Management of Change

Management of Change

Definition(s)


Management of Change

A documented management system for review and approval of changes (both physical and process) to pressure vessels prior to implementation of the change. The MOC process includes involvement of inspection personnel that may need to alter inspection plans as a result of the change.

Source: API 510, Pressure Vessel Inspection Code: In-service Inspection, Rating, Repair, and Alteration, Tenth Edition, May 2014, with Addendum May 2017. Global Standards  

Management of Change

A documented management system for review and approval of changes (both physical and process) to piping systems prior to implementation of the change. The MOC process includes involvement of inspection personnel that may need to alter inspection plans as a result of the change.

Source: API 570, Piping Inspection Code: In-service Inspection, Rating, Repair, and Alteration of Piping Systems, Fourth Edition, February 2016, with Addendum May 2017. Global Standards

Management of Change

A change control process that is implemented to safely manage variation in people, organization, practices, procedure, equipment, or materials in the approved plan or guideline.
  • NOTE: A MOC process ensures that changes (and the resulting risks, if any) are reviewed, evaluated, approved, and documented by the responsible and accountable parties (prior to initiating or continuing the operation.
Source: API  Bulletin 97, Well Construction Interface Document Guidelines, First Edition, December 2013. Global Standards
Lease Operator

Lease Operator

Definition(s)


Lease Operator

The individual, partnership, firm, or corporation having control or management of operations on the leased area or a portion thereof. The lease operator may be a lessee, designated agent of the lessee(s), or holder of operating rights under an approved operating agreement. Source: API  Bulletin 97, Well Construction Interface Document Guidelines, First Edition, December 2013. Global Standards
Drilling Contractor’s Safe Work Practices

Drilling Contractor’s Safe Work Practices

Definition(s)


Drilling Contractor's Safe Work Practices

Drilling contractor's rig practices (as part of their management system) intended to minimize the risks associated with operational, maintenance, and modification activities. Source: API  Bulletin 97, Well Construction Interface Document Guidelines, First Edition, December 2013. Global Standards
Drilling Contractor

Drilling Contractor

Definition(s)


Drilling Contractor

The company under contract with the lease operator to provide a rig, and associated rig personnel, needed to perform the well construction activities. NOTE In some instances the rig may be provided by the lease operator; however, it is normally operated by a drilling contractor. Source: API  Bulletin 97, Well Construction Interface Document Guidelines, First Edition, December 2013. Global Standards
SICP

SICP

Definition(s)


SICP

Shut-in Casing Pressure. Source: Deepwater Well Control Guidelines. IADC Guidelines Source: IADC UBO / MPD Glossary, December 2011. Global Standards
AP

AP

Definition(s)


AP

Annulus Pressure. Source: Deepwater Well Control Guidelines. IADC Guidelines  

AP

Access Point. Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards
SSSV System Equipment

SSSV System Equipment

Definition(s)


SSSV System Equipment

components which include the surface-control system, control line, SSSV, safety valve lock, safety valve landing nipple, flow couplings and other downhole control components [SOURCE: ISO 10417] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Subsurface-controlled Subsurface Safety Valve SSCSV

Subsurface-controlled Subsurface Safety Valve SSCSV

Definition(s)


Subsurface-controlled Subsurface Safety Valve SSCSV

SSSV actuated by the characteristics of the well itself Note 1 to entry: Note 1 to entry: These devices are usually actuated by the differential pressure through the SSCSV (velocity type) or by tubing pressure at the SSCSV (high or low pressure type). [SOURCE: ISO 14723] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Surface-controlled Subsurface Safety Valve SCSSV

Surface-controlled Subsurface Safety Valve SCSSV

Definition(s)


Surface-controlled Subsurface Safety Valve SCSSV

SSSV controlled from the surface by hydraulic, electrical, mechanical or other means Note 1 to entry: The SCSSV is sometimes called DHSV (downhole safety valve). [SOURCE: ISO 14723] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Subsea Isolation Valve

Subsea Isolation Valve

Definition(s)


Subsea Isolation Valve

SSIV SIV valve which closes within a defined time limit derived from the risk assessment in order to reduce consequences of pipeline/riser leak or rupture Note 1 to entry: The SSIV can be an actuated valve (e.g. remotely controlled subsea valve) or a non-activated valve (subsea check valve). An activated valve is normally designed as fail safe (i.e. closes and remains closed on all failures external to the valve and actuator themselves). Note 2 to entry: Where the flexible risers are connected directly to the subsea wellhead, the master and wing valve may be considered to represent the SSIV function. [SOURCE: ISO 14723] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
HIPPS Valve

HIPPS Valve

Definition(s)


HIPPS Valve

valve used as a final element in a HIPPS system. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
High Integrity Pressure Protection System

High Integrity Pressure Protection System

Definition(s)


High Integrity Pressure Protection System

HIPPS HIPS exclusively devoted to protection against overpressure Note 1 to entry: Alternative terminology: over pressure protection system (OPPS). Note 2 to entry: A HIPPS can be used as an alternative to, e.g.: • full pressure rating of downstream equipment, or • adequately sized mechanical pressure relief devices, or • design the disposal system for simultaneous reliefs. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
High Integrity Protection System

High Integrity Protection System

Definition(s)


High Integrity Protection System

System composed of sensors, logic solvers, and final control elements for the purpose of taking the process to a safe state when predetermined conditions are met.
  • NOTE: Other terms commonly used for a SIS include emergency shutdown system (ESD, ESS), safety shutdown system (SSD), and safety interlock system (see E.3.3.1).
Source: API STD 521, Pressure-relieving and Depressuring Systems, Sixth Edition, January 2014. Global Standards

High Integrity Protection System

HIPS Non-conventional autonomous safety instrumented system with sufficiently high safety integrity (see 3.2.1) to protect equipment against exceeding the design parameters
  • Note: 1 to entry: Deviations from industry standards describing mechanical protection systems (e.g. ISO 23251[31] = API
STD 521[32], ISO 10418[33], API RP 14C[58]) are treated as HIPS. An ultimate protection relying solely on Safety Instrumented Systems (SIS) is qualified as HIPS, irrespective of its required Safety Integrity Level (SIL). Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Functioning Analysis

Functioning Analysis

Definition(s)


Functioning Analysis

set of activities aiming to analyse how an item performs as required Note 1 to entry: This is the counterpart of the dysfunctioning analysis which aims to analyse how an item fails when the functioning analysis aims to analyse how an item works by, e.g. identifying, sorting out and characterizing the various functions related to the item. Note 2 to entry: The term “functional” analysis is often used as a synonym of “functioning” analysis. However, the term “functional analysis” which has several meanings is not used in this Technical Report to avoid confusion. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Formal Language

Formal Language

Definition(s)


Formal Language

set of words, semantics and logical rules with sound mathematical properties Note 1 to entry: Programming languages are an example of formal language with mathematical properties allowing them to be compiled into computer executable code. Note 2 to entry: Every reliability model has an underlying formal language behind the graphical elements (e.g. the Binary logic for Boolean models).   Note 3 to entry: Specific formal languages have been developed to model the functioning and the dysfunctioning of industrial systems (e.g. AltaRica[11][12]). According to their powerfulness of modelling and their mathematical properties they can be compiled toward event trees, fault trees, Markov graphs, Petri nets, accident sequences, etc. Some of them can also be directly used for Monte Carlo simulation. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Dysfunctioning Analysis

Dysfunctioning Analysis

Definition(s)


Dysfunctioning Analysis

set of activities aiming to analyse the dysfunctions of an item Note 1 to entry: This is the counterpart of the functioning analysis which aims to analyse how an item works when the dysfunctioning analysis aims to analyse how an item fails by e.g. identifying, sorting out, characterizing and/or evaluating the probability of occurrence of the dysfunctions. Note 2 to entry: The term “dysfunctional” analysis is often used as a synonym of “dysfunctioning” analysis. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Dysfunction

Dysfunction

Definition(s)


Dysfunction

impaired or abnormal functioning of an item Note 1 to entry: This term is built from the Greek prefix “dys” (i.e.” with difficulty”) and the Latin term “functio” (i.e. an activity with a given aim). Primarily used in the medical field, this term is now often used within the technological field as a more generic term than “failure” or “fault”. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Critical State

Critical State

Definition(s)


Critical State

in a states-transitions model, state belonging to a given class of states and which is distant from the failure class of states by only one transition Note 1 to entry: This is a mathematical concept in relationship with e.g. Markovian process or Petri nets models. EXAMPLE The states of a safety system can be sorted out into two classes: class OK when the safety action is available and KO when the safety action is inhibited. In this case a critical state with regards to the safety system failure belongs to the class OK and only one failure (i.e. on event) is needed to have a transition to the class KO. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Spurious Action

Spurious Action

Definition(s)


Spurious Action

result of a spurious activation of a safety function Note 1 to entry: A spurious safety action is not necessary safe. An example of spurious action is a spurious trip. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Spurious Activation (of a safety function)

Spurious Activation (of a safety function)

Definition(s)


Spurious Activation (of a safety function)

untimely demand of a safety function when this is not needed Note 1 to entry: The spurious activation of a safety function may be due to the occurrence of one or several safe failures. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Staggered Testing (of redundant items)

Staggered Testing (of redundant items)

Definition(s)


Staggered Testing (of redundant items)

test of several items with the same test interval but not at the same time EXAMPLE Figure 9 shows staggered tests for two item A and B. Note 1 to entry: When the redundant components of a system are tested at the same time (i.e. when the tests are synchronous) their availabilities are good (just after a test) and bad (just before a test) at the same time. This correlation means that the unavailabilities of the components peak simultaneously. This has a detrimental effect on the system availability which can be cancelled by de-synchronizing the tests. A practical way to do that is staggering the tests (e.g. testing one component in the middle of the test interval of the other); the unavailability peaks are also staggered and this improves the average availability of the system.   FIG.9 Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Diagnostic Tests

Diagnostic Tests

Definition(s)


Diagnostic Tests

automatic operations performed at high frequency in order to detect the potential hidden failures as soon as possible when they occur Note 1 to entry: The unsafe failures of safety system are generally hidden and diagnostic tests may be implemented to detect the larger part of them. As the diagnostic cycle is normally short, the hidden failures detected by diagnostic tests are assimilated to immediately revealed failures. [SOURCE: IEC 61508] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Periodic Tests

Periodic Tests

Definition(s)


Periodic Tests

proof tests planned operation performed at constant time interval in order to detect the potential hidden failures which may have occurred in the meantime Note 1 to entry: The unsafe hidden failures of a safety system which are not detected by the diagnostic tests may be detected by periodic tests. Such tests are named “proof tests” in the standards dealing with functional safety (e.g. IEC 61508[2]). [SOURCE: IEC 61508] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Test Policy

Test Policy

Definition(s)


Test Policy

set of procedures describing the various test operations (frequencies and procedures) scheduled to reach the safety requirements of a given safety system Note 1 to entry: The test policy should be thoroughly analysed and modelled to produce relevant probabilistic results. Note 2 to entry: The forecasted probabilistic results established at the design stage are no longer valid if the test policy which has been considered is not thoroughly applied in operation. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Maintenance Plan

Maintenance Plan

Definition(s)


Maintenance Plan

structured and documented set of tasks that include the activities, procedures, resources and the time scale required to carry out maintenance Note 1 to entry: The maintenance plan should be thoroughly analysed and modelled to produce relevant probabilistic results.   Note 2 to entry: The forecasted probabilistic results established at the design stage are no longer valid if the maintenance plan which has been considered is not thoroughly applied in operation. Note 3 to entry: The maintenance plan should cover policies for both preventive maintenance (e.g. testing) and corrective maintenance (e.g. minimize downtime, restore lost redundancy). Note 4 to entry: The maintenance plan is part of an overall Operations and Maintenance plan. It is sometimes called “maintenance policy”. [SOURCE: EN 13306] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Detection Method

Detection Method

Definition(s)


Detection Method

method or activity by which a failure is discovered Note 1 to entry: A categorization of detection methods (e.g. periodic testing or continuous condition monitoring) is shown in ISO 14224:2006[15], Table B.4. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Maintenance Concept

Maintenance Concept

Definition(s)


Maintenance Concept

definition of the maintenance echelons, indenture levels, maintenance levels, maintenance support, and their interrelationships Note 1 to entry: The maintenance concept provides the basis for maintenance planning, determining supportability requirements and developing logistic support. Note 2 to entry: A maintenance echelon is a position in an organization where specified levels of maintenance are to be carried out (e.g. field, repair shop, manufacturer facility). [SOURCE: IEC 60050‑191] Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Multiple Safety Systems

Multiple Safety Systems

Definition(s)


Multiple Safety Systems

safety system comprising several sub safety systems operating one after the other when the prior ones have failed Note 1 to entry: Industrial processes often implement multiple safety systems (safety layers). In this case the failure of an intermediate safety layer provokes a demand on the proximate succeeding safety layer and so on. The accident occurs only if the demand is transmitted until the ultimate safety layer and it fails to operate. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Continuous Mode of Operation Safety System

Continuous Mode of Operation Safety System

Definition(s)


Continuous Mode of Operation Safety System

safety system designed to achieve its safety action permanently Note 1 to entry: With a continuous mode safety system the hazardous event occurs as soon as the safety system fails. This is illustrated in Figure B.1 where the systems states “KO” and “hazardous event” are gathered into a single state. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards
Demand Mode of Operation Safety Systems

Demand Mode of Operation Safety Systems

Definition(s)


Demand Mode of Operation Safety Systems

safety system designed to achieve its safety action only when receiving a specific request from its surrounding environment Note 1 to entry: Such systems spend most of their time in stand-by position but need nevertheless to be ready to work as soon as a demand occurs. Note 2 to entry: Such systems are subject to hidden failures. Diagnostic and periodic tests are generally implemented in order to reveal the corresponding latent faults. Note 3 to entry: When the demand frequency increases, an on-demand mode safety system may be assimilated to a continuous mode of operation systems. Source: ISO/TR 12489:2013(E) Reliability modelling and calculation of safety systems. Global Standards