AGENDA
Exploration and Production Standards Conference on Oilfield Equipment and Materials
API Subcommittee17 Roundtable Discussions
Westin Westminster, Westminster (near Denver), Colorado, USA
Tuesday, June 23, 2009
API Subcommittee 17 Chair: John Bednar
1:00 PM – 5:00 PM
Discussion Topics
(Note: Discussion Topics are provided below in no particular order. Due to time constraints on individuals visiting the Roundtable discussions, priority of order of the topics may be subject to last minute changes)
Individuals Identified with the Topics are Requested to Act as the Lead on the subject matter to provide:
· An introduction to the topic
· Status/overview of any proposal
· The impact on SC17/ISO 13628 documents
· Lead Discussions on the Topic
1. Standard Definitions used in SC17 (ISO 13628) Documents – Jens-Henrik Neuenkirchen
2. Flow Line Connectors – Steve Mansfield/Craig Redding
3. Subsea Metering – Christopher Curran
4. Avoidance of Blockages in Subsea Production Control and Chemical Injection Systems – John McManus
5. Reliability Modeling (see following 3 documents - attached) – John Allen/Mark Siegmund
6. Well Fatigue in the North Sea / Global Analysis – Jens-Henrik Neuenkirchen
7. Update on Status of the Subsea Equipment Qualification (17Q) Group – Roger Walls
8. PER 15K – Jim Raney (proposed)
9. ASME Section VIII, Div 2 – Mike Williams/Ross Frazer
10. Insulation and Buoyancy – Rick Hill
Petroleum, petrochemical and natural gas industry -- Reliability modelling and calculation of safety systems.
Industries du Pétrole, pétrochimie et gaz naturel -- Modélisation et calcul fiabilistes des systèmes de sécurité
Outline
Safety systems are widely used in the petroleum, petrochemical and natural gas industry and nowadays safety instrumented systems - the so-called HIPS (High Integrity Protection Systems) - are being employed more often in place of conventional protection systems. Achieving a high degree of safety is of utmost importance for such systems but, from the industrial point of view, this must be done without impeding too much the production availability of the installation. Therefore both safety and dependability targets shall be considered when designing such systems and this requires undertaking rather complex probabilistic calculations. They are all the more complex than safety (instrumented) systems are generally periodically tested. That perhaps constitutes the most difficult subject encountered within the reliability field and induces difficulties which are beyond the common knowledge of engineers.
Safety and dependability should be handled within the same reliability framework but, in industry, they are generally considered separately and handled by persons belonging to different offices. In the same way the international safety standards exclude the dependability from their scopes and the international dependability standard excludes safety from theirs. This encourages handling safety and dependability separately and this often results in achieving safety to the detriment of the dependability. This may lead to important production losses and to dangerous situations when a safety system is disconnected because it produces too many spurious trips.
Beyond the probability of failure of individual safety systems, avoiding a given accident often implies the failure of several interdependent protection layers and this is the probability of accident which is really important. Unfortunately, combining the probability of failure of individual protection layers lead to non-conservative estimations and holistic approaches encompassing all protection layers within the same model shall be undertaken.
The probabilistic calculations usually undertaken within the petroleum, petrochemical and natural gas may have difficulties to handle properly the problems identified above but, fortunately, over the past fifty years, a lot of efficient methods and tools have been developed in the reliability field. Closing the gap between this state of the art and the application of probabilistic calculations within the industry will solve the problems.
The probabilistic approaches may be broadly split according to the following classes:
1. Analytical calculations
1.1. Approximated formulae
1.2. Boolean models
1.2.1. Reliability Block Diagrams
1.2.2. Fault Trees
1.3. Markov graphs
2. Monte Carlo simulation on behavioural models
2.1. Petri Nets
2.2. Formal languages
If the approximated formulae are useful to handle simple safety loops (or parts of safety loops), the other methods shall be considered as soon as redundancy is implemented or multi-layers safety systems are considered. Most of them are based on graphical representations and this allow to spend the time on building the (holistic) models rather on calculations which, on the other hand, may be now performed by the efficient and powerful algorithms published and available. Software packages are available which can be used directly or with some adjustments for this purpose.
The approaches are based on different sound mathematical backgrounds and are not actually interchangeable. For example, in the petroleum, petrochemical and natural gas industry:
- Boolean models (mainly fault trees) are very efficient for safety systems made of "reasonably" independent components (topside HIPS working on demand),
- Markov graph are efficient for small complex HIPS working on demand or in continuous mode of operation,
- Monte Carlo simulation (mainly with Petri nets) is very efficient for safety systems made of dependent components (subsea or preventive HIPS, maintenance policy, rig mobilisation ...),
- etc.
The planned delivery will provide guidelines to help the engineers understand sufficiently the theoretical background, chose the relevant models according to his problem and use them if the full knowledge of the underlying hypothesis and limitations. It may be split into the following main parts:
· Introduction
· Identification of the various problems
· link between traditional and standardized (e.g. SIL) reliability parameters,
· Description of the various methods, possibilities and limitations, and analysis of the best way to use or adapt them for the petroleum, petrochemical and natural gas industry purposes,
· Conclusion
The very aim is to help engineers to improve the evaluation of the predicted performance of individual and complex multi-layer safety systems in order to design safety system with a good balance between safety and dependability.