In two presentations at the 2015 American Business Conferences Wellsite Automation conference in Houston (see also our main report in Vol 20 N°2) Chevron’s George Robertson provided practical advice on the application of automation to producing well-site safety before drilling down into best practices for shutdown systems. Well site automation is different from plant automation for several reasons. It has to be tolerant of poor communications, have a low nuisance trip rate and be cost effective. Mitigating loss of containment scenarios by shutting down pumps or closing valves may or may not work depending on natural flow and well head and manifold pressures. Failure modes must be safe and detectable, systems must guarantee that alarms will be delivered or at least warn that they cannot.
In his presentation on shutdown systems, Robertson expressed a preference for two out of three voting systems where two devices have to fail simultaneously to either cause a nuisance trip, or fail to go safe when required. Such systems can also be tested without taking the safeguard out of service. Systems must be fail-safe, but they if they fail safe too often, operators will inevitably bypass them! Safety system design is the art of the possible. Risks must be brought to a tolerable level that balances cost with potential consequences. ‘If your solution is prohibitively expensive, it will not be implemented, and you will have no safeguard.’ Checkout Roberson’s reading list. More from American Business Conferences.
© Oil IT Journal - all rights reserved.