To maximize the adaptability aspect of using modes, it is important to have a clear understanding of inherent process challenges together with well-defined operating requirements. Once these important details are known, appropriate modes can be defined that simplify the controls design process and maximize operating flexibility without sacrificing personnel safety or equipment protection. Once these modes are incorporated into the control scheme, operators can knowingly choose the mode which best matches their functional needs and current process conditions, and be confident that the equipment will behave in a safe and reliable manner.
It is also helpful when different categories of modes are considered. Unit control modes, for example, apply to the entire production unit and can distinguish between normal production and maintenance, or between stages of production (like setting up, producing product and clearing the machine after a failed operation). Similarly, equipment control modes apply to individual devices or subsystems and can dictate one control strategy under normal conditions and another for exceptions to the norm (e.g., maintenance, override, etc.). In yet another vein, supervisory modes can be used to dictate which resources (operator vs. program) have permissibility of control at any given moment.
After modes have been defined and properly integrated into the control scheme, it is important that a mode management strategy also be employed. Certain modes are the result of others, or may overlap or interfere with them. For this reason, a mode selection scheme is needed to both prevent undesired interference and facilitate the desired propagation of a mode through the system. The result is prevention of unnecessary or unwanted mode combinations and added operating convenience.
Design HMIs according to ASM guidelines. The benefits of a graphical HMI are numerous. Of paramount importance is the ability to effectively convey status information to the operator. In doing so, however, it is important to consider the aspect of annunciating abnormal conditions (e.g., warnings and faults). Timely reaction to these conditions can be critical to personnel safety or equipment health, and great care must be given to designing HMI screens which maximize an operator's ability to recognize abnormal situations. In recent years, research has been published by the Abnormal Situation Management Consortium (ASM) that describes guidelines to best address this important aspect of design.
The consortium was initially formed by Honeywell in the mid '90s to address a growing concern over the increasing frequency and cost of incidents like unplanned shutdowns, environmental excursions, fires and explosions. The consortium's mission was to investigate causes and identify problems that occur during abnormal process situations in hopes of finding ways to mitigate their effects and improve early detection and response. When research showed that human factors had the largest correlation to incident occurrence, R&D efforts were directed toward understanding the human response aspects of graphically presented data. As a result of this research, guidelines have been published which summarize lessons learned and offer conceptual solutions for maximizing the effectiveness of operator displays, procedural practices and alarm management.
In the simplest terms, the ASM guidelines promote the notion that less is more. Significant improvement in cognitive response has a direct correlation to the reduction of unnecessary information, particularly graphical content. Subsequently, when graphics are simplified, both in color and form, abnormal conditions are easier to recognize and understand. Color is used sparingly; and when present, it has a clearly defined meaning, namely, to indicate whether a condition is normal or aberrant. Content organization and screen navigation are also important. Overview displays should be prevalent and present a complete picture of a process area's status without having to click through multiple views. Overview content should by mainly qualitative in nature and include only essential quantitative information. Details should be moved to highly focused views which can be retrieved with a minimum of keystrokes.
Manage alarms to prevent information overload. An important feature of an HMI is to annunciate alarms. Most modern control systems provide a plethora of monitored alarm conditions, with the intention of providing as much diagnostic information as possible about process and equipment behavior. Unfortunately, this feature can present a large quantity of information so quickly that an operator can be easily overwhelmed and lose the ability to distinguish important events from trivial or irrelevant ones. Rapid alarm bursts of numerous conditions and frequent repetition of the same condition often cause an operator to ignore the alarms entirely – far from the intended purpose of this potentially valuable feature.
A better approach to alarming includes the active management and filtering of abnormal conditions. Integrated alarm management uses known relationships between events to suppress alarms which are the direct result of another. This eliminates meaningless alarm bursts and tends to focus attention at the root cause of an event. Similarly, keeping statistics about alarm generation makes data analysis possible – leading to the quick identification of problem areas which can then be resolved. Similar analysis can produce metrics related to the frequency of all alarms, which subsequently can be used to indicate the relative performance and merit of the alarming function as a whole.
Support the integration of safety functions. The sacred cow of safety is rarely questioned, but nonetheless is often overlooked while designing the core components of a control system. Safety countermeasures are often programmed at a later time into the process logic as an afterthought with too little consistency of implementation. With the growing emphasis on the application of safety standards such as ISA-84 (US) and IEC 61508 (Europe), safety instrumented functions (SIF) are showing up more frequently in process control systems. Whether they are contained in a stand-alone safety instrumented system (SIS) or integrated directly into the control software, consistency and reliability of function are necessary outcomes.