Robustness for protection envelopes with respect to human task variation
2011 IEEE International Conference on Systems, Man, and Cybernetics
Safety critical systems can suffer severe and even fatal consequences due to aberrant behavior of human operators. Human operators are unique in their decision making capability, judgment and nondeterminism. There is a need for analyzing the interactions among computer systems and human operators where the operators are allowed to deviate from their prescribed behaviors for executing a task. In this paper we wish to examine the ability of a system to remain safe under broad classes of
... lasses of variations of the prescribed human task. To facilitate this concept we consider the concept of a protection envelope giving a wider class of behaviors than strictly prescribed by the human task while providing guarantees of restrictions on human operator to the system. We develop methods for addressing two issues. The first issue is: given a human task specification and a protection envelope, will the protection envelope properties still hold under standard variations as described by Hollnagel  . The second issue is: in the absence of a protection envelope, can we approximate a protection envelope that will at least have the property of being robust against the aforementioned variations. We present methodology and tool for assisting in this regard.