GS Exp 403

Exploration & Production
This document is the property of Total. It must not be stored, reproduced or disclosed to others without written authorisation from the Company.
GS_EXP_403_02.doc
GENERAL SPECIFICATION
GS EXP 403
Production availability studies of oil and gas systems
02 09/03 Change of Group name and logo
01 11/02 Update
00 02/01 First issue
Rev. Date Notes
General Specification Date: 09/03
GS EXP 403 Rev: 02
GS EXP 403 Page 2/17
Contents
1. Scope ....................................................................................................................... 3
2. Reference documents............................................................................................. 3
2.1 General ........................................................................................................................... 3
3. Additive and crossed references........................................................................... 5
4. General methodology ............................................................................................. 5
5. Functional description............................................................................................ 5
6. Causes and effects analysis .................................................................................. 6
6.1 Event identification.......................................................................................................... 6
6.2 Detection of the events ................................................................................................... 6
6.3 Consequences on the production availability .................................................................. 7
6.4 Restoration ..................................................................................................................... 7
6.5 Planned events ............................................................................................................... 8
7. Data gathering and validation................................................................................ 8
7.1 Operational data and external data................................................................................. 9
7.2 Reliability data................................................................................................................. 9
8. Availability modelling and calculations .............................................................. 10
8.1 Availability modelling..................................................................................................... 10
8.2 Type of results .............................................................................................................. 12
Appendix 1 Glossary of terms and abbreviations ................................................. 14
GS EXP 403 Rev: 02
1. Scope
This document provides guidance for the performance of a production availability study of oil
and gas system(s). It deals with:
The general methodology
The data used in the study
The availability modelling and calculations
The reporting.
It aims at providing, to the COMPANY and the performer:
A common background for the performance of such studies
A guidance for the structure of the study and the reporting formats.
A detailed scope of work must be drafted for any particular study, it will define namely:
The objective of the study and its context
The boundaries of the system(s) under study
The expected level of details of the study
The keys parameters to evaluate.
In practice, the performance of the study requires complementary competence from the
performer of the study and from the COMPANY. It is then useful to define in the scope of work
the hold points which require a formal validation. They are namely:
The functional description
The set of data used in the study
The availability model(s).
2. Reference documents
The reference documents listed below form an integral part of this General Specification. Unless
otherwise stipulated, the applicable version of these documents, including relevant appendices
and supplements, is the latest revision published at the EFFECTIVE DATE of the CONTRACT.
2.1 General
2.1.1 Choice of reference documents
Where national regulations exist, their provisions and those of the standards and codes to which
they refer shall apply, supplementing or amending the provisions of this document.
If there are no national regulations covering all or part of the subject of this document, the
reference documents shall be strictly applied, as supplemented by the provisions of this
document.
2.1.2 Recognition of reference documents
Only the main reference documents are mentioned; the CONTRACTOR shall be responsible for
complying with all secondary reference documents dealing with the subject of this document.
GS EXP 403 Rev: 02
Unless otherwise indicated in the detailed contractual conditions, all the reference documents to
be used, as well as their supplements shall be the latest editions.
Note: The following normative references are applicable mainly to electromechanical systems,
they may be used, for information for oil and gas systems.
Standards
Reference Title
IEC 50 (191) (1990) International Electrotechnical Vocabulary chap. 191: definitions
and quality of service
IEC 300-3-1 (1991) Part 3: application guide: section 1: analysis techniques for
dependability: guide on methods
IEC 300-3-2 (1993) Part 3: application guide: section 1: collection of dependability
data from the field
IEC 812 (1971) Analysis techniques for system reliability: procedure for F.M.E.A.
IEC 862 (1986) Presentation of Reliability, Maintainability, Availability predictions
IEC 1025 (1990) Fault Tree Analysis
IEC 1078 (1991) Analysis techniques for dependability: Reliability Block Diagram
Professional Documents
Reference Title
Not applicable
Regulations
Reference Title
Not applicable
Codes
Reference Title
Not applicable
Other documents
Reference Title
Not applicable
GS EXP 403 Rev: 02
Total General Specifications
Reference Title
Not applicable
3. Additive and crossed references
The provisions of this document shall be applied in the light of the supplementary documents
supplied by the OWNER, including:
Country specificity appendices
Job specification
Data sheets
Articles and conditions; list of tasks
Quality assurance provisions.
4. General methodology
The study will include the following steps:
Functional description of the system(s) under study
Causes and effects evaluation of the events inducing a production loss
Data gathering and validation
Availability modelling and calculations
Reporting.
5. Functional description
The functional description aims at identifying the different sub-set of the equipment and their
functional links for the purpose of the availability study. It is also a way to ensure a common
understanding, by the COMPANY and the performer, of the system(s) under study. It will make
appear under the form of a block diagram the different sub-set of equipment which will have to
be analysed for performing the study. It is intended to be directly drafted from the PFD/PID's
and the technical documentation provided for the performance of the study. The terminology
shall be stated in the scope of work of the study, by default, the following terminology will be
used:
Level 0: Complex (set of installations with functional links)
Level 1: Installation (an offshore platform, an onshore plant, an oil terminal, etc.)
Level 2: System (oil production, gas production, electricity, water injection, etc.)
Level 3: Section (separation, power supply, expedition, etc.)
Level 4: Station (heating, pumping, etc.)
GS EXP 403 Rev: 02
Level 5: Element (separator, pump, motor, etc.)
Level 6: Component (transducer, valve, relay, etc.).
The level to be used for the analysis will be defined in accordance with the scope of work.
However, the level 3 is generally required as the minimum.
6. Causes and effects analysis
The causes and effects analysis aims at identifying the events which may cause production
losses, their consequences on the production availability, as well as, the quantification of the
parameters to be used for availability calculations. It will apply to any piece of equipment as
they appear from the functional description and will take into account any unplanned event
which may induce a production loss. Depending on the scope of work, the study will include/not
include the planned events (preventive maintenance, inspection, periodic tests, etc.) which may
induce a scheduled production loss.
For each event the followings aspects will be analysed:
Event identification and expected frequencies
Detection means of the events
Consequence on the production availability
Restoration time and procedure.
The analysis should be done on a systematic manner, based on systematic methods such as
"What If", FMECA, HAZID, etc.
6.1 Event identification
In general several events may occur on a given piece of equipment, each event having different
detection means, different consequences on the production and different restoration means.
The event frequencies for a given piece of equipment will be gathered accordingly into
categories. Event frequencies may be directly elaborated at the level of the piece of equipment,
or calculated from the event frequencies at the component level depending on the availability of
the data.
6.2 Detection of the events
The delay for detecting an event that may induce a production loss has to be considered. It
depends on the efficiency of the control system and on the operating mode
(manned/unmanned, day/night shifts, etc.) of the installation(s).
Furthermore, attention will be paid to the revealed/unrevealed events:
Revealed event: a warning is immediately emitted through the control system. Depending
on the operating mode a delay for the acknowledgement may have to be considered. The
need for immediate or deferred intervention depends on its consequence on the
production availability.
Example: spurious production shutdown.
GS EXP 403 Rev: 02
Unrevealed event: the event may only be detected during a periodic test or a routine
inspection. The requirement for intervention as well as the consequence on the production
availability has to be assessed according to the criticality of the failure.
Example: safety valve internal leakage detected during periodic test.
6.3 Consequences on the production availability
The consequence on the production availability of a given event will depend on the criticality of
the event. Attention will be paid to the following categories of events:
Critical events inducing an immediate production stoppage or reduction, up to restoration
The production stoppage or reduction may be directly induced by the event by itself or
voluntarily done in case of an unacceptable safety or environmental situation created by
the event
Significant events leading to a production stoppage or reduction only during the site
intervention for repair or replacement of the faulty piece of equipment
Non critical events leading to a restoration without production stoppage or reduction.
In some cases, the production flowrate may be temporarily increased, in order to compensate
for a production stoppage.
6.4 Restoration
The restoration category will depend on the criticality of the event as defined here above, and
on the maintenance strategy. It is generally useful to make appear three categories of events
regarding restoration:
Critical events requiring an immediate intervention
Examples:
- Loss of non redundant essential equipment
- Unacceptable safety or environmental situation leading to a production shutdown.
Significant event requiring a deferred planned intervention
Examples:
- Failure of 1/2 redundant essential equipment
- Reduced production until repair
- Downgraded situation on the safety or environment point of view, special precautions
taken.
Non critical events: the intervention for restoration may be done at the occasion of a
routine visit
Examples:
- Failure of non essential equipment
- Equipment with high redundancy level.
GS EXP 403 Rev: 02
The restoration duration is understood as the whole duration of the reduced or stopped
production regime starting from the occurrence of the event causing the production reduction or
stoppage up to the restoration to the normal production regime. Then it includes:
The detection time of an unplanned event
The mobilisation time of the intervention crew (namely for events occurring at night)
The possible delay for initiating the related intervention (wait on weather, spare parts
unavailable by example)
The duration of the intervention up to restoration.
The intervention by itself may consist in:
The repair/replacement of a faulty component
The using of back-up or redundant equipment for restoring the normal production regime
The modification of the production mode for ensuring a reduced production regime during
the intervention
The re-start of the production after diagnostic (spurious shutdown due to a non-critical
cause).
The data from data bank, expressed in terms of MTTR's are generally of little value for the
estimation of the restoration duration.
6.5 Planned events
The planned events which induce a production reduction or a production stoppage will be
accounted in the calculation as required by the scope of work. They usually include:
Well planned interventions (wireline or work over)
Inspections of the pressure vessels
Overhauls of the large rotating machine
Pigging operation
Preventive maintenance
Periodic tests when they induce a production reduction or stoppage.
These events will have to be identified and quantified in terms of frequency and duration of the
production loss based on information provided by the COMPANY.
7. Data gathering and validation
Availability calculations generally require data regarding the reliability of the equipment, data
regarding the operation of the installation(s), and data regarding the industrial/natural
environment of the installations (weather conditions, availability of external power supply, by
example). The validity of these data is obviously of major concern for ensuring the quality of the
results. They will be presented with a format which render easy their checking and validation.
Due consideration should be given to human factors which may alter the data.
GS EXP 403 Rev: 02
7.1 Operational data and external data
Unless stated otherwise in the scope of work, these data will be provided by the COMPANY
upon query of the performer of the study. It is part of the job of the performer to identify all areas
where information from the COMPANY is necessary for the performance of the study.
They usually include data coming from:
The operation mode of the installation (manned/unmanned mode, day/night shifts, etc.)
The overproduction capacity when relevant
The maintenance strategy (immediate or delayed intervention for restoration)
The availability of the intervention means (helicopters, supply boat, transfer boat, etc.)
The availability of external supplies (electrical power, products, etc.)
The weather conditions.
All data will be summarised in a table reported in an appendix. The table will include:
The description of the datum
The average value
Indication on the datum uncertainty in accordance with the scope of work requirement
(min., max. or confidence level, or error factor, etc.)
Origin of the datum (project document, minutes of meeting, external source, etc.).
7.2 Reliability data
Reliability data may be coming from various sources. In some occasions, conflict may arise
when several sources are available for a given component. In that case, the following hierarchy
of sources is generally preferred:
COMPANY's data when they are provided supplements other sources
Oil and gas data from referenced sources
Other industry data from referenced sources
Private data not referenced.
Expert judgement will be used in the following cases:
Unavailability of data from referenced sources
Adjustment or correction of data to fit with the specific aspects of the design and operation
of the equipment.
Attention will be paid to the failure modes of components, which may relate to minor or major
failure, revealed/unrevealed failure or overall values. In most cases, generic failure rate must be
associated to a correction factor in order to take into account in the calculations the value that
represents an interest for the study. The overall failure rate will be split in categories in
accordance with the categories of production loss and/or the categories of restoration as
necessary for the performance of the production availability calculations.
GS EXP 403 Rev: 02
All data will be summarised in a table reported in an appendix. The table will include:
The description of the piece of equipment
The average failure rate
The correction factors applied to the value if any
Indication on the datum uncertainty in accordance with the scope of work requirement
(min., max. or confidence level, or error factor, etc.)
Origin of the datum (data base, computerised maintenance information system, external
source, etc.)
Justification of the correction factor if any.
8. Availability modelling and calculations
8.1 Availability modelling
Availability calculations generally require building a model of the system under study. There are
a number of techniques, which may be used for that purpose, either individually or in
combination depending of the scope of work, namely:
Reliability block diagram
Fault tree
Markov graph
Analytical model
Petri nets and Monte Carlo simulation.
Attention will be paid for the choice of the modelling technique(s) to the following functionality,
which may be required by the objective of the study.
8.1.1 Redundancies/Backup modelling
Active redundancy: simultaneous functioning of identical pieces of equipment ensuring the
same function
Passive redundancy: identical pieces of equipment which may ensure the function, one of
them only being in service, a dedicated manual or automatic device allows to change over
to a stand-by piece of equipment
Backup: stand-by piece of equipment which may ensure the function of the in-service
piece of equipment, generally in a downgraded or temporary mode. The stand-by piece of
equipment may be put in service either automatically or manually
N/m active voting system.
GS EXP 403 Rev: 02
8.1.2 Common mode failure
Common mode failures reduce the effect of the redundancy or backup arrangement. They may
be in some cases the dominant contributors to the production unavailability. Special attention
will then be paid to their incorporation into the calculations. The possible causes of common
mode failures are numerous, they include the followings:
Power supplies
Locations/routings
Human factors
Weather/ambient conditions
Crude/fluid characteristics
Identical technology/MANUFACTURER.
8.1.3 Uncertainties evaluation
In many cases, only average values of the results are expected from the availability study.
However, given the statistical nature of the calculations, the uncertainty evaluation of the results
is the only way to assess the validity of the results. The uncertainties of the results depend on
the uncertainties of the input data and on the availability model(s). This evaluation generally
requires calculations based on Monte Carlo simulations. The uncertainties of the results may be
expressed on different manners:
Expected min., max. values
Symmetric/non symmetric interval for a given confidence level
Error factors
Histogram or probability density function.
8.1.4 Sensitivity analysis
Sensitivity analyses consist in the performance of calculations with different values of part of the
input data. They are of main concern for:
The determination of the contribution of given pieces or sub-set of equipment to the
overall unavailability, in order to highlight the priorities for improvement
The evaluation of the expected effect of a given possible improvement.
Given the relative nature of the calculations, the sensitivity calculations allow to minimise, to
some extent, the effect of the uncertainties of the results. They are in many cases the most
useful results of the study.
GS EXP 403 Rev: 02
The sensitivity analysis may, for instance, deal with:
The functional aspects of the system(s): wells, separation, treatment, expedition, power
supplies, etc.
The technological or human aspects of the system(s): transducers, rotating machines,
vessels, valves, human factors, etc.
8.2 Type of results
In general, the overall production availability (or unavailability) is the main expected result from
availability studies. However, some other parameters may be useful, depending of the objective
of the study. They will have to be stated in the scope of work, for instance:
Intervention frequency
Probability of major shutdown
Probability to meet a delivery requirement
Overall failure rate
Reliability for a given period of time
Etc.
In any case, the results, will be summarised in a table which will include, for each piece of
equipment as it appear from the functional description:
The description of the piece of equipment
The average values of the key parameters used in calculations (event frequency,
contribution to the production, restoration time)
The consequent unavailability, or the contribution to other key results
The associated uncertainties as required by the scope of work.
The average values, or best estimates, of the results represents, due to the stochastic nature of
the process, an average behaviour of many installations(s) or system(s) operated in the same
conditions for a long period of time. In reality, the experienced values, for given installation(s) or
system(s) at given periods of time may, logically be different. So, attention will be paid to:
The time dependency of the results: the results tend, after a certain period of operation,
toward average values which are generally different from the values at the start-up.
The stochastic nature of the process which means that there is, only, a certain probability
that the installation(s) or system(s) experience the results of the study. This may be
expressed by the probability of reaching given values of the results or by the curve of the
probability density function, or by the calculation of an interval for a given confidence level.
Although the results of such calculations may be alike the results of the uncertainty
calculations they, in fact, represent things of very different nature.
The need for performing such calculations will guide the choice of the modelling techniques
(Markov graph, Petri nets, Monte Carlo simulations by example). Then, the related requirement
will have to be expressed in the scope of work.
GS EXP 403 Rev: 02
9. Reporting
The report will be made of:
An executive summary
A main report
Appendices.
The executive summary will include:
A reminder of the objective and the context of the study
The presentation of the main results of the study
The comparison of the results with the objective
The comments or recommendations of the performer.
The main report is intended to be understandable by the non-specialist, so it will present only
the results of the different steps of the study as well as the comments from the performer. The
details of calculations, models, data will preferably be reported into appendices. It will be
structured in accordance with the steps of the study:
Objective
Functional description
Cause and effects analysis
Modelling and results, including a table summarising the main results as defined in 8.2.
The appendices will incorporate the input data, details of models and calculations, references
as necessary for allowing the checking of the study. They must incorporate appendices
dedicated to:
The operational and external data as defined in 7.1
The reliability data as defined in 7.2.
The draft report will be submitted to the COMPANY for approval.
GS EXP 403 Rev: 02
Appendix 1
Appendix 1 Glossary of terms and abbreviations
Note: This glossary aims at providing a common understanding of the terms frequently used in
availability analysis. It is recognised that slightly different definitions may be found in various
sources. The definition of terms is completed, where relevant, by some explanations, warning
and examples.
Availability
The probability for a component or a system operated in given conditions to be able to perform
its function at a given time. The availability (A(t) of a system is time dependent and tends toward
a constant limit when the operation time increases.
The average availability for a given period of time expresses the percentage of time when the
system is able to perform its function.
The evaluation of the unavailability: U(t) = 1 - A(t), is generally preferred as it is in more direct
relation with the production outages and more sensitive to the improvements. For instance, the
availability figures: 0.99, 0.999 do not make appear a significant change, but this implies in
reality an improvement by a factor 10, that is expressed by the unavailability figures: 0.01,
0.001.
The production availability is estimated by the ratio: estimated production for a given
period/planed production for the same period.
Common mode failure (cause)
They are the failures, events or situations which simultaneously affects the operation of several
components or systems. They are in particular, the main factors which limit the benefit of
redundant or back-up systems.
Examples: human factors, same locations, environment, external events, crude or products
characteristics, common technology, common MANUFACTURER.
Failure cause
The description of the event or situation which causes a failure of a component or system.
Example: corrosion, erosion, fabrication flaw, excessive charge, faulty operation, etc.
Failure mode
The description of the malfunction of a system or component in relation with its functions.
Example for a valve: failure to close, failure to open, internal leakage, external leakage.
Failure rate
The probability for a system or component to fail at a given time, given it has not failed so far.
It is estimated from the maintenance records of similar components. The failure rate of
component is generally assumed constant (this implies that it is correctly operated). However, in
some case, a time dependent failure rate has to be estimated, in particular for failure
mechanisms such as wear-out, corrosion or erosion.
The overall failure rate of a redundant system is time dependent.
GS EXP 403 Rev: 02
Appendix 1
FME(C)A (Failure Mode, Effects (and Criticality) Analysis)
Systematic inductive method which aims at identifying the failures causes, the failures modes
and detection means of failures of systems or components as well as their effects on the
systems under study and other systems which may be affected (criticality being ranked
according to the frequency and gravity of failures).
The FME(C)A is based on the breakdown of the system under study into different sub systems,
components or functions. The results are presented in tables.
Fault tree analysis
Systematic deductive method that aims at identifying the causes and combinations of causes
which may induce a given unwanted event. It is drafted under the form of a graph structured
with logical symbols: and, or gate namely. The analysis starts from the top unwanted event
down to more and more detailed causes.
The Fault Tree may be used on a qualitative manner and is generally considered as an effective
support for discussion.
The Fault Tree is an effective modelling technique for the probability calculations of the top
event, based on the probabilities of the primary events deducted from the analysis. It allows
sensitivity and uncertainties calculations.
HAZID (Acronym for HAZard IDentification)
Systematic inductive method which aims at identifying the causes, detection means, and the
potential for escalation of the incidents which might occur on the system under study, as well as
the active/passive precautions which aim at reducing their frequency or mitigating their
consequences.
The HAZID is based on a breakdown of the system under study into different sub systems,
components or functions. Its performance is helped by the systematic using of checklists. The
results are presented in tables.
Maintainability
The probability for a system or a component to be repaired at a given time after its failure, in
given conditions.
The maintainability is a function of the time which varies from 0 at t = 0, to 1 at t = .
The Mean Time To Repair (MTTR) is frequently used for defining the maintainability of
components; it is estimated from the maintenance records of similar components.
The MTTR, and the repair rate:
(t) are different expressions of the maintainability M(t) of

components and systems:
(t)dt = M(t) 1
dM(t)
- ; MTTR =
-
0
M(t))dt (1
In most cases, the repair rate of components is assumed constant, so as to simplify the
calculations, in those cases only:
= 1/MTTR. For individual components, or given failure

causes of systems, the repair time is generally within min. and max. limits, with an average
value and cannot be modelled by a constant repair rate, but more preferably by a lognormal
distribution. For an element made of several components, the average repair rate of the element
GS EXP 403 Rev: 02
Appendix 1
generally fit well with a constant value. Attention should be paid to the maintainability modelling,
when it is of importance in the availability calculations.
Monte Carlo simulations
Mathematical technique which consists in the performance of successive calculations of the
same model with different values of the input data chosen randomly. Statistical treatments of the
results allow the estimation of average values and dispersion parameters. This is, in fact,
equivalent to the simulation of a number of lifecycles of the modelled system.
Monte Carlo simulation is frequently used when analytical models are not practicable and/or to
evaluate the uncertainties of the results from analytical models, and/or to evaluate the
parameters related to the stochastic behaviour of the system under study.
Markov graph
Analytical technique which consists in the description in the form of a graph of the set of linear
differential equations representing the behaviour of a system from a reliability point of view. The
graph makes appear the different states (working, repair, etc.) which may be experienced by a
system and the transitions (failure rate, repair rate, etc.) between these states. In practice, only
constant failure rates and constant repair rates are practically handled in a Markov model.
Markov models allow to calculate the time-dependent values of the output parameters as well
as their limits.
Petri nets
Graphic technique which consists in the description of the behaviour of systems and
components, based on symbols such as: places, arrows and conditions. A graph may be made
of several nets which exchange messages. A given state of the system is represented by the
marking of the relevant places of the graph. In availability calculations, the Petri nets model is
associated to Monte Carlo simulations.
The main advantage of the Petri nets technique is its flexibility for representing the various
reliability aspects of the systems. It handles deterministic values and any kind of probabilistic
distribution of the input parameters.
The drafting of Petri nets requires in depth expertise.
Reliability
The probability for a system or component to perform its function for a given period of time, in
given conditions.
The reliability is a function of the time which varies from 1 at t = 0, to 0 at t = .
The probability of failure = 1 - reliability, is frequently used in reliability calculations as it is more
sensitive to the improvements.
When the probability of failure is low, it tends toward the frequency of failure.
The Mean Time Between Failures (MTBF) is of common use, although it may be misleading.
The MTBF, the failure rate (l), and the reliability (R(t) are different expressions of the reliability
of systems and components:
R(t)
dR(t)
(t)dt - =
; MTBF =
0
R(t)dt

GS EXP 403 Rev: 02
Appendix 1
It is recommended to use the MTBF only for components whose the failure rate (l) is not time-
dependent. In that case only, l = 1/MTBF.
Reliability block diagram
Graphic technique which consists in the description of the reliability of a system by block
diagram. Non redundant sub systems are drafted in series, and redundant subsystems are
drafted in parallel. The reliability calculations consist in solving the set of analytical equations
valid for the series and redundant subsystems. Monte Carlo simulations may also be applied to
the set of equations.
The advantage of the reliability block diagram is simplicity and direct description of the system
under study. Drawbacks are assumptions required for the practical solving of the set of
equations, and tendency to disregard the common mode failures of redundant systems.
A block diagram may always be translated into a fault tree diagram.
Its using is recommended only for coarse reliability evaluations or at an early stage of a study
when other techniques are used later for more comprehensive modelling of the systems.
"What if"
Generic method which aims at identifying in a systematic manner the hazards of a system, the
possible consequences and the related precautions. Its performance is helped with the using of
checklists. HAZID, HAZOP, or FMEA are "what-if" methods.

GS Exp 403

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GS Exp 403

Uploaded by

Copyright:

Available Formats

Exploration & Production

(t) are different expressions of the maintainability M(t) of

= 1/MTTR. For individual components, or given failure

You might also like