integrated software dependent systems - isds · os d-203, integrated software dependent systems…...

Integrated Software Dependent Systems - ISDS Digital Ship - October 2012

© Det Norske Veritas AS. All rights reserved. 2

Purpose of this presentation

With this presentation we would like introduce ISDS by addressing three questions:

Why has DNV developed ISDS?

What are the key benefits with ISDS?

How has the industry responded to ISDS?


Agenda Why has DNV developed ISDS?

What are the benefits with ISDS?


© Det Norske Veritas AS. All rights reserved.

Software dependency changes the risk picture for advanced ships and rigs

DNV’s customers are often facing challenges when: - Developing philosophies for testing and integration of software - Identifying root causes for failures and managing “repairs” - Qualifying and assessing suppliers and personnel working with systems and software

INTEGRATED DP/MANOEUVRING/NAVIGATION

THRUSTER CONTROL

SHIP SERVICE SYSTEMS, BALLAST

MACHINERY CONTROLS, PMS

(PORT/STBD SPLIT)

PROPULSION CONTROL AND MONITORING

HVAC CONTROL

SAFETY STATION w/LARGE SCREEN

GAS TURBINE CONTROL AND MONITORING

INTEGRATED MACHINERY CONTROL AND MONITORING, PMS, FLUID CONTROL, HVAC

INDEPENDENT COMM. BUS(ES) FOR MANUAL PROPULSION CONTROL

INTEGRATED DP/MANOEUVRING/NAVIGATION

THRUSTER CONTROL

SHIP SERVICE SYSTEMS, BALLAST

MACHINERY CONTROLS, PMS

(PORT/STBD SPLIT)

PROPULSION CONTROL AND MONITORING

HVAC CONTROL

SAFETY STATION w/LARGE SCREEN

GAS TURBINE CONTROL AND MONITORING

INTEGRATED MACHINERY CONTROL AND MONITORING, PMS, FLUID CONTROL, HVAC

INDEPENDENT COMM. BUS(ES) FOR MANUAL PROPULSION CONTROL

INTEGRATED THRUSTER CONTROL SYSTEM- DYNAMIC POSITIONING- POSMOOR- AUTOSAIL- OPERATOR CONTROL

SYSTEMINTEGRATED MONITORING & CONTROL SYSTEM- EXTENSION ALARM- PROCESS CONTROL

POWER GENERATION& DISTRIBUTION

PROCESS CONTROL STATION

PROPULSION

WIND SENSORS

VRU

GYRO

BACK-UPSYSTEM

SAFETY SYSTEMEMERGENCY SHUTDOWN

FIRE & GAS

ENERGY MANAGEMENTSYSTEM

AZIPOD

INFORMATION MANAGEMENTREMOTE DIAGNOSTIC

DRILLING DRIVESYSTEM

PLANTNETWORK

CONTROLNETWORK

FIELDBUSNETWORK


Non Productive Time (NPT) is a serious problem drilling units

Source: Third Annual Benchmarking Report, Athens group & ModuSpec, 2011, DNV analysis

Acceptable level

5


Software related issues are seen as major NPT causes

Source: Third Annual Benchmarking Report, Athens group & ModuSpec, 2011, DNV analysis

The ISDS standard addresses these issues directly

6


Software is critical for operations in the maritime and energy industries - the listing of a converted tanker is an illustrative example

In 2002 a converted tanker almost sank due to malfunction of the ballast system

The ship stabilized at a 32 degrees since the cargo tanks were only using 1/3 of the capacity

DNV supported the investigation panel that was set up to identify the cause of the incident

Inadequate programming of the valve control system was identified as the root cause of the malfunction of the ballast system


DNV found that a software failure was the root cause 1. The incident was triggered by a failure in the main

generator

2. Except from the valve control system, all other systems responded correctly to the power failure

3. In the valve control system a Programmable Logic Controller (PLC) unit misinterpreted the 0 mA signal

4. The software error in the PLC caused all valves to open - which destabilized the ship

The circumstances of this failure are not unique:

The PLC software was delivered by a globally recognised leading supplier of control systems

The original software had been modified by a sub-supplier

No one ever checked the supplier that programmed the error into the system

The errors were not picked up in the performed tests


ISDS has been developed through application on real-life projects

2012

9

3rd ISDS release

• DNV-OS-D203 made “permanent”

• Continuous improvement through regular updates is key for our strategy

Class pilot project for Dolphin Drilling

2008 & 2009

1st ISDS release

• DNV launches the Recommended Practice, RP- D201, in 2008

• Gathered experience from 10+ projects for: - Drilling rigs - Advanced ships and offshore assets

Vendor GAP assessments and pre-qualifications

2010

2nd ISDS release

• Offshore Standard (tentative) OS-D203 launched in April

Pilot project for Seadrill

4th ISDS release

• Revised OS planned to be launched April 2012: - Predefined scope - «Ease of use» - Improved requirements for units in operation

Songa - Cat D Fred Olsen Energy - CS60E

2011

© Det Norske Veritas AS. All rights reserved. 10 © Det Norske Veritas AS. All rights reserved Slide 10 05 November 2012

OS D-203, Integrated Software Dependent Systems…

A Process Model describing best management and technical practices for software development and systems integration

- Promotes practices proven effective in other industries - Establishes common expectations for quality assurance

Targeted to offshore units and special ships built to a new or an established design – uses appropriate terminology, organization, etc.

Based on similar models accepted in other industries, e.g., - CMMI: aerospace - ISO/IEC 15504 (SPICE): automotive - IEC 61508, Part 3: railways - ISO 9001: quality management systems


ISDS is a set of best practices to manage software intensive projects

Five responsibilities:

Owner System Integrator Operator Supplier Independent Verifier

Four confidence levels:

CL0 CL1 CL2 CL3

Lifecycle of five phases:

A. Concept

B. Engineering

C. Construction

D. Acceptance

E. Operation M0 M1 M2 M3 M4 M5

O O O

14 process areas >150 activities


ISDS Classification Approach Initial comprehensive process assessments

- Determine if the organizations have processes in place that are capable of meeting ISDS requirements

- All project organizations within ISDS scope

Organizations develop action plans to address gaps

DNV reviews and approves action plan

Assessed organization implements actions

DNV Re-assesses organization - Re-assessments accompany project progress - Confirm that actions were completed - Confirm that ISDS required activities were performed

Specific work products are reviewed in more detail as part of product verification activities

DNV prepares a summary report on each organization for every milestone meeting


The requirements are grouped in 13 Process Areas 1. Requirements Engineering (REQ): Activities needed to define, document and manage the requirements

relevant for systems and software. 2. Solution (SOL) and 3. Design (DES): Activities that will produce software architecture, models, description of interfaces. 4. Implementation (IMP): Covers the coding and parameterization needed to develop the software modules 5. Acquisition (ACQ): Activities related to subcontracting to suppliers and sub-suppliers: proposals, invitation to

tender, supplier selection, contract establishment, contract execution, supplier monitoring, deliverables reception, verification and acceptance.

6. Integration (INT): Covers the assembly of the unit (ship, rig etc.) and interface control activities. 7. Verification (VER) and 8. Validation (VAL): V&V activities that each system complies with specification and fulfils its intended use. 9. Reliability, Availability, Maintainability and Safety (RAMS): Activities aiming at identifying and satisfying the

expected system requirements that are not necessarily described as functions of the system. 10. Project Management (PM): Activities required to include systems and software into the overall planning,

monitoring, and controlling of the project. 11. Risk Management (RSKM): Activities related to identifying, qualifying, mitigating and tracking product and

project risks related to systems and software. 12. Process and Quality Assurance (PQA): Activities related to process management and quality assurance, to

ensure that the activities required by this standard are executed in a manner consistent with the defined and expected level of quality.

13. Configuration Management (CM): Covers activities to ensure integrity and consistency of all the work products of the system (ISDS Elements, specifications, documentation, interfaces etc.).

13


Example – Activity Characterization from Assessment

Engineering Disciplines Support DisciplinesREQ SOL DES IMP ACQ INT VER VAL RAMS PM CM PQA RSKM

A.1 M M M H L H L L L H LA.2 H M L H M M M M M MA.3 M H NA NA M H NA HA.4 H M M MA.5 M HA.6 L MA.7 MA.8 LB.1 M L NA H L M H L M M M MB.2 M M M H M H H M NA NA HB.3 H H NA H NA NA HB.4 L M NA H NA NAB.5 H NAB.6 HC.1 H M NA NA H M M H L NA M MC.2 M NA H M H L NA NA HC.3 NA H L H L NAC.4 L H H M NA MC.5 M H M LC.6 L NA NAC.7 M M MC.8 NAC.9 NAD.1 M H H L M M M MD.2 H HD.3 H HD.4 NA MD.5E.1 M M H M M L LE.2 M ME.3 H HE.4 H

A: Concept

B: Engineering

C: Construction

D: Acceptance

E: Operations

(Confidence Level 2, responsibilities: operator, owner, system integrator)


The ISDS notation creates benefits for owners, yards and suppliers

Owner

Reduced risk for delays in new-build project and delayed operation Reduced risk for downtime caused by software in the operational phase Improved processes for maintenance and upgrades throughout the life-cycle DNV business case shows benefits in the 6 to 20 MUSD range by applying ISDS for a new-build project

Yard

Early engagement from owner and suppliers Clearer interfaces Higher probability of on time delivery Less rework during commissioning Less problems during guarantee period Lasting improvement in system integration process from project to project

Supplier

Improved specifications and clarity about their responsibilities and expected deliverables Early findings of potential problems More efficient documentation and verification activities Lasting improvement in software quality from project to project

Benefits are documented in published data and DNV experience from several projects


The ISDS standard can create substantial value also for yards and suppliers

Sources: SEI Report:: Performance Results of CMMI-Based Process Improvement, August 2006 Capers Jones, Software Quality and Software Economics, Software Tech News, April 2010 Barry Boehm, Software Engineering Economics, Prentice Hall, 1981 F. Shull, Victor, Basili, et al., What We Have Learned About Fighting Defects, IEEE Symposium of Software Metrics, 2002 David Card, Managing Software Quality with Defects, Crosstalk, March 2003

…and for the owner’s project

• DNV’s approach reduces the likely delay of

reliable operation by 1 month relative to base case (incl. HIL)

• Estimated value of avoiding delay is $15 million – assuming $ 500k per day in avoided costs

Requirements

Design Code Software Test

FAT

(2 mo.)

Commissioning

(6 mo.)

Rework of Defects

Typically Internal to Supplier

Operation

(7 mo. Delay)

LatentCriticalDefects

Start ofReliable

Operation

Lasting improvements for yards and suppliers…

Studies of long-term effects provide evidence on performance improvements

Cost reduction: 34% Schedule accuracy: 50% Productivity increase: 61% Quality improvement: 48%

Example: Automation systems developed by ABB that are complex, and include HW and SW Improvements over a 2 years period:

Cost reduction: 30% Return on investment: 5:1


The group of ISDS adopters is growing

- Statoil has applied DNV’s methodology widely on fixed drilling unit upgrades

- Total has applied ISDS for IWOCS and FPSO (CLOV project)

- Seadrill piloted the ISDS method (see Offshore Engineer Oct. 2010)

- Dolphin Drilling piloted ISDS class notation (see Upstream Online Feb. 2011)

- Dolphin Drilling are building with a full ISDS class notation at HHI

- Songa are building with a full ISDS scope at DSME (see Offshore April 2012)

- NOV have pre-qualified their sites in Norway and USA for ISDS deliveries

19

http://www.google.com/imgres?imgurl=https://ehawknov.com/ehawk/Images/NOV%20Logo.gif&imgrefurl=http://ehawknov.com/&usg=__5zdv7WmMgQugU4MvCoyvlU53Zas=&h=149&w=383&sz=10&hl=en&start=3&zoom=1&tbnid=ln2BRcDda-a9AM:&tbnh=48&tbnw=123&ei=CjOGT-yIO_TP4QTxzKniBw&prev=/search?q=nov+logo&hl=en&sa=X&rls=com.microsoft:no:IE-SearchBox&biw=1263&bih=581&tbm=isch&prmd=imvnsz&itbs=1


One of our strongest reference cases was published in October 2010 - on a project with did for Seadrill on an advanced rig upgrade

Link: http://interactive.offshore-engineer.com/DigitalAnywhere/viewer.aspx?id=22&pageId=46&refid=105356&s=undefined

‘They look at the system as an integrated whole and tend to know what to look for when they come out to check if it is working properly.’ - Steve O’Leary, technical services director at Seadrill ‘Our strategy is to prevent software defects from getting deployed in the first place.’ - Steve O’Leary, technical services director at Seadrill

20

http://interactive.offshore-engineer.com/DigitalAnywhere/viewer.aspx?id=22&pageId=46&refid=105356&s=undefined




Dolphin Drilling / Fred. Olsen Energy will receive the world’s first ISDS class notation certificate

“This DNV initiative is very welcome” - CEO of Fred. Olsen Energy ASA, Ivar Brandvold

“We recognize the new standard as an important contribution to the further quality assurance of our entire business,” - Technical Manager, Ken Myhre

“ISDS creates a win-win situation for all those involved, including the operator, the rig owner, the yard and suppliers, and should contribute significantly to improved health, safety and environmental performance.” - Technical Manager, Ken Myhre

21


Songa are building with a full ISDS scope at DSME

“Statoil is working hard to utilize new technology to increase recovery and extend the life of the fields on the Norwegian continental shelf. We are applying innovative thinking on everything about the Cat-D midwater rigs. This requires solid change management processes, and ISDS will help us do that” - Jan Magne Gilje, technical coordinator for Cat-D in Statoil

“Aside from the potential for software glitches to delay a project, they can ultimately be dangerous to those on board. Therefore, we all want ISDS to be successful” - Steven Durham, Songa's Cat-D project director

“ISDS will not solve all problems but it will hopefully improve the situation. If we can get a 50% improvement in software-related delays during commissioning, then it will be a big success, especially given the complex nature of such projects and their time limits” - Sverre Fjereide, project controls manager for DSME

"It is definitely time for this to happen now” - Jon Fredrik Lehn-Pedersen, Kongsberg's general manager for drilling and offshore automation

Link: http://www.offshore-mag.com/articles/print/volume-72/issue-4/drilling-and-completion/software-standard-gains-momentum-with-new-drilling-rigs.html

22


Safeguarding life, property and the environment

www.dnv.com

integrated software dependent systems - isds · os d-203, integrated software dependent systems…...

Documents