January 2008

Design to humans: Lessons in HMI

Establishing a common language is often the first step to master a domain. This is especially true in the area of human-machine interface (HMI) design. HMI is the means by which a user operates a machine, system, or process (via hardwired panels or a computerized console). It also encompasses decision-support devices, such as operating procedures.

Bandwidth availability from the modern HMI hardware and software has grown exponentially over the last few decades, and experts agree current Internet and web technologies cannot yet provide what most existing HMI users need: high data rates, high animation capability, and sub-second screen changes.

Since humans cannot absorb information at the same rate as HMI bandwidth, it is important to design HMIs that better support the operator. In the petrochemical industry in U.S. alone, we estimate inadequacies in the means to deal with abnormal situations (including HMIs used to identify, diagnose, and deal with those situations) cost between $10 billion-$20 billion to the industry each year.

HMI design is a key component of sensible system design. And since a system's architecture is driven by the design of its interfaces, and the HMI is one of the major interfaces of an interactive system, the HMI's design will have enormous weight on the architecture and design of the larger system. 

This usually comes as somewhat of a shock to us design engineers, since we are used to looking first at functionality, flow diagrams, and electrical diagrams, and only later worry about the system's appearance. The trick is to realize the system is there to support its users in achieving a set of the organization's operating goals. One of those goals, at least for commercial organizations, is to attain a near-optimal productivity.

An HMI comprises all elements a user will touch, see, or use to carry out tasks. This implies we need to consider components in the HMI design we would not traditionally consider part of the HMI to ensure the resulting product will support users who want to achieve the organization's operational and safety goals. 

To design successful HMIs, you need to know and understand a suitable design process. But it is also critical to understand how the HMI's users perceive and remember things, and how they make decisions. It is also important to realize how well they understand the process and the systems they use. You will need to identify beforehand the types of mistakes they could make.

Finally, having a good understanding of operator monitoring activities will be useful in designing interactive monitoring functions.

Acquiring information

Visual perception refers to how users see and acquire information relevant to what they are trying to achieve. Legibility of information is influenced by factors such as contrast, font stroke width, and ambient lighting. Designers have traditionally used character height as the main means to affect legibility in HMIs.

The use of color is another difficult area in HMI design. Designers often rely on colors to convey information but sometimes fail to realize their limitations. Nearly 8% of men and 0.5% of women suffer some form of color blindness. So using bold-colored text or coding information with color will not work for those users. Also, as people age, their visual acuity declines. Older operators tend to require larger character height (within the 16 to 22 minutes range) and also tend to require more lighting than younger operators.

Internal or mental models refer to the way people understand elements of their own world. If you explain to a child how a car goes faster while driving, you could say refer to depressing the accelerator. Yet if the child asks more questions, you will need to go into how the accelerator changes the amount of fuel reaching combustion chambers into the engine. Unless you are well versed in engine mechanics, things could get fuzzy. Mental models differ from person to person and are many times incomplete, even for experienced workers. Mental models are usually goal-oriented. Therefore, it can be a mistake to rely on a single individual, even an experienced person, as the main source of knowledge for specifying an HMI's content. 

Reducing human error

Human error is a contributing factor in most accidents occurring in high-risk domains. 

One popular error taxonomy that is a proven tool to reduce human error is to classify errors as slips or mistakes. A slip (or error of omission) corresponds to the case where the operator carries out a well known task but somehow omits one of the steps, or performs a wrong one. Mistakes (or errors of commission) occur when either the operator does not know how to do something and must therefore improvise, or when the environment (information the HMI provides) leads them down the wrong path. 

One study suggests operators wait for an exception to occur on the process and then act to rectify it. More recent studies identify two types of operator behaviors: management by exception and management by awareness.

Management by exception refers to operators who wait for an exception to occur and then deal with it. This reduces effort expended to monitor the process. The risk is operators are out of touch with the process and cannot avert a problem before it becomes quite noticeable. Management by awareness means the operator will continuously monitor key variables to get a feel for the process and ensure it runs smoothly. The advantage is it is easier to catch a developing situation before it becomes unmanageable. The disadvantage is this approach requires a dedicated operator and is difficult to practice when the process is unstable.

In most cases, well-motivated and well-trained operators will use a mixture of approaches. And when the process is more stable, they will rely more on management by awareness, and management by exception will be more appropriate during times of transition. Obviously, individual differences will continue. So information required to manage the process by exception should always be visible to the operator. Information required to manage the process by awareness should always be available upon the operator's request. Contrary to the information required to support management by exception, the information required here tends to be associated to trend graphs and will occupy more real estate area. It should thus be possible to call it up whenever the operator wants to manage the process by awareness.  

SOURCE: Human Machine Interface Design for Process Control Applications, by Jean-Yves Fiset. Look for this book, coming soon, at www.isa.org/books

Security with HMI

In instances that require regulatory compliance, HMI software provides audit trails, change management control, electronic signatures capability, and single logon functions to ensure capturing and securing plant-floor data.  When coupled with good manufacturing practices, you can easily validate and secure HMI systems according to industry regulations such as 21CFR Part 11, Bioterrorism Act, and the TREAD Act. 

The increased acceptance of electronic documentation and integrated historian functionality provides a faster insight into the manufacturing process, ensuring improvements to productivity and quality. The customer challenge is to develop a business process to leverage this new data and establish the appropriate key performance indexes (KPI) and definitions for overall equipment efficiencies (OEE). 

Industry trends point toward more integrated databases and preprocessing of plant-floor data beyond visualization applications; web portals with business dashboards showing real-time KPI/OEE information yielding even higher plant productivity. Additional benefits of this information will be improved total cost of ownership as tighter controls of downtime and asset management become realities. Increased use of biometrics will occur in operator control, which can provide the end user secure data entry and control using established in-house IT security measures.  There is also an increased use in security switches as transparent firewalls with a variety of encryption techniques to prevent unauthorized access to important data.

Source: Phil Aponte, Siemens HMI manager