文档详细内容(约13页)
16.422 Human Supervisory Control Human-Centered Systems Engineering Design Approaches Massachusetts Institute of Technology
16.422 Human Supervisory Control Human-Centered Systems Engineering Design Approaches
Traditional Systems Engineering Process model 16.422 ACQUISITION PHASE UTILIZATION PHASE N E Conceptual- Detail Design andProduction Product Use. Phaseout and E Preliminary Design Development land/or Construction D Operational requirements drive technical performance measures which drive human factors requirements Human considerations often are low priority Blanchard,B. s, Fabrycky, w.J(1998). Systems Engineering and Analysis(3rd ed. ) Upper Saddle river, NJ: Prentice Hall
Traditional Systems Engineering Process Model* 16.422 Product Use, Phaseout, and Disposal Production and/or Construction Detail Design and Developme nt ConceptualPreli minary Design ACQUISITION PHASE UTILIZATION PHASE N E E D • Operational requirements drive technical performance measures which drive human factors requirements….. – Human considerations often are low priority *Blanchard, B. S., & Fabrycky, W. J. (1998). Syste ms Engineering and Analysis (3rd ed.). Upper Saddle River, NJ: Prentice Hall
The Spiral Systems Engineering Process modelx 16.422 esolve r Risk nalysis Commit to an Operational alternatives approach for analysis analysis, START Prototype ype 3 Review Partition Requirements Simulations plan, lifecycle Concept of models peration Software benchmarks ments Software Plan the next IntegrationDesign validation and test plan and verification and test Ac deliverables for the Release iteration and verify that they are correct
The Spiral Systems Engineering 16.422 Process Model*
Three mile island 16.422 March 28th 1979 Main feedwater pump failure, caused reactor to shut down Relief valve opened to reduce pressure but became stuck in the open position No indication to controllers Valve failure led to a loss of reactant coolant water No instrument showed the coolant level in the reactor B perators thought relief valve closed water level too g h High stress Overrode emergency relief pump
Three Mile Island 16.422 • M a r c h 2 8th, 1979 • Main feedwater pump failure, caused reactor to shut down • Relief valve opened to reduce pressure but became stuck in the open position – No indication to controllers – Valve failure led to a loss of reactant coolant water • No instrument showed the coolant level in the reactor • Operators thought relief valve closed & water level too high – High stress – Overrode emergency relief pump
Three mile island 16.422 Automation worked correctly Confirmation bias: people seek out information to confirm a prior belief and discount information that does not support this belief At TMI, operators selectively filtered out data from other gauges to support their hypothesis that coolant level was too high
Three Mile Island • Automation worked correctly • Confirmation bias: people seek out information to confirm a prior belief and discount information that does not support this belief – At TMI, operators selectively filtered out data from other gauges to support their hypothesis that coolant level was too high 16.422
