Human Factors in the Design and Evaluation of Central Control Room Operations

Posted on by Ben Rothke

Human Factors in the Design and Evaluation of Central Control Room Operations is an invaluable reference that can be used for the design, assessment, evaluation an operations of NOCs and SOCs. 

In aviation today, technically advanced airplanes present a unique paradox.  Technically advanced airplanes, in theory, have more available safety, and the outcome should be that there are less accidents.   But without proper training for their pilots, they could be less safe than airplanes with less available safety.  The FAA found that without proper training for the pilots who fly them, technically advanced airplanes don’t advance safety at all.   The reason is that technically advanced airplanes present challenges that under-prepared pilots might not be equipped to handle. 

In the IT world, staff members are often expected to install, configure, maintain and support technically advanced software.  Companies often buy huge infrastructure software, such as CRM, ERP, PKI, identify management, intrusion detection and more, without first understanding how to make them work in their complex environment.    Management often is oblivious to the fact that just because they can buy and install the software; that it will work on its own.  The reason why so many large software deployments fail miserable is that the IT staff often doesn’t  have the proper training, support and assistance that they need. 

Human Factors in the Design and Evaluation of Central Control Room Operations is a fantastic book that shows what it takes to ensure support staff work and operate together, in a formal and efficient manner.   The book integrates the topics of human factors and ergonomics to create an incredibly valuable tome.   The book details the interactions between people and their working environment, and shows in depth how the work environment can and must be designed to reduce errors, improve performance, improve the quality of work, and increase the work satisfaction of the workers themselves. 

While the book was written primarily for control room settings, it is relevant for those in IT if they have any involvement remote support, security operation centers (SOC) and network operation centers (NOC). 

While the book is of value to anyone involved in operation, those who will find the most value are those charged with the management and operations or large groups or operations.  If they have management support to deploy the formal methods detailed in the book, they will find that they can create significantly higher levels of customer and end-user satisfaction. 

The authors note that all SOC and NOC’s have a common feature in that the people operating them are often remote from the processes that they are monitoring and controlling, and the operations function on a 24/7 basis.   The many demands of remote and continuous operation place special considerations on the design of the SOC and NOC.   The output of the book is that it can be used to effectively to design these operating centers. 

The books presents a comprehensive and all-inclusive on the topic of human factors on the following 14 topics: competencies, training, procedures, communications, workload, automation, supervision, shift patterns, control room layout, SCADA interfaces, alarms, control room environment, human error, and safety culture. Each chapter includes extensive diagrams and flowcharts to show how the processes develop. 

The book also provides a highly analytical approach to each topic.  It details the required processes and procedures necessary to make each subject area work.  The book is not only based on the four author’s expertise; they quote heavily from other experts and their research.  

Chapter 2 opens with the observation that the safe and efficient operation of operating centers and control rooms is dependant upon the competence of the operators working within them.  It details how to create competence assessments to ensure that staff is capable of carrying out their tasks safely and efficiently by assessing their skills and knowledge.  The authors stress that it is not acceptable for organizations to assume that their staff are competent based on only their exposure to training and experience.  They suggest that organizations create a program to determine those competence levels.

Chapter 3 goes into detail about how to create effective training programs to ensure worker competence.  The benefit of a trained worked is that they can yield higher productivity and provide better service.  Well-trained workers often have better morale and produce less errors.   The chapter details the importance of a training needs analysis to properly determine what needs to be in the curriculum. 

Chapter 4 is on procedures and is particularly important to those working in a SOC or NOC.  If consistent and repeatable procedures are created, staff can provide much a more effective and dependable levels of service.  Even with the benefits of well crafted procedures, its development process is a complex one involving the identification of all of the tasks that require procedures, a judgment on the level of assistance required, identification of the type or format of procedure required, writing and reviewing the procedures, and obtaining approval for them. 

The importance of procedures is underscored when the book notes research that 70% of accidents and incidents within the nuclear power companies occurred when workers failed to properly follow procedures.  In the petrochemical industry, 27% of incidents were caused by situations for which there were inadequate or no procedures available. 

The percentage of failed IT projects and large software rollout catastrophes is both staggering and appalling.  No other sector but IT would tolerate such failures.  A book like as Human Factors in the Design and Evaluation of Central Control Room Operations goes a long way to stop that.  The book is a rare one in that it both provides all of the factors involved in the problem at hand, and then provides all of the details needed to obviate those problems.

Ben Rothke

Senior Information Security Manager, Tapad

data security

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community