training
B2 Procedures and procedure
development
B3 Communication
B4 Labels and signs
B5 Documentation
C1
C2
C3
C4
Work schedules
Stafng
Shifts and overtime
Manual handling
D1
D2
D3
D4
D5
Design of controls
Displays
Field control panels
Tools (hand)
Equipment and valves
E1
E2
E3
E4
Lighting
Noise
Temperatures
Toxicity
F1 Facility layout
F2 Workstation conguration
F3 Accessibility
G1
G2
G3
G4
Physical characteristics
Attention/motivation
Fitness for duty
Skills and knowledge
ARTICLE IN PRESS
1768
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
1769
Table 2
Human factors analyses chart
Basic events
Information
Organisation
Human-system
interface
Inadequate
volume in tank
to unload truck
Operator
doesnt see the
level alarm
Wrong material
in truck tank
Training,
procedures
Supervision
Displays
Training
Training, labels
and signs
Displays
Supervision
Task
environment
Workplace
design
Operator
characteristics
Skills and
knowledge
Lighting noise
Accessibility
Valve design
Work design
Work schedules
stafng
Physical
characteristics,
stress
Inattention
(1)
lmax n
,
n1
(2)
where lmax is the greatest eigenvalue of the matrix of pairwise comparison and n the order of the matrix. After these
weights have been obtained, a rating of each attribute of
the system being analysed is required. These are the
performance measures of the system and they indicate the
general characteristics in terms of operability and maintainability. High operability and maintainability means
consistency of errorless task performance. The better they
are the lesser the risk.
Lets take an example of inadequate volume in tank to
unload truck. The attributes identied as critical for this
human error event are training o1, procedures o2, supervision checks o3, displays o4 and operator skills and
knowledge o5. The resulting 5 5 matrix of pair-wise
construction is shown in Table 4.
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
1770
Fig. 5. Procedure to identify the human factors underlying human error event.
i1
i1
since
n
X
i1
Xn
i1
,
oi ri
rmax ,
oi 1,
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
1
2
3
4
5
6
7
8
9
10
0
0
0.52
0.89
1.11
1.25
1.35
1.40
1.45
1.49
1771
Table 5
Rating of attributes
Fails to meet any standards
Outstanding
Excellent
Very good
Good, average
Below average
Poor
7
6
5
4
3
2
Very poor
Table 4
Relative weights of factors affecting a human error event
Training
Procedures
Supervision
Displays
Skills and knowledge
Training
Procedures
Supervision
Displays
1
1/3
1/4
1/3
1/5
3
1
1/4
1/3
1/5
4
1
1
1
1/3
3
2
1
1
1/2
5
3
3
2
1
0.48
0.20
0.13
0.13
0.06
CR 0.009
ARTICLE IN PRESS
4.61
65
0.24
0.52
Training
Guidelines
0.65
Factors
Weighted
score, oi, ri
Table 6
Human factors inuencing insufcient volume in tank
0.80
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
2.40
1772
Procedures
Rating, ri
covered
familiar words
0.06
0.13
0.20
0.13
Total score
% score
Skills and
knowledge
Displays
Supervision
Training
Inadequate volume in
tank to unload truck
Human factor
7. Conclusion
Initiating event
and protecting the production and propagation of humanbased events. Each of the human-initiated events is
analysed the same way. With different events analysed, a
standardised solutions will be obtained because most of the
factors keep re-emerging at different scenarios. The
advantage of this method is that it gives the analysts a
goal that they strive to achieve. Once the factors
contributing the initiating events and/or affecting performance of pivotal events are identied, measures to reduce
accident scenario likelihood can be assessed.
A score of 65% obtained from the hypothetical example
is below average and calls for improvement on most human
factors. If a score of more than 91% were obtained, Table
8, would mean that most issues related to human factors
have been addressed and subsequently human-related
hazard has been reduced or eliminated.
Table 7
Hypothetical example showing rating of factors affecting initiating event inadequate volume in tank to unload truck
together
Procedures
be provided
0.48
Operator is well trained. There is evidence of training manuals, training programs but
there is no proof of feedback after training is carried out
Procedures exist in the company but are rarely updated. They do not highlight important
modications that have been done on the system
Supervision is strong. Supervisors have to countersign all safety critical operations
including maintenance. However there lack evidence that the supervisor physically
checked the operations before countersigning
Display guage is well designed but they lack basic HF considerations. The scale markers
have unusual progression 3, 7, 9,y
Operators are trained but there are some cases where they do not understand some very
safety critical operations
Weight, oi
ARTICLE IN PRESS
S.G. Kariuki, K. Lowe / Reliability Engineering and System Safety 92 (2007) 17641773
Table 8
Overall qualication of inuencing factors
Percentage score
Description of HF defences
91% or more
7690%
6675%
4665%
45% or less
Excellent
Above average
Good, average
Below average
Poor
1773