Identifying mode confusion potential in software design

While automation has eliminated many types of operator error, it has also created new types of technology-induced human errors. Many of these new errors are the result of what has been labeled technology-centered automation, where designers focus most of their attention on the mapping from software inputs to outputs, on mathematical models of required functionality, and on the technical details and problems internal to the computer: Little attention is given to evaluating software in terms of whether it provides transparent and consistent behavior that supports operators in their monitoring and control tasks. The goal of our research is to create and evaluate a methodology for integrated design of complex systems, including design of the automation and the human tasks, that minimizes human error through appropriate system and operator task design. The methodology is based on formal modeling, simulation, and analysis techniques for the software behavior, the user model of the system, and the operator tasks. This paper describes the human factors aspects of our approach using as an example the vertical flight control logic for a realistic aircraft flight management system FMS. Although the MD-11 FMS was used to derive the example for our case study, we made up much of the information due to our lack of knowledge about the design and the rationale of the real MD-11 design, and nothing in this paper should be taken as applying to that aircraft´s actual automation