Alarm handling (or alarm management) is an issue for any site or process where there is claimed reliance on human response to an alarm to control major accident hazards.
This can range from sites with a small number of alarms (e.g. small storage sites) up to sites with a central control room and a fully distributed control system (DCS).
The principle is the same though – assuring the human response to alarms through e.g. good interface and system design, monitoring and review; competency arrangements; procedures. The Engineering Equipment and Materials Users Association (EEMUA) has produced guidance on the design and optimisation of alarm systems for industrial processes such as chemical plant.
The aim of this guidance is to help engineers develop alarm systems that are more useable and which result in safer and more cost effective operation.
Alarm management is primarily a design issue, for example, it is one key issue for control room design. Wider control room design issues (from ISO11064 ‘Ergonomic design of control centres’) are based on seven principles for human-centred design & consist of: ergonomic design framework; control suite arrangements; control room layout; workstations layout; displays, controls & interactions (includes alarms); and environmental ergonomics.
Trying to put matters right later is much more difficult and so the EEMUA review process is time and resource-intensive; therefore companies need to manage such reviews as a major project. Alarm systems need continuous management and improvement
The overall control philosophy is crucial – can the balance of manual versus automatic control be justified (What is automated and why? Beware – what is hardest to automate is often what gets left for operators to do!)
Do companies recognise that even fully-automated trip/ESD systems can fail or partfail? Check how they assure operator decision making in or after a major upset and on restart and if competence assurance arrangements cover all foreseeable operating conditions (NB role of simulators/simulation for upset or abnormal conditions).
• Usability – does the system meet user needs & operate within their capabilities;
• Safety – identify the safety contribution of the system; human performance / reliability claims should be soundly based;
• Performance monitoring – initial design, commissioning then audit – commitment to review / continuous improvement;
• Engineering investment – structured design method – justify & engineer all alarms – there should be a justification for each alarm documented (in effect this is what a later alarm review does but at a later and more difficult stage).
Very often, older systems will be likely to have been designed better for normal state operation than for upset/emergency.
Management of change (including organisational change impacting directly or indirectly on the control room operation/operators): is there a good link between modification/change processes and modifications to, or introduction of, new alarms?
Balance of control/allocation of function: is this right for the hazards/risks and system as whole? For example if there are too many safety critical alarms (i.e. +20) then the balance is likely to be too far towards reliance on the operators.
Is there a clear link from the site alarm philosophy to MAH risk assessments? Is any review or prioritisation programme based on the priorities – and the claimed reliability of operator/ESD arrangements – in the assessment?
The Human Factors Team have developed and published an information sheet on alarm handling.
In addition to the general documents that should be requested prior to the visit (see chapter ‘Aim of the Guidance’) it is recommended that the following documents, which are specific to this topic, should also be requested:
• Details of alarm handling philosophy;
• Documents relating to any alarm review – e.g. list of alarms, their purpose and the required operator response.
Ref : HSE