ECSS-Q-HB-30-03A – Human dependability handbook (14 July 2015)


The handbook defines the principles and processes of human dependability as integral part of system safety and dependability. The handbook focuses on human behaviour and performance during the different operation situations as for example in a control centre such as handover to routine mission operation, routine mission operation, satellite maintenance or emergency operations.

This handbook illustrates the implementation of human dependability in the system life cycle, where during any project phase there exists the need to systematically include considerations of the:

Within this scope, the main application areas of the handbook are to support the:
a. Development and validation of space system design during the different project phases,
b. Development, preparation and implementation of space system operations including their support such as the organisation, rules, training etc.
c. Collection of human error data and investigation of incidents or accidents involving human error.

The handbook does not address:

  • Design errors: The handbook intends to support design (and therefore in this sense, addresses design errors) regarding the avoidance or mitigation of human errors during operations. However, human error during design development are not considered.
  • Quantitative (e.g. probabilistic) analysis of human behaviour and performance: The handbook does not address probabilistic assessment of human errors as input to system level safety and dependability analysis and consideration of probabilistic targets, and
  • Intentional malicious acts and security related issues: Dependability and safety deals with “threats to safety and mission success” in terms of failures and human non malicious errors and for the sake of completeness includes “threats to safety and mission success” in terms of malicious actions, which are addressed through security risk analysis. However by definition “human dependability” as presented in this handbook excludes the consideration of “malicious actions” and security related issues i.e. considers only “non-malicious actions” of humans.

The handbook does not directly provide information on some disciplines or subjects, which only indirectly i.e. at the level of PSFs (see section 5) interface with “human dependability”. Therefore the handbook does not provide direct support to “goals” such as:

  • optimize information flux in control room during simulations and critical operations,
  • manage cultural differences in a team,
  • cope with negative group dynamics,
  • present best practices and guidelines about team training needs and training methods,
  • provide guidelines and best practices concerning planning of shifts,
  • present basic theory about team motivation, and
  • manage conflict of interests on a project.


The objectives of the handbook are to support:


This handbook supports following ECSS Standard: ECSS-Q-ST-30C – Dependability ( 6 March 2009).