We used the Goal Structuring Notation (GSN) to construct a retrospective safety case for a driller's cabin on an offshore drilling rig for the purpose of demonstrating that a retrospective approach can be applied to identify, assess and structure available solutions or evidence. We also evaluated the development process aspects of constructing the safety case retrospectively. Our results showed that a retrospective safety case can be constructed based solely on existing evidence. The retrospective approach did however lead to a stronger focus on fitting the arguments to the evidence and weakening the focus on constructing solid argument structures. Nevertheless, the safety case provided an argument structure supporting diverse evidence.

1. Introduction

Offshore drilling technology has developed rapidly over the last decades, as drilling has become more challenging due to e.g. increased water depths, deeper and more complex reservoirs and drilling in harsh environments (e.g. arctic). Also, increased focus on Health, Safety and Environment (HSE) has been a technology driver. Since the 1970s, automation in Exploration and Production (E&P) has developed steadily and allowed E&P drilling companies to seek improved efficiency, reduced risk, and higher degrees of precision and reliability [1]. Increased levels of automation have lead to safer and more efficient operations and allows for remote operations of the drilling process. More complex systems and more and faster communication both onboard rigs and between rigs and onshore operation centers increases the need to provide high quality drilling solutions which are well documented.

The use of case-based reasoning to structure safety arguments has increased over the last decade and has become even more important with the increasing use of goal-based safety standards. We constructed a safety case for a driller's cabin produced by National Oilwell Varco (NOV) in Stavanger, Norway.

1.1 Goal-based safety regulation

Goal-based regulation sets the goals to be achieved, but allows for alternative ways to achieve compliance [2]. This is the opposite of a prescriptive approach which specifies what a system owner must do to fulfill a standard. An example of a prescriptive approach is "you shall install a 1 meter high rail at the edge of the cliff", while the goal-based approach would be "people shall be prevented from falling over the edge of the cliff" [2]. The goal-based approach thus increases a system owner's freedom to choose the best solution for each specific context.

Since the 1990s, many maritime (marine and offshore) industrial sectors have been moving towards a risk-based 'goal setting' regime where risk assessment researchers and safety engineers are motivated to develop and apply a variety of risk-modeling and decision-making techniques [3]. According to Weaver and Kelly [4], goal-based safety standards are now a reality. E.g. the UK defense standard 00-56 "Safety Management Requirements for Defence Systems" [5], which outlines the goals to be achieved, without specifying the means to achieve them. The explicit goal-based approach to safety justification is to support how sophisticated engineering arguments are actually made [6]. Penny et al [2] describes an increasing tendency to adopt a goal-based approach to safety regulation. Developing effective and efficient standards for complex areas, e.g. human factors or software, can be challenging. A prescriptive approach with specific requirements is not always appropriate. Thus the goal-based approach is emerging and has spread throughout several industrial domains including nuclear, aerospace, military, and oil and gas.

This content is only available via PDF.
You can access this article if you purchase or spend a download.