The Management of Drilling-Engineering and Well-Services Software as Safety-Critical Systems
- Steven J. Sawaryn (BP Exploration) | William C. Sanstrom (Landmark Graphics Corporation) | Glenn R. McColpin (Landmark Graphics Corporation)
- Document ID
- Society of Petroleum Engineers
- SPE Drilling & Completion
- Publication Date
- June 2006
- Document Type
- Journal Paper
- 141 - 147
- 2006. Society of Petroleum Engineers
- 1.7.5 Well Control, 6.1.5 Human Resources, Competence and Training, 1.1 Well Planning, 1.6.9 Coring, Fishing, 4.3.4 Scale, 1.6 Drilling Operations, 5.1.2 Faults and Fracture Characterisation, 4.1.5 Processing Equipment, 1.14.1 Casing Design, 4.1.2 Separation and Treating, 7.2.1 Risk, Uncertainty and Risk Assessment, 6.1 HSSE & Social Responsibility Management, 1.12.1 Measurement While Drilling, 2 Well Completion
- 2 in the last 30 days
- 575 since 2007
- Show more detail
- View rights & permissions
|SPE Member Price:||USD 10.00|
|SPE Non-Member Price:||USD 30.00|
Routinely, specialist software is used to perform tasks such as casing design and directional collision-avoidance scans. If undetected, a serious failure in the development or use of any one of these products could result in loss of life or catastrophic environmental damage. Such an event would jeopardize the oil company's licence to operate (Thorogood 1994) and would seriously damage the software vendor's credibility.
The drilling- and well-services software industry has matured over the last 5 years. During this period we have witnessed many commercial and technical changes, including further consolidation of the oil majors, the meteoric growth of Web-based tools, and the increased complexity of the software and types of wells being drilled. Commercial pressures also mean fewer resources are available to perform these tasks. Unless managed, it is clear these changes greatly increase the risk of a serious incident.
BP and Landmark have conducted a series of joint audits to gain a detailed understanding of both the operator's and software vendor's working practices in relation to this software. The paper contains a description of the conclusions and actions arising from the audits. Desired improvements in testing, core competencies, and independent verification were identified. Details of the audit process are included to enable other parties to conduct similar audits for themselves. The risks and potential loss imply that critical applications should be managed formally as "safety-critical systems.?? It is also concluded that close collaboration between operators and software vendors is needed for the management process to be effective.
Following the merger of BP and Amoco in 1999, computer applications were rationalized and the decision was taken to adopt the commercial applications suite used in Amoco before the merger (Boykin et al. 1997). Arrangements were made to retain key functionality from the systems that were to be phased out. Plans were made to implement this common system across the newly formed drilling- and well-services community. It was recognized that the change would involve the conversion of large volumes of data and the retraining of more than 50% of the drilling- and well-services staff. Alignment of the software's functionality with the policies and procedures of the newly formed company was a major consideration, and this, to a large extent, drove the pace of the implementation.
Early in the roll out of the new software system, it was evident from user comments that the training program was falling short of what was really required. Other problems spanning all aspects of software, delivery, and use emerged as work progressed. The observed gaps relating to the casing and tubing design, directional, and well-control applications caused the greatest concern. In an extreme case, an error in or misuse of this software could cause property damage, an environmental disaster, or loss of life. Because of this, these applications were referred to as safety-critical systems. The pore-pressure and fracture-gradient application was added to this safety-critical-systems list later in the process. In all cases, current systems were only eliminated after implementation risks were deemed acceptable.
It was felt that the development, delivery, and use of these applications should be conducted to a higher standard than other, less-critical applications. A project was started in November 1999 to investigate the treatment of these higher-risk software packages as safety-critical systems.
|File Size||1 MB||Number of Pages||7|
Adams, A.J. and Glover, S.B. 1998. An Investigation Into the Applicationof QRA in Casing Design. Paper SPE 48319 presented at the SPE AppliedTechnology Workshop on Risk Based Design of Well Casing and Tubing, TheWoodlands, Texas, 7-8 May.
Booth, J.E. and Hebert, J.W. II. 1989. Support of Drilling Operations Usinga Central Computer and Communications Facility With Real-Time MWD Capabilityand Networked Personal Computers. Paper SPE 19127 presented at the SPEPetroleum Computer Conference, San Antonio, Texas, 26-28 June.
Boykin, G.F., Foreman, R.D., Holt, J.W., and Lawrence, R.A. 1997. IntegratedComputing—A Driller's Vision. SPECA 9 (3): 77-78.
BS IEC 61508. Functional Safety of Electrical/Electronic/ProgrammableElectronic Safety-Related Systems. Parts 1-7. London: British StandardsInst.
Dunn, M.D. and Payne, M.L. 1986. Design, Specification, andImplementation of Drilling Operations Database Program. Paper SPE 15360presented at the SPE Annual Technical Conference and Exhibition, New Orleans,5-8 October.
Gibson, J.W. 2000. Knowledge Management and New IT Architecture WillMaximize Upstream Value-Creation. World Energy 3 (2): 60-69.
Hale, J. 2000. Performance-Based Certification, How to Design a Valid,Defensible, Cost-Effective Program. San Francisco:Jossey-Bass/ Pfeiffer.
Hellstrand, T. 1990. Drilling Shallow Gas in the Norwegian Sector. Paperpresented at the IADC Well Control Conference, Esbjerg, Denmark (November).
Hinton, A. 1998. Will RiskBased Casing Design Mean Safer Wells? Paper SPE 48326 presented at the SPEApplied Technology Workshop on Risk Based Design of Well Casing and Tubing, TheWoodlands, Texas, 7-8 May.
Holand, P. 1997. Offshore Blowouts, Causes and Control. Houston: GulfPublishing Co.
Holand, P. 2001. Frequencies Related to Well Collisions and Shallow GasIncidents in Offshore Drilling. Personal Correspondence, ExproSoft AS (27September).
Holt, J., Wright, W.J., Nicholson, H., Kuhn-de-Chizelle, A., and Ramshorn,C. 2000. Mungo Field: ImprovedCommunication Through 3D Visualization of Drilling Problems. Paper SPE62523 presented at the SPE/AAPG Western Regional Meeting, Long Beach,California, 19-22 June.
Klever, F.J. and Stewart, G. 1998. Analytical Burst Strength Predictionof OCTG With and Without Defects. Paper SPE 48329 presented at the SPEApplied Technology Workshop on Risk Based Design of Well Casing and Tubing, TheWoodlands, Texas, 7-8 May.
Leach, C. 2001. Well Control Overview. JPT53 (1): 30.
Microsoft. 2006. Deploying Office XP at Microsoft—Sharing Microsoft's Information TechnologyGroup Experiences.http://www.microsoft.com/technet/archive/ITSolutions/MSIT/deploy/xpatms.mspx?mfr=true.
Moore, B. 1992. Shallow Gas Hazards—The HSE Perspective. Petroleum Review(September).
Morrison, J.W. 1988. Britoil Develops Drilling Information System. Oil &Gas J. (29 February): 40-47.
NASA. 1999. Mars Climate Orbiter Mishap Investigation Board Phase 1 Report,10 November 1999.ftp://ftp.hq.nasa.gov/pub/pao/reports/1999/MCO_report.pdf.
Østebø, R. et al. 1989. Shallow Gas and Leaky Reservoirs. Paper presented atthe Norwegian Petroleum Soc. Conference, Stavanger, 10-11 April.
Payne, L. and Swanson, J.D. 1990. Application of ProbabilisticReliability Methods to Tubular Designs. SPEDE 5 (4): 299-305.SPE-19556-PA.
Rixse, M.G. and Thorogood, J.L. 2000. Building a System in a ServiceCompany To Assure Technical Integrity and Institutionalize OrganizationalLearning. SPEDC 15 (1): 67-71. SPE-62100-PA.
Sanstrom, W.C. and Hawkins, M.J. 2000. Perceiving Drilling Learning ThroughVisualization. Paper IADC/SPE 62759 presented at the IADC/SPE Asia PacificDrilling Technology Conference, Kuala Lumpur, 11-13 September.
Sawaryn, S.J., Sanstrom, B., Williamson, H., Kirkman, M., and McColpin, G.2003. Safety Critical SystemsPrinciples Applied to Drilling Engineering and Well Services Software.Paper SPE 84152 presented at the SPE Annual Technical Conference andExhibition, Denver, 5-8 October.
ScandPower. 2001. Blowout and Well Release Frequencies. Report No.27.20.01/R2 (February).
SINTEF. 2000. Offshore Blowout Database. SINTEF Industrial Management, Dept.of Safety and Reliability, Trondheim, Norway (December).
Storey, N. 1996. Safety-Critical Computer Systems. New York City:Addison-Wesley.
Thorogood, J.L. 1994. TechnicalIntegrity and Continuous Improvement: Key to Survival Beyond the Nineties.Paper SPE 27977 presented at the SPE U. of Tulsa Centennial PetroleumEngineering Symposium, Tulsa, 29-31 August.
Westgaard, O. 1999. Tests That Work, San Francisco:Jossey-Bass/Pfeiffer.
Williamson, H.S. 1998. TowardsRisk-Based Well Separation Rules. SPEDC 13 (1): 4751. SPE-36484-PA.
Williamson, H.S. 2000. AccuracyPrediction for Directional Measurement While Drilling. SPEDC 15 (4):221-233. SPE-67616-PA.
Woie, R. and Sirevaag, R.B. 1987. Drilling Reporting and EvaluationData System. SPEDE 2 (4): 303-308. SPE-15359-PA.