Page 151 - Pipeline Risk Management Manual Ideas, Techniques, and Resources
P. 151
6/128 Incorrect Operations Index
Many of these characteristics impact the leak detection and Other aspects of the SCADA role in risk reduction can be
emergency response abilities of the system. These impacts are captured in the consequence section, under “Spill Reduction
assessed in various consequence factors in Chapter 7. Factors.”The more technical aspects of kind and quality of data
As one variable in assessing the probability of human error, and control (incident detection) and the use of that capability
the emphasis here is on the SCADA role in reducing human (emergency response), can be assessed there.
error-type incidents. Therefore, only a few characteristics are
selected to use in evaluating the role of a specific SCADA
system. From the human error perspective only, the major C3. Drug testing (0-2 pts)
considerations are that a second “set of eyes” is monitoring all Government regulations in the United States currently require
critical activities and that a better overview of the system is drug and alcohol testing programs for certain classes of
provided. Although human error potential exists in the employees in the transportation industry. The intent is to reduce
SCADA loop itself, it is thought that, in general, the cross- the potential for human error due to an impairment of an indi-
checking opportunities offered by SCADA can reduce the vidual. Company testing policies often include
probability of human error in field operations. The following
are selected as indicators of SCADA effectiveness as an error Random testing
reducer: Testing for cause
Pre-employment testing
1. Monitoring ofall critical activities and conditions Postaccident testing
2. Reliability of SCADA system Return-to-work testing.
3. Enforced protocol requiring real-time communications
between field operations and control room; two sources From a risk standpoint, finding and eliminating substance
involved in critical activities; an adequate real-time commu- abuse in the pipeline workplace reduces the potential for sub-
nications system@) is assumed stance-abuse-related human errors.
4. Interlocks or logic constraints that prevent incorrect opera- A functioning drug testing program for pipeline employees
tions; critical operations are linked to pressure, flow, who play substantial roles in pipeline operations should war-
temperature, etc.; indications that are set as “permissives” rant maximum points.
before the action can occur. In cultures where drug and substance abuse is not a problem,
a practice of employee health screening may be a substitute
Note the following assumptions: item to score.
Critical activities include pump stadstop; tank transfers;
and any significant changes in flows, pressures, tempera- C4. Safety programs (0-2 pts)
tures, or equipment status.
0 Monitoring is seen to be critical for human error prevention, A safety program is one of the nearly intangible factors in the
but control capability is mostly a response consideration risk equation. It is believed that a company-wide commitment
(consequences). to safety reduces the human error potential. Judging this level
0 Remote monitoring is neither an advantage or disadvantage of commitment is difficult. At best the evaluator should look for
over local (on-site control room) monitoring. evidence of a commitment to safety. Such evidence may take
0 Proper testing and calibration are implied as part of relia- the form of some or all of the following:
bility.
Written company statement of safety philosophy
Because item 4 above (interlocks or logic constraints) is Safety program designed with high level of employee partic-
already captured in the “Computer Permissives Program” part ipation--evidence of high participation is found
ofthe variable mechanical error preventers, the remaining three Strong safety performance record (recent history)
considerations can be “scored” in the assessment for probabil- Good attention to housekeeping
ity of human error as shown in Table 6.1. Signs, slogans, etc., to show an environment tuned to safety
Full-time safety personnel.
Most will agree that a company that promotes safety to a
Table 6.1 Evaluation of SCADA role in human error reduction high degree will have an impact on human error potential. A
strong safety program should warrant maximum points.
Level 1 No SCADA system exists or is not used in a manner that
promotes human error reduction.
Level 2 Some critical activities are monitored; field actions are C5. Surveyslmapslrecords (0-5 pts)
informally coordinated through a control room; system
is at least 80% operational. While also covered in the risk indexes they specifically impact,
Level 3 Most critical activities are monitored; field actions are surveys as a part of routine pipeline operations are again con-
usually coordinated through a control room; system sidered here. Examples of typical pipeline surveys include:
uptime exceeds 95%.
Level 4 All critical activities are monitored; all field actions are
coordinated through a control room; SCADA system Close interval (pipe-to-soil voltage) surveys
reliability (measured in uptime) exceeds 99.9%. Coating condition surveys
Water crossing surveys
