The increasing of ships complexity is an everyday evidence and more and more tasks, traditionally carried out by crew members, are now managed and executed by the on board automation systems. This research has the aim of modeling the relation among human operators and automation system in order to enhance the whole ship safety. In particular, a methodology will be selected and its suitability for the purpose will be assessed to provide a tool for the ship design decision making process. When addressing safety of very complex systems the cause-effect principle and the linear propagation of failures are not appropriate neither exhaustive inferring models anymore, since safety needs to be necessarily addressed considering its real essence, i.e. an emergent property of the system. In fact, complex systems have the characteristic of being intractable in the sense that not all their behaviours can be easily predicted. This is due to the dichotomy between the so called blunt end and sharp end domains, inherently more pronounced in complex systems and due to the unknowns that are not predictable neither evident during the design stage. In this perspective, an appropriate and innovative safety paradigm is necessary in order to take into consideration, among other aspects, the new human operators’ role in complex systems. In fact, the intense presence of automation on board ships has radically changed the traditional tasks allocation and the way of performing them. Even if many simple and repetitive tasks are more and more in charge of automation, the complex tasks and the related higher responsibilities remain very often assigned to human operators. Designers should be able to consider this relevant change of human operators’ role in the system since the preliminary design phase, investing their resources on the development of a human-centered design. Complex ship design needs to rely on a systemic and systematic approach. Then, in this research System-Theoretic Accident Model Process (STAMP) has been selected and investigated as a suitable methodology that can allow design teams to effectively integrate the so called Human Factors into the ship design process. It has been already used in other complex technology fields, such as aviation, defense, healthcare with successful results. It is a causality model based on Systems Theory and it considers accidents as the result of an inadequate enforcement of safety constraints. The systemic and systematic approach is supported by the Safety Control Structure, that is a hierarchical system model where also the social and organizational layers can be represented. The STAMP accident model has four tools: one is reactive, the others are proactive. The reactive one is called CAST (Causal Analysis based on STAMP), while the second category is composed of STECA (Systems-Theoretic Early Concept Analysis), STPA (System-Theoretic Process Analysis) and STPA-Sec (Systems-Theoretic Early Concept Analysis - Security). CAST and STPA applications have been carried out in the maritime context in order to verify that STAMP approach is applicable for ship design. CAST has been applied to two ship accidents: the Herald of Free Enterprise and the Costa Concordia. It provides a framework to understand the entire accident process and identifies systemic causal factors related to both the organizational and technical system elements, spotting weakness in the existing safety control structure. In this perspective, the application of CAST to the above mentioned ship accidents has proven its effectiveness also in the maritime field to assess the complex influence of human factors into the ship safety control structure. CAST analysis output is the generation of recommendations with the aim of avoiding similar accidents in the future. Then, the focus has been shifted towards the proactive tool STPA. It consists of the following steps: identify system hazards; draw functional control structure; identify unsafe control actions; identify accident scenarios; formulate decisions and recommendations. In this research, an application case has been developed considering a large passenger ship and the specific hazard of dead ship condition (energy blackout). In fact, in case of navigation close to the shore or to another vessel and/or of heavy weather condition, this situation might rapidly evolve into a ship loss. In order to better characterize the human operator’s features and peculiarities, an innovative human mental model (improvement of a mental model already existing in literature) has been implemented in the safety control structure. It has proven to be useful to consider the concept of human performance variation in the design phases. Considering that performance variation could reveal both as a hazard or as a resilience strengthening element, the outcome of this STPA application consists of a set of recommendations focused on adding value to the on board humans operators’ role for enhancing the whole system resilience. In this perspective, specific recommendations have been identified as outcomes of the application case, focused on the improvement of human operator-automation interaction, aimed to the ship blackout avoidance.
A STAMP–based Methodology Enabling the Human Factors Integration into the Design Process for Safer Ships
BONGERMINO, COSTANTINO
2021
Abstract
The increasing of ships complexity is an everyday evidence and more and more tasks, traditionally carried out by crew members, are now managed and executed by the on board automation systems. This research has the aim of modeling the relation among human operators and automation system in order to enhance the whole ship safety. In particular, a methodology will be selected and its suitability for the purpose will be assessed to provide a tool for the ship design decision making process. When addressing safety of very complex systems the cause-effect principle and the linear propagation of failures are not appropriate neither exhaustive inferring models anymore, since safety needs to be necessarily addressed considering its real essence, i.e. an emergent property of the system. In fact, complex systems have the characteristic of being intractable in the sense that not all their behaviours can be easily predicted. This is due to the dichotomy between the so called blunt end and sharp end domains, inherently more pronounced in complex systems and due to the unknowns that are not predictable neither evident during the design stage. In this perspective, an appropriate and innovative safety paradigm is necessary in order to take into consideration, among other aspects, the new human operators’ role in complex systems. In fact, the intense presence of automation on board ships has radically changed the traditional tasks allocation and the way of performing them. Even if many simple and repetitive tasks are more and more in charge of automation, the complex tasks and the related higher responsibilities remain very often assigned to human operators. Designers should be able to consider this relevant change of human operators’ role in the system since the preliminary design phase, investing their resources on the development of a human-centered design. Complex ship design needs to rely on a systemic and systematic approach. Then, in this research System-Theoretic Accident Model Process (STAMP) has been selected and investigated as a suitable methodology that can allow design teams to effectively integrate the so called Human Factors into the ship design process. It has been already used in other complex technology fields, such as aviation, defense, healthcare with successful results. It is a causality model based on Systems Theory and it considers accidents as the result of an inadequate enforcement of safety constraints. The systemic and systematic approach is supported by the Safety Control Structure, that is a hierarchical system model where also the social and organizational layers can be represented. The STAMP accident model has four tools: one is reactive, the others are proactive. The reactive one is called CAST (Causal Analysis based on STAMP), while the second category is composed of STECA (Systems-Theoretic Early Concept Analysis), STPA (System-Theoretic Process Analysis) and STPA-Sec (Systems-Theoretic Early Concept Analysis - Security). CAST and STPA applications have been carried out in the maritime context in order to verify that STAMP approach is applicable for ship design. CAST has been applied to two ship accidents: the Herald of Free Enterprise and the Costa Concordia. It provides a framework to understand the entire accident process and identifies systemic causal factors related to both the organizational and technical system elements, spotting weakness in the existing safety control structure. In this perspective, the application of CAST to the above mentioned ship accidents has proven its effectiveness also in the maritime field to assess the complex influence of human factors into the ship safety control structure. CAST analysis output is the generation of recommendations with the aim of avoiding similar accidents in the future. Then, the focus has been shifted towards the proactive tool STPA. It consists of the following steps: identify system hazards; draw functional control structure; identify unsafe control actions; identify accident scenarios; formulate decisions and recommendations. In this research, an application case has been developed considering a large passenger ship and the specific hazard of dead ship condition (energy blackout). In fact, in case of navigation close to the shore or to another vessel and/or of heavy weather condition, this situation might rapidly evolve into a ship loss. In order to better characterize the human operator’s features and peculiarities, an innovative human mental model (improvement of a mental model already existing in literature) has been implemented in the safety control structure. It has proven to be useful to consider the concept of human performance variation in the design phases. Considering that performance variation could reveal both as a hazard or as a resilience strengthening element, the outcome of this STPA application consists of a set of recommendations focused on adding value to the on board humans operators’ role for enhancing the whole system resilience. In this perspective, specific recommendations have been identified as outcomes of the application case, focused on the improvement of human operator-automation interaction, aimed to the ship blackout avoidance.File | Dimensione | Formato | |
---|---|---|---|
phdunige_3749694.pdf
accesso aperto
Dimensione
7.13 MB
Formato
Adobe PDF
|
7.13 MB | Adobe PDF | Visualizza/Apri |
I documenti in UNITESI sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/20.500.14242/67665
URN:NBN:IT:UNIGE-67665