Improving productivity without jeopardising safety means Oil & Gas companies need much better control over uncertainty.
To prevent accidents in the Oil & Gas and other industries, leaders need an accurate picture of their current and emerging risks, and their relative importance, to be able to deploy their resources effectively against them.
Various paradigms have been developed to assess safety risks and manage them. The most recent and comprehensive is Safety Barrier management, pioneered as a regulation by the Norwegian regulatory authority PSA.
Safety Barrier management is an essential part of Operational Risk Management (ORM). In practice, effective Safety Barrier management is very complicated because the information needed is vast, complex and spread over multiple systems, documents and people. Most companies collate [some of] this information once a month into a report or static dashboard.
It then becomes practically impossible for leaders to validate or further interrogate these summary and static reports. The organisation can also bias the reports themselves by playing the reporting periods to their advantage (i.e. delay bad news until the 1st of the month, so there is time to fix it before the next report).
Despite all the safety paradigms and controls put in place since disasters such as Piper Alpha, catastrophic tragedies still occur. A clear need remains to ask what has gone so wrong in all these instances.
Thirty years on from Piper Alpha, Chris Flint, HSE Director for Energy recently wrote to all offshore oil and gas production operators asking them to summarise their plans for further improving safety and tackling Hydrocarbon Releases (HCRs). The Swiss Cheese model of accident causation highlights how different means and controls to prevent hazards fail in such a way that the hazard is allowed to propagate through the various ‘holes’ in the cheese slices, and that once this occurs, no further cheese slices exist to act as ‘barriers’ to prevent an accident and its subsequent consequences.
A Safety Barrier, by definition, is anything intentionally put in place to prevent undesirable situations, such as harm to people or loss of life, but which also includes damage to the environment, to reputation or financial loss.
It does not need to be a physical thing, it can be: a protective system logic; an organisational control, like a permit (i.e. a driving licence); or even the culture within an office. Regardless of their nature, the Swiss Cheese model encourages us to be aware of the different barriers (slices) and the corrective actions needed to mitigate the risks of failure of each one of the slice’s holes, so that hopefully those holes never align (i.e. with successive failure of barriers) to cause an accident.
However, we should not just accept that the cheese has holes. To reach a higher level of safety questions that should be asked include:
• What causes the ‘holes’ to appear in the Swiss Cheese slice in the first place (i.e. why are safety barriers impaired or not effective?)
• How long have they been in that state and is anybody doing anything about it?
• As a manager, do I even know the relative importance of all the different Safety Barriers? And to what extent do controls that are impaired contribute to the overall risk?
• Where are my biggest risks – the see-through holes?
• What are the consequences of a corresponding hazard event?
Safety Barriers are designed by competent process-instrument-control engineers; signed off by qualified client representatives and managers, and implemented and tested during commissioning - but the crucial question during the operation should be - are they working now?
If a pressure sensor feeding various shutdown logic arrangements has been bypassed for maintenance, operatives need to know the incremental risk this poses to the barriers it supports; when it is expected to be fixed and by whom. In a small onshore low-pressure facility, this is typically managed in spreadsheets, and the stakes may not be that high; in increasingly complex offshore assets with hundreds of thousands of equipment tags and high-pressure operations, the task can be incredibly daunting – and this is where the concept of Barrier Management comes into play.
There are four key challenges involved in ensuring adequate safety standards by examining how to safeguard operations, facilities and human life in offshore operations.
Gaining a unified digital model of the Hazards and Barriers
Managers need to know which barrier areas present the highest risk and which are the worst maintained, amongst hundreds of other examples.
All of these queries require a sufficiently flexible and configurable data model that can be used to extract these insights and many more. Being able to drill down and explain why a barrier is impaired, enables corrective actions and creates trust in the system.
The volume and complexity of information that must be considered
Barrier impairment can have many origins. an example is the maintenance work order system or the record of statutory equipment and instrument tests.
In this case barrier impairment can be the result of pending Corrective Work orders or Preventive Work orders. A Corrective Work order usually means something is already broken, and so the presence of an overdue Corrective Work order implies the impairment is worse than an overdue inspection.
This all leads to the need for a means to quantify barrier element impairment severity which can be rolled up to quantify cumulative risk against plant areas or major accident types.
For a Safety Barrier Health Management System to be effective, it also needs to have access to all available information in near-real-time.
Authors: Murray Callander (CTO) & Joel Chacon (Head Consultant), Eigen Ltd
