Risk Analysis, Impact and Interaction Modelling

  • A. M. Dearden
  • M. D. Harrison
Conference paper
Part of the Eurographics book series (EUROGRAPH)


Operator error has been blamed for many accidents and incidents in safety-critical systems. It is important that human-machine interface (HMI) designers are aware of the relationships between their design decisions, operator errors, and the hazards associated with a system. In this paper, we demonstrate how information from risk analysis can be combined with formal specification of the HMI, to support designers in exploring these relationships. We use the concept of interactor to model the human-machine interface (HMI); together with a concept of impact, which we define informally as: “the effect that an action or sequence of actions has on the safe and successful operation of a system.” We show how interactors can be used as design representations for the HMI at the earliest stages of design, as well as providing a medium by which risk analysts can inform HMI designers about the impact of human-errors. To demonstrate the feasibility of this approach, we consider a simple, gas-fired, electricity generating plant as a case study. Our proposed approach is intended to complement, rather than compete with, existing design and analysis methods for the HMI. The method achieves this by making risk analysis information available in the early stages of HMI design.


Impact Safety-critical systems Interactor Risk analysis Formal Models 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Bello, G. C. and Colombari, V. (1980). Empirical technique to estimate operator errors (TESEO). Reliability Engineering, 1(3).Google Scholar
  2. Dearden, A. and Harrison, M. (1996). Impact as a human factor in interactive system design. In Redmill, F. and Anderson, T., editors, Safety-critical Systems: The Convergence of High Tech and Human Factors, 184–199. Springer.Google Scholar
  3. [Duke et al.,, 1994_Duke, D., Faconti, G., Harrison, M., and Paterno’, F. (1994). Unifying views of interactors. In Proc. International Workshop on Advanced Visual Interfaces, 143–152. ACM Press.Google Scholar
  4. Duke, D. and Harrison, M. (1994). FSM: Overview and Worked Examples. Technical Report SM/WP44, AMODEUS II project, ESPRIT Basic Research Action 7040.Google Scholar
  5. Duke, D. J. and Harrison, M. D. (1993). Abstract interaction objects. Computer Graphics Forum, 12(3):25–36.Google Scholar
  6. [Embrey et al., 1984]_Embrey, D. E., Humphreys, P. C., Rosa, E. A., Kirwan, B., and Rea, K. (1984). SLIM-MAUD: An Approach to Assessing Human Error Probabilities Using Structured Expert Judgement. Technical Report NUREG / CR 3518, Brookhaven National Laboratory.Google Scholar
  7. [Fields et al., 1995]_Fields, R., Wright, P., and Harrison, M. (1995). A task centred approach to analysing human error tolerance requirements. In Zave, P., editor, Proceedings, RE’95 The Second IEEE International Symposium on Requirements Engineering, York, UK, 18–26. IEEE, New York.Google Scholar
  8. Foley, J. D. and Sukaviriya, P. N. (1995). History, Results and Bibliography of the User Interface Design Environment (UIDE), an Early Model-Based System for User Interface Design and Development. In Paterno’, F., editor, Interactive Systems: Design, Specification and Verification, 3–14. Springer Verlag.Google Scholar
  9. [Hannaman et al., 1984]Hannaman, G. W., Spurgin, A. J., and Lukic, Y. D. (1984). A model for assessing human cognitive reliability in PRA studies. Technical Report NUS 4531, Electrical Power Research Institute.Google Scholar
  10. Henley, E. J. and Kumamoto, H. (1981). Reliability Engineering and Risk Assessment. Prentice Hall.Google Scholar
  11. Hollnagel, E. (1993). The phenotype of erroneous actions. Int. Journal of Man-Machine Studies, 39(1):1–32.CrossRefGoogle Scholar
  12. Johnson, C. W. (to appear). Documenting the design of safety-critical user interfaces. Interacting with Computers.Google Scholar
  13. Kirwan, B. (1992). Human error identification in human reliability assessment. Part I: Overview of approaches. Applied Ergonomics, 23(5):299–318.CrossRefMathSciNetGoogle Scholar
  14. Ryan, M., Fiadeiro, J., and Maibaum, T. (1991). Sharing actions and attributes in modal action logic. In Ito, T. and Meyer, A., editors, Theoretical Aspects of Computer Software, volume 526 of Lecture notes in computer science, 569–593. Springer Verlag.Google Scholar
  15. Swain, A. D. and Guttman, H. E. (1983). Handbook of Human Reliability Analysis with Emphasis on Nuclear Power Plant Applications, Final Report. Technical Report NUREG/CR-1278 SAND80-0200 RX, AN, U. S. Nuclear Regulatory Commission.Google Scholar
  16. Villemeur, A. (1992a). Reliability, Availability, Maintainability and Safety Assessment, volume 1. John Wiley.Google Scholar
  17. Villemeur, A. (1992b). Reliability, Availability, Maintainability and Safety Assessment, volume 2. John Wiley.Google Scholar
  18. Woods, D. D., Johannesen, L. J., Cook, R. I., and Sarter, N. B. (1994). Behind Human Error: Cognitive Systems, Computers, and Hindsight. Technical report, CSERIAC, Ohio State University.Google Scholar

Copyright information

© Springer-Verlag/Wien 1996

Authors and Affiliations

  • A. M. Dearden
    • 1
  • M. D. Harrison
    • 1
  1. 1.Department of Computer ScienceUniversity of YorkYorkUK

Personalised recommendations