DCL-11-104, Attachment 10: Revision 1 to Diablo Canyon Power Plant Units 1 & 2 Human System Interface (Hsi) Development Guidelines.

From kanterella
(Redirected from ML13308B830)
Jump to navigation Jump to search
Attachment 10: Revision 1 to Diablo Canyon Power Plant Units 1 & 2 Human System Interface (Hsi) Development Guidelines.
ML13308B830
Person / Time
Site: Diablo Canyon  Pacific Gas & Electric icon.png
Issue date: 06/06/2008
From:
Altran Solutions Corp
To:
Office of Nuclear Reactor Regulation, Pacific Gas & Electric Co
Shared Package
ML113070457 List:
References
DCL-11-104
Download: ML13308B830 (27)
v  d  e


Text

Enclosure Attachment 10 PG&E Letter DCL-11-104 DCPP Human System Interface (HSI) Development Guidelines, Revision 1 (LAR Reference

37)

Pacific Gas and Electric Company Diablo Canyon Power Plant Units I & 2 Human System Interface (HSI)Development Guidelines Revision 1 Prepared S _ig. __- ____Pnnt Last Name Hetler Reviewed Sig Print Last Name .. ...Coord Sig, /Print Last Natnv*A;Apioval Si..Print Last Name Date User ID Date User I1 Date User ID Date User ID RAL4 I~ ____________

LTR6-fl" REVISION HISTORY Revision Affected Reason for Revision Number Pages 1 All Initial Issue ii of iii DCPP HSI DEVELOPMENT GUIDELINES TABLE OF CONTENTS 1 GENERAL ...................................................................................................................................

1 2 TESTING AND DOCUM ENTATION .......................................................................................

1 3 DISPLAY STRUCTURE

....................................................................................................

1 4 DISPLAY NAVIGATION

.....................................................................................................

2 5 DISPLAY CONTENT .................................................................................................................

3 6 FORM AT STANDARD S ....................................................................................................

4 7 DISPLAY ORGANIZATION

................................................................................................

4 8 LABELS ......................................................................................................................................

5 9 CODING CONVENTIONS

..................................................................................................

5 10 DISPLAY ELEM ENTS .............................................................................................................

11 11 DATA ENTRY ..........................................................................................................................

19 12 CONTROL APPLICATIONS

..............................................................................................

20 13 ALARM M ANAGEM ENT ...................................................................................................

22 14 ADDITIONAL REFERENCES

.............................................................................................

22 Sheet iii of iii DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 GENERAL Overall philosophy for the development of DCPP HSI display graphics: 1. The needs of the user should be the central criteria for display design.2. Timely access to required information and controls should be provided.3. The display structure should be logical to the systems which are familiar to the user.4. All HSI application software development phases, from conceptual design to implementation, should include direct input from the operating staff.5. Clearly designed display accessing techniques and well structured display relationships which are predictable and familiar to the user should be used.6. Standard display formats should be used to increase the speed of locating and recognizing display items within a display.7. Functions and tasks should be grouped logically to eliminate memory requirements from one display to another.8. The display screen design should utilize a gray scale color scheme where static symbols and text are gray or black, and dynamic elements are in color.2 TESTING AND DOCUMENTATION

2.1 Documentation

1. The overall process and rationale for the HSI design should be documented for review. This should include the results of any trade-off studies, analyses, evaluations, design requirements and rationale for the chosen evaluation tools.2. For each design a specific style guide should be developed.

This should document the specific guidelines for a design. Those guidelines should be based on this document but be more specific.

The style guide should be detailed enough to ensure a consistent and verifiable design.2.2 Testing Testing and Evaluation of the HSI design should be conducted throughout the development process.3 DISPLAY STRUCTURE 3.1 Display structure:

The arrangement of displays in a defined pattern of organization.

Sheet 1 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 3.2 Displays should be grouped using one or more of the following structures:

1. Hierarchical Structure:

This is the most common structure to be used for real time computer display applications.

It groups displays according to levels of detail where each display can serve as a menu (explicitly or implicitly) of the information above and below its level.2. Sequential Structure:

This structure limits movement of displays according to a sequence.

The user can only move to the next display in the sequence or to the preceding display. This type of structure can support a procedural task or a process that moves along a predefined path and does not deviate from that sequence.3. Relational Structure:

This structure is organized according to location and should match a mental map the user has of the physical layout of the system.3.3 Additional detailed levels in the hierarchy should be provided by windows that can be called up to give more details on equipment status, control help, transmitter select, etc.4 DISPLAY NAVIGATION 4.1 Display Navigation:

Method for navigating from one display to another or calling up additional information from a pre-defined screen.4.2 Display design should take advantage of HSI application development software features designed to implement a complete system of selection targets that are linked to the process application.

4.3 For large displays where all information cannot fit on one screen, screens should overlap to orient the user to the relationship between screens. A roadmap or birdseye representation may be used to indicate the location of the current screen in the entire display.4.4 The display network should provide users with multiple ways to access a view. When multiple display access methods are employed they must be applied consistently throughout the HSI to prevent confusion.

4.5 Menus are the primary means of navigation through the HSI display screens.A menu is a a set of display call-up options on the screen. The user selects one of the options to bring up the desired display.1. Menus Coded by Display Elements -Menus with "raised buttons" that allow the user to go to display screens or to other menus that are related to the display element.Sheet 2 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 2. The use ofr and ex buttons should be used to aid in Display Navigation.

In general these are most useful in Sequential applications.

They may not be needed with certain screen organizational methods (like Spatial).3. Structured Menu Tables -This menu design has a standard menu at the top of each screen for the major display groups in the structure.

Selection from this standard menu may pop-up or overlay a menu window that provides access to all of the displays in the major group associated with each menu option.4. For small applications a menu block can be set anywhere on the display. In other applications a "standard" menu bar can be displayed on the bottom of the screen.When a button is pressed an application specific menu can appear at the top of the display screen.5. Menus should be limited to 3 levels in depth; preferably no more than two levels.6. Standard Menus should provide at least a minimum set of choices (depending upon User needs)* Main or Home button" Alarm Screen button* Reports/Maintenance button* Group Choices* Help (where available) button 5 DISPLAY CONTENT 5.1 Content: The graphical elements and display of data requirements as required by the end user.5.2 Content should be determined from the functional requirement specifications needed to support user functions and tasks.5.3 The content organization should be logical to the user.5.4 When possible, the display content should provide some degree of flexibility.

Each user should be able to utilize the total system capabilities in the manner most comfortable to that particular user and to accommodate different situations.

These include the following:

1. Mimic displays 2. Data tables 3. Analog meter, bar graphs and color fill (of an object/symbol) representations to enhance digital readouts.Not every user's needs can be accommodated.

Flexibility should not result in numerous redundant screens that clutter up the structural organization.

Sheet 3 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 The display should be fixed and only be modifiable by an authorized user.Users should be able to select the level of detail presented by the HSI.6 FORMAT STANDARDS 6J1 Format: the selection of graphical symbols and the grouping of elements by the applicable display screen.6.2 Consistency in the selection of graphical elements and the organization of each display content should be maintained.

Objects and layout should enhance the recognition of information and allow the user to operate the system in a generally predictable manner.6.3 Well defined users needs should be established to determine the format of a display.These needs should be defined by considering:

I. What will be done with the display (tasks defined during display planning)?

2. Who will use the display?3. When will the display be used?6.4 Groups of displays sharing common formats should have general objectives to define their content and organization.

6.5 When using common formats on several display screens, the individual screens should be distinguishable in order to avoid confusion and errors.6.6 When actual data values are shown, line them up neatly and consistently.

Assign conventions to justify (left/center/right) text and numbers. Always include labels and units.6.7 When presenting data in a table, line up decimal points.6.8 Keep Clock/Date formats consistent within the application.

6.9 When selecting Text, it is easier to read Upper and Lower case letters rather than all Uppercase.

Don't clutter the screen with lots of different fonts, assign a standard font (Arial, Times New Roman, etc.) and size for general use in the application and vary size as needed for emphasize.

Assign specific fonts for special applications.

7 DISPLAY ORGANIZATION:

7.1 Organization:

the selection and placement of elements upon a screen.7.2 Unnecessary information should be excluded from displays.Sheet 4 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 7.3 Displays should be uncluttered.

7.4 Display elements that reflect demand signals should be so labeled. It should be clear to the operator whether an indication is of a demand or actual status.7.5 Important items should be emphasized:

1. Establish a focal point in each display that will attract the user's attention and serve as the logical starting point for viewing each display. Placing the display title in a consistent location on each display is a typical application of this guideline.
2. If certain elements have clear priority over others, they should be placed in prominent locations.

8 LABELS 8.1 A standard set of labels should be established for the common actions that will be on display "buttons." For example, do not use "EXIT" on one screen, and "QUIT" on another.8.2 Label all data. If the data is important enough to represent on a mimic display then it should be labeled, otherwise it should not be included.8.3 Use short, unique, distinctive labels. Labels for mimic symbols should take advantage of information conveyed by the symbol to abbreviate the label.8.4 If colors other than black and white are used in labels, they should conform to the established color coding conventions in the control room.8.5 The display should be pleasing to view.9 CODING CONVENTIONS 9.1 Coding: representation of equipment or data through the use of symbols and/or colors.9.2 Basic Coding Principles

1. Common codes, special codes, and any relevant conventions should be presented as a list in the Functional Requirements Specification and either provided as part of the operating procedure or accessable via a "Help" menu on the HSI.2. Code to natural expectations.

For example, if different size pump symbols are used, display the larger symbol for the larger pump. Size coding should only be used when displays are not crowded.Sheet 5 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 3. Use codes already known by a "typical"user.

For example, use plant color coding, plant abbreviations, and plant drawing symbol standards.

However, codes should be defined also in a procedure or a "HELP" menu. It cannot be assumed that every user has the same knowledge level.4. For DCPP; Orange is reserved for Unit I and Blue for Unit 2 where Unit specific colors are required.5. Examples of Standard Plant abbreviations include:* FCV -Flow Control Valve* LT -Level Transmitter

  • HC -Hand Controller
6. The user should have access to an online dictionary of acronyms and definitions for all on-screen coding conventions.
7. Use obvious rather than arbitrary codes, such as an up-arrow symbol for increase, a printer icon or symbol for print, etc.8. Provide definitions in a procedure or a "HELP" menu for special codes not commonly used. (Color definition should be displayed in the appropriate color.)9. Avoid overuse of codes so the user's mind is not overloaded with what it has to interpret.

Be consistent with guidance in Section 8.3.10. Digital states are best represented by changing icons.9.3 Color Coding -General Color Coding: using colors to convey meaning and distinguish one item from another.For an optimum design the number of colors should be minimized.

9.4 Color Coding Guidelines

1. Established Color Coding should be consistent throughout the application, no individual screen should have special coding in variance from the rest of the application.
2. The Application color code should be consistent with color coding used in the Plant and familiar to the user. Choose colors in context and not in isolation.

Colors conforming to the user's expectations and common conventions speeds recognition.

3. Color Coding should not be used as the sole source of information.

Position placement, labels and symbols should be used in conjunction to heighten a users perception.

Showing a breaker open or closed by its shape as well as color is an example of using color as a redundant indication.

Redundant color coding avoids Sheet 6 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I problems for users with color vision deficiencies or problems caused by color distortion (defective display device).4. To enhance recognition, a color the eye perceives as bright should be used to highlight data that is intended to be noticed (such as numerical process values that are updating).

A color that is not perceived as bright should be used for data that is seldom accessed Eye sensitivity is high for yellow and light green and low for red and indigo on HSI displays.5. Dark red and dark blue for symbols and alphanumerics should be avoided, since these colors generally exhibit low brightness on certain HSI displays, such as Cathode Ray Tube (CRT) units.6. The addition of text background color (white, gray, etc.) can be used to enhance readability.

In general, dark colors on a light background should be utilized.7. The eye can easily detect edges, boundaries between dark and light. On a light background outlining objects in black can enhance sharpness.

8. The screen background should use a muted, light, color such as pale grey or blue that provides good contrast with the established color code.9. When using colors to enhance the display of information, the brightness and saturation should be adjusted in order to readily distinguish data.10. If prioritization is not needed, the information should be displayed in a standard black text.11. Red is used in a nuclear power plant control room to indicate on, running, open valve, closed breaker, running motor, or energized, etc. If the information is available, a green indication may be used to indicate that a component is energized, a lack of green OR red means that the component is deenergized.

This applies to pumps and valves especially.

Because of the potential for confusion, other means such as text and animated symbols should be used to indicate pump, valve, circuit breaker status, ete., and color should be redundant (i.e., in addition to the other means). The user should be able to determine status without color.12. Similarly, Green is used in other industries to indicate safe, no operator action required, a parameter is within tolerance, open valve, closed breaker, running motor, or energized, ets. In contrast, Green is used in a nuclear power plant control room, to indicate closed valve, open breaker, stopped motor, or deenergized, etc. If the information is available, a lack of red OR green may be used to indicate de-energized or that the component has power applied but is either Off or Closed.13. Color that indicates pump, valve, circuit breaker status, etc., should be redundant to other means of indicating status.14. Amber or yellow should be reserved to indicate potentially unsafe, caution or attention required.Sheet 7 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 15. User Data Entry Area 0 0 Background

-white Characters

-black 16. For colors that are not in accordance with the above color conventions, a legend should be provided on the screen which identifies the meanings of the colors.9.5 Color Coding Conventions Color (including white) conveys dynamic information such as valve status and parameter values. To provide good contrast between the background and displayed characters for parameter values, the background for parameters may vary from gray to black depending on the Quality Code of the parameter.

Item Color Convention

1. Display screen background Light gray color 2. Static symbols Medium gray 3. Static text (labels or Black characters on light gray background, Very light descriptive text, including gray characters on medium gray background.

engineering units)4. Text (other than labels and Cyan on a medium gray background.

descriptive text)5. Title bar:* Background Blue* Characters White 6. Labels on active buttons Black characters on medium gray background

7. Labels on inactive buttons Light gray characters on medium gray background
8. Numerical values (process point values)LABEL DESCRIPTION COLOR DIS Input Disabled Cyan BAD Reading is Bad j Cyan Sheet 8 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I Item Color Convention OORL Out of Range Low Cyan Value is outside expected values Low (Hard Fault/Failed Low)OORH Out of Range High Cyan Value is outside expected values High (Hard Fault/Failed High)GOOD All inputs for this value are good Green BYP Bypass/Removed from Service Orange LENG Low Engineering Unit exceeded Red HENG High Engineering Unit exceeded Red HALM High Alarm Red LALM Low Alarm Red REDU Redundant Channel Error Red SUB Substituted value or manual input White value SIM Simulated input value White Degraded Quality]9. Manual/Auto Stations 0 Auto 0 Lime or Light* Manual Green* Yellow 10. Valves 0 Open 0 Red* Closed 0 Green* Intermediate
  • Red/Green 11. Circuit breakers and 0 Open 0 Green disconnects 0 Closed 0 Red* Loss of Power 0 Yellow 12. Pumps, Fans, etc. 0 On 0 Red 0 Off 0 Green* Loss of Power 2* Yellow I Handling of degraded quality will be discussed in the specific guide. The intent is to identify good/bad quality.2 .Refer to Section 9.4.11 and 9.4.12.Sheet 9 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 14. Alarm Screen Colors Window: White Title Bar Text: Black Alarm Return: Red Grid: Dark Gray Title Bar Light Gray Event: Black Back: 15. Alarm Text Colors Alarm Pro High Medium Low Very Low Priority Unack Alarm Red Red Red Red Ack Alarm Blue Cream/Yellow Turquoise Gray/Green
16. Historical/Event Screen Colors 4 Window: Black Title Bar Text: Black Alarm Return: Red Grid: Dark Gray Title Bar Light Gray Event: Turquoise Back: 17. Historical/Event Text Colors Alarm Pri High Medium Low Very Low Priority Unack Alarm Red Yellow Turquoise White See Section 7.7.3 Ack Alarm White Cream/Yellow Gray/Turquoise Gray/Green 9.6 Size Coding Size coding can be used to emphasize items (increase relative size) and to code for the user model (use a larger pump symbol for a larger pump).9.7 Shape Coding 3 The specific guide should establish a convention for changing line colors when needed.4 The specific guide should highlight how to distinguish that a screen is displaying historical data instead of real-time data. A different background or border has been used on other systems.Sheet 10 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 1. Shapes can be used for quick and easy recognition of components and their operational status.2. Should be used consistently for the same equipment or to convey the same meaning. A shape library or standard should be established and standard symbols familiar to the user should be used.3. Clear, distinct shapes should be used.4. The number of shapes used on a display should neither confuse the operator nor lead to cluttering.
5. When alphanumerics provide a label inside a shape, space should be used to ensure legibility of the symbols 9.8 Highlighting Highlighting catches the user's attention.

No more than two or three highlighted items should be used on one display or the effect will be diminished and the readability reduced. Some methods of highlighting are listed here: 1. REVERSE VIDEO 5: This is especially effective for alarms; one way to overcome low perceived brightness of red.2. INCREASED BRIGHTNESS:

This can be applied by increasing the intensity or using a brighter color. Brightness coding should be limited to 3 levels at most and should not be used in conjunction with shape or size coding.3. FLASHING:

This is used to attract the most attention.

This must be reserved for alarms and important target detection tasks in high density displays.

The user should be able to suppress the flashing.10 DISPLAY ELEMENTS 10.1 Elements:

graphical symbols that provide data or controls to the user.10.2 A display feature should indicate whether the HSI is operating properly.

Any system failure (due to instrument malfunction, signal loss, equipment failure etc.) should result in a distinct display change so that the operator will know that the displayed values are invalid.10.3 When exact parameter values are required, digital readouts should be used to display values. These readouts should have engineering units included (psig, gpm, %, etc).Labels or symbols to identify the meanings of the readouts should be used unless the function of the readout can be readily discerned from its location on a process mimic display screen.5 The specific guide should provide guidance on highlighting and reverse video.Sheet 11 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 10.4 Digital indicators should employ direction-of-change arrowheads to indicate the current direction of change of a parameter when users must rapidly discern directional changes.Arrowheads should point up or down to indicate change. A doubleheaded arrow, pointing both up and down, should be used to indicate no change 6.10.5 When information on direction of value movement, relationships among values, rate of change, or other qualitative applications are required, bar charts should be used to display the analog value with a variable length bar for easy comparison of readings.10.6 Pointers may be combined with a bar to show various alarm limits.10.7 In cases where comparison and precision are both desired, the numerical value should be displayed with the bar. Where several bars are displayed together with numerical values, the correspondence between each bar and its numerical value should be obvious. This is best done with location coding, but is sometimes difficult with vertical bars. Labeling (possibly supplemented with color coding) is an alternative method.10.8 For analog and bar-graph style scales, scale units should be consistent with the degree of precision and accuracy needed by the operator.10.9 Only significant digits should be shown on any display.10.10 Where applicable, the system should have an indication of the certainty in the correctness (i.e., quality)of any analyses and provide rationale for the certainty estimation.

This does not mean that the uncertainty in every value needs to be displayed.

10.11 Where applicable, information about the update rates of parameters should be provided to users.10.12 Displays should indicate values in a form immediately usable by the operator without requiring mental conversion.

Scale ranges may be expanded or contracted by requiring multiplication by the appropriate powers of ten. If this is done, the multiplication factor should be clearly marked within the scale labeling.10.13 Scale ranges should span the expected range of parameters as defined by the plant system process requirements.

10.14 Display scale dynamic sensitivity should be selected to minimize the display of normal random variations in equipment performance.

Care should be taken to prevent"deadband" features in the HSI application development software from masking valid process variations.

6 When using arrows in this manner, the signal should be evaluated to ensure that the arrows are meaningful.

Rapidly changing or fluctuating signals will need filtering.

Sheet 12 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 10.15 Display labeling options should use terms, acronyms, and abbreviations that are in accordance with plant standards or conventions for all display identification, parameter identification, and units.10.16 No more than nine scale graduations should separate numerals on a meter display.1. Major and minor scale graduations should be used if there are up to four graduations between numerals.2. Major, intermediate, and minor scale graduations should be used if there are between five and nine graduations between numerals.3. Scale graduation dimensions and separations for DCPP should be based upon functional requirements and a nominal viewing distance to any display of 3 feet (36 inches).10.17 The values indicated by the unit graduations that have numerals should: 1. Numeric scales should generally include zero as the value at the base of the scale.Exceptions include scales where zero is not plausible, or where negative numbers are indicated.

2. Use common, easily discernible divisions.
3. When two or more displays of the same parameter and range must be compared, scales should be the same in numerical progression and range.4. Non-linear scales (e.g., logarithmic) should be used when needed to display a large range of values.10.18 Pointers on vertical and horizontal scales should be extend off of the scale area to the right and bottom respectively.

The pointer on any fixed scale should extend to, but not obsure, the shortest scale graduation.

Sheet 13 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 10.19 Colors used for zone coding (in or out of acceptable range) should be restricted to the following meanings and colors: Acceptable range:, Green Out of tolerance range: Amber, Yellow In alarm range: Red 10.20 Colors used for zone coding should not obscure or degrade the reading of the scale or scale values. Zones on circular indiators should be wedges and edge lines for bar graphs.10.21 Zero for circular displays displaying positive and negative values should be at 12 o'clock.When grouping several circular displays together, zero should be at 9 o'clock. Zero should be at 12 o'clock on multi-revolution dials.10.22 Vertical bar graphs should have scale values increasing with an upward movement of the bar.10.23 Horizontal bar graphs should have scale values increasing with a movement ofthebar from left to right.10.24 Digital Indicators should be used to display a status that can have one of two or more discrete states: 1. Display of each state should be easily distinguishable from other states.2. States should be displayed with labeling (such as ON or OFF) supplemented with color coding (red or green).3. Digital indicators should be labeled or coded so that they are clearly understood by the user because misinterpretation would give the user the opposite of the intended message.10.25 Mimic displays should be used for process and electrical systems to graphically display component and parameter relationships as required by the user.1. For fluid systems, fluid flow should be clearly laid out and match the user's model of the system. In general, flow should go from left to right and from top to bottom.For electrical systems, inputs to busses should enter at the top of the bus and outputs should exit from the bottom of the bus. Flow from power source to load should generally go from top to bottom and from left to right.2. Abstract symbols should conform to common electrical and mechanical symbol conventions whenever possible.Sheet 14 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 3. In general, details should be minimized to only those details necessary to present the required content. Unnecessary graphic detail, including shadowing and detailed graphics, should be avoided.4.' To simplify System Level displays, only components which can be controlled should be displayed.

Components which are not significant to system operation, such as manually operated valves, vents drains and lubrication lines should not show up on a System Level display. Such devices may be included in special detailed sub-displays.

5. If the symbol is large, symbols should be labeled inside the symbol. If the symbol is small, the label may be placed directly above or below the symbol. Such placement should be consistent.

Labels for mimic symbols should be as concise as possible and still accurately identify the component.

6. When plant systems are to be color coded the system should be indicated by a standard icon surrounded by a thick line colored according to the plant color code.7. Symbols should be labeled as follows:* Pumps, tanks, heat exchangers, etc. should be labeled inside the symbol.If this is not possible, the label should be above (preferably) or to the left of the component.

Transformers should be labeled above the symbol (if located in a horizontal flow path) or to the left of the symbol (if located in a vertical flow path).* Electrical Busses should be labeled at the top left side of the bus.For valves and electrical breakers, the device number should be located below the symbol (if symbol is oriented horizontally) or to the right of the symbol (if symbol is oriented vertically).

8. Data for symbols should be located in a consistent location.

The following conventions are used on the DCPP display screens:* For process lines, parameters should be located above or to the right of the line.For tanks, etc., parameters should be located inside if possible or to the right. A system with two tanks should not have a parameter between the tanks. If animation is used to show a tank level via fill color as an enhancement it will obscure the reading. In this case, parameters should be located outside of the tank. A parameter should not be placed where it could be applied to the wrong tank.9. Data for mimic lines and symbols should be located nearer the corresponding line or symbol and obviously separated from other mimic lines or symbols.10. Where the information is available, dynamic display symbols (those that change with a changing parameter) should be distinguished from non-dynamic symbols Sheet 15 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 by color. Dynamic symbols should be colored according to quality code or status conventions.

Non-dynamic symbols should be medium gray except for piping and electrical busses, which are black.11. Coding to show status of some typical items is partially covered in the color coding section above. The redundancy of color coding should be maintained by using other coding along with color. Mimic symbols include the following:

Component Recommended Mimic Symbol Large Centrifugal Pump On Red pump symbol with black text'RUN' label located in lower center of motor portion of symbol.Large Centrifugal Pump Off Green pump symbol with black text'OFF' label located in lower center of motor portion of symbol.Small Centrifugal Pump and Fans On Symbol filled with red with black'ON' label located at top center of symbol..Small Centrifugal Pump and Fans Off Symbol filled with green with black'OFF' label located at top center of symbol.Valves Open Red filled symbol for the appropriate type of valve (except check).Valves Closed Green filled symbol for the appropriate type of valve (except check)Valves Throttled Red valve symbol with red fill for right or top side of symbol and solid green fill for left or bottom side of bowtie.Check Valve Red if open, Green if closed. No shape change.Three way valve Red valve symbol in the direction of flow with green fill for closed flowpath.Throttled three way valve Red valve symbol with green fill for all three sides Sheet 16 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 Component Recommended Mimic Symbol Valves with ONLY one position switch input (that is, only an NOT OPEN (CLOSED) or a NOT CLOSED (OPEN) position switch is provided on the valve)The NOT OPEN status should be indicated by a CLOSED valve symbol with a blue question mark and the NOT CLOSED status should be indicated by an OPEN valve symbol with a blue question mark. For a horizontal valve symbol the question mark should be placed to the right of the valve operator and for a vertical valve symbol the question mark should be placed above the valve operator Damper Red actuator and open shape if open.Green actuator and closed shape if closed.Breaker or disconnect Red and closed shape if closed, Green and open shape if open.12. In process system mimics, black mimic lines show piping/duct connections for flow between valves, dampers, etc. In most displays mimic lines should be static, however on select detailed displays dynamic color coding may be employed.Generally red for active flowpaths and green for inactive/closed off flow paths.The thickness of a mimic line should be proportional to its importance.

No more than four line types (dot, dash, etc.) and three line thicknesses should be used on any screen.13. In electrical systems, black mimic lines show connections between contacts, switches, breakers, etc.14. When touchscreen or mouse targets are used on mimics to call up controls, these targets should be coded to be distinguishable from targets for call up of other displays.

Analog control and digital control call up targets should also be distinguishable

15. Mimics should clarify equipment relationships and functional flow of the appropriate system parameters.
16. No more than four (4) mimic lines of the same color should run in parallel.17. Overlapping mimic lines should be avoided. When lines cross, a break equal to one line thickness of the broken line, shold appear on either side of the unbroken line. Generally less important lines should appear as broken. Among lines of equal importance Vertical lines should break and horizontal lines should remain solid. When lines intersect T-connections should be used to minimize misinterpretation.

Sheet 17 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 18. Flow directions on mimic lines should be clearly indicated by distinctive arrow-heads.19. All mimic origin points should be labeled or begin at labeled components.

20. All mimic destination or terminal points should be labeled or end at a labeled component.

10.26 Trend plots can be used to graphically illustrate the comparison of two related parameters such as temperature and pressure.10.27 Trend displays can be used to show rate of change, approach to limits, and history of a variable.1. Trend Displays should have each pen a unique and distinguishable color from other pens.2. Trend Displays should have a clearly defined "on-screen" legend associating each parameter being trended and its associated color.3. Labels are required for all trended variables and should be located consistently for all trends displayed.

4. Trend layouts should be consistent throughout the display system.5. If multiple variables are trended, they should be related or needed for comparison to each other.6. Trend displays should use black backgrounds with white grid lines and text.10.28 Tables and lists should be used to display large amounts of information.
1. Tables and lists should be well organized and coded to minimize the time required to read and interpret the data.2. Tables should have labeled rows on the left and columns at the top.3. Lists of data should be vertically aligned with labels on the left and left-justified.

The numeric data should be to the right and justified to the decimal (or right justified if there is no decimal).4. Data of more than five items should be grouped with spacing.10.29 Where available, audible signals, distinct to each display, should be used to alert users to non-alarm situations that require attention, such as incorrect user input. Audible signals should be easily distinguishable among displays and not be confused with or interfere with alarm signals or verbal communication.

10.30 Text should be flexible, and limited to labels and brief messages.

A font should be'chosen for labels and consistently applied. The font should be large enough to be Sheet 18 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 discerned easily by an average person. Header and screen label should be an established font size and should be applied consistently.

10.31 The basic display elements can be combined into a customized display element that fits a specific need of the user. This is recommended because it specifically addresses the user's needs, central criteria for display design. For this type of display element to be useful, it should be standardized.

Following are some examples of display element combinations:

1. Control Station: This can be a combination of labels, bar graphs, meter pointers, numeric values, digital indicators, etc., all of which, if arranged in a standard symbol, will become familiar to the user.2. Selection Target: Shapes and labels can be combined to create standard symbols to display call-up selection, control selection, etc.3. Trend/indicator combination:

This is discussed briefly above.10.32 Integrated Display: The use of several display elements in one screen layout can communicate a variety of data clearly and quickly.11 DATA ENTRY 11.1 The computer response to operator inputs should be an obvious and natural response.

A negative response (lack of computer response means input received) should not be allowed. All user entries should be validated.

Feedback messages should provide the user with an English language explanation of the nature of the problem.11.2 The computer response time should appear to be instantaneous; more than two seconds is unacceptable when the user must remember data or is involved with problem solving. If the response time is more than two seconds, feedback should show that the process is underway and estimate how long it will take.11.3 A trackball or mouse may be used to move a cursor to poke points for operator entries.11.4 A steady, easily distinguished cursor should be used for general screen use including navigation and object selection.

When a device is being controlled the cursor shall change to a smaller distinct cursor.11.5 Virtual pushbutton entries should have a dynamic label which indicates what the result of pushing the button will be. For example, if a single pushbutton is pressed once turns on a pump, when the switch is in the on position the label should indicate that pressing the button will turn off the pump.Sheet 19 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 11.6 Keyboard entries use standard and variable function keys and multiple-key data entry such as numeric values or messages.

Some function key applications are discussed in the Display Access section. General keyboard entry guidelines are summarized here: 1. Function keys should be arranged logically.

2. Where many function keys are used, they should be grouped.3. Multiple-key data entry design should have entry fields displayed on the screen with the cursor showing the location for the next keyed input. Entry fields should be distinguishable from non-keyed current data so that data is not confused with the completed entry.4. Edit fields to edit current data should be located below or to the right of the data to be edited.5. Default values for data entry must be presented if used.11.7 Touchscreen Requirements
1. The target area should be well marked or consistently located on standard displays.2. Targets should be easily distinguishable for different functions such as call-up of full screen displays vs. call-up of window details vs. control selection.
3. The user should be able to "hit" each target consistently on the first try. From experience on typical touchscreens now in use, a minimum of 3/4" by 3/4" target area should be used (smaller only if space dictates and only if the target function is not critical requiring immediate and accurate response).
4. The user selection should be highlighted when selected.5. Touchscreens are recommended for sit-down consoles but are not as suitable for stand-up consoles where the user's control is not as precise, especially if the monitor is located where arm extension is required.

Mouse or keyboard entries are more suitable in this case.12 CONTROL APPLICATIONS 12.1 Target functions and the way targets are presented in the display should be in a manner that is consistent across displays.12.2 Keyboard interactions should be standard.12.3 Different keys should be used for different functions to avoid operator errors.12.4 The basic display elements (labels, bar graphs, meter pointers, numeric values, digital indicators, etc.) that make up a control station should be located consistently.

Sheet 20 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 12.5 The display should be coded so it is obvious what items can be selected to be controlled by the operator, what control is currently active, and what is not controllable.

This is especially true for mimics where some devices may be controllable and others not.12.6 Coding should make it obvious if an item is automatically controlled by the system and if manual control is inhibited by the system.12.7 As applicable, unless prohibited for safety reasons, the HSI should provide users a means by which the goal (e.g. setpoint) of automation may be altered, or means by which the user may suspend or terminate the automation.

12.8 The displays should clearly indicate the operating mode (auto, manual, local control, etc.)of plant areas/units, loops, equipment.

In the event of an automatic system failure the HSI should provide rapid access to back-up actions and the procedures that support them.12.9 The HSI should provide useful information about the actions of other operators to a user.For tasks coordinating with automation the system should give indications of expected operator actions and inform operators if prescribed actions are not performed.

12.10 Control of an analog process variable or a digital state of equipment should require an act of selecting the control, feedback that the control is active, then another act of adjusting the active control selected, with feedback from the actual controlled item and not just verification of the demand signal.12.11 Analog control adjustments should be made by pressing and holding a key. The system should not require successive pressing and releasing with limited incremental changes for continuous control. A good continuous control response should have the demand or set point change more quickly with extended pressing of the control key.12.12 Displays designed to support sequential automatic control functions should include sequence displays/windows which provide the following:

1. A total list of all sequence steps and start/run permissive
2. Indication of the current sequence step 3. Indication of the target sequence step 4. Indication of what steps have been satisfied and not satisfied.
5. A list of any inhibits present which prevent further progress 6. Display of elapsed time for any time-based holds 7. Start/stop initiating controls for the sequence 8. Direct feedback indicating completion/failure to complete a selected command.Sheet 21 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. 1 13 ALARM MANAGEMENT 13.1 The system should call attention to a new alarm no matter what display is in use at the time. This can be done with a standard alarm code in the same place on all screens, or an area in the display area dedicated to incoming alarms (possibly a subscreen), or an alarm bell that sounds, or a combination of these.13.2 Alarm Filtering:

Inhibits nuisance alarms, alarms related to equipment out of service, etc.13.3 Alarm Recognition:

Standard display techniques should be used for process variables in alarm, for equipment/loops in alarm, etc. Standard alarm summaries in display format should be used for current and historical alarms.13.4 Alarm Resolution:

Colors or other techniques should be used to distinguish the priority of alarms.13.5 Alarm Diagnosis/Response Support: Logic-driven, expert system-driven indicators or windows should be designed to add further to the understanding of the entire upset situation or to guide the operator in resolving the problem. Functions such as first out should be provided for major process upset conditions.

14 ADDITIONAL REFERENCES The following list provides additional sources of informations about HSI design.1. ANSI/AIAA G-035-1992:

Guide to Human Performance Measurements (American National Standards Institute, 1993).2. ANSI HFS-100: American National Standard for Human Factors Engineering of Visual Display Terminal Workstations (American National Standards Institute, 1988).3. BNL TR E2090-T4-1-9/96:

Human-System Interface Design Process and Review Criteria (Stubler and O'Hara, 1996).4. BNL TR E2090-T4-4-12/94, Rev. 1: Group-View Displays (Stubler and O'Hara, 1996).5. EPRI 1010042: Human Factors Guidance for Control Rook and Digital Human-System Design, Licensing, Implementation, Training, Operation and Maintenance (Electric Power Research Institute, December 2005).6. EPRI NP-4350: Human Engineering Design Guidelines for Maintainability (Pack et al., 1985).7. EPRI-ALWR URD: Advanced Light Water Reactor Utility Requirements Document, Volume II, Evolutionary Plant, Rev. 4 (Electric Power Research Institute, 1992).8. IEC-964: Design for Control Rooms of Nuclear Power Plants (International Electrotechnical Commission, 1989).Sheet 22 of 23 DCPP HSI DEVELOPMENT GUIDELINES Rev. I 9. IEEE Std. 1023-1988:

IEEE Guide to the Application of Human Factors Engineering to Systems, Equipment, and Facilities of Nuclear Power Generating Stations (Institute of Electrical and Electronics Engineers, 1988).10. NUREG/CR-6684:

Advance alarm systems: Guidance Development and Technical Basis (Brown, et al., 2000)11. NUREG/CR-6637:

Human-System Interface and Plant Modernization Process: Technical Basis and Human Factors Review Guidance (Stubler, O'Hara, Higgins, and Kramer, 2000).12. NUREG/CR-63 93: Integrated System Validation:

Methodology and Review Criteria (O'Hara, et al., 1997).13. NUREG/CR-663 5: Soft Controls:

Technical Basis and Human Factors Review Guidance (W. Stubler, O'Hara, and Kramer, 2000).14. NUREG/CR-6634:

Computer-Based Procedure Systems: Technical Basis and Human Factors Review Guidance (O'Hara, Higgins, Stubler, and Kramer, 2000).15. NUREG/CR-6633:

Advanced Information Systems: Technical Basis and Human Factors Review Guidance (O'Hara, Higgins, and Kramer, 2000).16. NUREG/CR-6636:

Maintenance of Digital Systems: Technical Basis and Human Factors Review Guidance (Stubler, Higgins, and Kramer, 2000).17. NUREG-0696:

Functional Criteria for Emergency Response Facilities (NRC, 1980).18. NUREG-0700:

Human-System Interface Design Review Guidelines (NRC, 2002).19. NUREG-0800:

Standard Review Plan, Chapter 18 Human Factors Engineering (NRC, 2004).20. Regulatory Guide 1.22: Periodic Testing of Protection System Actuation Functions (NRC, 1972).21. Regulatory Guide 1.105: Instrumentation Setpoints (NRC, 1999).22. Regulatory Guide 1.81: Shared Emergency and Shutdown Electrical Systems for Multi-Unit NPPs (NRC, 1975).23. Regulatory Guide 1.97: Instrumentation for Light- Water-Cooled Nuclear Power Plants to Assess Plant and Environmental Conditions During and Following an Accident (NRC, 1983).24. Regulatory Guide 1.62: Manual Initiation of Protective Actions (NRC, 1973).25. Regulatory Guide 1.47: Bypassed and Inoperable Status Indication for NPP Safety Systems (NRC, 1973).26. UCRL-15673:

Human Factors Design Guidelines for Maintainability of Department of Energy Nuclear Facilities (Bongarra, et al., 1985).Sheet 23 of 23

Retrieved from "https://kanterella.com/w/index.php?title=DCL-11-104,_Attachment_10:_Revision_1_to_Diablo_Canyon_Power_Plant_Units_1_%26_2_Human_System_Interface_(Hsi)_Development_Guidelines.&oldid=888412"