• No results found

On the use of historical failures patterns to confront the unforeseen

N/A
N/A
Info
Nedlasting
Protected

Academic year: 2022

Share "On the use of historical failures patterns to confront the unforeseen"

Copied!
100
0
0

Laster.... (Se fulltekst nå)

Fulltekst

(1)

Faculty of Science and Technology

MASTER’S THESIS

Study program/ Specialization:

Offshore Technology/

Industrial Asset Management

Spring semester, 2015

Open / Restricted access

Writer:

Andika Rachman ………

(Writer’s signature)

Faculty supervisor: R.M. Chandima Ratnayake

External supervisor(s): Arnaud Barre

Thesis title:

On the Use of Historical Failures Patterns to Confront the Unforeseen

Credits (ECTS): 30

Key words:

unforeseen failure black swan

accident

Pages: 84 + enclosure: 16

Stavanger, 15

th

June 2015

(2)
(3)
(4)
(5)
(6)
(7)
(8)
(9)
(10)
(11)
(12)
(13)

(14)
(15)

Unforeseen Events

Unknown unknowns

Unknown knowns

Events that are believed to have negligilble probability

(16)
(17)

Probability-based

thinking Knowledge

dimension Black swans

+ +

(18)
(19)
(20)

Preoccupation with failure

Reluctance to simplify

Sensitivity operationsto Commitment

to resilience Deference to

expertise

(21)

(22)
(23)
(24)
(25)
(26)

Unexpected Event (Unsafe Act)

Normally Functioning

System

Unwanted Consequences

Direction of Causality

Direction of Reasoning

(27)

Effect Cause

If we can see what the effect is...

Then we can find what the

cause is

(28)
(29)
(30)
(31)

(32)

(33)
(34)
(35)

Pipeline washing Water entered MIC tank through leaky

valve

Contamination of MIC with water caused runaway

reaction

High temperature caused the bursting

of the tank casing

(36)

(37)
(38)
(39)
(40)
(41)
(42)
(43)

(44)

(45)
(46)
(47)
(48)
(49)
(50)
(51)
(52)
(53)
(54)

Boundary to unacceptable

workload

Boundary to economic failure

Resulting perceived boundary of acceptable performance, i.e.

safety boundary defined by work practices

Boundary of functionally acceptable performance, i.e. the

real safety boundary

Sy stem

Management effort toward efficiency

Gradient toward

less effort

Accident Counter forces represented by safety

management system

Space of possibilities; day-to-day

operation; degrees of freedom to be resolves according subjective

preferences

Movement towards degrading safety defenses

(55)
(56)

(57)

(58)
(59)
(60)
(61)
(62)
(63)

(64)

Controller

Controlled Process

Actuator Sensor

(65)

Safety Management Process (Internal Variability)

Leading Indicators Environment (External Variability)

Safety Performance Desired Safety

Level Control

Signal

Feedback

(66)

(67)
(68)

(69)
(70)

(71)

Pressure Transmitter (PT)

• Send signal to HCM to indicate the flowlines pressure

HIPPS Control Module (HCM)

• Process the information from PT and send decisions signal to SDV

Shutdown Valve (SDV)

• Close or open the

flow based on

signal from HCM

(72)
(73)

(74)

HIPPS

Operating Company Petroleum Safety Authority

Offshore Installation Manager

Operation Team Leader Regulations

Standards Certif ications

Accident Reports Saf ety Rev iews Whistleblowers

Saf ety Policy Standards Resources

Operation Reports Audit and Change Reports

Work Instructions Operating Manuals

Saf ety Policy Standards Resources

Operation Reports Problem Reports Change Requests

Problem Reports Operation Reports Change Requests

Operators

Alarms Pressure Trends Valv e Status Testing

Monitoring Correctiv e Actions Prev entiv e Actions

(75)

MCS

HCM Operator

SDV (Close/Open)

Alarm SDV Status

Signal to conduct PST PST

command

SDV Status Test result

interpretation

Deactivate solenoid valve

SDV Status Reactivate

solenoid valve

(76)
(77)

(78)

Process ModelOperator

· Standard procedure

· Training

· Safety policy

· Testing acceptance criteria

Alarm SDV Status

Signal to conduct PST Test command

SDV

SDV Status Test result

interpretation

Deactivate

solenoid valve SDV Status

Process ModelMCS

Test command

· Send signal to conduct PST SDV Status Indicator

· Open

· Close

HCM Test command

· Deactivate solenoid valve

· Reactivate solenoid valve before the SDV reaches fully closed condition

Reactivate

solenoid valve

(79)

MCS

HCM Operator

The testing result is judged as acceptable when it is actually not

MCS provides false indication of SDV status

SCM provides false indication of SDV status

SDV Operator misinteprets output signal from MCS

No alarm is provided when SDV fails to close

MCS

HCM Operator

SDV is fully closed during partial stroke testing

MCS executes different command from the one that operator has given Operator sends wrong command to MCS

SDV

Failure of hydraulic line

Failure of the solenoid valves

Failure of electrical line Failure of electrical line

(80)

(81)
(82)

(83)

(84)

(85)
(86)
(87)

(88)

(89)
(90)
(91)
(92)
(93)
(94)
(95)
(96)
(97)
(98)
(99)
(100)

Referanser

Last ned nå ( PDF - 100 sider - 20.22 MB )

RELATERTE DOKUMENTER

Crime is Terribly Revealing: Information Technology and Police Productivity*

Using an average of 10 percent as an estimate (this is an approximation as clearance rates might also vary slightly with the number of the sequence) and setting the

The beginning of the NHS – and the impact on Norwegian health care

The ideas launched by the Beveridge Commission in 1942 set the pace for major reforms in post-war Britain, and inspired Norwegian welfare programmes as well, with gradual

The XXII Nordic Congress on the History of Medicine –

On the first day of the Congress, on Wednesday 3 June, 2009, we will organize a Pre Congress Workshop on topics related to museums of the history of medicine, addressing the

17-00069

This report documents the experiences and lessons from the deployment of operational analysts to Afghanistan with the Norwegian Armed Forces, with regard to the concept, the main

953166

Model 1 showed a local minimum appearing around the time when the aerobic power reached steady state for continuous exercise, whereas for Model 2 the alactic energy storage

1682712

Overall, the SAB considered 60 chemicals that included: (a) 14 declared as RCAs since entry into force of the Convention; (b) chemicals identied as potential RCAs from a list of

1598972

An abstract characterisation of reduction operators Intuitively a reduction operation, in the sense intended in the present paper, is an operation that can be applied to inter-

CM_1990_D_36.pdf (2.495Mb)

(with or without the use of cross validation procedures). Some form of statistical test is needed to evaluate whether the model for the spatial process