Lessons learned from HMI upgrades

This article on HMI upgrades for control systems includes suggestions on project approaches, managing data sources and managing the data funnel. Also included: a ten-step process for you to manage reality

2 of 2 1 | 2 > View on one page

A Word on Project Approaches
There are a variety of approaches to the HMI Upgrade project. The most common are:


  • Replacement in kind
  • Upgrade to a new basic HMI standard
  • Upgrade with new tools.

One might think, understandably, that the replacement in-kind project might be the most straightforward and less prone to scope and schedule issues. However, flaws in the existing system can make this difficult.

Upgrading to a new basic HMI standard is probably the easiest project type to manage. The new standard provides clear documentation and a clear scope of work. Upgrading with new tools is also likely to be simpler than replacement in-kind.

However, management of the pace of change from the old to the new advanced graphics can be a thorny constraint to manage. These advanced projects are achievable and well worth the effort, but they often must be managed with a phased approach. And, of course, tools that are advanced enough to rely on the latest and greatest software have a larger potential exposure for cost and schedule with more features to test and more bugs to resolve.

Dealing with Reality
Perhaps the hardest issue to deal with on any HMI project is the requirement to live in reality, with all its associated flaws.

One flaw is that the P&IDs and existing displays all have errors. No matter how often they have been walked down, or how strongly everyone thinks otherwise, all drawings have flaws or at least items that will raise questions. The most common questions include such things as instrument placement (for example, is the pressure before or after the manual block valve that we are showing on the graphic?) or naming conventions (something as simple as the P&ID calls the material Resin and the existing graphic calls it Plastic).

In most cases, sometimes the P&IDs and the existing graphic are correct. Or both are correct and it is a matter of determining what naming conventions will be used on the displays. It is surprisingly common to find instruments, or even controllers, drawn incorrectly on an operating graphic. Once identified, long-standing “control” issues are surprisingly corrected. It is important to keep asking questions until any discrepancies are resolved. Any corrections at a minimum are part of the continual improvement of the documentation and occasionally you will make a real improvement in process understanding.

Another problem is that existing displays have Band-Aids. Workarounds for problems with instrumentation or procedures are present in most systems. In one upgrade, I ran across an odd script in the stop/start for the fan on an incinerator. In addition to the expected hand controller for the stop and start, there was a second relay being switched off and on. We searched for a loop file and traced out the wires on the panel drawings. We could not find anything definitive and the fan was secured, so we took the second relay out and tested the stop/start. The incinerator fan became self-starting. No matter what we did, the fan kept restarting. We kept looking and found some old electrical prints for the antiquated VFC (variable frequency controller) and it turned out that a time-delay relay had been wired incorrectly and had never worked. So, the HMI had been scripted to fix the problem.

The best way to manage the flaws in the reality of the system is to follow a structured approach. Mustang Engineering employs a ten step process (see below) that manages reality, as well as budget and schedule.



A Ten Step Process That Manages Reality

1.    P&IDs

2.    Database Reconciliation
3.    HMI Design Guideline
4.    Navigation and Alarm Hierarchy
5.    Operator Task and SOP Review
6.    Schematics
7.    Build System
8.    Groups & Trends & Third-party Interfaces
9.    Functional Acceptance Test
10.  Final Documentations

Managing reality is as hard as managing the process.

Mental Models
Operators and engineers run a process based on their internal mental models of the process. They monitor the process and check the ongoing data against their models and respond as soon as something makes sense to them. Theories will be discarded only after several new pieces of data do not fit the model. All people do not have the same mental image or model of the process. So it is important to involve more than one operator and more than one engineer and make a composite image from all of the input. As you build the HMI, get feedback from the wider audience to sanity check your design.

It is important to understand that every “great idea” you have will not work. It is important to remember that the operator is the ultimate user for the process graphic and it should most closely match the mental model that you discern from their input. But there should also be control displays that provide enough detail for the engineer to troubleshoot the detailed control design. These should match the engineer’s mental model, but still be useable by the operator. Ultimately, keep working on it until it also makes sense to you. You are not an operator or engineer on the process, but you are a credible professional, and it should make sense to you as well. If it does not make sense, there are likely some minor imperfections that might eventually become important.

Remember that you are doing more than drawing pretty pictures. Engineering the HMI to account for human factors and enable understanding across every mode of operation is a challenge. The HMI is the funnel through which all information must pass and to be processed by the operator. Designing this system well can make a huge impact on both safety and profitability.

Lessons Learned

  1. Think of the HMI as the funnel that filters information. Make it a well-designed filter.
  2. Dramatic changes in how the process is shown can be confusing. Make a bridge from the old to the new.
  3. Just because you can automate does not mean you should. 
  4. Scope can be easier to manage when upgrading to a defined new standard.
  5. Even if there is no visibledoensn’tdoesn’t appear to be a reasonable explanation for something, it has a reason and you had better keep looking until it is understood.
  6. Everyone does not think alike. Design the process displays for the operator and the control displays for the engineers. Keep at it until it all makes sense to you as well.
  7. Inconsistent error display will lead to confusion and tension.


 About the Author
Bridget Fitzpatrick is Principal Technical Consultant at Mustang Engineering, Houston, TX, and may be contacted at Bridget.Fitzpatrick@MustangEng.com.


2 of 2 1 | 2 > View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments