Sustainability and reliability ensurance models for automated technological systems in chemical industry: systemic ergonomic approach

The paper considers accidents and potential hazards of the world chemical enterprises, and provides statistics of accidents and human casualties. The authors investigate harmful factors affecting the production process and a human-operator, showing the central role of a human in the technological process (both as a source of errors and as an active element that eliminates errors, failures and cyber attacks’ consequences). We essentially consider automated technological complex as a Human-Machine-Environment system, thus a human-system approach should be applied. The authors developed a complex of systemic components and morphological models, which describe the human-machine system in the sections required for analysis, to ensure sustainable and reliable design with initial data. The authors also propose a method and information technology for interfaces’ ergonomic assessment; the principles for adaptive interfaces design; and mathematical models and information technology to assess safety and timeliness indicators of the chemical production operators’ activities. The models are based on the principles of the functional-structural theory by Anatoly Gubinsky, Vladimir Evgrafov, Akiva Asherov, Pavel Chabaneko and others, and on the mathematical apparatus of functional networks. Further, the authors develop an optimization model for decision supporting organizing the human-machine control technology, using the criterion of minimizing losses from unreliability and unsustainability. Both the models and the information technology have undergone extensive testing, including solving the tasks of: choosing the automation level for the control process; distributing functions between operators; control algorithms design; user interface design, design of agent-managers to support the operators’ activities. The results can be used as the basis for a decision support system to ensure sustainability and reliability of automated technological systems in chemical industry.


Introduction
Recent years are associated with increasing risks and threats not only to the sustainable development, but to the existence of mankind [1][2][3][4][5].
In these conditions, the need for a radical improvement in the methods of safety management in complex industries increases [13][14][15][16][17].

Problem analysis and research goals setting
Chemical industry is one of the leading world's industries in terms of the number of accidents and the amount of damage [18][19][20]. Figure 1 shows the numbers of incidents and deaths in the chemical industry in OECD and non-OECD countries. Figures 2 and 3 show a fragment of accident rate statistics in the chemical industry of China.
Let us see an example that characterizes the scale of the problem, considering one of the most developed economies in the world -the United States. According to the American Federation of Labor, there are 2,178 OSH [21] inspectors to inspect 8 million American workplaces, i.e. each supervised object can be checked only once every 130 years. Therefore, American experts believe that the principle of the company's presumption of safety must be abandoned, and the socially responsible business must be obliged to demonstrate and prove the sufficiency of the measures taken to ensure industrial safety as a prerequisite for carrying out production activities [21].
Analysis [22] of the accidents main causes makes it possible to identify the following interrelated groups of factors: -Erroneous actions of the personnel (58%); -Equipment malfunctions and failures (21%); -Depressurization of storage facilities and other related issues (17%); -External influences of natural and man-made causes (4%).  [18][19].  According to other data, for example [23][24][25], about 80 percent of accidents are caused by human-operator errors.
The percentage values characterizing the causes of accidents may differ. However, it is obvious that the factors are interrelated and a significant reduction in the accident rate is possible only if we consider the chemical production system as an integrated Human-Machine-Environment system, in which a human can be [25]: -a potential source of problems, -an active element capable of eliminating and preventing problem situations.
It should be borne in mind that each person has individual psychophysiological characteristics, experience, and motivation. Besides that a humanoperator works: -with specific equipment, -with specific user-interface, -in specific environmental conditions (chemical, physical, psychological), -in the context of possible sabotage, and cyberattacks.
Taking into account and optimizing the mutual influence of these elements will make it possible to develop measures aimed at minimizing risks.
As the analysis of the papers shows, the authors investigate only individual local issues related to human work in complex man-machine systems. At the same time, as a rule, researchers collect statistics on accidents and the influence of certain factors on human health; analyze the severity of injuries that occur in the process of equipment control; study the reach zones for operators; analyze methods of improving the psychological climate in the teams of operators; describe technologies for professional selection and training of operators, develop methods for monitoring the functional state of operators and solve other important problems. In addition, unfortunately, researchers do not study issues related to the activity concept of investigating sustainability and reliability [23], when a human operator is studied in a comprehensive manner, taking into account the algorithms of activity and the functional structure of the chemical production management system as an element of the "humantechnology-hazardous environment" system. Thus, it is obvious that today there is increasing attention to the issues of reliability of the human operator, technical means, computer equipment, software for control processes, as well as technological processes of chemical production. However, a computer-oriented system for complex modeling of human-machine interaction, focused on supporting decision-making to ensure the sustainability and reliability of critical-type systems (including automated systems in chemical industry), and taking into account the entire complex of influencing factors, have not yet been developed.
In this regard, in the present work we set the task of developing models that can be used as the basis for decision support systems for managing the sustainability and reliability of automated systems in the chemical industry, taking into account the reliability of personnel, automation tools, and software.

Human-system approach to reliable design of control systems
In practice, the following approaches to the sustainable and reliable design of human-machine systems are used [22,43]: -system-engineering approach -the system is considered as consisting only of technical elements, the person is taken into account as a factor of the external environment; -equal-element approach -the system is considered as consisting of equal elements "human" and "technology"; -human-system approach -the main element of the system is a human, and technology is a subordinate means of labor; -narrowly anthropocentric approach -the system is considered as consisting only of the "human" element without taking into account the elements of "technology"; -narrow technical approach -the system is considered as consisting of technical elements, the "human" son is not taken into account.
Taking into account the central role of a human in the management of chemical production and the many diverse influencing factors (see Fig. 4), it is advisable to apply a human-system approach, the basic principles of which are formulated as follows: -human-operator is the central element of the system that determines the reliability of production processes, which is determined by a set of interrelated factors (Fig. 4), -potential risks are minimized based on the assessment and optimization of operators' activities, taking into account the effects of the environment, the reliability of automation equipment, software and information support, as well as the psychological characteristics of group activities (activity approach), -sustainability and reliability of the technological process is ensured by a decision support system, including a system for ensuring ergonomic quality.

Models for system analysis of an automated technological system in chemical industry (as a human-machine system)
Modeling risks in a human-machine system (MMS) is possible only if there is complete information support about functional and structural elements, about the connections between them, about the required characteristics, etc.
No modeling in a decision support system will be successful if the data are not available.
To form the structures of knowledge bases and data about the system, we use the approach of the scientific school of Professor Anatoly Ilyich Gubinsky [22,43], who proposed to describe MMS in all required sections (human, technology, environment, connections between them, goals, technologies, damage from violations, etc. etc.), while highlighting two types of models -component (KB), describing all the necessary entities, and morphological (MP), describing all possible relationships between entities, incl. processes of implementation of functions, working conditions, how elements interact with each other, what are the reliability characteristics of structural and functional elements.
One of the possible models we use to solve the problems of reliable and ergonomic support of chemicaltechnological systems is as follows [43] (for notation, see We gave a complete description and structure of the models in [44]. Thus, the system of MMS models allows a formalized (in the form of functional networks [22,43,45]) to describe the hierarchical system of functions (model Ft) with options for their implementation and provides the process of calculating and optimizing reliability with all the necessary initial data for structural and functional elements with taking into account all significant influencing factors.
For different tasks, some modification of the models composition and structure is possible, however, the component-morphological approach to modeling and the predicate description [23,44] of the system can certainly be recommended for widespread use in decision support systems for managing the sustainability and reliability of technological processes in the chemical industry and other advanced industries.

Decision support for ensuring the ergonomic quality of chemical production management system interfaces
Our survey of a number of chemical enterprises revealed in a number of cases the developers' ignorance of the ergonomic principles of user interface design (Fig. 6).
Therefore, we offer the following models and computer technologies: Int 1 -Interface assessment and certification, Int 2 -Adaptive interfaces design. x Formation of a group of qualified experts; x Formation of a set of local criteria for interface assessment; x Formation of a convenient system for assessing the quality of local criteria (visual interface with a customizable dialogue system -both numerical input and qualitative assessment; x Automatic assessment of the ergonomic quality of the interface using a database of models (fuzzy inference, hierarchy analysis method, etc.); x Only certified interfaces are accepted for operation.
We have developed a hierarchical classification of local indicators (more than 100 indicators, one can ajust the classification for each specific case).
See below an example of local quality indicators of the interface for process control systems in chemical industry: x Visual design (graphics, aesthetics); x Graph-design, font design; x Animation for attention control; x Convenience of navigation and options menu; x Interactivity (including script customization); x Simplicity and intuitive clarity (ease of use); x Standardization (design consistency), uniformity of fonts, colors; x Feedback (the possibility of dialogue with the support service and the operator-manager); x Completeness (variety of information and services); x The breadth of the information field, variety of ways to access information; x Reliability (resistance to errors, crashes, and freezes); x Sustainability. Int 2 technology principle: x Preliminary testing of the psychophysiological characteristics of operators with the determination of the optimal modalities for information presentation; x Clustering operators with taking into account: o psychophysiological characteristics; o work experience, attitudes (for faultlessness or speed); o the need to control actions by the operator-manager; x Creation of alternative scenarios for dialogue interaction and alternative options for interfaces; x Prompt (on-line) determination of the optimal dialogue scenarios that maximize the probability of error-free performance of the activity, taking into account the time constraints and limitations on the degree of the operator's cognitive comfort. The degree of cognitive comfort characterizes the degree to which the presentation of information meets the expectations and preferences of the operator. We define it in the range from 0 to 1, for estimation we use a special system of knowledge bases about users and interfaces (see Figure 6) and a system of fuzzy inference. A fragment of this dependence one can see in Fig. 8.

Reliability assessment of human activity
To describe the human-computer dialogue in the management system for hazardous chemical production, we use the alphabet of typical functional units (TFU): x functionaries who correspond to the performed actions -operations: o workers o control the correct functioning, o equipment diagnostics, o database and software diagnostics, o diagnostics of the human-operator's functional state, o organizational control, etc.
x composers who establish logical and temporary connections between functionaries (organize parallel processes, cyclic processes, etc.) Using TFU and combining them together into a single functional network (FN) using the methodology of Professor Anatoly Ilyich Gubinsky [22,43,45,46] allows one to model almost any discrete processes in the management of chemical production: x pre-production, x implementation of the main functions of the production process control, x diagnostics and equipment repair, x detection of cyber-attacks and security incidents management. For typical functional structures (TFS), i.e. the most common combinations of operations (57 of them were identified, and the library is constantly expanding) we obtained a set of calculated dependencies to assess the probability of error-free performance and the characteristics of the task execution time as of a random variable. Examples of the dependencies one can see in Table 1.
FN allows one to describe both the system's functioning in normal modes, and the processes of the human errors' occurrence and elimination, malfunctions and failures of technical and software-informational facilities.  For the variant modeling of activity, a special computer technology has been earlier developed [47][48][49][50]. The reliability assessment is carried out by identifying the TFS and "reducing" the activity algorithm (FN). In this case, we use the same models as shown in Table 1. All calculations (parsing of activities, reduction and evaluation) are carried out fully automatically.
Example. We considered the production process of fertilizer of the complex mineral fertilizer "Superagro". A joint neutralization of sulfuric and phosphoric acids with gaseous ammonia is carried out, the resulting pulp is enriched with urea, which contains a coloring pigment and is sent for granulation and drying of the resulting pulp with feeding the external recycle of NPK-fertilizer and potassium chloride to the spray zone. The dried product is classified with the release of the marketable fraction of granules. Let's consider a fragment of the operator's activity "Setting parameters and starting a technological process."Possible options for the structure of activities one can see in Fig. 9.

Local quality indicators
x Visual design (graphics, aesthetics…) x Graphic design, typography, animation attention control…. x Navigation.
x Simplicity and naturalness (ease of management) x Standardization x Feedback (possibility of dialogue with the support service) x Completeness (variety of information and services) ………….   Where:

Computer technology for expert evaluation of interfaces
x B 1 -Probability of error-free performance(work operation), x K 11 -Probability that correctly executed work operation during control will be recognized as completed correctly, x K 00 -Probability that an incorrectly executed work operation during control will be recognized as completed incorrectly, x M(T) -math. expectation of the random runtime, x D(T) -dispersion of the random runtime variable, x Subscript shows the action number. Operations description: x Implementation of a request for the history of the previous shift operator (work step P1), x Print data from the previous shift operator' work.
(work step P2),  Initial data for calculations (from the statistical databases of the company) are given in Table 2 and Table  3.  One can see the calculation results (carried out automatically by a computer program) in Table 4.  Thus, it is obvious that mathematical models and computer technology provide a variant modeling of an automated technological complex functioning processes.
Since the qualifications of an operator, the functional state, the technical characteristics of the equipment, the quality of the interface, and the degree of cognitive comfort, determine the quality of the performance of individual operations, the influence of all these features is taken into account at the stage of forming the initial data (see component and morphological models in Fig. 6).

Optimization models of human-machine interaction processes to minimize damage risks
Obviously, in the case of a large number of options, it is rather difficult to solve the problem of choosing the organization of activities by evaluating all options for activities. In this regard, we have developed a bank of all kinds of models for optimizing activities, which are well tested for various human-machine systems. Here we will focus on a model that takes into account the multiple disruptions of the technological process typical for chemical production. To formulate the problem, we will use the technique of transition from a work graph (for example, as in Fig. 10) to an event graph. In this case, the events will be the results of the execution of individual operations -without violations or with violations of certain types. functioning on the graph of events, we associate an absorbing vertex. We number the absorbing states with first r natural numbers (r -is the number of absorbing vertices). We consider vertices s, m, …, n being dependent if the operator needs to make the same decisions. For nonabsorbing vertices, we set the vector of initial probabilities: a = (a r+1 , a r+2 , …,a n ): It is necessary to choose such a solution at each vertex that will ensure minimum losses from unreliability. Let L be a set of all possible combinations of types of violations, and B 0 l (X) -the probability of performing an activity with errors determined by the combination lL; α l -the amount of damage from the implementation of the function with violations lL. The value of damage from errors of different types will have the form: where: i -is a variable that characterizes the choice of solution: i >0, if in the i-vertex to execute the operation the ksolution was chosen, and x (k) i =0, in the other case. To take into account dependent vertices, we use boolean variables ) ( k i G (for the k-solution in the i-vertex). Then, the problem can be formalized as follows : for all i and all kK i. Let m be a tiny, and M -a very large number, then for each i only one ‫ݔ‬ () will not be zero, and, in this way, we find the optimal solution at each vertex.
The convenience of the proposed model is that the problem is reduced to a linear programming problem and can be easily solved in any software environment.
Different variations of target functions and limitations are possible, which can be used in various problem situations.
In the database of the decision support system, we recorded 56 various ready-made templates of optimization (single-criterion and multi-criteria problems), used by the decision-maker, depending on the task at hand.
In addition, the optimization problem is embedded in the agent-manager, which prompts the operator in the process of work based on the analysis of the technological process, and on the available reserve of time and resources.

Approbation
Models and information technology are used in the design and operation of automated control systems for chemical production and other critical systems (gas pumping stations, machine building) in Ukraine and Russia.
Models are used to solve problems: x Selecting the level of process automation, x Distribution of functions between operators, x Control algorithms design, x User interface design, x Designing agent-managers to support operator activities. The implementation of the results made it possible to significantly reduce the risk of accidents and improve the quality of products, as well as (according to surveys) -to increase the degree of cognitive comfort of operators and the attractiveness of their work.
Practical research has shown that the reliability of assessing the probabilistic indicators of error-free and timely implementation of algorithms of activity is determined only by the quality of the initial statistical data and the error does not exceed 0.019%.
In addition, the results are introduced into the educational process of the Ukrainian Engineering and Pedagogical Academy and Sumy State University and are used in the preparation of bachelors (discipline "Decision Theory", "Theory of Risks" and in the preparation of masters (discipline "Ergonomics of Automated Systems"), as well as in the diploma designing.

Conclusions
Accidents and damages in automated production systems of a critical type (which include, among other things, chemical plants) actualize the task of finding reserves for increasing the reliability and sustainability of technological processes.
The human-operator in automated systems is both a source of errors and an active corrective element.
The sustainability and reliability of the entire system significantly depends on the organization of activities and working conditions of the operator.
At enterprises of the chemical profile, decision support systems should be introduced, related to ensuring the sustainability and reliability of technological processes and the ergonomic support of operators' activities.
The decision support system should include system models of an automated technological complex (as elements), in the form of component and morphological models that describe the complex in the required sections and are a source of initial data for modeling.
For the interface design and certification (acceptance into operation), expert groups should be created to carry out a comprehensive assessment and certification.
Automated control systems should provide mechanisms for adaptation to the characteristics of operators, built on the basis of formalized models of operators.
To evaluate and optimize the activities of operators of automated complexes, it is convenient to use the formalisms of functional networks.
The models and information technology proposed in the work make it possible to choose design solutions aimed at minimizing losses from unsustainability and unreliability.
The scientific novelty lies in the fact that, in contrast to the well-known models of sustainable and reliable design, the proposed set of models takes into account the joint functioning of technical and ergatic elements and ensures decision-making using objective quantitative indicators. The practical significance lies in the fact that models and information technology have been developed to allow solving a set of problems of assessing and optimizing reliability, and are convenient for use both at the design and operation stage of automated technological systems, and are minimizing the risks of losses from unreliability The reliability of the results we ensure by: x Using the proven mathematical apparatus of functional networks x Analytical derivation of dependencies (for tasks of calculating reliability) x Using approved models for solving linear programming problems. The reliability of the results is confirmed by the high convergence of the assessment results with experimental studies (the error is determined by the quality of the initial data and does not exceed 0.019% for the probabilistic indicators.
The proposed method is associated with additional costs for ensuring sustainability and reliability; however, it makes it possible to reasonably economically substantiate the system of measures, taking into account the reduction of losses from unsustainability and unreliability.
Models for assessing and optimizing reliability and sustainability, as well as approbation, were carried out for technological systems of chemical production, however, the approach and information technology are universal and can be used for a wide class of technological processes.
Research prospects we relate to: x Comprehensive analysis of losses from cyberattacks and modeling the activities of attackers, as well as models for identifying security threats based on machine learning methods, x Contactless methods of monitoring the functional state of employees to prevent negative consequences, x Integration of analytical models with simulation and Data Mining models.