Documente Academic
Documente Profesional
Documente Cultură
2. Initial presentations were made by John Allen and Don Wells on the background to
the workshop and its purpose. The key messages were:
3. John Strutt gave an overview of the BP subsea reliability strategy and outlined key
concepts proposed as an API RP 17N straw man for consideration by the subsea
community.
4. The workshop invited comment and discussion from the floor on the implementation
of reliability practices in development projects.
Broadly, the approach in the workshop was to discuss each life-cycle phase in turn
and to invite comment and input on key tasks and issues to be addressed as
illustrated below:
Life cycle Phases addressed: Key Reliability Processes:
5. A broad ranging discussion followed during the day. The key points and inputs from
the floor are appended with this summary.
6. At the end of the main discussion Eric Waguespack provided a summary of the
reliability plans proposed for the Deepstar project and how these might interface with
the API RP. This included the management and feedback of data.
2. Many useful comments and suggestions were made and these have influenced the
thinking of the organising committee.
3. There was no direct opposition to the general idea of an API recommended practice
in reliability. There were, however, strong views concerning the approach that should
be taken and the contracting implications that could follow the publication of the RP.
4. There was general support for a recommended practice based on the concept of a
targeted reliability strategy for large, high risk field development projects and product
development projects. “What gets defined and measured gets done!”
5. Particular concerns were raised about the degree of up front effort implied by the
targeted reliability approach, which some regarded as maybe inappropriate for small
low budget fast track projects. The committee has accepted the point made and will
address this in the framework which is now being prepared. One approach would be
to include optional procedures corresponding to different types/categories of project.
6. The next stage, after taking on board all the comments and views of the subsea
community, will be to develop a framework and content for the API RP.
Key Points Covered by the Workshop
General Points
• The industry is where it is today because Operators have not asked for reliability
• Differing Operators Contracting strategy with suppliers influences reliability
strategy
• Difficult for suppliers to implement different reliability strategies for different
customers
• Designers must maintain a “systems” focus (the big picture as well as the
details)
• 6 Sigma and Q1 supports but does not guarantee reliability
• Title of API should reflect risk basis for the Reliability strategy
• There are broadly two categories of reliability strategy
o Targeted reliability paradigm (specific reliability goal defined and design
to achieve)
o Revealed reliability paradigm (no specific goal but analysis to check
reliability)
• Reliability effort must add value to customers and contractors (seen to add value
up front)
• Operators want a suppliers to achieve level 4 capability (reliability influences
design)
• Suppliers should aspire to Level 5 capability (adaptive organisation to sustain
reliability)
• Need better and more efficient use of “design for reliability” tools
• Need to include the use of redundancy in the RP.
• Need to understand and record “how” failures occur (not just what failed and
when) i.e. root cause analysis (RCA)
• We need to improve accelerated testing methods
• Need staff to be competent in reliability technology
• Need to anticipate future reliability needs
Detail Design
Manufacturing Phase
Operational Phase
Operator B recognised loss of revenue from failure. Teams have been established to
develop reliability programmes. Reliability data from the North Sea sector is being used
to compare equipment. Operator B is supporting Deep-Star in this reliability program.
The Operator B approach for the last few years has focused organizational issues.
Operator C currently has no large projects such as those being developed by operator
A. Most are small subsea tie backs. The Operator C strategy is to take small
evolutionary steps, to stick with field proven equipment and incrementally improve
reliability in service. Concern was expressed that the API RP should not just focus on
the big project scenario and should accommodate small “repeat” projects.
Operator D has a number of subsea projects. While it was felt that they generally do a
good job in subsea, they also recognised the scale of the problem and how little is
known about reliability and reliability performance. They have now established a
reliability database.
Operator E recognised the difference between field development projects and product
development projects. It is more difficult to assess reliability in new product
developments (lack of data?). Subsea processing, for example, is new. How can
reliability be achieved and assured. Operator E is looking for guidance on how to
address reliability in product and field development projects, especially for deepwater
applications.
Response: Six Sigma is a process oriented management system, which builds on TQM
and other best practice management principles. It has the broad aim of improving
business performance and a number of Subsea Suppliers have implemented “6 Sigma”
in their business strategy. It has some goals in common with the reliability strategy, but it
is not seen as an alternative to a reliability strategy. A six sigma programme can be used
to strengthen the key processes of a reliability strategy.
2 How will System Redundancy be addressed in the RP?
It must be understood that redundancy only works when there is independence between
the parallel system elements. Thus, it is necessary to ensure that if redundancy is used
to achieve reliability, it is not compromised by common cause failure mechanisms in
which all elements fail at or near the same time.
3 Which of the 13 Key processes is the most critical to include in the RP?
Responses: Arguably, design to achieve and improve reliability is the most critical
process for the Supplier to add value to the customer. The Operator, on the other hand,
must be most capable in defining reliability requirements (asking for what he wants) and
driving / incentivising the key processes used by the suppliers to achieve reliability. None
of the processes stand alone. You have to look at each process as part of an integrated
management system. However, it is accepted that some of the processes are likely to be
covered in more detail than others depending on the type of project.
4 Will the RP address Small Low Cost projects? Some Operators who traditionally
deal with relatively small, low budget projects implement them with little or no feasibility,
concept or FEED effort. Projects move swiftly from design to manufacture “when we
implement a front end design stage, we may have an order within a week. There isn’t a
large front end endeavour. We try to keep the systems as simple as possible, and stay
with the same product line. We try to do good qualification testing, SIT testing, and limit
the number of #1 products”. The API RP should address this style of project as well as
the large complex projects.
Response 1: Even small projects should include a feasibility stage if the operator is
implementing a standard design process; it’s a question of how much effort is needed at
each stage and this must vary with project scope. It was agreed that sometimes
developments will quickly jump to manufacture, but even here it is likely that the
customer would need some assurances on reliability.
Response 2: There is no conflict between the two scales of project. If a standard design
approach is adopted the project would run through the first few phases quickly.
Response: If you are procuring a well established and field proven product, the level of
effort in upfront analysis should be less. The supplier should provide evidence of
reliability performance to the customer. In many situations it is the manufacturer that will
put in the effort, not the operator. It is the manufacturer in the end that delivers reliability
and value to the operator.
Response: We need to be flexible in this document for both larger and small projects.
The RP must recognize the criticality of different components. Some failures may not
affect the system as much as others. A risk based approach needs to be adopted. We
should provide cost effective methods to help decide on the optimum solution whether at
system configuration level or at product level.
7 How much data is needed in the design stage and where do you get it from?
Response: At the feasibility and concept stage the project may have many different
options to consider. A more qualitative approach is demanded at this stage because
details are sparse but it must be systems oriented. You should perform qualitative
systems assessments to identify systems cut sets for the different options and identify
critical items. If you have operated similar fields before you could use standard modules
building on prior experience. The next project focuses on those aspects of the project
that have changed. Defining design changes and assessing their impact is important.
Response: The boundary is likely to be everything below the surface, including the
risers, pipeline, and umbilicals in the water column, pipelines, flow-lines and trees and
other hardware on the sea bed. It is still undecided how far to extend into “down hole”,
drilling and topsides. The down hole, drilling and topsides communities will comment
before finally deciding. Interfaces can be a problem, it often the place where unreliability
problems are realised. These must be addressed if reliability is to be assessed.
A major issue will be the extent to which numerical reliability targets are issued as formal
requirements or simply as objectives.
Planning should be done early and updated as the project moves forward. It is important
to think about how much time it could take to do certain things and how to allocate time
on key reliability activities.
Most of the systems reliability analysis work should be front loaded into the FEED stage.
So that more effort can be put on identifying and understanding the detailed failure paths
at component level when the project moves into detail design phase.
Another issue is how reliability is organised. Who does what at which stage? Who has
the responsibility for reliability achievement and who is this handed over to at the
different stages of the life cycle, what is handed over, and what is applied during the
hand over? The reliability engineer must be part of the design team but the whole team
needs to speak the language. This is an issue to be addressed by the API committee
Response: In detail design you are looking at the specific components that are gong to
be used in the system and how they will be used in the system. By this stage the R&M
issues are largely defined so options to change things are reduced. However, as long
as manufacture has not started there are still issues that can be addressed and some
changes may be possible to incorporate reliability improvement ideas. At this stage
more thought is put into installation, commissioning and start up. R&M analyses should
be updated with the latest available data to forecast the likely field performance.
Comment: In detailed design, the ability to address reliability in EPC contracts is limited.
Contractor do what they think is appropriate. There is rarely an up-front reliability goal for
the total subsea architecture. There are various approaches you can take. The subsea
system that is super reliable is probably a waste of money. Somewhere in the process
you have to take the larger view. For example there is probably more down time arising
from topside initiated events than from subsea failures.
Effectively you are asking what changed from last time, same manufacture, same
equipment, will this work? How do you deal with a project that has 75% of all the
equipment which is brand new. Are there any details that we should write down? You
create a robust structure with flexibility.
Interfaces in the oilfield must be considered in the models. Sometimes these are not well
addressed. You may or may not consider all of them at the same time.
12 Reliability is a team work effort between the supplier and the user
The supplier can not supply unless he knows how the product is to be used, and what
environment it is to be used in. The requirements have to accommodate loads,
temperature and pressure; whatever it may be. These details should be in the
specification really but they are sometimes not addressed until detail design when
hardware is finally specified. Effort must be put in to address all details between the
manufacturers and the customer.
We should have a reliability manual like a QA manual. The manual would set out the
overall plan for the company regarding reliability management. This could be
engineering intensive, include a check list, then move to the QC plan, and when it gets
to specific components have check points. Structured level should begin at the highest
level. The manual would have to be part of the engineering design.
NASA has a separate reliability manual and a QA manual for each project. NASA is
seeking approval to share this approach with API.
In some organisations the subsea resources are limited; two engineers and a few
contractors. When we are stretching the steps on a new project, we focus on what we
need to do to meet the new requirement. The reviews of designs and anything done on
paper does not go in the same order of magnitude as you would have with a previously
proven design. Deal with errors in the field, and all that goes on.
The focus shifts in manufacture to delivering the reliability intent, i.e. manufacturing
hardware that meets reliability requirements, which will normally require some form of
validation and verification by testing. Typically this will include factory acceptance tests
(FAT) and System/site integration tests (SIT). These are however, not the same as
Reliability tests such as key life tests (KLT) or highly accelerated life testing (HALT),
which would aim to simulate or accelerate the proposed equipment operating
environment and should be performed earlier in the design life cycle, i.e. where there is
still sufficient time to influence the product design. These tests tend to be more
appropriate to product development projects rather than fast track field development
projects.
16 What are the key reliability issues and tasks during Manufacture?
The Manufacture of a system is not always in accordance with the design. Some of the
design process, especially during FEED and detail design, should address the issue of
design for manufacture because changes during manufacture need to be carefully
controlled.
We should seek to understand what is occurring in the manufacturing process that can
be fed back into the design teams. For instance the results of testing in manufacture
must be fed back to the design team.
In umbilical manufacture, you have to get the quality required. You need to know your
suppliers in order to get the end result. You have to understand what goes on in
manufacturing if the impact of manufacture on reliability is to be controlled.
Supply chain management has a high impact on this stage. How do you let the
suppliers, suppliers, suppliers know the process? It may work well for the first two tiers
but after that the process may weaken. We are all responsible to some extent for
ensuring that supply chain management is effective. This also needs to be addressed in
conjunction with the quality system
17 What can we put into a recommended practice that can assure reliability at
each stage?
This needs to be thought through. But if the idea of an R&M Case or a Reliability
Demonstration Document is accepted, this would be the place where the evidence for
reliability assurance is collated during the product life cycle. Depending on the nature of
the project, it could for example include information about; how reliability was used as
one of the concept selection criteria, procedures used for defining reliability or availability
requirements, outputs (and resulting decisions arising) from reliability and availability
analyses, results of Tests and QC activities in manufacture, Supply chain management
and change management controls etc.
Response: It may not be realistic to set numerical targets. But it makes a lot of sense to
define procedures and processes to address at this stage. For example: Project risk
management and management of change are key process at this stage. But project risk
management changes in nature to a more responsive/reactive mode i.e. crisis
management, emergency management or contingency planning which address the
potential consequences in high risk scenarios that are often present during installation
and commissioning. The criteria often depend on vessel size.
At this stage there is a step change of responsibility for the system. In successful
projects operational staff get involved a lot earlier inputting to the design team.
In operations we need to collect data on failures and turn this into information and then
into knowledge. Failure analysis, especially root cause analysis, should be performed
and fed back to designers for review and capture of lessons learnt. There should be
consistency in gathering information for failures.
One activity area that most agree is critical to the success of reliability analysis is data.
There are a number of related issues including diagnosis of equipment to identify the
failure mode and may be even the failure causes. Condition monitoring and inspection
using intelligent ROVs and special intervention tooling may be relevant here. A second
issue is communication of information (what to do with the data). If data and failure
information is to have any useful purpose, it must be fed back to the designers and
manufacturers of equipment as they are the ones with the most “need to know”. Data
analysis, is another important issue. How data is analysed and presented can
significantly affect the perception of reliability. For example, if early life failures are
combined with other failures over the life time of equipment then equipment will appear
to have a constant failure rate which in fact it is not. This may give the impression that
early life failures do not exist!
OVERALL
22 What is the Value of Reliability to the Company?
Reliability is about risk management and adding value.
For any given system there will be many failure events with particular consequences
(risks) and when summed they define the overall risk of the system. Where these risks
are unacceptably high, they must be reduced to a level which is acceptable to the
business and its stakeholders. Where the risks are low, they must be managed such that
they remain acceptably low.
The application of reliability engineering principles in design is the discipline which
reduces the probability of a system/product failure and hence reduces the risk of a
failure, by either preventing the failure or by extending the time to failure.
For the subsea industry reliability improvement can have a positive impact on risk
reduction but this statement is conditional on the extent to which the risk can be
reduced. Furthermore risk reduction cannot be achieved cost free. For any given project,
the key questions follow through the following sequence of questions:
a) How big is the current risk?
b) How far can the risk be reduced?
c) What is the acceptable risk?
d) How much should the business spend to reduce the risk?
Answers to these questions may require substantial risk, reliability and business
analysis. The answer to question (d) is influenced by the answers to questions (a) – (c).
For example, if the risk is already low or close to acceptable level then clearly the risk
reduction spend should be substantially lower than projects where the risk (or the
uncertainty about risk) is high and the level of acceptable risk is low.
In other words, the level of investment in reliability improvement and risk reduction must
be commensurate with the risk reduction potential. It is also the case that suppliers must
also gain value for internal investments in developing their reliability engineering and risk
management capability. It must improve their ability to sustain or improve their market
position for products and services.
The nature of the contracting strategy and the type of project should influence the
reliability practices employed and the degree of reliability effort in the project. Four
categories are suggested A, B, C, D as illustrated in figure 1. For example a lower level
of reliability effort may be permissible for a small project such as 2 well tieback using
field proven equipment in similar configurations to prior projects from which there exists
a good deal of reliability information (category D project). At the other end of the
spectrum is the product development project involving a high degree of risk and
uncertain performance (a category A project).
Changes
System Risk
Technology Operating Envelope architecture Criticality
Low budget low risk project using field
Typical operating Minimal change of proven equipment in same configuration
Mature hardware L yes Cat D procedure note a
conditions System Configuraion and similar operating conditions as
previous projects
No
No
No
Notes
a Assumes that there is extensive prior
information and data on reliability
b Thisf category would include typcal
deepwater field development project
c Novel technology means hardware never
used before for production purposes. This
category includes typical product
development projects (all electrical trees)
Level of Effort
5 high
3 Moderate
1 Low
Fig. 2
Define
Agenda
John Allen Introduction 15 min
1
FIRSTNAME LASTNAME COMPANY Phone Fax Email
Rajiv Aggarwal ABB Lummus Global - FPS 713-821-5298 rajiv.aggarwal@us.abb.com
John Allen ABB Offshore 281-855-0319 john.o.allen@us.abb.com
Ray Ayers Stress Engineering Services 281-955-2900 281-955-2638 ray.ayers@stress.com
Paul Balaster Halliburton/KBR 713-760 3103 unsure of e-mail paul.balaster@halliburton.com
Morris Baldridge Halliburton 972-418-3981 morris.baldridge@halliburton.com
John Bednar bp 281-249 4325 bednarjm@bp.com
Jennifer Bell Mentor Subsea Engineering, Inc. 281-870-5464 281-870-5130 jmbell@mcdermott.com
Luis Bensimon Kerr-McGee 281-673-6408 281-673-4408 lbensimon@kmg.com
Jim E. Chitwood ChevronTexaco/DeepStar 281-596-3307 281-596-2656 chitwje@chevrontexaco.com
Tim Dean Kerr-McGee 281-673-6559 281-673-4559 tdean@kmg.com
Craig Duehl BP 281-247-7972 duehlcy@bp.com
Bob Duzan Boeing
David Harrold FMC 281-591-3831 dave.harrold@fmcti.com
Rick Kopps Marathon 713-296-3362 713-296-3190 RKopps@marathonoil.com
Mike Larkin ChevronTexaco 713-432-2681 alarkin@chevrontexaco.com
Ken Malloy Stress Engineering Services 713-466-1527 713-896-6807 ken.malloy@mohreng.com
Doug McFadden USA doug.w.mcfadden1@jsc.nasa.gov
Paul Miller INTEC 713-570-1000 paul.miller@intecengineering.com
Bjorn Nilberg DNV 281-721-6783 bjorn.nilberg@dnv.com
Angela Norris Kerr McGee 281-618-6000 anorris@kmg.com
Ken Powell Cameron 713-939-2457 powellkp@camerondiv.com
Nathan Ramamurthy ABB Vetco Gray 281-405-3838 nathan.ramamurthy@us.abb.com
Ian Rodger Jardine 66 7711 874387 ian.rodger@jardine.co.uk
Gaurav Sharma Halliburton/Granherne
Mark Siegmund bp siegmund@bp.com
John Strutt Cranfield University J.E.Strutt@cranfield.ac.uk
Hai Hong Sun ABB Offshore HSun@eagle.org
Ed Szymczak ABB Vetco Gray 281-847-4674 ed.szymczak@us.abb.com
Ernesto Valenzuela ABB Offshore 281-877-6819 281-877-5820 EValenzuela@eagle.org
Eric Waguespack ChevronTexaco 281-596-2373 281-596-2150 ericwaguespack@chevrontexaco.com
Aozhi (Christina) Wang ABS 281-877-5993 cwang@eagle.org
Don Wells ConocoPhillips 281-293-3803 281-293-6688 don.wells@conoco.com
Ken Young Stress Engineering Services kenneth.young@mohreng.com
API 17N working groups
Detail Design
1. Core Tasks
1. R&M specification tasks for this phase. How should they be performed
2. What detail design tasks to achieve reliable system
3. Collation of information for Assurance (who what how)
2. Tasks associated with Implementation of Verification and Analysis
1. What verification/validation tasks need to be addressed at this stage
2. What tools, data and methods are available or could be used
3. What tests need to be performed at this stage.
3. Implement Reliability Management tasks
1. Reliability Planning and Project risk management
2. Supply chain tasks / issues to be addressed at this stage
3. Design change/life cycle transition issues to be addressed
4. Activities which sustain reliability capability in the long term
5. Integration and Interfaces
6. Organisational Issues specific to this phase
API 17N working groups
Manufacture
1. Core Tasks
1. R&M specification tasks. How should they be performed?
2. What Manufacturing tasks to make systems achieve required reliability
3. Collation of information for Assurance (who what how)
2. Tasks associated with Implementation of Verification and Analysis
1. What verification/validation tasks need to be addressed at this stage
2. What tools, data and methods are available or could be used
3. What tests need to be performed at this stage.
3. Implement Reliability Management tasks
1. Reliability Planning and Project risk management
2. Supply chain tasks / issues to be addressed at this stage
3. Design change/life cycle transition issues to be addressed
4. Activities which sustain reliability capability in the long term
5. Integration and Interfaces
6. Organisational Issues specific to this phase
API 17N working groups
Operation
1. Core Tasks
1. R&M specification tasks. How should they be performed
2. What maintenance and Operation tasks to make systems achieve required
reliability
3. Collation of information for Assurance (who, what, how)
2. Tasks associated with Implementation of Verification and Analysis
1. What verification/validation tasks need to be addressed at this stage
2. What tools, data and methods are available or could be used
3. What tests need to be performed at this stage.
3. Implement Reliability Management tasks
1. Reliability Planning and Project risk management
2. Supply chain tasks / issues to be addressed at this stage
3. Design change/life cycle transition issues to be addressed
4. Activities which sustain reliability capability in the long term
5. Integration and Interfaces
6. Organisational Issues specific to this phase
API 17N working groups
Organisational Issues
• How should Reliability teams be integrated into projects
– Distributed model ?
– Centralised Model?
– Roles responsibilities and team structures at each phase
Distributed CentralisedModel
Model
DistributedModel
Model Centralised
1.1. Wider
Widercoverage
coverageofofreliability
reliabilitybecause
because 1.1. Disciplinesneed
Disciplines needless
lessspecialist
specialist
all disciplines involved reliabilitytraining
reliability trainingbutbut
all disciplines involved
2.2. Potentially
Potentiallyprovides
providesgreater
greater 2.2. Potentiallyreduces
Potentially reducesorganisational
organisational
organisational redundancy.Requires
Requiresconcentration
concentrationofof
organisational redundancybut
redundancy butrequires
requires redundancy.
reliabilityknowledge
knowledgeininaafew fewexperts
experts
all disciplines to be trained in reliability
all disciplines to be trained in reliability reliability
engineering
engineeringand andrisk
riskmanagement.
management. 3.3. Largerteam
Larger teamofofreliability
reliabilityspecialists
specialists
3.3. Smaller needed to execute reliability
Smaller team of reliabilityspecialists
team of reliability specialists needed to execute reliability
requirementswith withadequate
adequatecoverage.
coverage.
who’s
who’s role is more facilitationthan
role is more facilitation than requirements
execution
execution 4.4. Communicationwithin
Communication withinReliability
Reliability
4.4. Communication Groupisiseasier,
easier,but
butmore
moredemanding
demanding
Communicationbetween betweendisciplines
disciplines Group
to communicate reliability actionstoto
and
andreliability
reliabilitygroup
groupisismore
more to communicate reliability actions
challenging, disciplines.
challenging,but butactions
actionsare
arerecognised
recognised disciplines.
understood
understood 5.5. Canaccommodate
Can accommodategreater greaterdegree
degreeofof
5.5. Requires uncertaintyand andcomplexity
complexityinin
Requiressimpler
simplermodels
modelsandandclear
clear uncertainty
decision rules
decision
decisionrules
rulestotoprovide
provideconsistency.
consistency. decision rules
Reliability Engineering
Risk Management Centre
Subsea Reliability
Recommended Practice
API 17N RP
J E Strutt
Reliability Engineering
Risk Management Centre
Agenda
• Prior work on Subsea reliability carried out
by Cranfield for BP
– Background
– Motivation and barriers to reliability
– Reliability Strategies
– Key Reliability Processes
– Organisational issues
Reliability Engineering
Risk Management Centre
The BP Reliability
Strategy
What it is and why it was needed
Reliability Engineering
Reliability Strategy
Project Manager
Barriers To Implementation
of a Reliability Strategy
• Very poor Industry awareness of the discipline
• Few customers asked specifically for reliability
• Major factors appeared to be
What is Reliability
• Technical Definition
Reliability is the ability of a product or system to perform
its required functions, without failure, in the specified
environment under the specified operating conditions of
use for the time required
What is Availability
Reliability Goal: To stop
the system from failing
WORKING 1
State tr tf tr tf tr
FAILED 0
The
Theability
abilityof
ofan
anitem
itemtotobe
beininaastate
statetotoperform
performaarequired
requiredfunction
function
under
undergiven
givenconditions,
conditions,atataagiven
giveninstant
instantinintime
timeor
orover
overaagiven
given
interval,
interval,assuming
assumingthat
thatthe
therequired
requiredexternal
externalresources
resourcesare
areprovided
provided
(BS
(BS4778)
4778)
A=
Uptime
=
MTBF Steady state
Uptime + Downtime MTBF + MTTR
Availability
Ap = production availability:
A0 = Operational Availability: includes all contributions to down time
Ai = Intrinsic Availability : includes only down time under design control
Reliability Engineering
Risk Management Centre
In Reality:
Reliability measures how well you are meeting
your business and ethical objectives
Reliability Engineering
Risk Management Centre
Operator’s Goals
Reliability does not appear in corporate Goals
GOALS IN PROJECTS:
High level goals are defined by business and ethical
requirements, such as:
• Cost and Delivery
• Health and Safety
• Environment
Plus
The large number of System Design and Operability
requirements that the design teams have to meet.
These must not conflict with the high level business goals.
Reliability Engineering
Risk Management Centre
DE
price Schedule
LI
ST
V ER
O
C
Y
RELIABILITY
Means
Making the System work …. and Safely!
Reliability Engineering
Risk Management Centre
Reliability
System
Goals
Reliability Engineering
Risk Management Centre
Improved Business
position
Impact of Reliability
Strategy on Vehicle
Manufacturer Ford Jaguar
In Aeronautics
The Ultra Reliable Aircraft Project
• Reliability suddenly increasingly important
– The increasing military customer requirement for risk
transfer to Prime Contractors
– The move to capability/service based contracting and
flow down through the supply chain
– Commercial Airline drive for higher reliability at entry
into service
– Commercial Airline drive for greater availability and
despatch reliability in service
10-2
P2C2
PP1 target
targetprobability
probabilityofoffailure
failure
10-3 1
Cost = C0 CC1 Cost of failure with implementation
Cost of failure with implementation
1
P1C1 PP2 Current
2 Currentprobability
probabilityofoffailure
failure
10-4 CC2 Cost of failure without implementation
Cost of failure without implementation
2
CC0 Cost
Costofofreliability
reliabilityimplementation
implementation
0
Event Consequences
Reliability Engineering
Risk Management Centre
Analysis
Analysisand
andTesting
Testing
Reduces
Reducesuncertainty
uncertainty
Reveals
Revealsthe
theValue
Value
10-1 acceptable 10-1
Uncertainties Large
Event Probability
Event Probability
10-2 10-2
P2C2 P2C2 Uncertainty
10-3 10-3 envelopes
Cost = C0 Cost = C0
P1C1 P1C1
10-4 10-4
Design
Designout
outall
all Foreseeable
Foreseeableearly
earlylife
lifeand
andthrough
throughlife
lifefailures
failures
Remove
Remove Remove
RemoveororMinimise
Minimise Decommission
Decommission
Past expensive
expensiveEarly
Early foreseeable
foreseeable throughlife
through life before
before
Life Failures failures wear
Life Failures wearout
Breakdown rate
failures out
Subsea Goal
Anticipated Field Life System Life cycle
All
Allwe
weare
areleft
leftwith
withare
arethe
theunforeseeable
unforeseeable(random)
(random)failures
failures
ororwear out failures beyond anticipated field life
wear out failures beyond anticipated field life
Reliability Engineering
Risk Management Centre
Level 2: Subsystems
Level 3: Subsystems
Reliability Assurance
Reliability Allocation Verify design reliability
Allocate reliability and robustness from
Component level
From overall system components level
level through through to overall
Design to achieve system level
subsystems to
required component
component level
reliability
– Environmental risks
– Financial risks
• Link to business requirements (tools?)
• Link to function and performance specification (procedure?)
• Allocation from high level goals to components (tools?)
• Defining reliability requirements is a key capability for the
end customer
Unless
Unlessthis
thisisisin
inplace
placethe
thecustomer
customershould
shouldnotnot
expect
expectreliability
reliabilitytotobe
beachieved
achievedin
inearly
earlylife
life
Reliability Engineering
Risk Management Centre
But
Butwe
weneed
needto
todefine
definehow
howreliable
reliableititneeds
needsto
tobe
be
Reliability Engineering
Risk Management Centre
MFFOP as Requirements
• MFFOP Minimum Failure Free Operating Period
Example 1 Example 2
FFOP 25 yr FFOP 3 yr
P* 0.1 P* 0.01
MTBF* 164 yr MTBF* 220 yr
Reliability Engineering
Risk Management Centre
N
CE
CR 1
10-2 IT F(t)
ER 10-1
IA 10-2
10-3 10-3
Maximum Allowable FFOP
P* 10-4
10-4 probability of failure 10-5
10-6
10-5 10-7
10-8
10-9
10-6
0
t (month)
1 0 20 40 60 80 100
10 102 103 104 105 106
CONSEQUENCE MEASURE
Reliability Engineering
Risk Management Centre
This
Thisisiswhat
whatadds
addsvalue
valueto
tothe
thecustomers
customersbusiness
business
Reliability Engineering
Risk Management Centre
4
Managed 4
3
CMM
3
Defined 3 2
2
Repeatable 2
1
1
Initial 1 Perceived Effort by Customer/Supplier
Reactive &
Ad hoc
Required Minimum Capability = 4
NN Level
Level Characterised
Characterisedby
by Approach
Approach
55 Optimised
Optimised Adaptive
Adaptiveprocesses
processes pro-active
pro-active
44 Managed
Managed Influences
Influencesdesign
design
33 Defined
Defined Measured,
Measured, Openloop
Open loop
22 Repeatable
Repeatable Prescriptive
Prescriptive
11 Uncontrolled
Uncontrolled Ad
Adhoc
hoc re-active
re-active
For
ForBP
BPthis
thisisisaakey
keypart
partof
ofthe
theverification
verificationprocess
process
Reliability Engineering
Risk Management Centre
Track
Trackwhat
whatfails
failswhen
whenand
andhow.
how.This
Thisisisthe
theprocess
processthat
that
will
willbuild
buildup
upthe
thedata
databases
basesfor
forthe
theindustry
industrytotouse
use
Reliability Engineering
Risk Management Centre
This
Thiscan
canrun
runup
upcosts
costsbut
butititisisdirect
directand
andtangible
tangibleand
and
often
oftenprovides
providesthe
themost
mostbelievable
believableevidence
evidence
Reliability Engineering
Risk Management Centre
Early
Earlyplanning
planningand
andupdating
updatingof
ofreliability
reliabilityactivities
activitiesisis
crucial.
crucial.Need
Needto
toFront
Frontload
loadthe
thedesign
designeffort
effort
Reliability Engineering
Risk Management Centre
Ensure
Ensureno
no“genetic”
“genetic”defects
defectsin
inthe
thesystem
system
Reliability Engineering
Risk Management Centre
What
Whatisisdifferent
differentthis
thistime
timeififnot
notaddressed
addressedin
indesign
design
and
andmanufacture
manufacturecancancause
causesystem
systemfailure
failure
Reliability Engineering
Risk Management Centre
The
Thekey
keyto
tolevel
level55capability:
capability:sustaining
sustainingand
andimproving
improving
reliability
reliabilityperformance
performanceinto
intothe
thefuture
future
Reliability Engineering
Risk Management Centre
The
Theoutput
outputisisonly
onlyas
asgood
goodas
asthe
theinput!
input!
Reliability Engineering
Risk Management Centre
Keep
Keepahead
aheadof
ofthe
thepack!
pack!
Reliability Engineering
Risk Management Centre
customer aware
Product order
Product delivery
Repairs/replacements
Repairs/replacements
Anticipate
Feedback &
Learning
Suppliers Product
Development Design Development and
Projects Manufacture
Reliability Assurance of
Products in Development
Reliability Growth
Subsea Projects
•• Product
ProductDevelopment
Developmentprojects
projects
–– Feasibility
Feasibilitystudies
studies
–– Conceptual
Conceptualdesign
design
–– Front Develop reliable products
FrontEnd
EndEngineering
Engineering
–– Detail
Detaildesign
design
–– Manufacture
Manufacture
–– TestÆCorrect
Test ÆCorrect •• Field
–– Change FieldDevelopment
Developmentprojects
projects
ChangeDesign
Design –– Feasibility
Feasibilitystudies
studies
–– Conceptual
Conceptualdesign
design
•• Product
ProductImprovement
Improvement Reliability –– Front
FrontEnd
EndEngineering
Engineering
–– Feasibility
Feasibility Performance –– Detail
Detaildesign
design
–– Design
Designchange
change
Feedback & –– Manufacture/assembly
Manufacture/assembly
–– Product TestÆ
ProductTest ÆCorrect
Correct Learning –– Installation/Commissioning
–– Manufacture Installation/Commissioning
Manufacture –– Operation
Operation
–– Modification
Modification
–– Decommissioning/removal
Decommissioning/removal
Reliability Engineering
Risk Management Centre
Summary
• A sustainable subsea reliability strategy will require Oil Companies, their
contractors and suppliers to become more efficient and effective in
reliability Management. This calls for:
9 Greater Awareness of the value of reliability to the business
9 Greater commitment to reliability as a business goal
9 Development of Capability in reliability
Ö Key Process and tools
Ö Organizational learning
• Individual company efforts to develop their reliability strategy will be
constrained by the varying requirements across the market place.
• Reliability must involve the whole supply chain network. The subsea sector
must adopt a common strategy.
• The API standard on reliability will define the reliability strategy for the
sector as a whole:
9 Buy in by all organizations is crucial
9 Common vision
9 Agreed processes and methods
Subsea Reliability Study v2 8/4/03 10:20 am Page 1
The BP Subsea
Reliability Strategy
A guide for BP leaders
Contents
Introduction 4
Our Goal 5
How we achieve It 5
Reliability Assurance 11
Management of Change 17
Reliability Improvement and Risk Reduction 18
Glossary 22
Contact List 23
2
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 3
Foreword
Ian Vann
GVP and Technology Director
3
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 4
Introduction
As we push new developments into deeper waters and more remote areas,
Subsea will form an increasing proportion of our total production, particularly in the
growth areas, and by 2005 it will be nearly 20% of the total.
In the last decade, BP’s and the industry’s reliability record for Subsea Production
has been mixed and in some cases below expectations resulting in low initial
operating efficiencies and high costs of remedial works. As we go deeper and to
more remote locations the price of failure will be unacceptably higher.
To meet our GO Team targets of increasing First Year Operability, lower Capex and
avoidance of project “wrecks” we need to have a step change in the Reliability of
Subsea Systems. This handbook brings together and summarises the work
completed over the last 18 months to achieve this.
The BP Subsea Reliability Strategy is a long term, multi level program based on
good practice from other industries where high reliability is now taken for granted.
It has been adapted in conjunction with Cranfield University to suit our industry
using feedback from benchmark projects in the North Sea and the Gulf of Mexico.
We now need to implement the strategy across all our projects and operations in
the next 18 months.
While many of the processes are already common practice, some are not and will
involve additional training and procedures. To do this successfully, the key attribute
must be communication, education and persuasion at all levels with equipment
suppliers, engineering contractors/installers, industry and government organisations
and most importantly with our partners. We are unlikely to achieve our ambitions
alone – we must take industry along with us to achieve the cultural change we have
set out.
Please share this Strategy with your teams, suppliers and contractors and play an
active role in the Subsea Performance Network that will continue to develop and
promote the Strategy at all levels. Your feedback is important.
David A. Brookes
4
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 5
Our goal
How we achieve it
The strategy targets three groups of processes that it identifies as being essential
components to a well defined reliability engineering and risk management
capability. These are defined below.
The project specific reliability plan is executed in the second, ‘Implement’ group of
processes. These processes specifically relate to the management of risks during
the project life cycle and assurance that these risks are being either eliminated or
reduced.
5
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 6
The third and final group of processes, ‘Invest’, is used to continually improve the
success of the strategy on current and future projects. As such, the processes
within this group are shared between the project and the Subsea Performance
Network. A sustained investment in learning and education is required in order to
effect a step change in reliability. To this effect, BP has made a long term
commitment to support Reliability Research and Development at Cranfield
University’s Centre for Risk and Reliability Engineering.
Each of the thirteen processes can be linked to stages within the BP Capital Value
Process. These links are made in the section on Reliability Strategy Processes. The
‘Identify’ group of processes is shown against the CVP process in Figure 2 below.
Front Loading
Reliability Processes
1 Define Requirements
1 Allocate Requirements
2 Reliability Analysis
2 Reliability Assurance
R&M Case R&M Case R&M Case R&M Case R&M Case
Rev 1 Rev 2 Rev 3 Rev 4 Rev 5
Effective management processes that fulfil the intent of the Reliability Expectations
will result in enhanced project performance, protection of our group reputation,
improvement of our liability profile, and a distinctive leadership position in our
industry.
Figure 3. shows the generic life cycle of a subsea system and how reliability
activities form a learning loop that can continuously improve reliability by increasing
the understanding of failure.
6
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 7
Design
Inspection/
Maintainance
Failure Prototyping
Lessons Mode
Learnt Prediction
Education Hazard
& Manage-
Training ment
Installation FAT
SIT
All subsea team leaders must communicate the Reliability Expectations to their
teams and are accountable for delivery of Reliability performance. Each Project
shall have documented systems in place to meet the Expectations, including
justification, where necessary why certain Expectations are not applicable to that
Project.
Level 5 CONTINUOUS
Optimised Reliability IMPROVEMENT
Level 4 PREDICTABLE
Managed Reliability RELIABILITY
Level 3 CONSISTANT
Defined Reliability RELIABILITY
Level 1
Initial Reliability
We shall measure ourselves, our suppliers and contractors in all of the Thirteen Key
processes. This we shall do periodically during audits to measure continual
improvement in our processes.
Moving from where we are now to our target level will require action on all areas of
our 13 processes which are set out in the section ‘Reliability Strategy Processes’
7
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 8
Reliability Assurance
Management of Change
Reliability Improvement
and Risk Reduction
8
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 9
BP will work with its key subsea Suppliers and Contractors to define reliability
requirements for its subsea developments. The first and most important stage
involves a formal setting of system reliability requirements as part of the Appraise
stage of a project.
The purpose of the reliability requirements is to minimise BP’s health, safety,
environmental and business risks.
Reliability requirements can be both qualitative and quantitative. Numerical or
quantitative requirements are set by determining the system hazard rate that
guarantees a specified minimum failure-free operating period (MFFOP) so that the
probability of premature failure is below an agreed limit.
MFFOP is used in preference of Mean Time To Failure, MTTF because in the case
of non-constant hazard rate the MTTF measure can be misleading.
Minimum Failure Free Operation Period with a
maximum probability of premature failure
Start of Time
Operation
Expectations
1.1 Reliability requirements will be defined very early in the design cycle at
concept development stage and then refined during Front End Engineering
Design (FEED).
1.2 Reliability requirements will normally be set at system level to meet corporate
safety and business goals.
1.3 Reliability requirements will be documented.
1.4 Suppliers and contractors shall develop a plan to implement the strategy and
achieve the required reliability targets.
1.5 Suppliers and contractors shall translate system level reliability requirements
to subsystems and components using a reliability allocation process.
Reliability Requirements will normally specify:
Function, performance, production profile.
Minimum failure free operating period (MFFOP), usually field life.
Maximum acceptable level of the probability of premature failure (the probability
that the time to failure will be smaller than the specified MFFOP).
Expected external environment, expected internal environment including
production fluid composition, temperature, pressure and system usage.
9
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 10
The purpose of risk and reliability analysis it to inform project decision making and
design improvement. Risk and reliability analysis tools will be used to identify
system or component failure modes with possible adverse consequences. From
these, decisions shall be made about design changes to improve reliability.
Expectations
2.1 Team Leaders will be expected to put into place and promote the use of risk
and reliability analysis processes to identify failures associated with BP’s
systems.
2.2 Suppliers will be expected to possess a high level of competence in:
Identification of system failure modes and mechanisms (FMECA/TRAP)
during project Select and Define stages.
Formal risk analysis.
Predicting reliability of manufactured and assembled products.
Predicting and assessing system reliability.
Simulation of system availability.
2.3 Analyses should be applied as early as possible during the design process so
that they can be used to inform decision-making and identify where reliability
improvements are needed.
2.4 Analyses should be capable of identifying and assessing:
Susceptibility to the various forms of damage.
Vulnerability and tolerance to damage.
Human error in manufacture, assembly or installation.
Common cause failure.
Qualitative Tools:
Failure Modes, Effects and Criticality Assessment (FMECA).
Technical Risk Assurance Process (TRAP).
Quantitative Tools:
Fault Tree Analysis (FTA).
Event Tree Analysis (ETA).
Load-Strength Interference.
Reliability Block Diagrams (RBD).
System Availability Simulation.
10
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 11
Reliability Assurance
The R&M case is a living document which develops over the life cycle of the
system. It summarises the design reliability requirements and references the
evidence needed to support the eventual reliability assertions made at the end of
the design to meet the specified BP reliability requirements. The R&M case will be
validated through the Operate stage.
Expectations
3.1 The R&M case is a living document which is built up over time (Concept
design, Front End Engineering Design, Detail Design, Manufacture, Operation
and Decommissioning) to refer to relevant evidence of reliability achievements
and reliability assertions.
3.2 BP team and discipline leaders should establish the R&M Assurance Policy
and Acceptance criteria for the case.
3.3 Contractors and suppliers are expected to prepare the R&M evidence, build
the R&M Case and submit the R&M Case on completion of the project.
3.4 BP Engineers and reliability specialists evaluate the R&M Case throughout the
life cycle of the design and beyond into operations.
3.5 The R&M Case will typically refer to information covering:
System Description.
BP’s Reliability Requirements.
Key areas of R&M risk in the product and manufacturing processes.
Plans and Strategy for reliability achievement.
Evidence.
Assertions.
Designers’ assumptions and limitations on use.
Conclusions and recommendations.
3.6 The key part of the R&M Case will be the reference to evidence of reliability
achievement which will generally take the form of:
Data related to prior field performance.
Reliability analyses, calculations and simulations.
Expert opinion.
Tests.
11
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 12
BP will assess the capabilities and competencies of our contractors and suppliers
to perform work on our behalf. We will work together with them to ensure our
Reliability Requirements are met.
Contractors and suppliers shall develop internal processes for the verification,
validation and bench marking of their reliability performance through the project
Execute stage.
Expectations
4.1 Design teams will verify all data and validate all models used for reliability
assessment.
4.2 Reliability data used for analyses will be obtained from valid sources and
databases.
4.3 BP or a BP appointed third party shall periodically audit design teams to verify
the following:
All design assumptions, reliability models and data are valid.
All required processes and activities have been completed.
The audit shall also Benchmark the capability of the organisation to perform
against the key BP reliability processes. This information will be shared
within the BP organisation.
12
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 13
Expectations
5.1 Reliability tasks are identified and sufficiently resourced early in project life
cycle.
5.2 Potential project risks are identified and assessments made of the potential
impact on project schedule, the need to increase resources and the need to
increase cost to maintain function, performance or reliability.
5.3 Risks associated with contractor and procurement activities in BP’s
businesses are identified, communicated and managed.
5.4 Potential product risks are identified and assessments made of the increased
uncertainty in product reliability and hence likelihood of failure.
13
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 14
In qualification testing the goal is to confirm that specified performance goals can
be met. Reliability testing, differs in that it involves testing equipment beyond
minimum industry standards to determine actual failure boundaries. Reliability
testing uses a number of highly specialised methods to improve knowledge of
failure mechanisms and these are fed back in to the reliability assurance process.
Expectations
6.1 All products used on subsea systems shall be qualified and demonstrated to
meet function and performance requirements.
6.2 BP engineers, contractors and suppliers shall develop an understanding of
testing requirements for key systems and components.
6.3 Tests are performed throughout the design and development process to
support reliability assurance.
6.4 Failure modes identified through reliability analysis are tested for validity.
6.5 Known failure mechanisms are validated.
6.6 Tests are developed to validate physics of failure models or to develop
improved understanding about physical failure mechanisms especially where
the physical failure mechanism is poorly understood.
6.7 Reliability assessments arising from design changes are validated.
6.8 Reliability and product life data are generated.
14
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 15
Tracking the reliability performance of products and systems and analysing the data
to generate useful reliability metrics is a fundamental input to reliability
management.
Expectations
7.1 BP and its suppliers and contractors shall collaborate in the development of
field performance reporting systems. Data shall be collected on systems,
component performance and failures.
7.2 Data shall be analysed and used to support reliability demonstration and to
inform reliability improvement. Where appropriate, failures shall be subjected
to root cause analysis and recorded in a lessons learned database.
7.3 Reliability performance is tracked over time to assess hazard rates which are
bench-marked from project to project to demonstrate long term reliability
improvement.
7.4 Suppliers shall possess data management and interrogation systems and, by
reliability analysis, estimate product reliability for their products and use this
data to demonstrate continual reliability improvement.
7.5 BP and its suppliers and contractors shall collaborate with cross sector
reliability data collection schemes such as OREDA, SIREN and Well Master to
generate generic reliability data bases.
7.6 Suppliers shall track manufacturing defects and failures and implement
corrective actions when failures occur, including improvement of design or
manufacturing processes.
15
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 16
BP, its suppliers and contractors shall have systems in place to cascade reliability
requirements down through the supply chain and ensure that they are met. Supply
chain management will be carried out in the Execute stage.
Expectations
8.1 All first tier suppliers shall have a system in place to allocate reliability
requirements down to all bought-in or subcontracted items.
8.2 All first tier suppliers and contractors shall be capable of managing the various
interfaces throughout the supply chain.
8.3 Pre-qualification, selection and retention criteria are established for work
performed by contractors, suppliers and others.
8.4 Clear deliverables and performance standards are agreed and systems are put
in place to assure reliability, safety and technical compliance.
8.4 Joint venture and alliance partners should have reliability management
systems that are aligned with those of BP, meet legal compliance
requirements and satisfy corporate expectations and targets.
8.4 Suppliers and contractors and shall take steps to minimise the variability in
properties of the same component type sourced from multiple suppliers.
16
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 17
Management of Change
Many failures originate from changes that occur during the design and manufacture
of a system, in its operating environment or in its usage. BP and its suppliers and
contractors shall put in place systems for monitoring, assessing and managing all
changes that can occur throughout the system life cycle.
Expectations
9.1 All changes that affect reliability are formally assessed, managed,
documented, communicated and approved.
17
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 18
Reliability Improvement
and Risk Reduction
Expectations
18
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 19
Organisational Learning
and Knowledge Management
This process involves the transformation of reliability related data and information
generated by all key processes into organisational learning. This process requires
the collation and analysis of data and the generation of ‘lessons learned’ in to a
knowledge base, with systems in place to integrate the lessons in to improved
practices. Equally important are activities, cultures and systems that support the
proactive dissemination of this knowledge throughout the supply chain.
Expectations
11.1 BP and its suppliers and contractors will work together to understand the root
cause of failure and to collect and convert failure information in to
organisational knowledge.
11.2 BP and its suppliers and contractors will work together to share failure
information to improve product reliability.
19
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 20
Expectations
12.1 BP, its suppliers and contractors shall develop in depth knowledge of how
design, at system and product level, and the design process can influence
failure and system reliability.
12.2 BP shall target training at understanding technical failure mechanisms and at
how the organisation and human factors cause errors and mistakes directly
impacting reliability.
12.3 BP shall develop competency requirements in reliability for design engineers,
lead engineers and project managers.
20
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 21
Expectations
13.1 BP, its suppliers and contractors shall engage in and use reliability research
and development to input in to product and process development.
21
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 22
Glossary
22
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 23
Contact List
23
Final Rev 0, Dec 2002
Subsea Reliability Study v2 8/4/03 10:20 am Page 24