Text

Human Factors Engineering Program Review Model & Acceptance Criteria for Evolutionary Reactors
	ML20101G577
Person / Time
Site:	05200001
Issue date:	06/02/1992
From:	; GENERAL ELECTRIC CO.
To:	;
References
	NUDOCS 9206260150
	Download: ML20101G577 (41)
	v • d • e

_ . - - . . - - . - . - . ..

hl2.,

f O t i

I HFE PROGRAM R; VIEW MODEL AND ACCEFTANCE CRITERIA FOR E!0LUTIONARY REACTORS A.

,. .-...~

,avuto go

[jj6260150920602 0 (

A ADOCK 05200001 '

PDR

o 4

CONTENTS EARE ,

1 MODEL DEVELOPMENT . . . . . . . . . . . . . . . . . . . . . . . . I 1.1 Objectives . . . . . . ................ . I 1.2 Scope . . . . . . . . .................. I 1.3 Development Method . . .................. 2 2 GENERAL MODEL DESCRIPTION . . . . . . . . . . . . . . . . . . . . 3 3 ELEMENT DESCRIPTION AND ACCEPTANCE CRITERIA . . . . . . . . . . 8 3.1 Element 1 - Human factors Engineering Program Management . 8 ,

3.2 Element 2 - Operating Experience Review . . . . . . . . . . 17 3.3 Element 3 - System functional Requirements Analysis . . . . 19 3.4 Element 4 - Allocation of function . . . . . . . . . . . . 22 3.5 Element 5 - Task Analysis . . . . . . . . . . . . . . . . . 24 3.6 Element 6 - Human-System Interface Design . . . . . . . . . 27 3.7 Element 7 - Plant and Emergency Operating Procedure Developmen 30 3.8 Element 8 - Human factors Verification and Validation . . . 32 9

-O I

I l-1 , ..m ..... , ,. , , . , - y.y,m'... , , , ,, ,c., ,, .,.w.pw_, , . . . . . . , , r, , , .-.. , - ..,.,e,, pw,,

l l

l 1 MODEL DEVELOPMENT 1.1 Qhlectives One issue to emerge from the review process of evolutionary reactor control room designs was that complete detailed HS1 design information would not be available for review prior to design certification and that certification would be based partially on the approval of a design and implementation process plan. The process must contain: (1) descriptions of all rec,uired HrE program elements for the design, development and implementation of the evolutionary reactor human-system interfaces, (2) identification of predetermined NRC conformance review points, and (3) design acceptance criteria (DAC) and Inspection, Test, Analysis and Acceptance Criteria (ITAAC) for the conformance reviews.

To review the designers process, it is necessary to: (1) assess whether all the appropriate HFE elements are included, (2) identify what materials are to be reviewed for each element, and (3) evaluate the proposed DAC/ITAAC to verify each of the elements. Since a process review has not been conducte'd previously by the NRC as part of reactor licensing and is not addressed. In the presently available guidence, i.e., NUREG-0800, a firm technical basis for such a review is not available. To conduct the review, it is important to identify which aspects of the process are required to assure that safety goals are achieved and to identify the review criteria by which each element can be assessed. Review criteria independent of that provided by the designer is required to assure that the design plan reflects currently acceptable human factors engineering practices and that it is a thorough, completea and workable plan. Thus, a technical basis for review of the process was developed and is described in this section. The specific objectives of this effort are:

1. To develop an HFE program review model to serve as a technical basis for the review of the :rocess proposed for certification. The model requirements are tlat it be- (1) based upon currently accepted practices, (2) well-defined, and (3) validated through experience with the development of complex, high-reliability systems.

2. To identify the HFE elements in a system development, design, and . ,

evaluation process that are necessary and sufficient requisites to successful integration of the human component in complex systems.

3. T6 identify which aspects of each HFE element are key to a safety review andarerequired}omonitortheprocess.

4. To specify the s'pecific acceptance criteria by which HFE elements can be evaluated.

1.2 Eqogg The scope of the HFE Program Review Model was restricted by two factors.

First, those elements of a complete HFE program that are already adequately affressed by existing NRC requirements for license applicants were excluded from the scope of the model. Included in this category were training program development and the details of procedure development. The second category of 1

l

r

. 2 exclusion were those elements that are the responsibility of other NRC review teams. This category includes human reliability analysis which, while important to HFE program development, is the responsibility of the SSAR Chapter 19 reviewers. Therefore, the scope of the model development described ,

below was restricted to those aspects of HfE design review remaining after the above elements are excluded.

1.3 DIYd9PMDt Method A technical review of current HFE guidance and practices was conducted to identify important human factors program plan elements relevant to a design process review. Sources rev'wed included a wide range of nuclear industry l and non-nuclear industry dowments, including those currently under i development as part of the Department of Defense (DoD) MANPRINT program, from this review a generic system development, design, ar.d evaluation process was defined. Once specified, key HFE elements were identified and criteria by which they are assessed (based upon a review of current literature and l accepted practices in the field of human factors engineering) were developed. 1 A generic HFE Program Review Model was developed based largely on applied general systems theory and the Department nf Defense (DoD) system development process (which is rooted in systems theory). Applied general systems theory provides a broad approach to system design and development, based on a series of clearly defined developmental steps, each with ch:rly defined and goals, and with specific management processes to attain them. System engineering has been defined as "...the management function which controls the total system development effort for the purpose of achieving an optimum balance of all system elements. It is a process which transforms an operational need into a description of system parameters and integrates those parameters to optimize the overall system effectiveness (Kockler, F., Withers, T., Podiack, J., and Gierman,H.,1990).

Utilization of the DoD system development as an input to the development of the Generic HFE Program Model was based on several factors. DoD policy identifies the human as a specific element of the total system (DoD, 1990a).

A systems approach implies that all syJtem components (hardware, software, personnel, support, procedures, and training) are given adequate consideration in the developmental process. A basic asw4, tion is that the personnel element receives serious considention from the very beginning of 'he design process. In addition, the military has applied HFE for the longest period of time (as compared with industrial / commercial system developers), thus the o

process is highly evolved und formalized and represents the most highly developed model availvble, finally, since military system development and acquisition is tightly regulated by federal, DoD, and military brar.ch laws, regulations, requirements, and standards, the model provides the most finely grained, specifically defined HFE process available.

Within the DoD system, w development of a complex system begins with the mission or purpose of the system, and the capability requirements needed to satisfy mission objectives. Systems engineering is essential in the earliest

! planning period to develop the system concept and to define the system l

l 1 . - - .

3 requirements. During the detailed design of the system, systems engineering

, assuros:

i j

balanced influence of all required design specialties;

e resolution of interface problems; i

the effective conduct of trade-off analyses; j

the effective conduct of design reviews; and 4

the verification of system performance.

The effective integration of HFE considerations into the design is accomplished by: (1) providing a structured top-down approach to system

development which is iterative, integrative, interdisciplinary and requirements driven and (2) providing a management structure which details the I

{ HFE considerations in each step of the overall process. A structured top-down

approach to NPP HFE is consistent with the approach-to new control room design i as described in Appendix B of NUREG-0700 and the enore recent internationally l accepted standard, IEC 964, for advanced control room design. The approach is-also consistent _with the recognition that human factors issues and problems emerge throughout the NPP design and evaluation process and therefore, _ human factors issues are best addressed with a comprehensive top-down program.

The systems engineering approach was expanded to develop an HFE Program Review i

Model to be used for the evolutionary reactor design and implementation g ,

process review by the incorporation of NRC HFE requirements.

. 2 GENERAL MODEL DESCRIPTION In this section an overview of the model is presented to generally describe the HFE elements, products reviewed for each element, and the acceptance criteria used to evaluate the element.

The model is intenoed as the programmatic approach to achieving a design-commitment to HFE. The overall commitment and scope of the HFE effort can be rtated as follows: Human-system interfacer operation, maintenance, test, and inspection of (HSI) the NPPshall bereflect that provided for the.

" state-

-) 2)(111)) as required by of-the-art 10CFR52.47(a)(1)(ii). human factors For the principles" (10 purposes of CFR 50.34(dev(elopment " state of the model art" human factors principles are defined as those principles currently accepted by human factors practitioners. M urrent" is defined with reference.

to the time at which this model wa develo; ed. " Accepted" is defined as a

practice, method, or guide.which is (1) documer.ted in the human factors literature within a standard or guidance document that has undergone a peer-

.i review process,_and/or (2) justified through scientific / industry research practices.

All aspects-of HSI should be developed, designed. and evali;4ted based upon a l

structured top-down system analysis using accepted HFL principios based upon i current HFE practices. HSI is used here-in~the very broad sense and shall include all operations,- maintenance, test, and inspection 1ctorfaces, _

procedures, and training materials.

The model developed to achieve this commitment contains eight elements:

i .

- 4

Element 1 - Human f actors Engineering Program Management

Element 2 - Operating Experience Review

Element 3 - System functional Requirements Analysis

Element 4 - Allocation of Function

Element 5 - Task Analysis

Element 6 - Human-System Interface Design

Element 7 - Plant and Emergency Operating Procedure Development

Element 8 - Human Factors Verification and Validation.

The elements and their interrelationships are illustrated in Figure A.I. Also illustrated are the minimal set of items submitted to the NRC for review of the COL's HFE efforts. All NRC review items are identified as falling into one of the five review stages: *

HF Hanagement Planning Review

Implementation Plan Review

Analysis Results Review

HSI Results Review Human factors Verification and Validation The materials reviewed at each stage are shown in Figure A.2.

A brief description of the purpose of each element follows.:

Element 1 - Human Factors Enaineerina Proaram Manacement To assure the integration of HFE into system development and the achievement of the goals of the HFE effort, an HS1 Design Team and an HFE Program Plan shall be established to assure the proper development, execution, oversight, and documentation of the human factors engineering program. As part of the program plan an HFE issues tracking system (to document and track HFE related problems / concerns / issues and their so%tions throughout the HFE program) will be established.

- Element 2 - Operatina Experience Review The accident at Three Mile Island in 1979 and other reactor incidents have illustrated significant problems in the actual design and the design

= philosophy of NPP HSIs. There have been many studies as a result of these accidents / incidents. Utilities have implemented both NRC mandated changes and additional improvements on their own initiative. However, the changes were formed based on the constraints associated with backfits to existing control rooms (CRs) using early 1980s technology which limited the scope of corrective actions that might have been considered, i.e., more effective fixes could be used in the case of a designing a new CR with the modern technology typical of advanced CRs. Problems and issues encountered in similar systems of previous designs shall be identified and analyzed so that they are avoided in the development of the current system or, in the case of positive features, to ensure their retention.

Element 1 Human Factors Engineering Program Manegement

.

HF EProgram Management Pian i

i If l Element 2. Operating Experience l Review

Imratt entaton Pian

Analysis Resdts Report

HSI Des >gn Tavn Evaluabon Report 1I

- 1 Element 3

Development of System Functional Requirements e implementabon Plan . ,

l

Anafysis Results Report .

HSt Design Team Evaluebon Report 1I Element 4. Allocation of Functions

Implementateon Plan

Analysis Results Report

HS1 Design Team Evaluabon Report 1f Element 5 Task Analyets e implementaton Plan

Arntysis Results Report

HSI Design Team Evaluation Report i

1f F

. Elem64 6. interf ace Design Elem nt 7. Procedure Development

Implementation Plan , e implementation Plan

Anatysis Results Report

Anatysis Results Report

HSI Design Team Evaluaban Report

HSt Design Team Evaluation Report 1f Element 8. HF Verificatbn and Validatlon

. .

Implementation Plan

Analysis Results Report

HS1 Design Team Evaluation Report 1I .

Feedback to Arpropriate Elements Figure A1. HFE Program Review Model Elements 4

- . . . . . ._. -. . . . - ,~,-.s,, . - - . . . . . . , , , - . , , , - -....,..~...-.-----....,.....,,,m ...- _ ... .. , _ .<-,,--.. ._. - ,-

1. HF Management Plan Review ,

Revice d Hft Program Manngement Plan lor:

1

Element 1. Human Fadors Ergreenne Program Marpent l

U

2. Implementation Plans Review 1

) Revara Implementation Plane lor:

Element 2. Operating Emporience Rev6ew f

Ekment 3. System Functional Requiremonds e Element 4. AWation of Fund 6ans

Element 5. Task Anahst -

Elei.ea nt 6. Interfacs Design i

Element 7 Procedure Developwors -

) !

Element a . HF ver*cate and Vweeton l

I U

! 3. Analysis Results Review J

Review of Anstysis Mosults Reporte &

y HS1 Design Team Evaluation Reportelor:

Elemens 3. System Fundsonal Roquiraments f

4

Element 4. Allocation of Functions l

Element 5. Task Analysis i U

4. HSl Design Review Review of Ano:ysis Results Meporte &

HSIDesign Team Essluation Moporte kr:

Element 6 Interface Design

Element 7 Procedure Development i- U

5. HF Verification & Validation Review Review of Analysis Results Reporte & ,

H$l Design Team hatuetton Reports for;

Element 8. HF Verication and Vahdation

Element 2 Operating Expedance Review Figure A2. HFE Program Review Stages ;

I

+-e m ,, n , e N e-r n, - v,.a~---c -,,,--w w ,,,nm -n-- -m,w- +,.,w.,-c - - - wm,---e,, .,--,,,n,,,,,,e,.,--,w-.w,- ,, - -- g. , - - , , n-,-vew..,,y---e, e-,a-w> , - - -

1 4

1 7

1 i Element 3 - System Functional Recuirements Analysis l

i System requirements shall be analyzed to identify those functions which must 4

be performed to satisfy the objectives of each functional area. System i function analysis shall: (1) determine the objective, performance i requirements, and constraints of the design; and (2) establish the functions j which must be accomplished to meet the objectives and required performance.

Element 4 - Allocation of Functions j The allocation of functions shall take advantage of hur,ian strengths and avoids i

allocating functions which would be impacted by human limitations. To assure i

, that the allocation of functions is conducted according to accepted HFE i

j. principles, a structured and well-documented methodology of allocating !

I functions to personnel, system elements, and personnel-system combinations l shall be developed.

i Element 5 - Task Analysis 4

i Task analysis shall provide the systematic study of the behavioral j requirements of the tasks the personnel subsystem is required to perform in order to achieve the functions allocated to them. The task analysis shall: i' l

provide one of the bases for making design decisions; e.g.,

a determining before hardware fabrication, to the extent j practicable, whether system performance requirements can be met by

combinatt ns of anticipated equipment, software, and p%rsonnel, s

L

assure that human performance requirements do not exceed human j capabilities, i

j

be used as basic information for developing procedures, l

be used as basic information for developing manning, skill, j training, and communication requirements of the system,-and 4

~

l

form the basis for specifying the requirements for the displays, j data processing and controls needed to carry out tasks. '

Element 6 - Human-System Interface DflhD

~

f' Human engineering orinciples and criteria shall be applied along with all' i other design ruf ments-to identify.. select, and design the particular j equipment to be cp lated / maintained / controlled by plant _ personnel.-

Element 7 - Plant and Emeroency Doeratina Procedure Development i

Plant _and Emergency Operating Procedures shall be developed to support and

!- guide human interaction with plant systems and to control plant-related , .

events and activities. Human engineering principles and criteria shall be applied along with all other design requirements to develop procedures that are technically accurate, comprehensive, explicit, easy to utilize, and

! validated. The types of procedures covered in the element are:

i I

l

f 8

plant and system operations (including start-up, power, and shutdown operations),

abnormal & emergency operations, :

preoprational, start-up, and surveillance tests, and

alarm response. ,

Element 8 - Human Factors Verification and Validation ;

The successful incorporation of human factors engineering into the final HSI design and the acceptability of the resulting HSI shall be thoroughly evaluated as an integrated system using HFE evaluation procedures, guidelines, standards, and principles.

The specification for the NRC review materials -and the acceptance criteria to -

be used for their evaluation are identified in the next section. Generically, each element is divided into three sections: Desig.- Commitment, Inspec-tion / Test / Analysis, &nd Design Acceptance Criteria.

- Desian Commitment A concise and general statement as to the HFE objective of the Element.

Inspection / Test / Analysis A specification of the inspections, tests, analysis, or other actions (i.e.,

some action that is required but which is not a specific ins)ection, test, or

! analysis, such as development of a program plan) to assure tie achievement of the objective. Generally these are divided into three activities: planning,

" analysis," and review. The set of materials to be provided'to the NRC for '

review of the element is specified.

Desian Acceptance Criteria Acceptance criteria-are typically divided into four sections: General Criteria, Implementation Plan, Analysis Report, and HSI Design Team Review Report. The General Criteria represent the major statement of design acceptance criteria. These are the critoria-the element is required to meet and which should govern the implementation Plan, Analysis Report, and HSI Design Team Review Report development. The general' criteria are derived from '

accepted HFE practices. These are the criteria derived from the HFE model development and HFE literature and current practices review. .. Applicable. <

guidance documents are referenced.

3 ELEMENT DESCRIPTION AND ACCEPTANCE CRITERIA 3.1 flement I - Human Factors Enaineerina Pror. ram Manaaement 5

DESIGN COMMITMENT:

Human-system interfaces (HSI) shall be provided for the. operation, maintenance, test, and inspection.of the NPP that reflect " state-of-the-art'

) as required by 10 CFR human factorsAll 52.47(a)(1)(ii). principles" aspects of(10 HS1 CFR shall50.34(f)(2)(iii) be deve loped, designed, and

.._:_...~... _ . _ _ . _ _ _ . ~ . _ . _ . . _ . _ . _ _ _ . _ _ _ _ _ _ . _ _ . . _ _ _ . _ , .

9 evaluated based upon a structured top-down system analysis using accepted human factors engineering (HFE) principles based upon current HFE practices.

HSI is used here in the broad sense and shall include all operations, maintenance, test, and inspection interfaces, procedures, and training needs.

The tier I commitment addresses main control room and remote shutdown system functions and equipment. Local control stations should be included in the overall prcgram.

State of the art human factors principles is defined as those principles currently acce)ted by human factors practitioners. " Current" is defined v th reference to tie time at which a program management or implementation alan is prepared. " Accepted" is defined as a practice, method, or guide whic1 is (1) documented in the human factors literature within a standard or guidance i document that has undergone a peer-review process and/or (2) can be justified through scientific / industry research/ practices.

INSPECTION / TEST / ANALYSIS: l To assure the integration of HFE into system development: a HSI Design Team .

shall be established and a HFE Program Plan shall be established to assure the proper development, execution, oversight, and documentation of the human factors engineering program.

DESIGN ACCEPTANCE CRITERIA:

kneral Criteria

1. The primary goal of the HFE program shall be to developing an HSI which makes possible safe, efficient, and reliable operator performance and which satisfy all regulatory requirements as stated in 10 CFR. The general objectives of this program shall be stated in " human-centered" terms which, as the HFE program develops, shall be objectively defined and shall serve as criteria for test and evaluation activities. Generic

" human-centered" HFE design goals include:

The operating team can accomplish all assigned tasks within system defined time and performance criteria.

The system and allocation of functions will provide acceptable workload levels to assure vigilance and to assure no operator overload.

The system will support'a high degree of operating crew

" situation awareness."

Signal detection and event recognition requirements will be kept within the operators' information processing limits and will minimize the need for operators to mentally transform data in order to be usable.

The system will minimize operator memory load, l

l

10

The operator interfaces will minimize operator error and will provide for error detection and recovery capability.

2. The program shall be developed using the following documents as guidance:

< list to be developed >

HS! Desian Team

1. An HSI Design Team shall have the responsibility, authority and placement within the organization (as defined below) to ensure that the "

design commitment is achieved.

2. The team shall be responsible for (1) the development of all HFE plans and procedures; (2) the oversight and review of all HFE design, development, test, and evaluation activities; (3) the initiation, recommendation, and provision of solutions through designated channels for problems identified in the implementation of the HFE activities; (4) verification of implementation of team recommendations, (5) assurance that all HFE activities comply to the HFE plans and procedures, and (7) scheduling of activities and milestones.

3. The scope of the Team's responsibility shall include:

Control and instrumentation equipment all operations, maintenance, test, and inspection of interfaces and facilities both within and outside the control room,

procedures e training requirements development.

4. The Team shall have the authority and organizational freedom to ensure that all its areas of responsibility are accomplished and to identify problems in the implementation of the HSI design. The team shall have the authority to determine where its input is required, access work areas, design documentation. The Team shall have the authority to control further processing, delivery, installation or use of HFE/HSI products until the disposition of a non-conformance, deficiency or unsatisfactory condition has been achieved.

5. The HSI Design Team shall be placed at the level in the COL organizatior, required to execute its responsibilities and authorities. The team shall report to a level of management such that required authority and organizational freedom are_ provided, including sufficient independence from cost and schedule considerations.

6. The HSI Design. Team shall include the following expertise:

Ifchnical Proiect Manaaement Bachelor's degree, five years' experience in nuclear power plant design or operations, and

l 11 three years' management experience.

Systems Enaineerina

- Bachelor's of Science decree, and four years' cumulative ekperience in at least three of the following areas of systems engineering; design, development, integration, operation, and test and evaluation.

ILqrjearEnaineerina ,

Bachelor's of Science degree, and four years' nuclear' design, development, test or operations experience Control and Instrumew ation Enoineerina

- Bachelor's of Science degree, four years' experience in design of process control systems, and experience in at least one of the following areas of C&I engineering; l development, power plant operations, and test and evaluation.

s Architect Enaineerina j -

Bachelor's of Science degree, and four years' experience in design of power plant control rooms.

Human Factors Bachelor'4 degree in uman factors engineering, engineering psychology or related science, four years' cumulative experience related to the human factors aspects of human-computer interfaces. Qualifying experience shall include experience in at lease two of the following human factors related activities; design, development, and test and evaluation, and four years' cumulative experience related to the human factors field of ergonomics. Again, qualifying experience shall include experience in at least two of the following areas of human factors activities; design, development, and test and evaluation.

Plant Operations Have or have_ held a Senior Reactor Operator license, and two years' experience in relevant nuclear power plant operations.

Computer Syste;n Enaineerina Bachelor's degree in Electrical Engineering or Computer Science, or graduate degree in other engineering disciplir.e (e.g., Mechanical Engineering or Chemical Engineering), and

i 12

- four years' experience in the design of digital computer systems and real time systems applications.

)

Plant Procedgre Development i -

Bachelor's degree, and

- four years' experience in developing nuclear power plant operating procedures.

Personnel Trainina l -

Bachelor's degree,

- four years' experience in the development of personnel training programs for power plants, and experience in the application of systematic training development methods.

Systems Safety Enaineering

- Bachelor's degree in Science, certification by the Board of Certified Safety Professionals in System Safety, and four years' experience in System Safety Engineering.

Reliability / Availability / Maintainability /InSDettability (RAMI) Enaineerina Maintainability /Insnectability Enaineerina Bachelor's of Science degree, four years' :umulative experience in at least two of the following areas of power plant maintainability and inspectability engineering activity; design, development, integration and test and evaluatian, and experience in analyzing and resolving plant system and/or equipment

- related maintenance problems.

Reliability / Availability Enaineerina Bachelor's degree, foce years' cumulative experience in at least two of the following areas of power plant reliability engineering activity; design, development, integration, and test and evaluation, and knowledge of computer-based, human-interface systems.

7. The education and related professional experience of the HSI Design Team personnel shall satisfy the minimum personal qualification requirements specified in (6) above, for each of the areas of required skills. In those skill areas where related professional experience is specified, qualifying experience of the individual HFE design team personnel shall include experience in the technologies _ and techniques,- of the particular skill area, utilized in the HSI design and implementation activities.

The required professionel experience presented in those personal qualifications are to be satisfied by the HSI Design Team as a r w ,4- --- ~ v - -

+ r -- - - -- w e i+-e -- -

e- - r

13 a i

collective whole. Therefore, . satisfaction of the professional experience requirements associated with a particular skill area may be realized through the combination of the professional experience of two 6 or more members of the HSI Design Team who each, individually, satisfy the other defined credentials of the particular skill area but who do not possess-all of the specified professional experience. Similarly, an individual member of the HSI Design Team may possess all of the credentials sufficient to satisfy the qualification requirements for two or more of the defined skill ar-eas.

8. Alternative personal credentials may be accepted as the basis for satisfying the minimum personal qnalification requirements specified in 6 above. Acceptance of such alternative personal credentials shall be evaluated on a case-by-case basis and approved, documented and retained in auditable plant construction '/iles by the C01. Applicant. The following factors are examples c'f alternative credentials which are -

considered acceptable: -

A Professional Engineer's license in the required skill are'a may !

be substituted for the required Bachelor's degree.

Successful completion of all technical portions of an engineering, technology or related science baccalaureate program may be substituted for the Bachelor's degree. The successful completion will be determined by-a transcript or other certificatjon by an accredited institution. For example, completion of 80' semester credit hours may be substituted for the baccalaureate requirement.

The courses shall be in appropriate technical subjects relevant to the required skill areas of the HFE MMIS Design Team for which the individual will be responsible.

Related experience may substitute for education at the rate of six semester credit hours for each year of experience up to a maximum of 60 hours6.944444e-4 days <br />0.0167 hours <br />9.920635e-5 weeks <br />2.283e-5 months <br /> credit.

Where course work is related to job assignments, post secondary , 3 educa' ion may be substituted for experience at the rate of two, '

yeart of education for one year experience. Total credit for post secondary education shall not exceed two years experience credit.

HFE Isste Trackina System

1. The tracking'lys' tem shall address human factors issues that are (1) known to the industry (defined in the operating experience review,see- !

Element 2) and (2) those identified throughout the life cycle of the ABWR system design, development and evaluation.

2. The method shall document and track human factors engineering issues and -

concerns, from identification until-elimination or reduction to a level acceptable to the Team.

l 14

3. Each issue / concern that meets or exceeds the threshold effects established by the Team shall be entared on the log when first

identified, and each action taken to eliminate or reduce the issue / concern should be thoroughly documented. The final rmolution of the issue / concern, as accepted by the Team, shall be documented in detail, along with information regarding Team acceptance (e.g., person accepting,date,etc.).

4. The tracking procedures shall carefully spell out individual responsibilities when an issue / concern is identified, identify who should icg it, who is responsible for tracking the resoicion efforts, who i:, responsible for nceptance of a resolution, and who should enter

, closeout data.

~

HFE Procram ano Manaaement Plan

1. An HFE Program Management W ar shall be developed to describe how the human factors program sh m N accomplished, i.e., the plan shall describe the HSI Design N organization and composition and which lays out the #~ ct to be a..dertaken and provides a technical approach, schedule, and management control structure and technical interfaces to achieve the HFE program objectives. The plan is the single document which describes the designer's entire HFE program, identifies its elements, and explains how the elemen will be managed. Generally, it shall address:

The scope of the HSI Design Team's authority within the broader scope of the organization responsible for plant construction.

Included within this scope shall be the authority to suspend from

delivery, installation, or operation any equipment which is

determined by the Team to be deficient in regard to established

human factors design practices and evaluation criteria.

(

The process through which the Team will execute its responsibilities.

The processes through which findings of the Team are resolved and how equipment design changes that may be necessary for resolution are incorporated into the actual equipment f timately used in the plant.

The members and qualification of the Te; iembers.

The process through which the Team activities will be assigned to individual team members, the responsibilities of each team member and the procedures that will govern the internal management of the Team.

The procedures and documentation requirements of the HFE Issues Tracking System.

- ,-r- -

y , + m - , , er+m ,- g ----w w w gq---

l 15 4

2. The HFE Program Management Plan shall provide the following information:

I. Purpose and organization of the plan

2. Literature and current practices review

3. Overall HFE program goals and objectives

4. The relationship between the HFE program and the overall plant design program (organization and schedule).

5. HSI Design Team

Organization within the HFE program Identify and describe the primary HFE organization or function within the organization of the total program, including charts to show organizational and functional relationships, reporting relationships, and lines of communication.

Functions and internal structure of the HFE Orgenization

_ Describe the responsibility, authority and accountability of the HFE organization.

Identify the organizational unit responsible for each HFE task.

( - -

Describe the process through which management decisions will be made regarding HFE.

Describe the process through which design decisions will be i made regarding HFE.

Describe all tools and techniques (e.g., review forms, documentation) to be utilized by tne Team to ensure they fulfill their responsibilities.

Staffing Describe the staffing of the HSI Design Team.

Provide job descriptions of personnel of the HSI Design Team.

Indicate the assignment of key personnel and provide their qualifications with regard to the areas of expertise indicated above.

> 6. HFE Issue Tracking System

Literature and current practices review

Responsibilities Responsibilities on issue Identification Responsibilities for Issue logging Responsibilities for Issue Resolution Responsibilities for Issue Closeout

16

Procedures Issue identification Description Effects Criticality and Likelihood Issue resolution Proposed Solutions Implemented Solution Residual Effects Resultant Criticality and likelihood .

Documentation

Audit of the issue identification and tracking system

7. HFE Requirements

Identify and describe the HFE requirements imposed on the design process

List the standards and specifications which are sources of HFE

, requirements ,

1

8. HFE program

, Identify and describe the development of implemente+ ion plans, analyses, and evaluation / verification of:

Operating Experience Review

System Functional Requirements Development

Allocation of Function

Task Analysis

Interface Design

.

Plant and Emergency Operating Procedure Development

HF Verification and Validation

9. HrE program milestones

Identify HFE milestones, so that evaluations of the effectiveness ,

of the HFE effort can be made at critical check points and show '

the relationship to the integrated plant sequence of events.

Provide a program schedule of HFE tasks showing:

relationships between HFE elements and activities. 1 reports !

reviews l l

Identify integrated design activities applicable to the HFE program but specified in other areas.

l l

. . . , - , - . - - .- -- , _,.,--r -

. 17

10. HFE documentation

Identify and briefly describe each required HFE documented item.

Identify procedures for accessibility and retention.

Describe the supporting documentation and its audit trail maintained for NRC audits.

11. HFE in subcontractor efforts

Provide a copy of the HFE requirements proposed for inclusion in each subcontract.

Describe the manner in which the designer proposes to monitor the subcontractor's compliance with HFE requirements.

3.2 Element 2 - Operating Experience Review DESIGN COMMITMENT:

The accident at Three Mile Island in 1979 and other reactor incidents have illustrated significant problems in the actual design and the design philosophy of NPP HSis. There have been many studies as a result of these accidents / incidents. Utilities have implemented both NRC mandated changes and additional improvements on their own initiative. However, the changes were formed based on the constraints associated with backfits to existing CRs using early 1980s technology which limited the scope of corrective actions that might have been considered, i.e., more effective fixes could be used in the case of a designing a new CR with the modern technology typical of advanced CRs. Problems and issues encountered in similar systems of previous designs shall be identified and analyzed so that they are avoided in the development of the current system or, in the case of positive features, to ensure their retention.

INSPECTION / TEST / ANALYSIS:

An Operating Experience Review Implementation Plan shall be developed.

An analysis of operating experience shall be conducted in accordance with the plan and the findings will be documented in an Analysis Results Report, j

The analyses shall be reviewed by the HSI Design Team and shall be documented in an Evaluation Report. j DESIGN ACCEPTANCE CRITERIA:

General Criteria ,

1

1. The following industry operating experience issues shall be identified:

< list to be developed >

i.

l l* 18

2. The issues shall be reviewed and analyzed for:

i l

Human aerformance issues, problems and sources of human error i shall se identified.

Design elements which support and enhance human performance shall be identified.

i j 3. The following topics should be included in interviews as a minimum:

4

Display factors

Control factors

Information processing factors

Communication factors

Procedures

Training factors

Staffing and Job Design ,

i

[ 4. The review shall include bath a review of literature pertaining the

human factors issues related to similar systems and operator interviews.

! 5. The following sources both industry wide and plant or subsystem relevant

! should be included in review of the identified issues:

i

Government and Industry Studies of Similar Systems l

Licensee Event Reports 4

Outage Analysis Reports '

!

Final Safety Analysis Reports and Safety Evaluation Reports l_

Human Engineering Deficiencies identified in DCRDRs

!

Modifications of the Technical Specifications fer Operation

Internal Memoranda / Reports as Available i

l

6. Each operating experience issue shall'be documented in the HFE Tracking System.

j -Implementation P1an i

The plan shall describe the designer's approach to Operating Experience Review. The plan shall address the following:

Documentation review and analysis

! * ~ User survey methodology (for conducting interviews) and analysis F ' plans

Method of documenting lessons learned

-*- Integration of lessons learned into the design process Analvsis Results Report i

The report shall address the following:

L

Objectives l

Description of the Methods

Identification of any deviations-from the implementation plan

.: < a ;

Z' l

1 19 I

Results and Discussion

Conclusions

Recommendations / Implications for HSI Design HSI Desian Team Evaluation ReDort The report shall address the following:

The review methodology and procedures

Compliance with Implementation Plan Procedures

Review findings 3.3 Element 3 - System Functional Reauirements Analysis DESIGN COMMITMENT:

^

System requirements shall be analyzed to identify those functions which must be performed to satisfy the objectives of each functional area. System function analysis shall: (1) determine the objective, performance requirements, and constraints of the design; and (2) establish. the functions which must be accomplished to meet the objectives and required performance.

INSPECTION / TEST / ANALYSIS: 9 A System Functional Requirements Analysis Implementation Plan shall be developed.

An analysis of System Functional Requirements shall be conducted in accordaace with the plan and the findings will be documented in an Analysis Results Report.

I

The analyses shall be reviewed by the HSI Design Team and shall be l documented in an Evaluation Report.

DESIGN ACCEPTANCE CRITERIA:

General Criteria

1. s shall determine system functions and the function System requirement'e shall deterN ne.th performance necessary to carry out the function.

2. Critical functions shall be defined (i.e., those functions required to achieve major system performance requirements; or those functions which, if failed, could degrade system or equipment performance or pose a safety hazard to plant personnel or to the general public),

~

l

, 3. Safety functions shall be identified and any functional interrelationship with non-safety systems shall be identified.

l 4. Functions shall be defined as the most general, yet differentiable means

whereby the system requirements are met, discharged, or satisfied.

1 i

. 20 Functions shall be arranged in a logical sequence so that any specified operational usage of the system can be traced in an end-to-end path.

5. Functions shall be described initially in graphic form. Function diagramming shall be done at several levels, starting at a " top level" where a very gross picture of major functions is described, and continuing to decompose major functions to several lower levcls until a specific critical end-item requirement will emerge, e.g., a piece of equipment, software, or an operator.

6. Detailed narrative descriptions shall be developed for each of the

, identified functions and for the overall system configuration design itsel f. Each function shall be identified and described in terms of inputs (observable parameters which will indicate system status),

functional processing (control process and performance measures required to achieve the function), outputs, feedback (how to determine correct discharge of function), and interface requirements from the top down so that subfunctions are recognized as part of larger functional areas.

7. Functional operations or activities shall include:

detecting signals a measuring information 5 comparing one measurement with another

processing information e acting upon decisions to produce a desired condition or result on the system or environment (e.g., system and component operation, actuation, and trips)

8. The function analysis shall be kept current over the life cycle of design development.

9. Verification

All the functions necessary for the achievement of operational and safety goals are identified.

All requirements of each function are identified.

10. The effort shall be performed using the following documents as guidance:

< list to be developed >

Implementation Plan The plan shall describe the designer's approach to System Functional Requirements Analysis.

The System Functional Requirements Analysis Implementation Plan shall address:

Literature and current practices review Describe the technical basis for the plan.

i 0

z- - , ,

21

List required syste;a level functions Based on System Performance Requirements.

Graphic function descriptions e.g., Functional Flow Block Diagrams and Time Line Diagrams

Detailed function narrative descriptions addressing:

- Observable parameters which will indicate system status Control process and measure / data required to ach' eve the .

function How to determine proper discharge of function

Analysis Define an integration of subfunctions that are closely related so that they can be treated as a unit Divide identified subfunctions into two groups Common achievement is an essential condition for the accomplishment of a higher level function Alternative supporting functions to a higher level function or whose accomplishment is not necessarily a requisite for higher level function

( -

Identify for each integrated subfunction:

Logical requirements for accomplishment (Why accomplishment is required)

Control actions r,acessary for accomplishment

Parameters necessary for control action

Criteria for avaluating the result of control actions

Parameters necessary for the evaluation

Evaluation criteria

Criteria for choosing alternatives Identify characteristic measurement and define for each measurement important factors such as Load, Accuracy, Time factors, Complexity of action logic, Types and complexities P

of decision making, Impacts resulting from the loss of function and associated time factors, a Verification Describe system function verification methodology.

Analysis Results ReDort The report shall address the following:

Objectives

Description of the Methods

1

~

l 22

)

4

Identification of any deviations from the implementation plan !

Results and Discussion !

(

Conclusions -

j

Recommendations / Implications for HSI Design

HSI Desian Team Evaluation ReDort l

[ The report shall address the following:

!

The review methodology and procedures

Compliance with Implementation Plan Procedures

Review findings '

i 3.4 Element 4 - Allocation of Function i

DESIGN COMMITMENT:

i The allocation of functions shall take advantage of human strengths and avoids i.

allocating functions which would be impacted by human limitations. To assure that the allocation of function is conducted according to accepted HFE i principles, a structured and well-documented methodology of allocating l functions to personnel, system elements, and personnel-system combinations l shall be developed.

INSPECTION / TEST / ANALYSIS:

An Allocation of Function Implementation Plan shall be developed.

An analysis of Allocation of Function shall be conducted in accordance j with the plan' and the findings will be documented in an Analysis Results.

Report.

l

The analyses shall be reviewed by the HSI Design Team and shall be j documented in an Evaluation Report.

I DESIGN ACCEPTANCE CRITERIA:

General Criteria b 1. All-aspects of system and functions definition must be analyzed in terms of resulting human performance requirements based on the expected user p population.

2. The allocation of functions to personnel, system elements, and.

}'

l : personnel-system combinations shall be made to reflect (1) sensitivity,

precision, time, and safety. requirements, (2) required reliability of j system performance, and (3) the number. and level of. skills of ' personnel

, required to operate-and maintain the system.

! 3. The allocation criteria, rational, analyses, and procedures 'shall be-l- documented.

l I

l 4

i l

1

,- +,m .,,-..,w,...~,..-,-, .., , . . + , . , , - ...m. ,r.m + ,,- ,,,,, , - - . . . , , --,.m..-.m -+-,,,r-,-v.<,-,~,,< ,

f

. 23

4. As alternative allocation concepts are developed, analyses and trade-off studies shall be conducted to determine adequate configurations of personnel- and system- performed functions. Analyses shall confirm that the personnel elements can properly perform tasks allocated to them while maintaining operator situation awareness, workload, and vigilance.

Proposed function assignment shall take the maximum advantage of the capabilities of human and machine without imposing unfavorable requirements on either.

5. Functions shall be re-allocated in an iterative manner, in response to developing design specifics and the outcomes of on-going analyses and trade studies.

6. Function assignment shall be evaluated, j 7. The effort shall be performed using the following documents as guidance:

< list to be developed >

1 Jmplementation Plan The plan shall describe the designer's approach to Allocation of Function.

The Allocation of Function Implementation Plan shall address:

Establishment of a structured basis for function allocation

Alternative systems analyses Specification of criteria for selection

TradIstudies Define objectives and requirements Identify alternatives Formulate selection criteria Weight criteria Prepare utility functions Evaluate alternatives Perform Sensitivity Check

, Select Preferred Alternatives

Evaluation of function assignment The plan shall describe the tests and analyses that will be performed to evaluate the function allocation Analysis Results ReDort The report shall address the following:

Objectives

'

Description of the Methods

Identification of any deviations from the implementation plan

24

Results and Discussion ;

Conclusions

Recommendations / Implications for HSI Design I

HSI Desian Team Evaluation Report i The report shall address the following:

The review methodology and procedures ,

Compliance with Implementation Plan Procedures

Review findings 3.5 Element 5 - Task Analysis

! DESIGN COMMITMENT:

1 Task analysis shall identify the behavioral requirements of the tasks the personnel subsystem is required to perform in order to achieve the functions allocated to them. A task shall be a group of activities that have a cummon purpose, often occurring in temporal proximity, and which utilize the same displays and controls. The task analysis shall:

provide one of the bases for making design decisions; e.g.,

determining before hardware fabrication, to the extent

, practicable, whether system performance requirements can be met by combinations of anticipated equipment, software, and personnel,

assure that human performance requirements do not exceed human -

capabilities,

be used as basic information for developing manning, skill, training, and communication requirements of the system, and

+ form the basis for specifying the requirements for the displays, data processing and controls needed to carry out tasks.

_ INSPECTION / TEST / ANALYSIS:

A Task Analysis Implementation Plan shall be developed.

An analysis of tasks shall be conducted in accordance with the plan and the findings will be documented in an Analysis Results Report.

The analyses shall be reviewed by the HSI Design Team and shall be documented in an Evaluation Report.

DESIGN ACCEPTANCE CRITERIA:

General Criteria

1. The scope of the task analysis shall include all operations, maintenance, test and inspection tasks. The analyses shall be directed to -the full range of plant operating modes, including start-up, normal operations, abnormal operations, transient conditions, low power and

25 shutdown conditions. The analyses shall include tasks performed in the

, control room as well as outside of the control room.

2. The analysis shall link the identified and described tasks in .

! operational sequence diagrams. A review of the descriptions and !

operational sequence diagrams shall identify which tasks can be !

considered " critical" in terms of importance for function achievement, I potential for human error, and impact of task failure. Human actions !

which are found to affect plant risk in PRA sensitivity analyses shall also be considered " critical." Where critical functions are automated, l

the analyses shall consider all human tasks including monitoring of an automated safety system and back-up actions if it fails.

3. Task analysis shall begin on a gross level and involve the development of detailed narrative descriptions of what personnel must do. Task analyses shall define the nature of the input, process, and output required by and of personnel. Detailed task descriptions shall address (as appropriate): .

Information Requirements Information required, including cues for task initiation Information available

Decision-Making Requirements 9 Description of the decisions to be made (relative, absolute, probabilistic)

Evaluations to be performed Decisions that are probable based on the evaluation (opportunities for cognitive errors, such-as capture error, will be identified and carefully analyzed)

Response Requirements Action to be taken - ,

Overlap of task requirements (serial vs. parallel task elements)

Frequency Speed / Time line requirements Tolergnce/ accuracy Operational limits of personnel performance Operational limits of machine and software Body movements required by action taken

Feedback Requirements Feedback required to indicate adequacy of actions taken

Workload Cognitive

1 l

26 i i

Physical Estimation of difficulty level

Task Support Requirements Special/ protective clothing Job aids or reference materials requ' ired .

-- Tools and equipment required Computer processing support _ aids

Workplace Factors Workspace--envelope required by action taken

- Workspace c6nditions Location and condition of the work Enviro.iment

Staffing and Communication Requirements number of personnel, their technical specialty, and specific skills Communications required, including type Personnel interaction when more than.one person is involved

Hazard Identification Identification of Hazards involved

4. The task analysis shall be iterative and become progressively more_ _

detailed over the desigr. cycle. The task analysis shall' be detailed enough to identify information and control requirements to enable-specification of detailed requirements for alarms, displays, data processing,- and controls for human task accomplishment.

5. The task analysis results shall provide--input to the personnel- training _

programs.

6. The effort shall be performed using the following. documents as guidance:

< list to be developed >- _

Implementation Plan - - -

'. The plan shall describe the designer's approach to task analysis. The Task ,

Analysis -Implementation Plan shall address:

Ger.eral methods and data sources ;

Gross task analysis 'l l

I '

' Convert Funct' ions to Tasks Develop Narrative Task Descriptions General statement of task functions

_ _._-.;_...-__u._ .._.,,..-..-..,._,.,...__..,..,,..,...,,.._,....-.~...._,.;...,.,,.-....,,.--.-.,,---,,_.._-_._,,_._,-...l

27

- Detailed task descriptions Breakdown of tasks to individual activities Deve'op Operational Sequence Diagrams

Critical task analysis Identification of Critical Tasks

- Detciled Task Descriptions

Information t.nd control requirements

Initial alarm, display, processing, and control requirements analysis Develop a task-based I&C inventory

Application of task analysis results to training development

Evaluation of task analysis The plan shall describe the methods that will be used to evaluate the results of the task aralysis.

Analysis Results ReJort The report shall address the following:

Objectives

Description of the tiethods

Identification of any deviations from the implementation plan

Results and Discussion

Conclusions

Recommendations / Implications for HSI Design

[LSI Desian Team Evaluation ReDort The report shall address the following:

The review methodology and procedures

Compliance with Implementation Plan Procedures

Review findings 3.6 Element 6 - Human-System Interface Desiuq 2

DESIGN COMMITMENT:

Human engineering principles and criteria shall be applied along with all other design requirements to identify, select, and design the particular equipment to be operated / maintained / controlled by plant personnel.

INSPECTION / TEST / ANALYSIS:

A Human-System Interface Design Implementation Plan shall be developed. I

28 l l

An analysis of Human-System Interface Design shall be conducted in l accordance with the plan and the findings will be documented in an !

Analysis Results Report.

The analyses shall be reviewed by the HSI Design Team and shall be documented in an Evaluation Report.

- DESIGN ACCEPTANCE CRITERIA:

[

4 General Criteria I. The design configuration shall satisfy the furictional and technical design requirements and insure that the HSI will meet the appropr'iate HFE guidance and criteria.

2. The HFE effort shall be applied to HSI both inside and outside of the control room (local HSI).

3. HSI design shall utilne the results of the task analysis and the I&C inventory to assure the adequacy of the HSI.

4. The HS! and working environment shall be adequate for the human performance requirements it supports. The HSI shall be capable of supporting critical operations under the worst credible environmental conditions.

5. The HSI shall be free of e'ements which are not required for the accomplishment of any task.

6. The selection and design of HSI hardware and software appron:,es shall be based upon demonstrated criteria that support the aji evement of human task performance requirements. Criteria can be based upon test results, demonstrated experience, and trade studies of identified options.

7. HFE standards shall be employed in HSI selection and design. Human engineering guidance regarding the design particulars shall be developed by the HSI designer to (I) instre that the human-syst;m interfaces are designed to currently accepted HFE guidelines and (2) insure proper consideration of human capabilities and limitations in the c'eveloping system. This guidance shall be derived from sources such as expect judgement, design guidelines and standards, and quantitative (e.g.,

anthropometric) ana qualitative (e.g., relative effectiveness of differing types of displays for different conditions) data. Procedures shall be employed to ensure HSI adherence with standards.

8. HFE/HSI problems shall be resolved using studies, experiments, and laboratory tests, e.g.

Mockups and models may be used to resolve access, workspace and related HFE problems and incorporating these solutions into system design i

k

I 29

Dynamic simulation and HSI prototypes shall be evaluated for use I to evaluate design details of eauipment requiring critical human I performance

The rationale for selection of design / evaluation tools shall be documented

9. Human factors engineering shhll be applied to the design of equipment and software for maintainability, testing and inspection.

10. HSI design elements shall be evaluated to assure their acceptability for task performance and HFE, criteria, standards, and guidelines.

11. The effort shall be performed ueing the followirg documents as guidance:

< list to be developed >

Jmp1ementilion P1an The plan shall describe the designer's approach to Human-System Interface Design. The Human-System Interface Design Implementation Plan shall address:

I&C requirements analysis and design Compare Task Requirements to ITL ;cai! ability Modifications to I&C Inventory

General HSI approach selection A Trade Studies Analyses The criteria to be used to meet General Criterion (selection and design of HSI hardware and software approaches), described above

HFE design guidance development and documentation

HSI detailed design and evaluations Use of design / evaluation tools such as prototypes shall be specifically identified and rationale for selection Analysis Results Report The report shall address the following:

Objectives

Description of the Methods

Identification of any deviations from the implementation plan

Results and Discussion

Conclusions

Recommendations / Implications for HSI Design 1

I 30 HSI De@ Team Evaluation Report The report shall address the following:

The review methodology and procedures

Compliance with Implementation Plan Procedures

Review findings 3.7 Element 7 - Plant _and Emeroency Operatina Procedure Development DESIGN COMMITMENT:

Plant and Emergency Operating Procedures shall be developed to support and guide human interaction with plant systems and to control plant-related events and activities. Human engineering principles and criteria shall be applied along with all other design requirements to develop procedures that a tachnically accurate, comprehensive, explicit, easy to utilize, and

. validatea. The types of procedures covered in the element are:

4

plant & system operations (including start-up, power, arJ shutdown operations)

+ abnormal & emergency operations

preoperational, start-up, and sur eillance tests

, e alarm response INSPECTION / TEST / ANAL.YSIS: .

A Plant and Emergency Operating Procedure Development Implementation Plan shall be developed.

The procedures shall be developed in accordance with the plan and the results will be documented in a Procedure Development Report.

The procedure development shall be reviewed by the HSI Design Team and shall be documented in an Evaluation Report.

DESIGN ACCEPTANCE CRITERIA:

General Criteria ,

1. The task analysis shall be used to specify the procedures for operations (normal, abnormal, and emergency), test, maintenance and inspection.

2. The basis for procedure development shall include:

Plant design bases e system-based technical requirements and specifications e the task analyses for operations (normal, abnormal, and emergency)

significant human actions identified in.the HRA/PRA

initiating events to be considered in the E0Ps shall include those events present in the design bases.

i l

h. 31 ~

1

! 3. A Writer's_ Guide shall be dev;ioped to establish the process for

developing technical procedares that are complete, accurate, consistent,

and easy to understand and follow. The Guide shall contain sufficiently j objective criteria so that procedures developed in.accordance with the Guide shall be consistent in organization, style, and content. The

{

Guide shall be used for all procedures within the scope of this Element.

The Writer's Guide shall provide instructions for procedure content and-2 format (including the writing 6f action steps and the specification of i acceptable acronym lists and acceptable terms to be used).

4. The content of the procedures shall incorporate the following elements:

!

Title

Statement of Applicability l

References l

Prerequisites l

Precautions (including warnings, cautions, and notes) '

i

Limitations and Actions

Required Human Actions i

Acceptance Criteria

!

Checkoff Lists i 5. All procedures shall be verified and validated. A review shall be l conducted to assure procedures are correct and can be perforfed. Final

! validation of operating procedures shall be performed in a simulation of

the integrated system as part of V&V activities described in Element 8.

6. An analysis shall be conducted to determine the impact of providing computer-based procedures and to specify where such an approach would j improve procedure utilization and reduce operating crew errors related

to procedure use.

! 7. The effort shall be performed using the following documents as guidance:

< list to be developed > ,

j Implementation Plan i .

! . The Plant'and Emergency Operating Procedure Development Implementation Plan-i

-shall address:

t Identifica' tion 'of source data /information-to be used as a basis i for procedure development j

Methodology for the evaluation of procedures (plan shall describe l tests and analyses thatsill be used to evaluate crocedures)

. Requirements for the effective development and ust of a Procedural-

. Writer's-Guide -

1

Procedures for training _ program - procedure integrotion L

Verification and validation procedures

!

Procedure development documentation requirements i

j

i-i i

(

32 j .

l Procedure Development Report

! The report shall_ address the following:

Objectives

Description of the Methods Used

Identification of any deviations from the implementation plan j

Results, including a list of procedures developed, and a 3 discussion of the resulting procedures including sample procedures

!

Conclusions

Recommendations / Implications for HSI Design j HSI Desian Team Evaluation ReDort The report shall address the following:

i

The review methodology and procedures l

Compliance with Implementation Plan Procedures j

Review findings i 3.8 Element 8 - Human Factors Verification and Validation DESIGN COMMITMENT:

! The successful incorporation of human factors engineering into the final HSI l design and the acceptability of the resulting HSI shall be thoroughly

evaluated as an integrated system using HFE evaluation procedures, guidelines,

!- standards, and-principles.-

a-INSPECTION / TEST / ANALYSIS: -

A Human Factors Verification and Validation Implementation Plan shall

be developed.

. An analysis of' Human Factors Verification;and Validation shall be i- -

conducted in accordance with the plan and _the findings will be l documented in an Analysis Re:;ults Report.

i l

The analyses shall be reviewed by the HSI Design Team and shall be

'. documented in an Evaluation-Report.

I k DESIGN ACCEPTANCE CRITERIA:

General Criteria

! 1. -The evaluation shall verify that the performance of the HSI, when all L. elements are fully integrated into a system, meets (1) all HFE design

goals as established in the program plan; and-(2) all system functional j requirements and support human operations, maintenance, test, and l inspection task accomplishment.

b . _ , _ - _ . _ . _ , _ ~ . _ , _ _ . . . _ _ . _ _ _ _ - _ _ _ _ _ _

. 33 1

2. The evaluation shall add,ess:

Human-Hardware interfaces

Human-software interfaces

Procedures

Workstation and console configurations

Control room design

Remote shutdown system

Design of the overall work environment

3. Individual HSI elements shall be evaluated in a static and/or "part-task" mode to assure that all controls, displays, and data processing that are required are available and that they are designed according to accepted HFE guidelines, standards, and principles.

4. The integration of HSI elements with each other and with personnel shall be evaluated and validated through dynamic task performance evaluation using evaluation tools which are appropriate to the accomplishment of this objective. A fully functional HSI prototype and plant simulator shall be used as part of these evaluations. If an alternative to a HSI prototype is proposed its acceptability shall be documented in the implementation plan. The evaluations shall have as their objectives:

Adequacy of entire HSI configuration for achievement of safety goals

Confirm allocation of function ;nd the structure of tasks assigned to personnel Adequacy of staffing and the HSI to support staff to accomplish their tasks.

Adequacy of Procedures

Confirm the adequacy of the dynamic aspects of all interfaces for task accomplishment Evaluation and demonstration of error tolerance to human and system failures

5. Dynamic evaluations shall evaluate HSI under a range of operational conditions and upsets, and shall include:

Normal plant evolutions (e.g., start-up, full power, and shutdown operations)

Instrument Failures (e.g., Safety System Logic & Control (SSLC) Unit, Fault Tolerant Controller (NSSS), local

" Field Unit" for MUX system, MUX Controller (B0P), Break in MUX line)

HSI equipment and processing failure (e.g., loss of VDUs, loss of data processing, loss of large overview display)

Transients (e.g., Turbine Trip, Loss of Offsite Power, Station Blackout, Loss of all FW, loss of Service Water, Loss of power to selected buses /CR power supplies, and SRV transients) !

l L

)

l' .

34

Accidents (e.g., Main steam line creak, Pesitive Reactivity .

j Addition, Control Rod Insertion at power, Control Rod Ejection, ATWS, and various-sized LOCAs)

6. Performance measures for dyr.amic evaluations shall be adequate to test i the achievement off all objectives; design goals, and performance j requirements and shall include at a minimum:

System performance measures relevant to safety

Crew Primary Task Performance (e.g., task times, procedure j violations)

Crew Errors .

i

Situation Awareness i

Workload 2

Crew communications and coordination

Anthropometry evaluations

Physical positioning and interactions i

i. 7. A verification shall be made that all issues documented in the Human Factors Issue Tracking System have been addressed.

8. A verification shall be made that all critical human actions as defined by the task analysis and PRA/HRA have be adequately tupported in the design. The design of tests and evaluations to be performed as part of HFE V&V activities shall specifically examine these actions.

9. The effort shall be performed using the following documents as guidance:-

< list to be developed >

Implementation Plan The plan shall describe the designer's approach to Human Factors Verification

.. and Validation. The Human Factors Verification aM Validation Implementation Plan shall address:

HSI element evaluation -

Control, Data Processing. _ Display audit Comparison of HSI element _ design to HFE guidelines,- ,

-standards, and. principles: - -

3 Dynamic performance evaluation of fully integrated HSI General Objectives Test methodslogy and procedures Test participants (operators _to participate-in the test program)

_ Test Conditions HSI descripticn Performance measures Data analysis Criteria for evaluation of results Utilization of evaluatiuns

i i

i 4

35

Documentation requirements Test & Eva10ation Plans and Procedures Test Reports i

l l

l I

I I

4 4

A.

.h at 5

i r- - - - , - -- s-..- - ,,

36

Analysis Results Report The report shall address the following

Objectives

Description of the Methods

Identification of any deviations from the implementation plan

Results and Discussion

Conclusions

Recommendations / Implications for HSI Design

+

HSI Desian Team Evaluation ReDort The report shall address the following:

The review methodology and procedures

Compliance with Implementation Plan Procedures

Review findings e

1 mm

~ **

wn r'

37 REFERENCES Bailey, R.W. (1982). Human performance engineering: A guide for system designers. Englewood Cliffs, NJ: Prentice-Hall, Inc.

Booher, H.R. (Ed.) (1990). MANPRINT: An approach to systems integration.

New York: Van Nostrand Reinhold.

DeGreene, K.B. (1970). Systems psychology. New York: McGraw-Hill Book Company.

Department of Defense (1979a). Tuman engineering requirements for military systems, equipment and facilities (MIL-H-468558). Washington, D.C.: Office "

of Manap.'nt and Budget.

Department of Defense (1979b). Critical task analysis report (DI-H-7055). '

Washington, D.C.: Office of Management and Budget.

Department of Defense (1981). Human factors engineering design for army material (NIL-HDBK-759A (HI). Washington, D.C.: Department of the Army Department of Defense (1983). Human factors engineering program (AR 602-1).

Washington, D.C.: Department of the Army.

Department of Defense (1985). Technical reviews and audits for systems, equipments, and computer software (MIL-STD-15218). Washington, D.C.:

Department of the Air Force.

\

Department of Defense (1986). System safety program plan (DI-SAFT-80100).

Washington, D.C.: Office of Management and Budget.

Department of Defense (1989a) Human engineering program plan (DI-HFAC-80740). Washington, D.C.: Office of Management and Budget.

Department of Defense (1989b). Human engineering design criteria for military systems, equipment and facilities'(HIL-STD-14720). Washington, D.C.: Office . ,

of Management and Budget.

Department of Defense (1989). Manufacturer's MANPRINT management plan

. (OT-11920). Washington, D.C.: Office of Mangement and Budget.

Department of Defense (1990a). Hanpower and Personnel Integration (MANPRINT) in the material acquisition process (AR 602-2). Washington, D.C.: Department of the Army.

Department of Defense (1990b). System engineering management plan (DI-#GHT-81024). Washington, D.C.: Office of Management and Budget.

Department of Defense (1991a). Defense acquisition (DODD 5000.1).

Washington, D.C.: Office of Management and Budget.

4 -

38 Department of Defense (1991b). Defense acquisituon management policies and procedures (00015000.2). Washington, D.C.: Office of Management and Budget.

- Department of Defense (1991c). Human engineering procedures guide (D00-#DBK-763). Washington, D.C.: Office of Management and Budget.

Gagne, R. M., and Melton, A. W. (Eds.), Psychological principles in system development . New York: Holt, Rinehart and Winston.

Hennessy, R.T. (1990). Practical human performance testing and evaluation.

In Booher, H.R. (Ed.) MANPRINT: An approach to systems integration. New York: Van Nostrand Reinhold.

International Electrotechnical Commission (1989). International standard:

Design for control rooms of nuclear power plants (IEC 964). Geneva, Switzerland: Bureau Central de la Commission Electrotechnique Internationale.

4 Kockler, F., Withers, T., Podiack, J., and Gierman, M (1990). Systems engineering management guide (AD/A223 168). Fort Belvoir, VA: Defense Systems Meiagement College.

Mil 1er, R. B. (1953). A method for man-machine task analysis (Technical l Report 53-137, June (AD 15921). Wright-Patterson AFB, Ohio: Wright Air Development Center.

O'Hara , J., and Higgins, J. (1992). Preliminary Review of the ABWR Design Implementation Process Plan (BNL Technical Report L2314-1-2/92P). Upton, New York: Brookhaven National Laboratory.

O'Hara , J., and Higgins, J. (1992). Preliminary Review of GE's Responses to the ABWR Draft Safety Analysis Report Human Factors Issues (BNL Technical Report L2314-2-2/92P). Upton, New York: Brookhaven National Laboratory.

U.S. Nuclear Regulatory Commission (1981). Guidelines for control room design

, reviews (NUREG 0700). Washington, D.C.: U.S. Government Printing Office.

U.S. Nuclear Regulatory Commission, "TM1-2 Action Plan," (NUREG-0660),

Washington, DC.

U.S. Nuclear Regulatory Commission, " Clarification of THI Action Plan

., Requirements," (NUREG-0737 and Supplements), Washington, DC, 1980.

U.S. Nuclear Regulatory Commission, " Functional Criteria for Emergency Response Facilities," (NUREG-0696), Washington, DC, 1980.

U.S. Nuclear Regulatory Commission, " Human Factors Acceptance Criteria for Safety Parameter Display System," (NUREG-0835), Washington, DC,1981.

U.S. Nuclear Regulatory Commission, " Standard Review Plan," (NUREG-0800),

Washington, DC, Revision 1, 1984.

' +-

39 ..

Van Cott, H.P., and Kinkade, R.G. (Eds.), Human engineering guide to eqdipment,, !

4 design (pp. 1-16). Washington, D.C.: U.S. Government Printing Office.

i Woodson, W.E. (1981). Human factors design handbook. New York: McGraw-Hill Book Company.

a 6

j i

4

, -. , . , , _ , ,

ML20101G577

Text

Navigation menu

Search