Why are we more worried about shark attacks and plane crashes than cancer or car accidents? Life requires us to constantly calculate the odds and yet we're just not very good at it. One of the reasons? Dealing with uncertainty or lack of information isn’t “common sense.”
Various international standards and regulations require or provide guidance for assessing the risk of a pipeline failure, so that effective integrity management decisions can be made. Although the risk assessment approaches are varied, there seems to be one clear winner when modeling pipeline risk. So why aren’t pipeline operators adopting it?
“[T]he continuing occurrence of significant pipeline incidents points to a continuing need for operators to upgrade their tools for risk assessment and risk management.” – PHMSA Risk Modeling Work Group
Risk Model Types
Using the most common definition of risk (risk = probability x consequence), let’s discuss the four types of risk models being employed by the pipeline industry today. For hazardous liquid and natural gas pipeline systems, the undesired event is a pipeline failure that results in the release of product.
Likelihood is the probability of failure due to pipeline threats and consequence is the severity of impacts experienced by humans and the environment because of said pipeline failure. Understandably, the failure mode (leak vs rupture) and location of the failure significantly impacts the consequence.
The following table was reproduced from a guidance document published by PHMSA’s Risk Modeling Work Group.
|
Risk Model Category |
Inputs |
Outputs |
Algorithms |
|
Qualitative / Subject Matter Expert (SME) |
Qualitative |
Qualitative e.g. (low, medium, high) |
Matrix or decision tree mapping inputs to outputs |
|
Relative / Index |
Qualitative and Quantitative |
Quantitative, unitless e.g. 8 |
Risk index scoring |
|
Quantitative Risk |
Quantitative |
Quantitative, with units e.g. 0.0001 failures per mile per year |
Quantitative System |
|
Probabilistic Risk (a subset of Quantitative) |
Quantitative, including probability distributions |
Probability distributions |
Quantitative System |
Qualitative and Relative
Qualitative and relative models both use qualitative inputs. While qualitative models produce an output range, relative risk models may produce a discrete unitless risk score. Although these models don’t provide an understanding of the “true” pipeline risk, if an operator’s goal is simply to “risk-rank” their pipelines, this can be an effective tool.
Quantitative
For quantitative risk models, inputs and outputs are expressed in meaningful terms e.g. probability of failure. This approach aims to utilize real values that reflect physical reality e.g. corrosion growth rates. To that end, quantitative models can more effectively utilize information gleaned from integrity assessments e.g. inline inspection data, evaluation and repair results.
Because a quantitative system model represents the physical and logical relationships of model inputs, candidate risk reduction measures at different locations along the pipeline can be compared via realistic quantitative estimates. Additionally, a benefit-cost analysis can more easily be performed for risk reduction measures e.g. quantifying how reducing an inspection interval could lower risk.
Probabilistic
Probabilistic models are a type of quantitative model; however, they use probability distributions to account for uncertainties in model inputs. Probabilistic risk models are considered a best practice for supporting all decision types.2
The figure below graphically illustrates how the probability of failure can be calculated using probabilistic descriptions of the pipe properties, condition and imposed loads.
The probability of failure due to corrosion, for example, can be calculated using a model that determines the pressure resistance of corroded pipe, and statistical characterizations of the internal pressure, yield strength, wall thickness, and corrosion severity.
Qualitative vs. Quantitative
Quantitative models are perceived as being excessively complex and requiring significant additional data. However, qualitative models typically use the same or in some cases, less data than quantitative models.
The heavy lifting comes from developing and implementing the quantitative model upfront. However, because the model utilizes quantitative values as inputs, once the quantitative risk model is set up, running the model can be automated, freeing up valuable resources. And because it doesn’t rely on SME input, a risk score can be calculated in real time.
Dealing with the Unknown
Probability Distributions for Uncertainty
Due to their nature, uncertainties due to tool tolerances and other risk model inputs, such as corrosion growth rates, excavation damage statistics, and equipment reliability can be represented by input probability distributions, which may be propagated through the risk model along with other inputs to give an output distribution for probability of failure that more accurately portrays risk.
The time-dependent C-FER threat models that are being incorporated into CIM uses Monte-Carlo simulations to perform probabilistic calculations. The probability of failure is then calculated by assessing the defects reported by the ILI, allowing for a direct connection between integrity actions and risk estimates.
Utilizing Failure Data for Unknown Threat POFs
Reliability-based models are created for those threats where quantitative condition data can be leveraged i.e. external corrosion, internal corrosion, stress corrosion cracking and third party/mechanical damage. (Reliability is also a type of quantitative risk model.) For threats that cannot leverage such data, historical-based models derived from PHMSA failure data and attribute-based adjustment factors are utilized to deal with the unknowns involved with these threats.
These historical-based models are designed to return results that reflect how each pipeline compares to those across the industry. The historical-based models, while requiring some subjective inputs, have been calibrated to produce failure rates relative to those implied by the PHMSA incident database. Key reliability-based models have also been validated by simulating the conditions of 3.5 million mile-years of pipeline to ensure their results align with the industry-average failure rate.
Verified Engineering Models
Each pipeline threat should be assessed using a collection of verified engineering models from standards and industry research (e.g., API 579 or the CSA Z662 Annex O mechanical damage models). Using known models allows for greater transparency and defensibility of the outputs. This is in stark contrast to qualitative models, which allow for greater SME influence at the expense of objectivity.
Accurately assessing risk is paramount to improving pipeline safety. At OneBridge, our aim is to help oil and gas pipeline operators predict and prevent pipeline failures, address regulatory compliance requirements, reduce operational costs, protect the environment and, ultimately, save lives. Click here to learn more about OneBridge’s Risk Management module within CIM.
