Integrated Barrier Analysis in Operational Risk Assessment in Offshore Petroleum Operations



Similar documents
Application of IEC and IEC in the Norwegian Petroleum Industry

Safety Barriers on Oil and Gas Platforms

EXPRESSING AND COMMUNICATING UNCERTAINTY IN RELATION TO QUANTITATIVE RISK ANALYSIS ABSTRACT

The SPE Foundation through member donations and a contribution from Offshore Europe

Defining and operationalizing the barrier concept

THE CONCEPT OF HUMAN AND ORGANIZATIONAL FACTORS IN RISK ASSESSMENTS IN THE NORWEGIAN OFFSHORE PETROLEUM INDUSTRY

An approach to analyse human reliability during refuelling outage of a nuclear power plant

NORSOK STANDARD RISK AND EMERGENCY PREPAREDNESS ANALYSIS

Goliat Barrier Management

Brochure. Hazard identification and risk assessment For the hazardous process industries

Refleksjoner rundt alvorlige hendelser i petroleumsindustrien i et risikostyringsperspektiv

Human Reliability Assessment of Blowdown in a Gas Leakage Scenario on Offshore Production Platforms: Methodological and Practical Experiences

Fault Tree Analysis (FTA) and Event Tree Analysis (ETA)

Safety Integrity Level (SIL) Studies Germanischer Lloyd Service/Product Description

Ageing and life extension

HSE information sheet. Fire and explosion hazards in offshore gas turbines. Offshore Information Sheet No. 10/2008

Application of Nuclear and Aerospace Industry Experience to Offshore Barrier Integrity Management

RISK ASSESSMENT AND USE OF RISK ACCEPTANCE CRITERIA FOR THE REGULATION OF DANGEROUS SUBSTANCES

Safety Assessment for a major hazard facility

RECOMMENDED GUIDELINES FOR THE APPLICATION OF IEC AND IEC IN THE PETROLEUM ACTIVITIES ON THE NORWEGIAN CONTINENTAL SHELF

Safety Integrity Level (SIL) Assessment as key element within the plant design

Climate-friendly technology alternatives to HCFC/HFC. Safety standards and risk assessment. Tel Aviv, Israel 27 th to 28 th May 2015

To Mary Kay O'Connor Process Safety Center Home Page To Program details for Day 1 To Program details for Day 2

Principles for barrier management in the petroleum industry

FMEA and FTA Analysis

Evaluering av risiko forbundet med løftegass i ringrom og forskellige gassløft barrierer

APPLICATION OF IEC AND IEC IN THE NORWEGIAN PETROLEUM INDUSTRY

Guidance note. Risk Assessment. Core concepts. N GN0165 Revision 4 December 2012

HEALTH, SAFETY, ENVIRONMENT AND COMMUNITY MANAGEMENT STANDARDS. OCTOBER ISSUE No 01. Doc No: HSEC MS 001

FIRE RISK ASSESSMENT IN GERMANY - PROCEDURE, DATA, RESULTS -

Systems Assurance Management in Railway through the Project Life Cycle

NORSOK STANDARD Z-013 Rev. 2, Risk and emergency preparedness analysis

Using CFD in Platform Design

Performance Indicators in major hazard industries An Offshore Regulator s perspective - Ian Whewell

TRAM: TECHNICAL RISK AUDIT METHODOLOGY FOR COMAH SITES

COMAH Competent Authority

International Association of Oil & Gas Producers Asset integrity the key to managing major incident risks. Report No.

BEST PRACTICE FOR THE DESIGN AND OPERATION OF HIGH HAZARD SITES

HEALTH & SAFETY EXECUTIVE NUCLEAR DIRECTORATE ASSESSMENT REPORT. New Reactor Build. EDF/AREVA EPR Step 2 PSA Assessment

QUANTITATIVE RISK ASSESSMENT FOR ACCIDENTS AT WORK IN THE CHEMICAL INDUSTRY AND THE SEVESO II DIRECTIVE

The Locomotive. Risk-Informed Fire Protection

Methods of Determining Safety Integrity Level (SIL) Requirements - Pros and Cons

On-Site Risk Management Audit Checklist for Program Level 3 Process

Using the Linear Risk Integral (LRI) approach in pipeline QRA for a better application of risk mitigation measures

A PROGRESSIVE RISK ASSESSMENT PROCESS FOR A TYPICAL CHEMICAL COMPANY: HOW TO AVOID THE RUSH TO QRA

Basic Fundamentals Of Safety Instrumented Systems

HitecVision Private Equity AS

Offshore Oil and Gas. Experience and Capabilities

Risktec Training Catalogue 2016

Fire, Explosion and Risk Assessment Topic Guidance Issue 1

Performance Management in relation to Fire Safety

A SET OF COMPUTER BASED TOOLS IDENTIFYING AND PREVENTING HUMAN ERROR IN PLANT OPERATIONS

Checklist for Operational Risk Management

Risk Assessment Data Directory. Report No March Ignition probabilities

Singapore s Approach to Process Safety Management

PMAOMIR418B Coordinate incident response

Process Safety & Barrier Management. Lessons from major hazard industries

Petroleum and natural gas industries Well integrity standard

Sensitivity Analysis of Safety Measures for Railway Tunnel Fire Accident

A method for assessing the risk of sea transportation: Numerical examples for the Oslofjord

Market Watch. Further observations from suspicious transaction reporting (STR) supervisory visits. Contents

PSAC/SAIT Well Testing Training Program Learning Outcomes/Objectives Level D

Designing an Effective Risk Matrix

UNIVERSITY INDUSTRY COLLABORATION: SAFETY ENGINEERING EDUCATION AT KU LEUVEN

Advanced Safety Barrier Management with Inclusion of Human and Organizational Aspects

Annex 7 Application of Hazard Analysis and Critical Control Point (HACCP) methodology to pharmaceuticals

CYBER SECURITY RISK ANALYSIS FOR PROCESS CONTROL SYSTEMS USING RINGS OF PROTECTION ANALYSIS (ROPA)

OFFSHORE OIL & GAS SECTOR STRATEGY 2014 TO 2017

Occupational safety risk management in Australian mining

Risk Assessment Data Directory. Report No March Process release frequencies

Jonathan Wilson. Sector Manager (Health & Safety)

Viewpoint on ISA TR Simplified Methods and Fault Tree Analysis Angela E. Summers, Ph.D., P.E., President

A Triple Bottom Line approach to QRA

Accident Investigation

IAEA Training in level 1 PSA and PSA applications. PSA applications. PSA-based evaluation and rating of operational events

Do you speak SAFETY?

Analyses of delivery reliability in electrical power systems

RISKS OF MARINE TRANSFER OF PERSONNEL OFFSHORE. By John Spouge, DNV GL, Philip Strong and Robin Proctor, Reflex Marine. June 2014

The Pathway to ASME PCC Appendix A Compliance and why it s of Critical Importance

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) elindsay@blueyonder.co.

Eksplosjonsrisiko, værbeskyttelse og optimalisering av design

13. FPSO Operational Problems Don Smith, OGP

Term Final Definition or Clarification Original or Source Definition Source Comment

ICHEME SYMPOSIUM SERIES NO. 139 A METHODOLOGY FOR CONCEPT RISK ASSESSMENT OF OFFSHORE DEVELOPMENTS

KP4: AGEING & LIFE EXTENSION (ALE) INSPECTION PROGRAMME 1 YEAR ON

An evaluation of the fire safety emergency cover toolkit

A Review of HSE s Risk Analysis and Protection Based Analysis Approaches for Land-Use Planning. Final Report

3.4.4 Description of risk management plan Unofficial Translation Only the Thai version of the text is legally binding.

Government Degree on the Safety of Nuclear Power Plants 717/2013

Who is ABS Consulting?

Explosion of a gasoline vapour cloud formed in a hydrocarbon loaded effluents storage tank 10 December 1999 Arquata Scrivia Italy

Asset integrity process safety management Involving the workforce

Using Incident Investigation Tools Proactively for Incident Prevention.

OIL INDUSTRY SAFETY DIRECTORATE Form No.: OISD-101/B

Transcription:

Integrated Barrier Analysis in Operational Risk Assessment in Offshore Petroleum Operations Jan Erik Vinnem Preventor/Stavanger University College, Bryne, Norway Terje Aven Stavanger University College, Stavanger, Norway Stein Hauge SINTEF Technology Management, Trondheim, No rway Jorunn Seljelid Safetec Nordic, Trondheim, Norway Gunnar Veire Statoil, Stavanger, Norway Abstract The BORA project is aimed at detailed and quantitative modeling of barrier performance, including barriers to prevent occurrence of initiating events, and barriers to avoid or reduce consequences. Challenges related to the modeling are reviewed, and some solutions are suggested. 1 Introduction The offshore petroleum industry has for a long time invested considerable resources in engineering defences, or barriers, against fire and explosion hazards on the installations. The performance of barriers is to some extent followed up to some extent through performance standards and Key Performance Indicators, though often not extensively. Safety systems are usually addressed on a one-by-one basis, not allowing dependencies and common mode/cause failures to be identified. Half of the leaks from hydrocarbon containing equipment occur in connection with manual activities in hazardous areas, during which engineered defences often are partially inhibited or passivated, in order not to cause disrupture of stable production. The occurrence of these leaks is a clear indication that system and human defences relating to containment of leaks are not functioning sufficiently well during these operations. There is an obvious need to understand better the performance of barriers, particularly non-technical, during execution of manual activities. In a paper presented at ESREL 2003 [1], operational risk assessments were discussed. It was concluded that there is a clear need for improvement of the analysis of barriers. These aspects form the outset for an extensive research activity called the BORA (Barrier and Operational Risk Analysis) project [2].

2 Objectives of BORA project A case study with complete modeling and analysis of barriers on offshore production installations is being carried out, for physical and non-physical barriers. Barriers intended to prevent the incident occurring along with those intended to eliminate/reduce consequences are included, and particular emphasis is placed on barriers during execution of operational activities. The results from the study should enable both industry and authorities to improve safety through: Knowledge about overall performance of barriers and improvement potentials Identification of the need to reinforce the total set of barriers, especially during operational activities Identification of efficient risk reduction measures for barriers, together with effective modifications and configuration changes. The analysis will be quantitative as far as is possible. Barriers are in general characterised by reliability/availability, functionality and robustness. All of these performance measures are addressed. The Norwegian regulations require that dependencies between barriers shall be known. The analysis is therefore performed such that, where relevant, common cause or mode failures and dependencies between barrier elements are accounted for. 3 Overview of Current Approaches and future Needs Several R&D projects are being conducted in the Norwegian offshore petroleum industry addressing performance of defenses/barriers. Most of these are internal projects, but a few are openly available, see [3], [4] and [5]. Most of these studies have a limited scope with respect to the barriers covered, and few of these are aimed at quantification of barrier performance. Health and Safety Executive in the UK are also considering a similar approach focusing on barriers/defenses [6]. QRA (Quantified Risk Assessment) studies for the offshore petroleum industry have traditionally had a rather narrow analysis of barrier performance. The nuclear industry has on the other hand used extensive studies of barrier performance, with objectives that match quite well the objectives for the present work. A pilot study was therefore conducted, funded by the Norwegian Petroleum Directorate, in order to illustrate the application of analytical approaches and tools from the nuclear field. This included a relatively limited pilot study of selected barriers on an example installation [7]. Other projects that have provided useful input are: Several projects addressing non-physical barriers MTO-structured accident and incident investigations Working group in working together for safety project addressing terminology for physical and non-physical barriers [8] Cause analysis for process leaks [9] One of the main aspects of the project is to address the barrier situation in detail when operational activities are carried out. A list of ten suitably defined activities

and conditions that are associated with hydrocarbon leak risk was established during the work with activity indicators [5], which is also used in the BORA project. 4 Challenges with Modeling of Containment Barrier Modelling the risk of hydrocarbon leaks in quantitative risk analysis has traditionally been related to generic frequency analysis. Based on the amount and type of process equipment combined with historic leak frequencies for such equipment, the frequencies of loss of containment for each process segment, area and the installation as a whole have been estimated. In such a generic approach important information is left out from the model, both related to the direct causes of the leak as well as the underlying conditions which influence the possibility of experiencing loss of containment. A major objection against the offshore risk analysis has been its lack of ability to support the operations people with answers to questions like; what is the: Effect on the leak frequency of postponing a certain maintenance activity? Effect of inhibiting process sensors? Effect of factors such as training, competency, complexity and manning? The containment barrier must therefore be broken down to a level where operational factors are explicitly visualised and modelled. However, this is a challenging task. On the one hand we want to model all the major aspects which influence the frequency of loss of containment. On the other hand, this soon makes the model so complex and extensive that it will not be applied in actual analysis work. Traditionally, the event modelling in QRA starts with loss of containment as the initiating event, and the barriers to limit the potential consequences of the leak are modelled. In the BORA project we want to visualise the barrier elements in place to prevent the leak itself. For this purpose barrier block diagrams have been developed for different conditions which may cause loss of containment. For the case loss of containment due to incorrectly fitted equipment, see Figure 1. Initiating event Valve incorrectly fitted during maintenance Barrier element Control / inspection of work reveals the error NO YES Consequence OK Pressure testing before start up reveals the error OK Potential Loss of containment Figure 1 Barrier block diagram incorrectly fitted equipment

In the further work, the different barrier elements to prevent loss of containment will be modelled by using fault trees, and the barrier block diagrams will be linked with the event trees which model the consequences of a leak. The barrier elements will also be related to activities that are being carried out. 5 Challenges with Modeling of Consequence Barriers The BORA project is modelling four consequence barrier functions: Avoid Ignition, Reduce Release, Avoid Escalation and Prevent Fatalities. They can all be activated by automatic systems or by manual operations. Gas detection is for exa m- ple a key factor for Avoiding Ignition, and detection can either be by automatic systems or personnel doing maintenance or other activities in the area or by others that are just passing by. The main difference between detection modes is the time to detection. The barriers are not independent of each other. Gas detection is both a part of Avoid Ignition and Reduce Release. The ignition can occur either before or during activation of the different barriers, and the probability of ignition is dependent on the systems that have been activated at the time of ignition. This is a challenging sequence to model. The fact that the probability of ignition is also dependent on the initial size of the leak, leak point and weather conditions, is complicating the picture even more. A coarse block diagram is presented in Figure 2, showing the main barrier elements and possible ignition points. All these combinations are modelled in the BORA project. Ignition after gas detection possible ignition points Controlled fire/expl., firewater initiated Le ak Ga s det. IS O IG ES D ISO IGN Isolation of ignition sources ESD Isolation BD Blowdown BD Fir e det F W Uncontrolled frie/expl., i.e. all safety means has failed or not initiated Figure 2 Avoid Ignition Reduce Release Avoid Escalation Prevent Fatalities Block diagram main barrier elements and ignition points The sequences of the different barrier elements and ignition points are modelled in event trees combined with detailed fault trees for every branch, modelling manual and automatic activations for different operational modes. The function of some of the barriers is very dependent on the current operation mode. Manual detection will for example be dependent on the presence of personnel in the module, and their awa reness of possible leaks.

6 Challenges relating to Incorporation of Performance Influencing Factors Performance influencing factors will not be included explicitly in the fault trees, but this does not mean that such factors are unimportant in the analysis. It is essential to structure the analysis such that the influencing factors are mo d- elled extensively in the analysis, in a consistent and explicit manner. This is outlined in the following. The basic elements of the fault tree based method we have developed can be formulated in the following way; a) Identify top events A that summarise essential barrier performance. An example is ignition or avoid ignition given a specific leakage scenario. The event A must be precisely defined no ambiguity can exist. b) Establish a deterministic model that links A and events B i and quantities X i on a more detailed level. A fault tree is an example of such a model. c) Specify a set of operational and management factors F i that could influence the performance of the barriers, and which have not been included in the fault tree model. Examples of such factors are the quality of the maintenance work, the level of competence and the adequacy of organisation. d) Probability specifications P(B i F), where F is the vector of the F i s. e) Probability calculus to obtain P(A F). To implement the framework there are a number of challenges, of which the following are some of the most important: i. Determine which F factors that should be included in the fault tree. The F factors are fixed, meaning that the probability assignments are conditioned on these factors. If some of the F factors are to be considered unknown to the analyst, these factors need to be included in the fault tree, or the factors should be divided into two categories, reflecting unknown factors on the one hand and some given factors on the other. Such a distinction is made in the SAM-method (Pate-Cornell and Murphy [10] Murphy and Pate-Cornell [11]). ii. Finding adequate procedures for specifying the probabilities P(B i F). These procedures need to be based on models and methods used for barrier performance analyses, such as human reliability analysis. The work by Papazoglou and Aneziris [12] was considered in the review of possible approaches of human, management and organisational aspects. 7 Concluding Remarks The project has focus on identification of weaknesses and deficiencies in barriers, especially during execution of operational activities, In this way, the need for reinforcement of existing barriers as well as requirements concerning additional barrier elements can be identified.

The ambition in the project is on quantification of barrier performance, with respect to reliability, vulnerability and effectiveness. This implies that there are considerable challenges to be faced during the execution of the project. The next phase of the work will focus on modelling of factors that influence the performance of barrier systems and barrier elements. This is a further challenging factor. Acknowledgement The project is financed by the Research Council of Norway, Health and Safety Executive and OLF (Norwegian Oil Industry Association), whose contributions are gratefully acknowledged. References 1 Vinnem, J.E., Aven, T., Hundseid, H., Vassmyr, K.A., Vollen, F., Øien, K. Risk assessments for Offshore Installations in the Operational Phase. Presented at ESREL2003, Maastricht, The Netherlands. 2 Vinnem, J.E. et.al. Operational Risk analysis Total analysis of physical and nonphysical barriers, BORA pre project report, 16.10.2003 3 Sandøy, M., et al. Risk-Based Well Control Planning: The Integration of Random and Known Quantities in a computerized Risk Management Tool, SPE 68447, Presented at SPE/ICoTA Coiled Tubing Roundtable, Houston, Texas, 7-8 March 2001 4 Thomassen, O., Sørum, M. Mapping and monitoring the safety level SPE 73923, presented at SPE International Conference on Health, Safety and Environment in Oil and Gas Exploration and Production, Kuala Lumpur, 20-22. March, 2002 5 Vinnem, J.E., Veire, G., Heide Knudsen, B., Aven, T. A method for developing and structuring risk activity indicators for major accidents, to be presented at ESREL2004/- PSAM7 conference, Berlin, June, 2004 6 Private communication with Robert Miles, HSE 7 Bäckström, O. Pilotprosjekt Felträdsanalys för Statfjord A, Relcon rapport 99161-R- 005, 20.5.2003 8 Working together for safety web page info http://www.samarbeidforsikkerhet.- no/index.html?infopage=oppslag.html&id=2&siteid=&frameid=3&languagecode=en 9 Nilsen, T., Jacobsen, G.S. and Aven, T. Requirements and principles for cause analysis in QRA - with applications ESREL, Edinburgh, pp. 641-646 10 E. Pate-Cornell and Murphy, M. Human and management factors in probabilistic risk analysis: the SAM approach and observations from recent application. Reliability Engineering and System Safety, 53, 115-126. 11 Murphy, M. and Pate-Cornell, E. The SAM framework: Modelling the effects of management factors on human behavior in risk analysis. Risk Analysis. 16, 501-515 12 Papazoglou, I. A. and Aneziris, O. On the quantification of the effects of organizational and management factors in chemical installations, Reliability Engineering and system safety, 63, 33-46

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information