Risk Based Management of Wells Safety-Related Software Systems

摘要

The Operator has long recognized the risks associated with specialist well engineering and wells services software and how insufficient management could have consequences to both safety and the environment. Sawaryn et al. (2003) laid out a set of principles for improving the management and use of Safety-Critical drilling engineering and well services software. Through a series of initiatives, the Operator has developed these principles into a risk based management practice aligned to international standards; IEC 61508 (2010). This has enabled better understanding by global wells and IT on the influence software systems have on group loss of well control risk barriers. It has also enabled the creation of a more robust management framework. A significant development has been to simplify the classification and differentiation between Safety-Critical and Safety-Related systems. It was recognized that applying a broad brush definition of "Safety-Critical" to wells applications created a high burden of responsibility and weakened the definition of Safety-Criticality. For example a system with no human interaction before an action occurs should be managed more rigorously than one whose output can be validated and corroborated. When applying these criteria to wells software it was found that none were Safety-Critical, therefore the scope of this paper is confined to Safety-Related software. A risk based approach has been used to enable easier classification of software, removing some of the ambiguity prevalent in the past. This has reduced the risk for project delivery and IT support operations. Using risk based approach has also allowed a more objective approach to management, enabling better measurement for the controls discussed in this paper. Work in this area is still relatively immature and there remain many challenges. For example, data integrity can be difficult to manage and can weaken controls such as algorithm validation. Additionally complex systems used by wells but owned by other upstream functions can be difficult to manage unless those functions follow the same methodology. This paper outlines the initiatives the Operator has taken to reduce the risk presented by Safety-Related software, highlighting the benefits, challenges and opportunities.