The Management of Drilling-Engineering and Well-Services Software as Safety-Critical Systems

Abstract

Summary Routinely, specialist software is used to perform tasks such as casing design and directional collision-avoidance scans. If undetected, a serious failure in the development or use of any one of these products could result in loss of life or catastrophic environmental damage. Such an event would jeopardize the oil company's licence to operate (Thorogood 1994) and would seriously damage the software vendor's credibility. The drilling-and well-services software industry has matured over the last 5 years. During this period we have witnessed many commercial and technical changes, including further consolidation of the oil majors, the meteoric growth of Web-based tools, and the increased complexity of the software and types of wells being drilled. Commercial pressures also mean fewer resources are available to perform these tasks. Unless managed, it is clear these changes greatly increase the risk of a serious incident. BP and Landmark have conducted a series of joint audits to gain a detailed understanding of both the operator's and software vendor's working practices in relation to this software. The paper contains a description of the conclusions and actions arising from the audits. Desired improvements in testing, core competencies, and independent verification were identified. Details of the audit process are included to enable other parties to conduct similar audits for themselves. The risks and potential loss imply that critical applications should be managed formally as "safety-critical systems." It is also concluded that close collaboration between operators and software vendors is needed for the management process to be effective.