The present invention relates to the mapping and display of visual alarm indications in complex industrial applications and, more particularly, to the mapping and display of visual alarm indications as part of the control and monitoring of nuclear power plants. Nuclear power plants are designed with multiple levels of instrumented redundancy in order to assure safe and reliable operation and to minimize the probability of a mishap. As part of the design philosophy, numerous parameters are continuously monitored, subjected to evaluation and analysis, and then displayed to the plant operators. Additionally, the measured parameters are subjected to limit testing to determine if a particular parameter is within normal bounds. In those cases where a parameter deviates from an accepted norm, an annunciator or alarm of some type is actuated.
In the earliest nuclear power plant control rooms, numerous instruments were displayed on the walls of the control room and on various consoles and display panels. The presence of an abnormal parameter would trigger one of several types of alarms, including audible alarms, visual alarms, and the like. In these earliest control room designs, the mounting of the instrument displays and their alarm annunciators on the typically large surface areas of the control room wall resulted in alarms that could be conceptually considered as residing in a two-dimensional plane. Alarms related to critical operational parameters could co-exit on the same `plane` with alarms of a non-critical Secondary or tertiary nature. Thus, an alarm related to an excessive and potentially non-safe pressure or temperature in the reactor core could co-exist on the same conceptual plane as an alarm indicating an out-of-limits condition on a tertiary system unrelated to operational safety. While the operators in the control room could easily identify and respond to alarms on a one-at-a-time basis, multiple alarms conditions for both primary safety-critical parameters and secondary or tertiary non-safety critical parameters could overload the ability of an operator or operators to prioritize the order in which alarms must be responded to in order to restore or maintain plant safety. While the safety significance of a visual alarm can be distinguished by providing visual indications of different colors, brightnesses, or `flash` rates, these additional distinguishing characteristics could also overload the perceptual ability of even the most well-trained operators.
In later control room designs, an effort was made to group safety-related displays and alarms together as a way of affecting the `topology` of the displayed parameters and alarms to affect the neural representation of the display in the minds of the operators. While this `grouping` concept provided subliminal assistance to the plant operators, the two-dimensional display concept still presented all the instrumentation and alarms on a common physical plane which could contribute to the difficulty an operator could have in distinguishing alarms of different safety significance.
The problem of the display of data and the related alarms can be traced to the philosophy of assuring that every alarm condition, regardless of criticality, is immediately available to the control room operator. While this philosophy is admirably rooted in a desire to reveal all alarm conditions immediately to the control room operators, it also can contribute to operator overload during multi-alarm conditions.
With the advent of computerized monitoring and control of nuclear power plants, the various parameters and alarms and the safety critical relationship between parameters and alarms can be algorithmically evaluated and presented on video display units within the control room while making all alarms immediately available to the operator regardless of criticality. Thus, a number of operator consoles with CRT displays can present various process parameters and also display alarm conditions. Concurrently, a large-area display (such as a rear-screen projector) in the control room would display all or a sub-portion of the screens of the various CRT'S. Since the amount of information that can be presented on the screen of a CRT is limited, it was not uncommon for information to be provided in a "paged" or "windowed" format. In this last schema, the alarms could be categorized by the supervising computer and displayed on the CRT's and large-area display; the operator could then page through a number of CRT menu screens to locate the source problem.
It is possible to conceptualize all the alarm conditions in a nuclear power plant as being required information in a hierarchy of display pages. Each alarm object has differing safety significance weights or factors depending upon its assignment to a display(s). Some alarm conditions have no affect, directly or indirectly, on operational safety while other alarms have a first-order relationship. Depending upon its display page context, an alarm may have a first-order relationship on one display and a supporting relationship on another display. Those alarms conditions that have safety significance can be thought of as occupying the `apex` of the display page hierarchy. These alarm objects are connected by relational threads to one or more display pages in the other levels of the display page hierarchy.