Slide 1

Human error and recovery

in the chemical process industry

- the positive contribution of human operators

during incidents
Tjerk van der Schaaf & Lisette Kanse
Eindhoven University of Technology
Human Performance Management Group
/faculteit technologie management

Slide 2

Overview
Why recovery?
Modelling recovery behaviour
failures, consequences and recovery
actions involved in recovery

Recovery, near misses and reporting systems

learning about recovery from near misses
reporting biases
analysing recovery root causes

/faculteit technologie management

Slide 3

Why recovery?
Not all failures can be foreseen
Even foreseen failures can not always be prevented
measures impossible
measures not cost-effective

/faculteit technologie management

Slide 4

Failures, consequences and recovery

return to
norm al

T echnical failure

yes

H um an operator
failure

n ear
m iss

adequate
defences?

dangerous
situation

yes
no
O rganisational
failure

developing
incident

Incident causation model

ad eq u ate
(h u m an )
reco very?

no

accident

failures
/faculteit technologie management

deviation

planned
recovery

unplanned
(ad-hoc)
recovery

Slide 5

Actions involved in recovery

BEGIN
problem
situation arises
as a result of
one or more
failures

detection
of problem
situation

explanation
of problem and
causes

Recovery process phase model

/faculteit technologie management

C
END
countermeasures
against
problem at
stake

of recovery
process

Slide 6

Taking a closer look

detection
explanation:
definition of problem
identification of causes

countermeasures:
stabilization
mitigation
temporary correction
permanent correction
/faculteit technologie management

Slide 7

Recovery process in incident causation model

Failure Process

Immediate Result
of Failure Process

detection

technical
failure(s)
(faults)

organisational
failure(s)

Failure Compensation
Process
planned, for
foreseen problems
unplanned, ad-hoc

dangerous /
unwanted /
problem
situation

human
failure(s)
(errors)

Failure Compensation
Process Outcomes

end result
compensation
successful?

yes

near
miss

no

explanation
/ localisation

correction

planned, for
foreseen problems
unplanned, ad-hoc

planned, for
foreseen problems

compensation not or
only partially effective
incident / accident with
remaining negative
consequences

any unwanted
adverse
effects?

unplanned, ad-hoc

no

End
/faculteit technologie management

yes

Slide 8

Examples of recovery scenarios

Simple:
e.g. case where field
operator forgets product
sample
(detection permanent
correction)

/faculteit technologie management

More complex:
e.g. case with defect in
signal transmitter for flow
indicator
(detection stabilization
definition of problem
investigation of causes
temporary correction
permanent correction)

Slide 9

Learning about recovery from near misses

near miss reports lack recovery information
near miss = failure + recovery
failure root cause database preventive
measures
recovery root cause database recovery
promotion

/faculteit technologie management

Slide 10

Recovery promotion
detection:
explanation:
countermeasures:

/faculteit technologie management

observability
traceability
reversibility

Slide 11

Reporting biases
Possible reasons?

/faculteit technologie management

Slide 12

Reporting biases

other
n o re m a in in g c o n s e q u e n c e s
re c o ve ry
n o t a p p lic a b le
n o le a rn in g
a fra id / a s h a m e d
0

Distribution of 32 reasons given by 21 operators for not reporting

25 diary incidents to the existing near miss reporting system
/faculteit technologie management

10

Slide 13

Overcoming reporting biases

management has to convince operators of the value
of successful recoveries of all types of errors
human operators as the strong link in the chain!
top-down and bottom-up approach to near miss
reporting system design

/faculteit technologie management

Slide 14

Analysing recovery root causes (1)

/faculteit technologie management

Slide 15

Analysing root causes (2)

planned
recovery

unplanned
recovery

human

p-H

up-H

technical

p-T

up-T

organisational

p-O

up-O

other

/faculteit technologie management

up-X

Slide 16

Further reading
Kanse, L., & Van der Schaaf, T.W. (2001). Recovery from failures in the chemical
process industry. International Journal of Cognitive Ergonomics, 5(3), 199-211.
Van der Schaaf, T.W., & Kanse, L. (in press). Biases in incident reporting
databases: An empirical study in the chemical process industry. Safety Science.
Van der Schaaf, T.W. (1992). Near miss reporting in the chemical process
industry. PhD thesis, Eindhoven University of Technology.
Kanse, L. (early 2004). How people recover from failures theoretical and
empirical studies in the chemical process industry. PhD thesis, Eindhoven
University of Technology.
Van der Schaaf, T.W., & Kanse, L. (2000). Errors and error recovery. In P.F.
Elzer, R.H. Kluwe & B. Boussoffara (Eds.), Human Error and System Design and
Management (pp. 27-38). London: Springer Verlag.
Kanse, L., & Van der Schaaf, T.W. (2001). Factors influencing recovery from
failures. In R. Onken (Ed.), Proceedings CSAPC '01, 8th Conference on Cognitive
Science Approaches to Process Control, September 24-26, 2001, Universitat der
Bundeswehr, Neubiberg, Germany.
/faculteit technologie management

Slide 17

Conclusions
Reporting and analysing recovery is valuable
Recovery promotion can be supported by proper
system design
Lessons for other high-risk domains

/faculteit technologie management