Final 7/19/12
“Learning from Near-MissIncidents”Initiative for the Bulk Power System
This concept paperis prepared by an industry task group of experts led by Robert Schwermann, Senior Operations Specialist - Human Performance, Electric Transmission Operations, Pacific Gas & Electric Co. and Chair of the Western Electricity Coordinating Council Human Performance Working Group. The paper provides a synopsis of a proposed initiative that could be undertaken by the North American electric power industry to develop a database of lessons learned from “near-miss”incidents.The objective and broad concepts of the proposed initiative are outlined in this document to seek broad industry comments and support for the initiative.
The database would be designed to captureand analyze near-miss incidents and develop information that could be used by the industry to learn safe operating practices, improve understanding of human performance factors, and identifyand address issues that can potentially enhance bulk power system (BPS) reliability. In addition, the information is expected to be useful in identifying human performanceand technical processes and issues that require further investigation for research and development (R&D) entities to pursue. Theproposed databasewould be designed to maintain strict confidentiality and anonymityfor those entering the information. It wouldbe voluntary but accessible to all interested North American entities.Full success of the initiative depends heavily on an industry-wide coordinated effort that requires support from stakeholders such as asset owners, operators, and employee unions, to name just a few.The database development efforts could draw heavily upon similar, successful endeavors by the national aviation and firefighters’ groups, who both have useful and informative industry databases.
The next step in this initiative includes disseminating this paper to the U.S. electric utility industry stakeholders to seek comments and support for the initiative. If the industry moves forward with the initiative,thesubsequent step will include seeking funding for thedevelopment of this database and for the ongoing efforts to collect near-miss incident data, analyze the data, and maintain the database. For this important step, an industry consensus will be sought to identify appropriate entities such as NATF, EPRI or others for a collaborative effort.
Background
A mature organization consistently draws lessons from experience to improve procedures and the overall process. It is the logical use of data that enables organizations to determine corrective actions and the adjustment or sustainment of an effective process. The bulk power industry has a multitude of processes that allow for the collection and analysis of data from relevant industry activities and incidents and the subsequent dissemination of valuable lessons learned from such evaluation. This vital information,whichis used across the industry, leads to many lessonsthat help maintain personnel safety and keep the BPS resilient. Most of this information is the result of detailed analysis of events that have been elevated to the awareness of others. Further success requires a system that can focus on precursor incidents that, in different circumstances, may lead to larger events—particularly those that could affect the safety and human performance of industry practitioners and the reliability of the BPS. The industry needs a method that can identify precursor incidents and allow cooperative, cross-functional problem solving for the industry.
What Is a “Near-Miss” Incident?
A common definition of a near-miss or close-call incident is onein which no injury, property damage, or system reliability lapse occurred, but in which such an outcome could have occurred as a result of an unsafe act, an unsafe condition, defective equipment, or human error. In other words, “You got lucky.” These nearmisses provide an opportunity to learn lessonson personnel safety, human performance aspects, and BPS reliability issues for a proactive stance on safety and reliability.
Currently, no nationwide database of near-miss incidents exists. Limited databases exist within some utilities across the U.S. power system, but commentshave surfaced that efforts to populate and analyze the information, which would allow derivation of more general conclusions and lessons learned, are lacking.Consequently, such uncoordinated information seems to have provided little value to the industry as a whole.A North America-widedatabase is necessary for gatheringsufficiently general and contextually valuable information to facilitate improvements in personnel safety, human performance factors and reliability of power system operation. There are entitiesthat have had internal programs that are marginally successful due to many factors,such as limitedscope, lack of anonymity, limited resources, and lack of organizational support.
Proposal
This proposal is to create an industry-wide“Learning from Near-Miss Incidents”database. It will consist of:
- A reporting system to enter near-miss incidents
- A process to review and polish the entered data to ensure anonymity and value proposition, and to remove any grievance-type language that does not serve the intended purpose
- A framework to analyze the reported incidents from which to draw learning
- A repository to assimilate and broadcast the lessons learned to the entire industry
The database will be designed to allow voluntary and confidential submission of near-miss incidents by reliability coordinators, balancing authorities, asset owners and asset operators. Reports submitted to the system may describe a variety of issues, such as unsafe occurrences, process missteps, faulty equipment, and hazardous situations that could affect personnel safety and the reliability of the BPS.
The long-term goal is to develop and maintainan industry-wide database thatwill be widely regarded as one of the world’s largest sources of information on personnel safety, BPS reliability, and human performance. Sharing across the U.S., and eventually across North America,will allow entities to share their experiencesand formulatelessons that can strengthen the entiregrid, making everyone more successful in the pursuit of improving safety and reliability.
Implementation
The overall goal of this effort is to illicit participation from all North Americanentities that contribute to or have an interest in maintaining a safe and reliable BPS.Support will be sought from the entire spectrum of organizations: asset owners and operators and employee unions, and industry practitioners such as senior management, system operators, and field personnel.Participation can be encouragedby industry-wide announcements from industry leaders, technical press and communication channels of various entities.
The database will be designed to minimize the efforts of those reporting the incidents such as reliability coordinators, balancing authorities, asset owners and asset operators. Depending upon industry feedback and agreed-upon implementation parameters, the database could also allow individuals, such as field personnel, switchmen or control room operators, to submit narrative reports in complete confidentiality.
This would allow for an increased depth of reporting by field personnel.Other near-miss incident reporting systems, such as the Aviation Safety Reporting System (ASRS) maintained by NASA, and theNational Firefighter Near-Miss Reporting Systemdeveloped by the Association of Fire Chiefs (IAFC), have found narrative stories beneficial for grasping the essence of an incident. (Note: reports that do not contain useful information or contain only expressions of discontentmentwould bearchived and not processed further).In addition, this proposal suggests that material submitted be categorized using, for example,the NERC Cause Code Assignment Process (CCAP).See Appendix A for the codes.
Further analysis of each report will be performed to derive learning from the incident from the safety, human performance, and BPS reliability perspectives. The findings from the analysis of the reported incidents will be promulgated throughout the industry by means such as trade organization newsletters, Web postings, etc.
Funding
Once the industry moves forward with this proposed initiative, a proposal will be prepared by the task group or identified entities to seek U.S.Department of Energy funding for development and implementation of the databaseduring the firsttwoyears, and for ongoing databasemaintenance costs.
Confidentiality
The task group recognizes that the confidential and independent nature of the ASRS is the key to thesuccess of the system, since reporters do not have to worry about any possible negative consequences of coming forward with safety problems. The success of a strictly confidentialsystem serves as a positive example that is often used as a model by other industries seeking to make improvements, such as the National Firefighters Association (NFA) and the Federal Railway Administration(FRA).
Who Will Benefit from the BPS Near-Miss Database?
The Near-Miss Databaseallows the general public to benefit from a more reliable electrical grid that is operated and maintained by managers, operators, and field crews who learning from their shared experiences.
How It Will Be Managed
Thenear-miss reporting system wouldreceivevoluntarilysubmitted reports (whether or not the activities reported result in any “incident”), “sanitize” them by removing information that could identify the entity submitting the reports, process and analyze the reports, and post them on a publicly accessible site.These tasks could be assigned to agroup to be identified at a future date. To preserve confidentiality and avoid the perception of punitive risks in case the reports imply compliance infractions, regulatory agencies will be requested to agree to remain at arm’slength and will not receive or request original reports or any information that could help identify the person or entity submitting the report.
Database Model: How Are Others Facing the Same Challenges?
Depending upon industry consensus, a set of general specifications will be prepared for the development, structure and maintenance of the near-miss database. Based on these specifications, appropriate elements of the existing near-miss databases of other industries will be adopted as appropriate.
Examples of successful near-miss databases of other industries include those of the aviation and the firefighting industries.The aviation industry has been gathering and assessing this type of information for over three decades.Through the Aviation Safety Reporting System (ASRS), pilots and other airplane crew members confidentially report near-miss and close-call incidents in the interest of improving air safety and reliability. The ASRS collectsvoluntarily submitted aviation safety incident/situation reports from pilots, controllers, and others (including support functions like baggage handlers and on-site caterers), analyzes the reports, and responds to them in order to lessen the likelihood of aviation accidents. The ASRS is an important facet of the continuing effort by the government, industry, and individuals to maintain and improve aviation safety.
Reports submitted to ASRS may describe both unsafe occurrences and hazardous situations. ASRS’s particular concern is the quality of human performance in the aviation system. ASRS data are used to:
- Identify deficiencies and discrepancies in the National Aviation System (NAS) so that theycan be remedied by appropriate authorities.
- Support policy formulation, planning, and improvements the NAS.
- Strengthen the foundation of aviation human factors safety research. This is particularly important since it is generally conceded that over two-thirds of all aviation accidents and incidents have their roots in human performance errors.
The ASRS acts on the information contained in these reports. It identifies system deficiencies and issues alerts to persons in a position to correct them. It educates through its newsletter CALLBACKand its journal ASRS Directline, and through its research studies. Its databaseis a public repository thatserves the FAA and NASA’s needs and those of other organizations world-wide thatare engaged in research and the promotion of aviation safety.
TheNational Firefighter Near-Miss Reporting System was developed in 2005 by the International Association of Fire Chiefs (IAFC). The National Firefighter Near-Miss Reporting System aims to prevent injuries and save lives of other firefighters by collecting, sharing and analyzing near-miss experiences. The experiences are collected by firefighters who voluntarily submit them; the reports are confidential, non-punitive, and secure. After the reports are compiled, they are posted to the IAFC Web site, where firefighters can access them and learn from each other’s real-life experiences. Overall these reports help to formulate strategies, reduce firefighter injuries and fatalities, and enhance the safety culture of the fire service. The program is based on the Aviation Safety Reporting System (ASRS), which has been gathering reports of close calls from pilots, flight attendants, and air traffic controllers since 1976. The reporting system is funded by the U.S. Department of Homeland Security’s Assistance to Firefighters Grant Program. The program was originally funded by DHS and Fireman’s Fund Insurance Company.
Also, the Federal Railroad Administration (FRA) has developed the FRA Confidential Close Call Reporting System (C3RS), a voluntary, confidential demonstration program for railroad carriers and their employees to report close calls without receiving disciplinary action. The broad goals of the C3RS project are: preventing accidents, saving lives, uncovering hidden, at-risk conditions not previously exposed from analysis of reportable accidents and incidents, and identifying and managing risk through proactive analysis to identify trends or patterns before safety is compromised.Parties involved include the Federal Railroad Administration (FRA), Bureau of Transportation Statistics (BTS), National Aeronautics and Space Administration (NASA), railroad carriers, carrier employees, labor organizations, and peer review teams.At this time, the C3RS is accepting close-call reports only from Union Pacific (UP) Railroad North Platte Service Unit, Canadian Pacific (CP) Railway Chicago Area, New Jersey Transit, and Amtrak with the intent of expanding when possible.
Appendix B includes examples of reports available on the ASRS, National Firefighter Near-Miss Reporting System and C3RS sites.
Appendix A: NERC CCAP (Cause Code Assignment Process)
Click on page below to view all two pages.
Appendix B: Examples of Reports Available onthe ASRS, National Firefighter Near-Miss Reporting System And C3RS Sites.
The reports included in this Appendix were downloaded fromthe respective websites. They were slightly re-formatted to legibility, but were not edited in any other way.
Examples of Three ASRS Reports
ACN: 984272
Time / Day
Date : 201112
Local Time Of Day : 0601-1200
Place
Locale Reference.Airport :ZZZ.Airport
State Reference : US
Altitude.AGL.Single Value : 0
Environment
Light : Daylight
Aircraft
Reference : X
Make Model Name : Cessna 340/340A
Mission : Personal
Flight Phase : Parked
Maintenance Status.Released For Service : N
Maintenance Status.Maintenance Type : Unscheduled Maintenance
MaintenanceStatus.Maintenance Items Involved : Repair
Maintenance Status.Maintenance Items Involved : Work Cards
Maintenance Status.Maintenance Items Involved : Installation
Component : 1
Aircraft Component : Exhaust Pipe
Aircraft Reference : X
Problem : Malfunctioning
Component : 2
Aircraft Component : Exhaust Manifold
Aircraft Reference : X
Person
Reference : 1
Location Of Person : Hangar / Base
Reporter Organization : Personal
Function.Maintenance : Lead Technician
Qualification.Maintenance : Inspection Authority
Qualification.Maintenance : Airframe
Qualification.Maintenance : Powerplant
Experience.Maintenance.Lead Technician : 12
Experience.Maintenance.Technician : 15
ASRS Report Number.Accession Number : 984272
Human Factors : Other / Unknown
Human Factors : Fatigue
Human Factors : Situational Awareness
Human Factors : Communication Breakdown
Communication Breakdown.Party1 : Maintenance
Communication Breakdown.Party2 : Maintenance
Analyst Callback : Completed
Events
Anomaly.Aircraft Equipment Problem : Critical
Anomaly.Deviation - Procedural : Published Material / Policy
Anomaly.Deviation - Procedural : Maintenance
Anomaly.Deviation - Procedural : FAR
Detector.Person : Maintenance
Were Passengers Involved In Event : N
When Detected.Other
Result.General : Maintenance Action
Assessments
Contributing Factors / Situations : Procedure
Contributing Factors / Situations : Logbook Entry
Contributing Factors / Situations : Manuals
Contributing Factors / Situations : Aircraft
Contributing Factors / Situations : Human Factors
Primary Problem : Human Factors
Narrative: 1
I worked with another Airframe/Powerplant (A/P) and Inspection Authorized (I/A) Mechanic installing an overhauled engine. When the aircraft came in for an oil change seventy-five hours after the engine [was] installed, another Maintenance facility discovered the exhaust system was leaking. They stated a gasket was missing from the ‘Y’ pipe and the exhaust [manifold] was misaligned with the brackets which support it. During the investigation to how this occurred, it was discovered I failed to follow FAR 43.9(3) by [not] providing the name of the person I was working with. This failure of an incorrect installation was due to lack of experience of the installer and failure to follow the steps provided in a Service Bulletin on how to assemble the [exhaust] system. Though the service instructions were available and the parts were too, we as a team failed to go step-by-step on these instructions which resulted in the exhaust leak. Failure to identify this hazard could have resulted in an in-flight fire. I also believe this is a violation of FAR 43.13 Performance Rules, because we failed to use the methods prescribed in current manufacturer’s Maintenance manuals.
Callback: 1
Reporter stated he failed to include the other Mechanic’s name in the C-340’s logbook sign-off for the engine overhaul and installation because he normally signs-off for all the work.
Synopsis
A Lead Mechanic with an Inspection Authorization (I/A) rating reports that he failed to include another Mechanic’s name in the logbook sign-off associated with a Cessna C-340 aircraft engine overhaul and installation. The aircraft was also found to have an exhaust gasket missing and the exhaust manifold misaligned, contributing to a potential inflight fire condition.