In two
presentations at the 2015 American Business Conferences Wellsite
Automation conference in Houston (see also our main report in Vol 20
N°2) Chevron’s George Robertson provided practical advice on the
application of automation to producing well-site safety before drilling
down into best practices for shutdown systems. Well site automation is
different from plant automation for several reasons. It has to be
tolerant of poor communications, have a low nuisance trip rate and be
cost effective. Mitigating loss of containment scenarios by shutting
down pumps or closing valves may or may not work depending on natural
flow and well head and manifold pressures. Failure modes must be safe
and detectable, systems must guarantee that alarms will be delivered or
at least warn that they cannot.
In his
presentation on shutdown systems, Robertson expressed a preference for
two out of three voting systems where two devices have to fail
simultaneously to either cause a nuisance trip, or fail to go safe when
required. Such systems can also be tested without taking the safeguard
out of service. Systems must be fail-safe, but they if they fail
safe too often, operators will inevitably bypass them! Safety system
design is the art of the possible. Risks must be brought to a tolerable
level that balances cost with potential consequences. ‘If your solution
is prohibitively expensive, it will not be implemented, and you will
have no safeguard.’ Checkout Roberson’s reading list. More from American Business Conferences.
© Oil IT Journal - all rights reserved.