as 2885.1-2007 planning a safety management study mcdonough... · as 2885.1-2007 planning a safety...
TRANSCRIPT
AS 2885.1-2007Planning a Safety Management
Study
Richard McDonoughManager Engineering and PolicyPetroleum & Geothermal Group
PIRSA
Session OutlineSession Outline
• Objectives of revision• What have we done? - overview• What does the Safety Management Process look
like in AS 2885.1-2007?• How do you carry out an effective Safety
Management Study?• Group discussion• Study example• Review of AS 2885 guidance
• Wrap up
Objectives of RevisionObjectives of Revision• Reflect industry experience and practice• Incorporate flowchart• Clarify terminology• Provide guidance on defining threats and establishing
“effective” controls• Multiple independent measures• Incorporate calculation methods and research
information• Include no rupture and maximum release rates in high
consequence areas• Provide guidance on ALARP• Map to other risk standards and practice (AS4360, 5 x 5
matrix)
Objectives of revision (cont)Objectives of revision (cont)• Actions for in-service pipelines• Provide for numerical methods where appropriate• Require HAZOPs for stations• Emphasise informed decision-making• Provide guidance on integrity of process• Provide guidance on minimum data and skill
requirements• Address whole-of-life safety management• Strengthen links between Part 1 and Part 3 (SAOP)• Address threats during construction etc• Improve environmental safety management
Safety Management SectionsSafety Management Sections• Section 1.4 – Definitions• Section 2 – Safety• Section 4 – Design general
• Location classification, signs, high consequence areas, fracturecontrol, energy discharge rate, resistance to penetration, etc
• Section 5.5 – External interference protection• Appendix B – Safety management process• Appendix C – Threats• Appendix D – Design considerations for external interference
protection• Appendix E – Effectiveness of procedural controls for the prevention
of external interference damage to pipelines• Appendix F – Qualitative risk assessment• Appendix G – ALARP • Appendix H – Integrity of safety management process• Appendix I – Environmental management• Appendix Y – Radiation contour
Basic concepts and principlesBasic concepts and principles
• 1997 – first standard in the world to specifically mandate external interference protection design• Protect pipeline from people to protect people
from the pipeline (EIP)• Specific threats to specific pipelines at specific
locations• Must define threats to design for them• Design solutions must be effective
• Approval and documentation• Informed decision-making• Safety management not risk assessment
Life Cycle Safety ManagementLife Cycle Safety Management
Preliminary Design & Approval
Preliminary design, route selection, environmental studies, initial risk studies for consultation
& approvals
Detailed design, detailed risk studies as part of design process, HAZOPs etc, review & validation
Pre-construction & pre-commissioning reviews
change of use, design life review, MAOP increase, change of threats,
not exceeding 5 years
Abandonment plan includes risk study
Construct & Commission
Detailed Design
Operate, Maintain, Modify
Abandon
Safety Management Process OverviewSafety Management Process OverviewThreat identification / location
analysis
Threat control
Failure analysis
Management Plan (SAOP)
ACCEPTED RISK
Threat controlled
No failure
TreatedRisk treatment
Risk evaluation
More controls
More treatment
Process detailProcess detailDesign description, location
analysis, threat ID and specification, non-location specific threats, common threats / typical
designs
Demonstrate effective physical and procedural controls for
external interference, established design and procedures for other
threats, HAZOPs etc
Can uncontrolled threats lead to failure?
Analyse consequence, specify frequency, risk matrix for risk
evaluation
Risk treatment actions according to risk level
Threat identification / location analysis
Threat control
Failure analysis (as required)
Risk Evaluation (as required)
Risk Treatment (as required)
Management Plan Component of SAOP, ongoing monitoring and review
Planning a Safety Management StudyPlanning a Safety Management Study
Objective• Robust study• Documented and approved• Justifies confidence
Section 2.2.4 – Safety management study validationEach detailed safety management study shall be
validated by a properly constituted workshop which shall critically review each aspect of the safety management study
Discussion – good and bad experiencesDiscussion – good and bad experiences
• Draw on experience in the room• When has the process worked well?• When has it not worked well?• What elements are critical to success or failure?
Example: New Roma to Brisbane PipelineExample: New Roma to Brisbane Pipeline
• Overview of pipeline route• What can people in the room tell me?• What can we glean from the maps?• What do we need to do to carry out the study?• How do we get what we need?
TasksTasks
• View selected sections of the line• Discuss location class and threats• Discuss data gathering
Appendix B – Safety Management ProcessAppendix B – Safety Management Process• Normative• Integrated and continuous over pipeline life-cycle• Pitfalls• Project Phases• Requirements for detailed safety management study
Shall be undertaken by personnel with expertise in each component of the design, construction and operation of the pipeline, including, or with the support of, personnel closely familiar with land uses along the entire route
• Data and information
SMS – Data requirementsSMS – Data requirements
• Design basis / operation philosophy
• Design calculations• Initial route• Initial SMS• Design drawings• Typical designs• SMS of common threats to
typical designs• Initial pipeline alignment• Location classifications• Current and future land use
assessment• Documented investigation of
external threats
• Documented investigation of existing and planned buried and above-ground services
• Construction line list (construction and landowner constraints)
• Environmental line list (environmental constraints)
• Preliminary SAOP• Isolation plan• HAZOPs etc• Fracture Control Plan• Critical defect length /
resistance to penetration• Consequence modelling• Environmental studies
Appendix H – Study IntegrityAppendix H – Study Integrity
• Key words• Specific• Explicit• Effective• Approve
• Key elements• People• Process• Data, information and documents• Chair
R1 - RuralR1 - Rural
Rural R1Land which is unused, undeveloped or is used for
rural activities such as grazing, agriculture and horticulture. Rural applies where the population is distributed in isolated dwellings. Rural includes areas of land with public infrastructure serving the rural use; roads, railways, canals, utility easements.
R2 - Rural Residential R2 - Rural Residential
Land which is occupied by single residence blocks typically in the range 1 ha to 5 ha or is defined in a local land planning instrument as rural residential or its equivalent. Land used for other purposes but with similar population density shall be assigned Rural Residential location class. Rural Residential includes areas of land with public infrastructure serving the Rural Residential use; roads, railways, canals, utility easements.
T1 - ResidentialT1 - ResidentialLand which is developed for community living. Residential
applies where multiple dwellings exist in proximity to each other and dwellings are served by common public utilities. Residential includes areas of land with public infrastructure serving the residential use; roads, railways, recreational areas, camping grounds/caravan parks, suburban parks, small strip shopping centres. Residential land use may include isolated higher density areas provided they are not more than 10% of the land use. Land used for other purposes but with similar population density shall be assigned Residential location class.
T2 – High DensityT2 – High Density
Land which is developed for high density community use. High Density applies where multi storey development predominates or where large numbers of people congregate in the normal use of the area. High Density includes areas of public infrastructure serving the High Density Use; roads, railways, major sporting and cultural facilities and land use areas of major commercial developments; cities, town centres, shopping malls, hotels and motels
Sensitive Use (S)Sensitive Use (S)• The Sensitive location class identifies land where the
consequences of a failure may be increased because it is developed for use by sectors of the community who may be unable to protect themselves from the consequences of a pipeline failure. Sensitive uses are defined in some jurisdictions, but include schools, hospitals, aged care facilities and prisons. Sensitive location class shall be assigned to any portion of pipeline where there is a sensitive development within a measurement length. It shall also include locations of high environmental sensitivity
• The desing requirements for high density shall apply.
Basis of sectionBasis of section• Pipeline safety management shall be undertaken rigorously, shall apply
controls to identified threats and shall reduce residual risk to an acceptable level
• All threats to the integrity of the pipeline shall be identified and multiple independent controls shall be applied to each identified threat
• Recognises hierarchy of effectiveness of controls• Emphasis on controlling external interference threats• Process for land use changes• No rupture and maximum energy release rate in high consequence
areas• HAZOPs etc to be applied• Two-stage process: 1) Design and Safety Review; 2) AS 4360
assessment of residual risks• Suitably qualified, trained and experienced personnel• The process and outcomes shall be documented and approved• Ongoing process over life of the pipeline• Predicated on ongoing application of operations and maintenance
procedures via SAOP
Risk matrixRisk matrixCONSEQUENCES
(people, environment, supply)
FREQUENCY Catastrophic Major Severe Minor Trivial
Frequent Extreme Extreme High Intermediate Low
Occasional Extreme High Intermediate Low Low
Unlikely High High Intermediate Low Negligible
Remote High Intermediate Low Negligible Negligible
Hypothetical Intermediate Low Negligible Negligible Negligible
– Consistency with general practice
– Provides same outcomes as original matrix
–Timing of action mandated for in-service pipelines (immediate action for extreme risk)
RISK MATRIX (2)RISK MATRIX (2)
• People, environment and supply consequences to be analysed
• Description of consequence for each severity class to be reviewed and approved
• Frequency of consequence to be estimated• Where multiple outcomes may result, highest
risk ranking must be determined• Risk treatment mandated by risk ranking
RISK TREATMENT ACTIONSRISK TREATMENT ACTIONS• Extreme
• Act to reduce to intermediate or lower• Immediate action for in-service pipelines
• High• Act to reduce to intermediate or lower• Urgent action for in-service pipelines
• Intermediate• Act to reduce low or negligible• If not possible, demonstrate ALARP• Prompt action for in-service pipelines
• Low• Incorporate in management plan (ongoing
monitoring)• Accepted risk
l bl