Abstract
Classically, humans have been perceived as a source of faults in systems. Modern ergonomic views are promoting a somewhat different idea according to which humans are a factor of safety in unexpected situations. The safety of a system cannot be achieved without taking into account these two sides of cognition which compose what is called cognitive flexibility. In this paper, we will consider the cases of a nuclear accident and a plane crash-landing where human cognitive flexibility has impacted the final safety of the system. We aim to discuss the violations that humans have performed in these cases with the assumption that these violations do not always deteriorate system safety. The discussion gravitates around a core argument according to which violations per se do not inform on the safety impairments in a system. Some other dimensions have to be taken into account. We are of the opinion that, among these other dimensions, the accuracy of the operators’ mental model plays a key role, allowing some violations to improve system safety in emergency situations.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aberg L, Rimmö P-A (1998) Dimensions of aberrant behaviour. Ergonomics 41:39–56
Air France (1997) Anatomie d’un accident. F-28 Dryden, Canada, March 1989. Bulletin d’information sur la Sécurité des Vols 36:2–7
Amalberti R (1992) Safety and process control: an operator-centered point of view. Reliab Engin Sys Safe 38:99–108
Amalberti R (1996) La conduite de systèmes à risques. Presses Universitaires de France, Paris
Bainbridge L (1983) Ironies of automation. Automat 19:775–779
Besnard D (2000) Troubleshooting in electronics. In: Kornneef F, van der Meulen M (eds) Computer safety, reliability and security, Proceedings of SAFECOMP 2000, Springer, Berlin Heidelberg New York, pp 74–85
Besnard D, Cacitti L (2001) Troubleshooting in mechanics: a heuristic matching process. Cogn Technol Work 3:150–160
Bieder C (2000) Comments on the JCO accident. Cog Technol Wk 2:204–205
Blackman HS, Gertman D and Hallbert B (2000) The need for organisational analysis. Cogn Technol Work 2:206–208
Blockey PN, Hartley LR (1995) Aberrant driving behaviour: errors and violations. Ergon 38:1759–1771
Cacciabue PC (1991) Cognitive ergonomics: a key issue for human-machine systems. Le Trav Hum 54:359–364
Cacciabue PC (2000) Comments on the HF analysis of the JCO criticality accident. Cogn Technol Work 2:209–211
Cacciabue PC, Kjaer-Hansen J (1993) Cognitive modelling and human-machine interactions in dynamic environments. Le Trav Hum 56:1–26
Cellier JM, Eyrolle H and Mariné C (1997) Expertise in dynamic systems. Ergonomics 40:28–50
Chase WG, Simon HA (1973) Perception in chess. Cogn Psychol 4:55–81
Crow J, Javaux D and Rushby J (2000) Models of mechanised methods that integrate human factors into automation design. In: Proceedings of the International Conference on Human-Computer Interaction in Aeronautics: HCI-Aero 2000, Toulouse, France, 27–29 September 2000
Damania R (2002) Environmental policies with corrupt bureaucrats. Environ Dev Econ 7:407–427
De Keyser V, Woods DD (1990) Fixation errors: failures to revise situation assessment in dynamic and risky systems. In: Colombo AG, Saiz de Bustamante A (eds) Systems reliability assessment, ECSC, EEC, EAEC, Brussels and Luxembourg, pp 231–251
Dekker S (2003) Failure to adapt or adaptations that fail: contrasting models on procedures and safety. Appl Ergon 34:133–238
Doireau P, Wioland L and Amalberti R (1997) La détection d’erreurs humaines par des opérateurs extérieurs à l’action: le cas du pilotage d’avion. Le Trav Hum 60:131–153
Fujita Y (2000) Actualities need to be captured. Cogn Technol Work 2:212–214
Furuta K, Sasou K, Kubota R, Ujita H, Shuto Y and Yagi E (2000) Analysis report. Cogn Technol Work 2:182–203
Gasser L (1986) The integration of computing and routine work. ACM Trans Off Info Sys 4:205–225
Gitus JH (1988) The Chernobyl accident and its consequences. United Kingdom Atomic Energy Authority, London
Haynes A (1991) Transcript of the presentation given at the NASA Ames Research Center, 24 May 1991 http://www.panix.com/~jac/aviation/haynes.html. Cited May 1991
Hollan J, Hutchins E and Kirsh D (2000) Distributed cognition: toward a new foundation for human-computer interaction research. ACM Trans Comp-Hum Inter 7:174–196
Hollnagel E (1987) Information and reasoning in intelligent decision support systems. Int J Man-Mach Stud 27:665–678
Hollnagel E (1993) The phenotype of erroneous actions. Int J Man-Mach Stud 39:1–32
Hollnagel E, Woods D (1999) Cognitive system engineering: new wine in new bottles. Int J Hum-Comp Stud 51:339–356
Kanno T, Nakate K and Furuta K (2003) A method for team intention inference. Int J Hum-Comp Stud 58:393–413.
Leveson N, Pinnel LD, Sandys SD, Koga S and Reese JD (1997) Analysing software specifications for mode confusion potential. In: Johnson CW (ed) Proceedings of the Workshop on Human Error and System Development, Glasgow, Scotland, 19–22 March 1997
Mancini G (1987) Commentary: models of the decision maker in unforeseen accidents. Int J Man-Mach Stud 27:631–639
Marsden P, Hollnagel E (1996) Human interaction with technology: the accidental user. Acta Psychol 91:345–358
METT (1993) Rapport de la commission d’enquête sur l’accident survenu le 20 Janvier 1992 près du Mont Sainte-Odile a l’Airbus A.320 immatriculé F-GGED exploité par la compagnie Air Inter. Ministère de l’Equipement, des Transports et du Tourisme (French Ministry of Equipment, Transports and Tourism)
Miller GA (1956) The magical number seven plus or minus two: some limits on our capacity for processing information. Psych Rev 63:81–97
Moray N (1987) Intelligent aids, mental models, and the theory of machines. Int J Man-Mach Stud 27:619–629
Newell A, Shaw JC and Simon HA (1957) Preliminary description of General Problem Solving—I (GPS—I). Technical Report CIP, Working Paper 7, Carnegie Institute of Technology, Pittsburgh, PA
NTSB (1990) Aircraft accident report, United Airlines flight 232. McDonnell Douglas DC-10. Sioux Gateway airport. Sioux City, Iowa, 19 July 1989. National Transportation Safety Board, Washington, DC
NTSB (1997) Wheels-up landing, Continental Airlines flight 1943, Douglas DC-9 N10556, Houston, Texas, 19 February 1996. National Transportation Safety Board, Washington, DC. http://www.ntsb.gov/Publictn/1997/AAR9701.pdf. Cited 1997
Ochanine D (1978) Le rôle des images opératives dans la régulation des activités de travail. Psychol Educ 2:63-72
Parker D, Reason J, Manstead SR and Stradling SG (1995) Driving errors, driving violations and accident involvement. Ergon 38:1036–1048
Paxton HC, Baker RD and Reider WJ (1959) Los Alamos criticality accident. Nucleon 17, 107–108
Rame J-M (1995) Rôle des industriels dans la prévention des accidents. Pilot Lign 5:20–21
Rasmussen J (1986) Information processing and human-machine interaction. Amsterdam, North Holland
Rasmussen J (1991) Technologie de l’information et analyse de l’activité cognitive. In: Amalberti R, de Montmollin M and Theureau J (eds) Modèles en analyse du travail. Liège, Mardaga
Rauterberg M (1995) About faults, errors and other dangerous things. In: Stassen H, Wieringa P (eds) Proceedings of the XIV European Annual Conference on Human Decision Making and Manual Control, Delft, The Netherlands, 14–16 June 1995
Reason J (1987) Chernobyl errors. Bullet Brit Psychol Soc 40:201–206
Reason J (1990) Human error. Cambridge University Press, Cambridge, UK
Reason J (1995) A systems approach to organisational errors. Ergon 38:1708–1721
Reason J (1997) Managing the risks of organisational accidents. Ashgate, Aldershot, UK
Reason J (2000) Human error: models and management. Brit Med J 320:768–770
Rizzo A, Ferrante D and Bagnara S (1995) Handling human error. In: Hoc J-M, Cacciabue PC and Hollnagel E (eds) Expertise and technology: cognition and human-computer interaction, Lawrence Erlbaum, Hillsdale, NJ
Rushby J (2001) Modelling the human in human factors. In: Proceedings of Safecomp 2001, Budapest, Hungary, 25–28 September 2001
Rushby J, Crow J and Palmer E (1999) An automated method to detect potential mode confusions. In: Proceedings of the 18th AIAA/IEEE Digital Avionics Systems Conference, St Louis, MO, October 1999
Sarter N and Woods DD (1995) How in the world did we ever get into that mode? Mode error and awareness in supervisory control. Hum Fact 37:5–19
Soloway E, Adelson B and Ehrlich K (1988) Knowledge and processes in the comprehension of computer programs. In: Chi MTH, Glaser R and Farr MJ (eds) The nature of expertise, Lawrence Erlbaum, Hillsdale, NJ
Sundstrom GA (1993) Towards models of tasks and task complexity in supervisory control applications. Ergonomics 11:1413–1423
Svenson O, Lekberg A and Johansson AEL (1999) On perspective, expertise and differences in accident analyses: arguments for a multidisciplinary approach. Ergonomics 42:1567–1571
Van der Schaaf T (1992) Near miss reporting in the chemical process industry. Proefschrift, TU Eindhoven
Van der Schaaf T (2000). Near miss reporting changes the safety culture (Report after a visit to the University of Wisconsin-Madison). Hum Elem 5:1–2. http://www.engr.wisc.edu/centers/chpra/newsletter/CHPCS_vol5.1.pdf. Cited 2000
Wagenaar WA, Groeneweg J (1987) Accidents at sea. Multiple causes and impossible consequences. Int J Man-Mach Stud 27:587–598
Wason PC (1966) Reasoning. In: Foss BM (ed) New horizons in psychology, Penguin, Harmondsworth, UK
Westrum R (2000) Safety planning and safety culture in the JCO criticality accident: interpretative comments. Cogn Technol Work 2:240–241
Wimmer M, Rizzo A and Sujan M (1999) A holistic design concept to improve safety-related control systems. In: Felici M, Kanoun K and Pasquini A (eds) SAFECOMP’99, Springer, Berlin Heidelberg New York
Woods DD (1986) Paradigms for intelligent decision support. In: Hollnagel E, Mancini G and Woods DD (eds) Intelligent decision support in process environments, Springer Berlin Heidelberg New York
Woods DD (1993) The price of flexibility. In: Proceedings of the International Workshop on Intelligent User Interfaces, Orlando, Florida, 4–7 January 1993
Woods DD and Shattuck LG (2000) Distant supervision-local action given the potential for surprise. Cogn Technol Work 2:242–245
Acknowledgements
This paper was written at the University of Newcastle upon Tyne within the DIRC project (http://www.dirc.org.uk), a UK-based interdisciplinary research collaboration on the dependability of computer-based systems. The authors wish to thank Gordon Baxter (University of York) and anonymous reviewers for useful comments and the sponsor EPSRC for funding this research.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Besnard, D., Greathead, D. A cognitive approach to safe violations. Cogn Tech Work 5, 272–282 (2003). https://doi.org/10.1007/s10111-003-0131-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10111-003-0131-1