Professional Documents
Culture Documents
Application of Hybrid Fault Tree and Bayesian Networks in Safety Management of Oil and Gas Subsea Production Infrastructure
Application of Hybrid Fault Tree and Bayesian Networks in Safety Management of Oil and Gas Subsea Production Infrastructure
ABSTRACT
Loss of hydrocarbon containment and subsea system failures are among the most undesired and costly
incidents during operation of offshore oil and gas production facilities. The incidence of leaks and
subsea production system failures, together with the regulatory requirements for plans to manage
ageing has galvanised considerable effort and has consolidated an enhanced understanding of the
nature of failure events and their consequences. The dynamic nature of these incidents, resulting from
rapidly changing physical parameters, operational conditions/parameters and time-dependent
degradation mechanisms, necessitates techniques capable of considering time dependencies and
changes during the lifecycle of the operating life of the subsea systems. The challenge is to estimate
the reliable probability of a critical event, leading to a catastrophic failure. The rarity of the event
makes it unlikely that sufficient data exists to determine the frequency of the event. The present work
is aimed at demonstrating the application of Hybrid Bayesian network methods in conducting a risk
analysis and prediction of time of failure with an adequate confident level for the subsea production
system during the operation. Considering the former method, fault trees and an event tree are
developed for potential incident scenarios. In the latter method, firstly, individual Bayesian networks
are developed for the incident scenarios and secondly, an object-oriented Bayesian network is
constructed by connecting these individual networks. The Hybrid Bayesian Network (HBN) method
provides greater value than the other common risk assessment method since it can consider common
cause failures and conditional dependencies along with performing probability updating and
sequential learning using incident precursors.
1.0 INTRODUCTION
Oil and gas offshore production facilities consist of numerous equipment and unit operations,
thousands of control loops, and exhibit dynamic behavior. Different hazards and several types of risk
are associated with these production facilities. These facilities are prone to devastating accidents
dealing with hazardous material at high temperature and/or pressure. Hence, the implementation of
safety measures followed by a comprehensive risk assessment is crucial to maintain the level of risk
below the acceptance criteria.
One of the main threats in operation of offshore production facilities is perceived to arise from
leaks and failure of subsea production systems or pipelines. Restricted accessibility limits the
inspection regime and very little data exists on the condition of systems functioning in deep water,
particularly in the areas below 1,000 m water depth. The incidence of system failures within the
subsea production systems, together with the regulatory requirements for plans to manage ageing has
galvanised considerable effort and has consolidated an enhanced understanding of the nature of failure
events and their consequences. The challenge is to estimate the reliable probability of a critical event,
leading to a catastrophic failure. The rarity of the event makes it unlikely that sufficient data exists to
determine the frequency of the event. The methodology is not immediately obvious, nor is it what
may be considered to be a classical analysis. Very little data exists upon which conclusions may be
readily drawn. Accordingly, the assessment requires creative thinking and exploration of different
techniques to determine if a bespoke solution is possible, based on the optimal use of the existing data
and the common experience and knowledge.
Risk assessment methodologies such as quantitative risk analysis (QRA), probabilistic safety
analysis (PSA), and optimal risk analysis (ORA) comprise different steps among which incident
scenario analysis is a common task. Incident scenario analysis includes accident sequence modeling
and consequence assessment (Khakzad et al. 2013). Several methodologies have been used for
Should the holes line up, there is the potential for an accident or incident, or, a critical event to
arise. The two most important ways of modelling risk problems are
PEi
Ci
IEi
TE
SB1
SB2
BT in one of the best graphical approaches to represent a complete incident scenario, starting from
incident causes and ending with its consequences. Typical BT, comprised of different components
such as primary events (PEi), intermediate events (IEi), top event (TE), safety barriers (SBi), and
accident consequences (Ci). It helps to understand which possible combination of primary events will
lead to the top event in the fault tree and which safety function failures will escalate the top event to a
particular consequence in the event tree. For example, the simplified occurrence probability of
consequence Ci in Figure 2 can be assessed as:
1 2 1
where P(TE) is the top event probability, and P(SB1) and P(SB2) refer to the non-failure probability
of SB1 and the failure probability of SB2.
Complex event tree analysis has also been integrated with Monte Carlo methods to evaluate risk
profiles for consequence mechanisms. This additionally provides a framework within which the cost
benefit of mitigation measures can be evaluated and justified.
In general, BN is a graphical technique that has started to be widely applied in the field of risk
analysis. Known as an inference probabilistic method, BN is composed of nodes, arcs and probability
tables to represent a set of random variables and the conditional dependencies among them. Due to its
flexible structure and probabilistic reasoning engine, BN is a promising method for risk analysis of
large and complex systems. Considering the conditional dependencies of variables, BN represents the
joint probability distribution P(U) of variables U = {A1,….,An}, as:
∏ | 2
where Pa(Ai) is the parent set of variable Ai (Jensen and Nielsen , 2007). Accordingly, the probability
of Ai is calculated as:
∑ / 3
where the summation is taken over all the variables except Ai. The main application of BN is in
probability updating. BN takes advantage of Bayes’ theorem to update the prior probabilities of
variable s given new observations, called evidence E, rendering the updated or posterior probabilities:
, ,
|
,
∑
4
3.1 Fault tree mapping
Mapping from the fault tree into the BN is including a graphical and numerical translation. In the
graphical step, the structure of BN is developed from the fault tree such that primary events,
intermediate events, and the top event of the fault tree are represented as root nodes, intermediate
nodes, and the leaf node in the equivalent BN, respectively. The nodes of BN are connected in the
same way as the corresponding events in the fault tree. In the numerical step, occurrence probabilities
of the primary events are assigned to the corresponding root nodes as prior probabilities. For each
intermediate node as well as the leaf node, a CPT is assigned. CPTs illustrate how intermediate nodes
are related to precedent intermediate or root nodes
Figure
F 3: Hyybrid Causal logic Framework
4.0 CAS
SE STUDY: PREDICTIV
VE FAILUR
RE MODEL OF
O SUBSEA
A PIPELINE
E SYSTEM
To impllement the previously
p deescribed metthodology, a predictive failure modeel of subsea pipeline
system ccase study was
w selected as a the incideent scenario. The selected
d pipeline suub-system is part of a
risk asseessment, life predicationss and time too failure for 10 systems and 110 subb-systems forr a FPSO
oil and ggas productioon facilities. The subsea production facility incluudes 172 km m flowlines, risers
r and
export liine, 41 km umbilicals,
u 32 operationaal wells and 5 subsea maanifolds withh nominal prroduction
rate of aapproximately 200,000 bo od. The subssea productioon system is located in m
more than 120 00 m in a
very corrrosive enviroonment. Thee risk assessmment was com mpleted baseed on the folllowing inform
mation:
Condition monitoring
m annd inspectionn data
Incident reports
Review of design
d data an nd establish m
minimum accceptance criteria
Identificatioon of criticaal componennts that do not meet ALARP
A or m
minimum accceptance
criteria
Figure 4 shows two photo o snapshots examples of the repo orted incideent and deg gradation
mechaniisms from thhe subsea insppection by RRemotely Opperated Vehiccles (ROV). The left pho
oto shows
the minoor leak inciddent event th
hat resulted in temporary
y shut down
n of the prodduction facillities and
costly im
mplementatiion of subseea in tubingg repair. Thee right photo shows thee degradatio on of the
pipeline coating systtem.
The iincidence off minor leak and system failures witthin the subssea productiion systems, together
with thee regulatory requirements for plans tto manage ageing
a and thhe risk of unnexpected faailure has
galvanissed consideraable effort an
nd has consoolidated an en
nhanced undeerstanding off the nature of
o failure
events aand their consequences to have bett tter planningg in mitigation and alloccation of addequately
planned assurance taask (inspectioon, monitorinng and mainttenance).
5.0 CON
NCLUSIONS
In this w
work, risk analysis of the loss of conttainment (leaak) in the sub bsea productition systems has been
investigaated using booth bow-tie and
a Bayesiann network ap pproaches. Bayesian netw work is show
wn to take
priority over bow-tie since it co onsiders com mmon cause failures as well w as condditional depeendencies
among tthe primary events of th he integrity mmanagementt of the subssea system. H However, it is worth
noting thhat BT is gennerally a moore transparennt and straigght forward teechnique thaan BN, particcularly in
situationns where proobability updating is noot required. Also, the BN approachh, as opposed d to BT,
demandss far more expertise
e in terms
t of eithher condition
nal probabilitty extractionn from data resources
r
or network construcction based on causal reelationships between co omponents. IIn the presen nt study,
object-ooriented Bayeesian networrk was used to model th he complex anda interlinke ked domain ofo loss of
containm ment with significant levels of aabstraction. Thus, the model beccame tractab ble, and
dependeencies amongg the model segments
s weere better sho
own, resulting in more efffective modeeling and
communnication withh stakeholderrs. It is also observed th hat using Bay yesian netwoorks to modeel loss of
containm ment events makes
m it posssible to upddate the probaability of losss of containmment and inttegrity of
subsea ssystem as neew informatiion and histoorical perforrmance of the facility orr the similar facilities
becomess available. A Bayesiaan network risk model also helps to identifyy the most probable
configurration of eveents leading to a loss off containmen nt. This study y has highligghted how seequential
6.0 REFERENCES
Badreddine, A., and Ben Amor, N., (2010). A dynamic barriers implementation in Bayesian-based
bow tie diagrams for risk analysis. In: Proceedings of International Conference on Computer Systems
and Applications, pp. 1–8.
Bobbio, A., Portinale, L., Minichino, M., and Ciancamerla, E., (2001). Improving the analysis of
dependable systems by mapping FTs into Bayesian networks. Journal of Reliability Engineering and
System Safety 71, 249–260.
Boudali, H., and Dugan, J.B., (2005). A new Bayesian approach to solve dynamic FTs. Proceedings
of Reliability and Maintainability Symposium (RAMS’05), pp. 451–456.
Ching, J., and Leu, S.S., (2009). Bayesian updating of reliability of civil infrastructure facilities based
on condition-state data and fault-tree model. Journal of Reliability Engineering and System Safety 94,
1962–1974.
Cockshott, J.E., (2005). Probability bow-ties a transparent risk management tool. Process Safety and
Environmental Protection 83, 307–316.
Delvosalle, C., Fievez, C., Pipart, A., Casal Fabrega, J., Planas, E., Christou, M., and Mushtaq, F.,
(2005). Identification of reference accident scenarios in SEVESO establishments. Reliability
Engineering and System Safety 90, 238–246.
Delvosalle, C., Fievez, C., Pipart, A., and Debray, B., (2006). ARAMIS project: a comprehensive
methodology for the identification of reference scenarios in process industries. Journal of Hazardous
Materials 130, 200–219.
Dianous, V.D., and Fievez, C., (2006). ARAMIS project: a more explicit demonstration of risk
control through the use of bow-tie diagrams and the evaluation of safety barrier performance. Journal
of Hazardous Materials 130, 220–233.
Gowland, R., (2006). The accidental risk assessment methodology for industries (ARAMIS)/layer of
protection analysis (LOPA) methodology: a step forward towards convergent practices in risk
assessment. Journal of Hazardous Materials 130, 307–310.
Kalantarnia, M., Khan, F., and Hawboldt, K., (2009). Dynamic risk assessment using failure
assessment and Bayesian theory. Journal of Loss Prevention in the Process Industries 22, 600–606.
Khakzad, N., Khana, F., and Amyotte, P. (2013). Dynamic safety analysis of process systems by
mapping bow-tie into Bayesian network. Journal of Process Safety and Environmental Protection 91,
46–53
Khakzad, N., Khan, F., and Amyotte, P., (2011). Safety analysis in process facilities: comparison of
fault tree and Bayesian network approaches. Journal of Reliability Engineering and System Safety 96,
925–932.
Markowski, A.S., Mannan, M.S., and Bigoszewska, A., (2009). Fuzzy logic for process safety
analysis. Journal of Loss Prevention in the Process Industries 22, 695–702.
Meel, A., and Seider, W.D., (2006). Plant-specific dynamic failure assessment using Bayesian theory.
Chemical Engineering Science 61, 7036–7056.
Montani, S., Portinale, L., Bobbio, A., and Codetta-Raiteri, D., (2008). RADYBAN: a tool for
reliability analysis of dynamic FTs through conversion into dynamic Bayesian networks. Journal of
Reliability Engineering and System Safety 93, 922–932.