To err is human, and mistakes play a part in any human activity. However, in chemical processing applications, human error, whether of omission or commission, can have disastrous consequences. Part 1 of this article examines types of errors and how they typically occur in instrumentation and equipment design, engineering and maintenance.
There are many ways to classify human error. In active errors, the mistake and its consequences are apparent immediately. In contrast, latent errors require time, conditions or another action before becoming evident.
Errors also can be random or involve human factors stemming from procedures, management practices, equipment design or some other trigger. Most accidents are attributable to human factors.
Battelle Memorial Institute, for example, studied 136 refinery incidents and determined that human error was involved in 47 percent of those accidents. Of that 47 percent, 19 percent were random, but 81 percent involved human factors [1].
Generally, there are reasons why people make errors. Understanding these reasons, categorized below, might help prevent them:
People-oriented errors
Slips, lapses or errors in execution: Slips are actions that occur despite your best intentions. They can be caused internally by short-term inattention or externally by distractions. Examples would include reversing numbers or letters, or misspelling words you know how to spell. Slips tend to recur on routine tasks.
Capture error: These errors occur when you go on "auto-pilot","substituting a frequently performed activity for a desired one. For example, you miss a highway exit on your way somewhere after work, taking the route home instead.
Identification error: These occur when something is identified incorrectly. In Battelle's refinery study, 75 percent of all human errors concerning equipment involved mislabelling. The current downsizing trend has increased the potential for this type of error, due to increased reliance on equipment, piping and instrument/electrical tagging and identification.
Impossible tasks: Some assigned tasks are unreasonably complex, impractical or even impossible to do. As a result, workers might take short cuts or develop alternative methods that can lead to error. In general, the more complex an action, the more likely an error will be made while carrying it out. Consider a control system designed so that an abnormal condition triggers hundreds or even thousands of alarms, overwhelming operators. Drawings and distributed control system (DCS) screens that are too busy increase the potential for information overload and error.
Input or misperception errors: With errors of this type, the information needed to make a decision or perform a task might be misunderstood, perhaps because it has been presented in an overly complex or misleading way. Overly complex instrumentation systems are a source of this type of error. In other cases, data might be missing, forcing users to make the wrong assumptions.
Lack of knowledge: This type of error occurs when someone fails to get appropriate information from other people or departments. In operations, it could be a lack of situational awareness during abnormal conditions. Lack of knowledge leads to assumptions that, as the old saying goes, are "the mother of all screw ups."
Mindset: Mindset generally is a function of expectations and habits. All too often, people see what they expect to see, despite evidence to the contrary, particularly under high stress or time constraints.
Equipment should be designed intuitively, with user habit in mind. Examples of error-prone designs include a valve sequence that is not in a normal order (e.g., open valve 1, close valve 3, open valve 2, open valve 6, close valve 4...), or, in countries in which the written word moves from left to right, a sequence that does not progress in that direction (e.g., pumps labeled C, B, A from left to right rather than A,B,C). Other problematic cases involve color coding in one section of the plant that does not match the scheme used in the rest of the plant.
Mindset can result from folklore, habit, faulty experience or rationalization of experience. It also can occur by applying habitual actions in the wrong situations. A number of accidents have occurred because operators didn't believe their instruments because "it just couldn't be true."
Over-motivation or under-motivation: Over-motivation can come from being too zealous, (e.g., completing a job too quickly just to please a supervisor). Working too fast can lead to shortcuts and risk-taking. High-pressure production environments with incentives, for example, can lead to these problems. Ironically, under-motivation stemming from boredom or lack of morale also can lead to shortcuts and risk-taking. However, it is more likely to cause latent errors, discovered later by someone else.
Reasoning error: These errors occur when a person has the correct information to make a decision or take an action, but comes to the wrong conclusion. Lack of training and/or experience facilitates this type of error.
Task assignment mismatches: These occur when staffers simply are mismatched to the task at hand.
Situation-oriented errors
Environmental: Some errors can be facilitated by environment. Examples include poor location, insufficient work space, temperatures that are too high or too low, insufficient light, too much noise and too many distractions.
Stress-related: Decision-making under stress can lead to errors. Some sources indicate if a person is under high stress, the chances of error are as much as 50 percent. The stress might come from the decision or act, from the work environment, from other people or from outside work. High-pressure production environments, for example, can lead to operator uncertainty and stress when one of the decisions includes shutting down production.
Timing-related: Some errors are caused by too little or too much time. The less time a person has to make a decision or take an action, the more likely he or she is to make a mistake. Ironically, the opposite can also be true, although too little time tends to create errors of commission, and too much time yields errors of omission. Some sources indicate that if a person has too little time, the likelihood of their making error is as much as 50 percent.
System-oriented errors
Chain errors: Many errors are really a chain of events stemming from one root error. Often these result from blind acceptance of information from other sources such as a computer.
Procedural errors: Sometimes procedures aren't appropriate for the given task. Procedures that go against current norms also might lead to confusion and errors. Procedures that are too complex, too simple or misleading also can lead to errors. Failure to follow all the steps of a procedure or adding steps would be a form of this error.
Violations: Violations are intentional errors, defined as non-compliance with accepted norms. These occur when people feel that a procedure or action is troublesome or unnecessary, or that a task is unpleasant. In the worst cases, such violations can be made with malicious intent.
Human error in system design
Human errors are reflected in the instrument design process by mistakes, specification errors, failure to communicate, lack of competency and functional errors. Often, simple steps like developing a checklist, systematic review processes and comprehensive training can help prevent these errors. However, the current downsizing trend has sometimes limited the opportunity to catch errors before they occur.
Mistakes: Probably the most common human errors in instrument designs are mistakes. Slips are the most typical type of mistake, but mistakes also can be due to incompetence or problems with the design systems, leading to data, drawing, informational and change errors.
With complex, detailed instrument system design, "the devil is in the details." Design-document-review processes and self-checking methods can help. People tend to make the same errors when dealing with details or small matters, particularly if there are no major consequences (e.g., misspelling the same word, or entering data incorrectly).
Becoming aware of your own pet errors can improve your ability to check your own work. Some of these errors result from short-term memory problems. Larger errors or errors with significant consequences should to be treated as learning experiences and analyzed to prevent them from recurring. Data errors result from improperly entering data or errors due to the propagation of data on design documents. Instrument designs contain a tremendous amount of data, much of it duplicated. The more frequently one enters the same data, the greater the opportunity for error.
Methods commonly used to reduce this error include time-delayed checking and multiple reviews. Designing the engineering process to minimize duplicate data entry also can reduce data errors. Data must flow from document to document in a design. If data paths are tortuous or complex, data might not get to where they should correctly. Data should be designed to flow in a way that minimizes error.
Drawing errors stem from errors on existing drawings that are used in a design. Examples include cases in which errors from previous designs are not caught, or changes by field forces are not relayed to engineering. Field verification is the primary method of minimizing these errors. Drawing errors also can come from using computerized cut-and-paste functions where the pasted function is not updated with the new drawing's data. Computer-aided design (CAD) has brought not only increased speed, but greater potential for errors as well.
Operating companies and engineering and construction firms might have a typical review process involving designers, a drafting checker, instrument engineer, instrument engineering supervisor, instrument maintenance and operations. Unfortunately, downsizing and competitive pressures have shortened review processes at many companies.
Specification errors often result when a project's initial scope was poorly defined. A well-known study of computerized systems by the United Kingdom's Health and Safety Executive [6] concluded that 44 percent of accidents were caused by a failure in specification.
In other cases, specification errors result from failing to communicate a specification from the conceptual stage to the detailed design stage. Communication lines can be strained, due to poor relationships between engineering, operations, and/or maintenance, cultural or even age differences.
Time also plays a part in the specification breakdown. Due to workload, priorities and reduced manpower in many plants, people might not allocate sufficient time to the initial scoping of the project, assuming details will be "filled in" later.
To prevent costly scoping problems and specification errors, some companies now require significant front-end engineering and design work for their projects. This front-end loading can add significant value, even to small projects.
Communication breakdown: Errors will result when the right information fails to reach the right people at the right time. Analyzing data flows to locate bottlenecks and error sources can minimize related errors.
Poorly managed changes in design also open the door to errors. Change management, although commonly applied by the process industries, seldom is used at the design level. Often, changes are not well thought-out because the appropriate people are not consulted.
Functional errors: Sometimes, errors in design lead to errors in function or operation. In these cases, equipment does not perform to its full potential or does not included the full range of operations or meet all specifications.
Poor designs increase the likelihood that users or maintenance staff will make mistakes. No matter how good a design concept is, people still will make mistakes when operating and maintaining equipment based on that design. Designers often design for what they believe is normal operation with no expectation that the system will be operated in any other way. They also fail to anticipate errors with operation or maintenance. Consulting with operators and maintenance staff, and using checklists with desired criteria, can lead to systems that are user-friendly and reduce error. End-user input also will help prevent typical equipment design errors such as improper grounding, shielding or sizing; insufficient isolation; failure to consider ambient operating temperatures; use of the wrong materials of construction; failing to tailor equipment designs for hazardous area duty; lack of spare parts; and incorrect wiring or tagging. Checklists can minimize these design errors.
Errors in construction, operation and maintenance
Construction-phase errors typically are caught during commissioning or startup. However, other types of errors might not show up until much later. Examples include incorrectly identified or tagged equipment, equipment improperly installed in a hazardous area, improperly calibrated or ranged equipment, loose terminals or improper grounding or shielding. Upfront engineering that anticipates difficulties can minimize installation errors.
The common protections against errors are a competent installation crew and supervision, inspections, checklists, punchlists and planned commissioning tests.
Outside of simple slips, operating mistakes can be facilitated by poor system design or flawed training, procedures and practices. Often, training, procedures and practices are developed with normal conditions in mind, so trainees can fail under abnormal situations.
Complex procedures such as complicated or confusing tagging of equipment also are prone to errors. Stress resulting from pressures to keep the plant operating can also lead to errors. In one case, such stress prevented operators from shutting down the system, which led to an accident.
Common human operating errors include misunderstanding instructions, writing down or entering the wrong value, missing a step in a procedure or task, misidentifying equipment, incorrectly estimating a quantity, failing to communicate situations or conditions to others,"particularly across work shifts,"failing to lock out and tag out equipment and lack of situational awareness. Training will prevent many of these errors, but training must assume both normal and abnormal conditions.
Finally, mistakes happen in maintenance, too. The wrong loop or equipment is worked on, a transmitter is calibrated to the wrong value or a repair is botched. Some of these problems are due to slips, but others can be traced to inexperienced, under-motivated, ignorant, poorly supervised or incompetent staff. Downsizing has reduced the experience level in maintenance departments, while technology has advanced rapidly, making it more difficult for fewer, less-experienced people to keep up.
Up-to-date drawings are a must to avoid errors when troubleshooting or repairing. Manually marked-up drawings also can lead to errors. All drawings should go back to drafting and then be field-verified. Out-of-date or missing vendor documentation also can be a source.
Equipment should also be designed for easy maintenance to minimize errors. If something is difficult to work on, errors will likely result during maintenance. Fostering a good working relationship between engineering and maintenance departments is essential, since maintenance should offer suggestions on equipment designs. Use of maintenance-driven checklists will help optimize equipment designs.
Standardized maintenance procedures also can cut down on errors. After all, the less variance there is in any system, the less potential for error.
Bill Mostia, PE, of safety consultants Exida (www.exida.com) has more than 25 years experience applying safety, instrumentation and control systems in process facilities. He can be reached at [email protected].