Chapter 10
Subsea Risk and Reliability
Contents
10.1. Introduction
10.1.1. Overview of Risk Management
10.1.2. Risk in Subsea Projects
10.2. Risk Assessment
10.2.1. General
10.2.2. Assessment Parameters
10.2.3. Risk Assessment Methods
10.2.4. Risk Acceptance Criteria
10.2.5. Risk Identification
10.2.5.1. Hazard Identification Analysis
10.2.5.2. Design Review
10.2.5.3. FMECA
10.2.6. Risk Management Plan
274
10.3. Environmental Impact Assessment
10.3.1. Calculate the Volume Released
10.3.2. Estimate Final Liquid Volume
10.3.3. Determine Cleanup Costs
10.3.4. Ecological Impact Assessment
10.3.4.1. Fish and Invertebrates
10.3.4.2. Sea-Associated Birds
10.3.4.3. Marine Mammals
10.3.4.4. Sea Turtles
10.4. Project Risk Management
10.4.1. Risk Reduction
10.5. Reliability
10.5.1. Reliability Requirements
10.5.2. Reliability Processes
10.5.3. Proactive Reliability Techniques
10.5.4. Reliability Modeling
10.5.5. Reliability Block Diagrams (RBDs)
10.5.5.1. Concept
10.5.5.2. Timing of Application
10.5.5.3. Requirements
10.5.5.4. Strengths and Weaknesses
10.6. Fault Tree Analysis (FTA)
10.6.1. Concept
10.6.2. Timing
10.6.3. Input Data Requirements
10.6.4. Strengths and Weaknesses
10.6.5. Reliability Capability Maturity Model (RCMM) Levels
10.6.6. Reliability-Centered Design Analysis (RCDA)
10.1 Introduction
The exploration and production of oil and gas resources entail a variety of risks, which, if not adequately managed, have the potential to result in a major incident.
All subsea field development procedures involved in designing, manufacturing, installing, and operating subsea equipment are vulnerable to a financial impact if poor reliability is related to the procedure. Equipment reliability during exploration and production is one of the control factors on safety, production availability, and maintenance costs. In the early design phases, the target levels of reliability and production availability can be controlled through application of a systematic and strict reliability management program.
This chapter presents a recommended systematic risk management program and further describes a methodology for analyzing field architectures to improve the reliability of system design and to reduce operating expenses by using reliable engineering tools.
10.1.1 Overview of Risk Management
Risk is defined as the potential for the realization of unwanted, negative consequences of an event. Risk can be measured by the product of the probability of the event occurring and the consequence of the event [1]. Risk management is the systematic process of identifying, analyzing, and responding to project risk. It involves minimizing the probability and consequences of adverse events and maximizing the probability and consequences of positive events based on project objectives.
The subsea business is a unique industry in many ways, but its uniqueness is not limited to the diversity inherent in any project or to the differences between all projects; its diversity also includes the people working within the industry. As a whole, these people are at the cutting edge of a high-risk and potentially highly rewarding industry. It would therefore seem beneficial for the industry, as a whole, to adopt an overall risk management methodology and philosophy in order to utilize joint efforts that can help maximize the success of its projects [2].
Risk management can be regarded as a continuous assessment process applied throughout the design, construction, operation, maintenance, and decommissioning of a project. The integrity risk management life cycle is illustrated in Figure 10-1.
Figure 10-1 Integrity Risk Management Life Cycle
10.1.2 Risk in Subsea Projects
A subsea project is complex and involves uncertainties from a wide range of sources. Managing these uncertainties in a systematic and efficient manner with a focus on the most critical uncertainties is the objective of a successful risk management plan. Some of the areas of uncertainty that need to be considered are as follows [3]:
Many cost issues need to be considered when assessing the economics of a field development. In the ranking of different investment opportunities for a field development project, the following issues need to be considered:
• Costs of capital expenditure and operating expenditures;
• Schedule of project tasks and completion of milestones;
• Health, safety, and environmental concerns (meeting regulations and company requirements);
• Structural reliability (using a design that meets requirements);
• Flow assurance (analysis that meets availability requirements).
10.2 Risk Assessment
10.2.1 General
Risk assessment is the process of assessing risks and factors influencing the level of safety of a project. It involves researching how hazardous events or states develop and interact to cause an accident. The risk assessment effort should be tailored to the level and source of technical risk involved with the project and the project stage being considered. The assessment of technical risk will take different forms in different stages of the project; for example [1]:
• A simple high-level technical review may filter out equipment with technical uncertainty.
• Consequence/severity analyses can be used to identify equipment with the greatest impact on production or safety and environment.
• Potential failure modes or risk of failure can be identified.
• Technical risk reviews can be used to identify where equipment is being designed beyond current experience.
10.2.2 Assessment Parameters
When assessing risk exposure, the parameters listed in Table 10-1 should be evaluated.
Table 10-1. Assessment Parameters [4]
| Assessment Parameter | Keywords for Assessment |
| Personnel exposure | |
| Overall project particulars | |
| Existing field infrastructure | |
| Handled object | |
| Marine operation method | |
| Equipment used | |
| Operational aspects |
10.2.3 Risk Assessment Methods
When assessing risk, the parameter of probability must be considered to obtain an overall assessment because not all risks will evolve into project certainties. During the assessment, risks are removed to get a global view. This method is based on functional expertise, and a fixed scoring value is used to achieve balanced results. For example, if a risk is assessed as having a probability of occurrence between 1% and 20%, then the mean of the range, 10%, will be used in the calculation. Table 10-2 illustrates the values utilized for different probabilities at various risk levels in a risk assessment.
Table 10-2. Probability in Risk Assessment [2]
| Risk | Probability | Utilize |
A 100% probability does not appear in the table because 100% probability is a project certainty. The risk evaluation deals only with scenarios that might happen. Once having identified the probability and established the level of risk, it is necessary to prioritize the actions to be undertaken.
10.2.4 Risk Acceptance Criteria
The risk criteria define the level at which the risk can be considered acceptable /tolerable. During the process of making decisions, the criteria are used to determine if risks are acceptable, unacceptable, or need to be reduced to a reasonably practicable level. Numerical risk criteria are required for a quantitative risk assessment.
As described previously, risk assessment involves uncertainties. It may not be suitable to use the risk criteria in an inflexible way. The application of numerical risk criteria may not always be appropriate because of the uncertainties of certain inputs. The risk criteria may be different for different individuals and also vary in different societies and alter with time, accident experience, and changing expectations of life. Therefore, the risk criteria are only able to assist with informed judgments and should be used as guidelines for the decision-making process [5].
In risk analysis, the risk acceptance criteria should be discussed and defined first. Three potential risk categories are proposed in DNV-RP-H101 [4]:
The categorization is based on an assessment of both consequence and probability, applying quantitative terms. The categories should be defined for the following aspects:
A risk matrix is recommended for defining the risk acceptance criteria, a sample of which is presented in Figure 10-2.
Figure 10-2 Sample Risk Matrix [4]
10.2.5 Risk Identification
Many tools and techniques are used when identifying risk. Some of them are introduced in this section.
10.2.5.1 Hazard Identification Analysis
The hazard identification (HAZID) technique is used to identify all hazards with the potential to cause a major accident. Hazard identification should be done in the early stage of the project and be conducted in the conceptual and front-end engineering stages. HAZID is a technique involving the use of trained and experienced personnel to determine the hazards associated with a project. Significant risks can be chosen through HAZID by screening all of the identified risks. The technique is also used to assess potential risks at an early stage of the project.
10.2.5.2 Design Review
The design review is used to evaluate the design based on expert opinions at various stages. It is also used to identify the weaknesses of a design for a particular system, structure, or component.
10.2.5.3 FMECA
A failure mode, effects, and criticality analysis (FMECA) is conducted to identify, address, and, if possible, design out potential failure modes. The use of a process FMECA to identify potential failures that could occur during each step of the procedure with a view toward finding better (risk-reducing) ways of completing the task (high risk operations only) should be considered. All procedure-related actions from any detailed design FMECA and peer reviews should be incorporated into the project [1].
The advantages of FMECA are as follows:
• Applicable at all project stages;
• Versatile—applicable to high-level systems, components, and processes;
FMECA also has two weaknesses:
10.2.6 Risk Management Plan
The risk management plan includes resources, roles and responsibilities, schedules and milestones, and so on. However, it should only involve items that can be achieved within the schedule and budget constraints. By applying the risk management plan to the total development project, risks will be reduced and decisions can be made with a better understanding of the total risks and possible results.
10.3 Environmental Impact Assessment
When a subsea spill occurs, environmental consequences can be very severe. Assessing environmental damage is extremely difficult because of the many factors involved in cleanup effects and in estimating the costs for possible civil penalties or fines. Environmental damage is typically assessed based on a dollar-per-barrel estimate for the material and location of release.
The consequences of a release from process equipment or pipelines vary depending on such factors as physical properties of the material, its toxicity or flammability, weather conditions, release duration, and mitigation actions. The effects may impact plant personnel or equipment, population in the nearby residences, and the environment.
Environmental impact assessment is estimated in four phases:
10.3.1 Calculate the Volume Released
Sources of hazardous release include pipe and vessel leaks and ruptures, pump seal leaks, and relief valve venting. The mass of material, its release rate, and material and atmospheric conditions at the time of release are key factors in calculating their consequences.
Release can be instantaneous, as in the case of a catastrophic vessel rupture, or constant, as in a significant release of material over a limited period of time. The nature of release will also affect the outcome. With appropriate calculations, it is possible to model either of the two release conditions: instantaneous or constant.
For a subsea release case, the leak rate and detection times are major factors when determining the volume of the leak:
where
10.3.2 Estimate Final Liquid Volume
When a vapor or volatile liquid is released, it forms a vapor cloud that may or may not be visible. The vapor cloud is carried downwind as vapor and suspended liquid droplets. The cloud is dispersed through mixing with air until the concentration eventually reaches a safe level or is ignited.
Initially, a vapor cloud will expand rapidly because of the internal energy of the material. Expansion occurs until the material pressure reaches that of ambient conditions. For heavy gases, the material spreads along the ground and air is entrained in the vapor cloud, due to the momentum of the release. Turbulence in the cloud assists in mixing.
As the concentration drops, atmospheric turbulence becomes the dominant mixing mechanism, and a concentration profile develops across the vapor cloud. This concentration profile is an important feature in determining the effects of a vapor cloud.
Several factors determine the phenomena of dispersal:
• Density: The density of the cloud relative to air is a very important factor affecting cloud behavior. If denser than air, the cloud will slump and spread out under its own weight as soon as the initial momentum of the release starts to dissipate. A cloud of light gas does not slump, but rises above the point of release.
• Release height and direction: Releases from a high elevation, such as a stack, can result in lower ground-level concentrations for both light and heavy gases. Also, upward releases will disperse more quickly than those directed horizontally or downward, because air entrainment is unrestricted by the ground.
• Discharge velocity: For materials that are hazardous only at high concentrations, such as flammable materials, the initial discharge velocity is very important. A flammable high-velocity jet may disperse rapidly due to initial momentum mixing.
• Weather: The rate of atmospheric mixing is highly dependent on weather conditions at the time of release. Weather conditions are defined by three parameters: wind direction, speed, and stability.
When liquid escapes to the environment, the major influence is the environmental pollution, which is determined by the liquid remaining in the water.
Following a spill, a certain fraction of lighter hydrocarbons can evaporate, thus reducing the volume of liquid that needs to be cleaned up. The persistence factor 
is used to quantify the amount of unevaporated liquid. In general, is found as follows:
where
The time, t, includes the time to initiate cleanup, which is estimated as the time required to begin the cleanup effort in earnest, including the time to plan a cleanup strategy and mobilize all necessary equipment.
Methods for calculating evaporation rate constants for pure components and mixtures are provided in Table 10-3.
Table 10-3. Evaporation Rate Constants for Pure Components [6]
10.3.3 Determine Cleanup Costs
In general, the cleanup costs for a leak to the environment are estimated using the following expression:
The estimates of the cost to clean up spills of various liquids are the most uncertain variable in an environmental consequence analysis. Every attempt must been made to estimate cleanup costs in a reasonable manner. Based on historical data, cleanup costs for crude oil on open water can vary from $50 to $250 per gallon.
10.3.4 Ecological Impact Assessment
Oil spills on the sea surface can affect a number of marine species. The species most vulnerable to “oiling” are seabirds, marine mammals, and sea turtles that may come into direct contact with the hydrocarbons, although any interaction with the spilled hydrocarbons depends on the time these animals spend on the sea surface. The exact distribution and feeding areas of seabirds, marine mammals, and sea turtles in the offshore environment are unknown. Large swimming animals such as cetaceans and turtles are mobile and could move away from spilled oil and are less likely to be affected. Fishes living beneath the surface can detect and avoid oil in the water and are seldom affected.
Fish and Invertebrates
Marine Mammals
Sea Turtle
Each of these species is discussed next in terms of their habitats, life stages, and overall vulnerability to oil spills.
10.3.4.1 Fish and Invertebrates
Near-shore and shallow waters are important for the spawning and early stages of several important fish species, which could be vulnerable to spilled oil depending on the timing of the spill.
10.3.4.2 Sea-Associated Birds
Seabirds are the species most vulnerable to the effects of oiling; the species listed above all come into contact with the sea surface and, hence, potentially oil from a spill. Murres and black guillemots are particularly vulnerable because they fly infrequently, spending the majority of their time on the sea surface.
10.3.4.3 Marine Mammals
With the exception of seals, otters, and polar bears, marine mammals are not particularly susceptible to the harmful effects of oiling. Harbor seal pups may be susceptible to the effects of oiling. Although not classified as a marine mammal, river otters are included in the list because they spend a great deal of time in the marine environment.
10.3.4.4 Sea Turtles
The vulnerability of sea turtles to oiling is uncertain.
10.4 Project Risk Management
One of the key uncertainties related to a subsea deepwater development is the capacity to deliver equipment reliably on time so that the project is on schedule and the time to first oil or gas production is not delayed. The number of interfaces, equipment suppliers, and subcontractors involved, however, can make this process complex and difficult to manage. Project risk management can provide an excellent tool for systematically managing these challenges.
Project risk management is a systematic approach for analyzing and managing threats and opportunities associated with a specific project and can, thereby, increase the likelihood of attaining the project’s objectives in terms of cost, schedule, and operational availability. The use of a project risk management process will also enhance the understanding of major risk drivers and how these affect project objectives. Through this insight, decision makers can develop suitable risk strategies and action plans to manage and mitigate potential project threats and exploit potential project opportunities.
Project risk management in field development projects has the following set of goals:
• Identify, assess, and control risks that threaten the achievement of the defined project objectives, such as schedule, cost targets, and performance. These risk management activities should support the day-to-day management of the project as well as contribute to efficient decision making at important decision points.
• Develop and implement a framework, processes, and procedures that ensure the initiation and execution of risk management activities throughout the project.
• Adapt the framework, processes, and procedures so that the interaction with other project processes flows in a seamless and logical manner.
The project risk management process should be assisted by a set of tools that supports these processes and also allows a graphical representation of the project schedule and risks that potentially could affect these plans [3].
10.4.1 Risk Reduction
Risk reduction processes are focused on the generation of alternatives, cost effectiveness, and management involvement in the decision-making process. Use of these processes is designed to reduce the risks associated with significant hazards that deserve attention.
In safety analysis, safety-based design/operation decisions are expected to be made at the earliest stages in order to reduce unexpected costs and time delays. A risk reduction measure that is cost effective at the early design stage may not be as low as reasonably practicable at a later stage. Health, safety, and environmental (HSE) aim to ensure that risk reduction measures are identified and in place as early as possible when the cost of making any necessary changes is low. Traditionally, when making safety-based design/operation decisions, the cost of a risk reduction measure is compared with the benefit due to the reduced risks. If the benefit is larger than the cost, then it is cost effective; otherwise it is not. This kind of cost/benefit analysis based on simple comparisons has been widely used in safety analysis [5].
Figure 10-3 illustrates a route for improving safety.
Figure 10-3 A Route for Improving Safety [7]
10.5 Reliability
10.5.1 Reliability Requirements
Reliability refers to the ability of a device, system, or process to perform its required duty without failure for a given time when operated correctly during a specified time in a specified environment.
At present, it is obvious that numerical reliability requirements are rarely set at the invitation to tender stage of projects. A numerical analysis is generally performed later during the detailed design stage.
Reliability requirements are often imposed on new contracts following particular instances/experiences of failure. This is an understandable response; however, this is not a sound strategy for achieving reliability because the suppliers may feel they have met the reliability requirements if they have dealt with the listed issues.
If no reliability target is set, the underlying signal to the supplier is “supply at whatever reliability can be achieved at the lowest cost” [8].
10.5.2 Reliability Processes
API RP 17N lists twelve interlinked key processes that have been identified as important to a well-defined reliability engineering and risk management capability. These reliability key processes provide a supporting environment for reliability activities. When these are implemented across an organization, the reliability and technical risk management effort for each project is increased. Figure 10-4 illustrates the key processes for reliability management. The 12 reliability key processes are as follows [1]:
• Definition of Availability Goals and Requirements Ensures that the project goals are fully aligned with overall business performance objectives and provides the focus for design and manufacture for availability and reliability assurance. The trade-off between the purchase cost and the operational expenditure needs to be understood when considering the need for reliability improvement. This should then be considered when setting goals and requirements.
• Organizing and Planning for Availability Allocates leadership and resources to the required reliability activities such that they add value to the project overall and do not adversely affect the project schedule. The reliability activities identified should be considered an integral part of the engineering process and integrated with conventional engineering tasks in the project management system.
• Design and Manufacture for Availability Should be considered an extension of good engineering practice but requires increased focus on understanding how and why failures occur in operation. Information gathered during reliability analysis activities should be considered during the design process to drive the design’s ability to achieve and deliver the specified availability requirements.
• Reliability Assurance This is the essential element of managing technical risk because it is the process of identifying, assessing, justifying, and, most importantly, communicating the information pertaining to risks to the technical effectiveness of the system.
• Risk and Availability Analysis Provides reliability management support by identifying potential faults and failure mechanisms and their effects on the system in advance of operation and to quantify risk and reliability. Analysis and models usually focus on function, hardware, or process.
• Verification and Validation Confirms that any given activity is the correct one and that it has been carried out correctly.
• Project Risk Management Addresses nontechnical risks throughout the project life cycle to enable all risks to be identified, quantified, managed, and preferably eliminated.
• Reliability Qualification and Testing This is the process by which systems are examined and evidence is provided to demonstrate that the technology employed meets the specified requirements for the intended use. The qualification process in some projects may start as early as the feasibility stage if it is known that a specific piece of unqualified hardware will be required to exploit a field.
• Performance Tracking and Data Management collects and organizes reliability performance data from all projects at all project stages to support the assessment of reliability, availability, and production efficiency. Historical reliability and availability data can be used to determine the availability goals and requirements for projects with field-proven equipment, and also understand any failures that have been experienced to provide inputs to reliability analysis and improved design.
• Supply Chain Management Ensures that reliability and technical risk management goals, requirements, achievement, and lessons learned are communicated among all organizations involved in the project. The ability to manage the various interfaces between the customers and suppliers down the supply chain is expected.
• Management of Change Ensures that any changes are consistent with the project reliability and technical risk management goals and that their impacts are fully assessed and managed.
• Organizational Learning Provides resources to ensure that information is fed back to the whole organization involved in design and system integration, and the whole organization understand the lessons to be learned from failure. The lessons learned usually cover the whole life of the project from strategic thinking and decision making through project execution and the delivery of benefits and should include both good and bad practices.
Figure 10-4 Key Processes for Reliability Management [8]
10.5.3 Proactive Reliability Techniques
In a proactive environment, the orientation toward reliability is changed. Reliability engineers become involved in product design at an early point to identify reliability issues and concerns and begin assessing reliability implications as the design concept emerges. Because of the continuous requirement for improved reliability and availability, an integrated systems engineering approach, with reliability as a focal point, is now the state of the art in product and systems design. Frequently, it is desirable to understand, and be able to predict, overall system failure characteristics.
Reliability and availability are typically increased [9]:
• Through improved hardware and software fault tolerance design;
• By implementing more efficient screening tests during manufacturing, which reduces the quantity of induced failures;
• By reducing the number of incidents where an apparent failure cannot be verified;
• By increasing the time between preventive maintenance actions.
10.5.4 Reliability Modeling
To predict system reliability, the reliabilities of the subsystems should be assessed and combined to generate a mathematical description of a system and its operating environment by reliability modeling. Once the system reliability has been calculated, other measures can be evaluated as inputs for decision making. In this circumstance, a mathematical description of a system constitutes a model of the system failure definitions; that is, the model expresses the various ways a system can actually fail. The complexity of a reliability model relies on the complexity of the system and its use but also to a large extent on the questions at hand, which the analysis attempts to answer. The addition of failure consequences and their costs, maintainability, downtime, and other considerations to the complexity of a model not only influences future economic realities of the system design and use, but also becomes the metrics of interest for decision makers.
A reliability model attempts to represent a system and its usage in such a way that it mirrors reality as closely as possible. To produce useful results in a timely fashion, models often have to balance the effort of reflecting a close-to-reality and using practical simplifications. This implies that oftentimes models contain approximations based on engineering judgments and reasoned arguments to reduce the complexity of the model. This can easily lead to a “false” impression of accuracy and a potentially incorrect interpretation of the results by using sophisticated mathematical models in situations in which the quality of the input data is not equally high. The main objective of reliability modeling is to identify weak points of a system as areas for improvement, although it is a quantitative tool. So there is a need to focus on the comparison of results for various system design solutions rather than on the often prompted question about the absolute results. In this respect a reliability model can be an extremely valuable tool for making design decisions.
The process of reliability modeling always begins with the question about the objective of the analysis. Only if the objective and the expected outcome are clearly defined can an appropriate modeling technique be chosen. The most common analysis techniques include, but are not limited to, reliability block diagrams, fault tree analysis, and Markov analysis, which is also known as state-time analysis. Oftentimes a combination of those tools is required to address the objective of an analysis adequately [10].
10.5.5 Reliability Block Diagrams (RBDs)
The general purpose of RBDs is to derive reliability predictions during the design phase of hardware developments and to provide a graphical representation of a system’s reliability logic.
10.5.5.1 Concept
Rather than making absolute predictions of system reliability, RBDs establish a basis for design trade-off analyses. Like the other reliability engineering tools, RBDs allow product evaluations and identification of problem areas before a design is finalized. An RBD represents a clear picture of system functions and interfaces and shows the failure logic of a given system. It models the interdependencies of logical system components and allows the overall system reliability to be computed. The results can be used to verify compliance of subsystems within system-level requirements. Especially in cases of complex systems with redundancies, RBDs are helpful tools.
Using reliability engineering software allows the user to take into account various types of redundancies, such as active, standby, and others. Even the failure probability of imperfect switches can be included in a model. Once a model is established, sensitivity analyses can be performed by changing the configuration, adding redundancies, and modifying maintenance strategies–to name just a few of the options. The results help to prepare design decisions between various competing configurations. Reliability block diagrams can also be used to visualize the system structure and to aid in training and troubleshooting [11].
10.5.5.2 Timing of Application
A top-level RBD can be constructed as soon as a system layout has been defined. An RBD may be required whenever a design FMECA is performed. The best timing for use of a reliability block diagram is as early as possible in the design process.
10.5.5.3 Requirements
RBD users should understand the various types of redundancies as well as the system architecture and functionality. In addition, thorough knowledge of how the system operates and reliability parameters (e.g., hazard rate) for each block in the diagram are needed.
10.5.5.4 Strengths and Weaknesses
API RP 17N illustrates the strengths and weaknesses of RBDs [1]:
10.6 Fault Tree Analysis (FTA)
FTA is another tool in the reliability engineering toolkit. The general purpose of FTA is to identify the technical reason for the specified unwanted events and to estimate or predict the system reliability performance. FTA logically represents all possible failure modes of a system or package.
10.6.1 Concept
FTA is a systematic and deductive method for defining a single undesirable event and determining all possible reasons that could cause that event to occur. The undesired event constitutes the top event of a fault tree diagram, and generally represents a complete or catastrophic failure of a product or process. As well as a FMECA, an FTA can also be used for identifying product safety concerns.
Contrary to a FMECA, which is a bottom-up analysis technique, a FTA takes a top-down approach to assess failure consequences. An FTA can be applied to analyze the combined effects of simultaneous, noncritical events on the top event, to evaluate system reliability, to identify potential design defects and safety hazards, to simplify maintenance and trouble-shooting, to identify root causes during a root cause failure analysis, to logically eliminate causes for an observed failure, etc. It can also be used to evaluate potential corrective actions or the impact of design changes [11].
10.6.2 Timing
FTA is best applied during the front-end engineering design (FEED) phase as an evaluation tool for driving preliminary design modifications. Once a product is already developed or even on the market, an FTA can help to identify system failure modes and mechanisms.
10.6.3 Input Data Requirements
Intimate product knowledge of the system logic is required for tree construction, and reliability data for each of the basic units/events are required by quantitative analyses.
10.6.4 Strengths and Weaknesses
API RP 17N illustrates the strengths and weaknesses of FTA [1]:
Strengths
10.6.5 Reliability Capability Maturity Model (RCMM) Levels
The reliability capability maturity model provides a means of assessing the level of maturity of the practices within organizations that contribute to reliability, safety, and effective risk management.
Reliability capability is categorized into five maturity levels as shown in Figure 10-5. Each level introduces additional or enhanced processes and these will lead to higher levels of reliability capability. An overview of RCMM levels is given in Table 10-4.
Figure 10-5 Reliability Capability Maturity Model Levels [12]
Table 10-4. Overview of Reliability Capability Maturity Levels [1]
| Maturity Level | Description |
| 1 | No understanding of reliability concepts. |
| 2 | Prescriptive procedures that are repeatable but do not directly relate to reliability. |
| 3 | Understanding of historical achievements in reliability but with limited capability to learn from lessons and improve reliability. |
| 4 | Understanding of design for availability and how to correct designs to improve reliability given the observation of failure. |
| 5 | Understanding of design for availability and implementation into a proactive continuous improvement program (both managerial and operational). |
10.6.6 Reliability-Centered Design Analysis (RCDA)
Reliability centered design analysis is a formalized methodology that follows a step-by-step process. RCDA lowers the probability and consequence of failure, resulting in the most reliable, safe, and environmentally compliant design.
The direct benefits of using RCDA in FEED are as follows [13]:
• Higher mechanical availability, which results in longer operating intervals between major outages for maintenance, significantly increasing revenue.
• Reduced risk. RCDA results in designs that lower the probability and consequence of failure.
• RCDA is a functional-based analysis. It focuses on maximizing the reliability of critical components required to sustain the primary functions for a process.
• Shorter maintenance outages. Reduced downtime results in fewer days of lost production, significantly increasing revenue.
• Safer, more reliable operations, better quality control, more stable operation with the ability to respond to transient process upsets.
• Lower operating expenses. RCDA results in designs that cost less to maintain over the operating life of the asset.
• Optimized preventive and predictive maintenance programs and practices. A comprehensive program is created during RCDA. Training to these practices is performed in advance, so assets are maintained from the minute the project is commissioned.
• Emphasis on condition-based maintenance practices. Equipment condition is continuously monitored, maximizing the full potential of the assets, and avoiding unnecessary inspections and costly overhauls.
• RCDA can be used as a training tool for operators and maintenance personnel. RCDA documents the primary modes of failure and their consequences and causes for failure well in advance of building the platform.
• Spare parts optimization. Because the dominant failure causes are identified for each piece of equipment, the spare parts requirements are also known. Because this analysis is performed on the entire platform, stock levels and reorder levels can also be established.
The RCDA process is integrated into project management stages, that is, FEED. As a process, it follows a uniform set of rules and principles. Figure 10-6 illustrates the RCDA process flow diagram.
Figure 10-6 RCDA Process Flow Diagram [13]
10.7 Qualification to Reduce Subsea Failures
The methodology for reducing subsea failures is formalized in DNV-RP-A203 [14]. It provides a systematic risk-based approach for obtaining the goals of the qualification.
The qualification process comprises the main activities listed next [15]. At each step of the process there is a need for documentation making the process traceable.
• Establish an overall plan for the qualification. This is a continuous process and needs updating after each step using the available knowledge on the status of the qualification.
• Establish a qualification basis comprising requirements, specification, and description. Define the functionality and limiting parameters.
• Screen the technology based on identification of failure mechanisms and their risk, and classification of the technology according to degree of newness to focus the effort where the related uncertainty is most significant.
• Assess maintenance, monitor conditions, and review possible modifications for their effect on the qualification basis.
• Plan and execute reliability data collection. The data are used to analyze the risk involved in not meeting the specifications through experience, numerical analysis, and tests.
• Analyze the reliability and, thereby, the risk of the failure modes related to the functional requirements.
REFERENCES
1. American Petroleum Institute, Recommended Practice for Subsea Production System Reliability and Technical Risk Management, API RP 17N, 2009, March.
2. R. Cook, Risk Management, England, 2004.
3. Brandt H. Reliability Management of Deepwater Subsea Field Developments. Houston: OTC 15343, Offshore Technology Conference; 2003.
4. Det Norsk Veritas. Risk Management in Marine and Subsea Operations. DNV-RP-H101 2003.
5. Wang J. Offshore Safety Case Approach and Formal Safety Assessment of Ships. Journal of Safety Research No 33 2002:81–115.
6. J. Aller, M. Conley, D. Dunlavy, Risk-Based Inspection, API Committee on Refinery Equipment BRD on Risk Based Inspection, 1996, October.
7. International Association of Oil & Gas Producers, Managing Major Incident Risks Workshop Report, 2008, April.
8. Duell C, Fleming R, Strutt J. Implementing Deepwater Subsea Reliability Strategy. Houston: OTC 12998, Offshore Technology Conference; 2001.
9. M. Carter, K. Powell, Increasing Reliability in Subsea Systems, E&P Magazine, Hart Energy Publishing, LP, Houston, 2006, February 1.
10. Skeels HB, Taylor M, Wabnitz F. Subsea Field Architecture Selection Based on Reliability Considerations. Deep Offshore Technology (DOT) 2003.
11. Wabnitz F. Use of Reliability Engineering Tools to Enhance Subsea System Reliability. Houston: OTC 12944, Offshore Technology Conference; 2001.
12. K. Parkes. Human and Organizational Factors in the Achievement of High Reliability. Engineers Australia/SPE 2009.
13. M. Morris, Incorporating Reliability Centered Maintenance Principles in Front End Engineering and Design of Deep Water Capital Projects, http://www.reliabilityweb. com/art07/rcm_design.htm, 2007.
14. Det Norsk Veritas. Qualification Procedures for New Technology. DNV-RP-A203 2001.
15. Tore M. A Qualification Approach to Reduce Subsea Equipment Failures. Proc. 13th Int. Offshore and Polar Engineering Conference 2003.