Sunday, May 23, 2010

The Gulf Oil Spill

As most of you know, I'm an avid sports fan. I'm also a recently graduated engineer, and although you won't find passionate engineering diatribes here often, I feel much the same way about technology and my profession as I do about pucks, baseballs, and hoops.

As with all major man-made catastrophes, no single point of failure can be blamed for the Deepwater Horizon well blowout. Although the circumstances behind the events in the Gulf are much different than those of the Chernobyl nuclear meltdown, both events share a similar background and will likely result in the same effects on American industry.

Chernobyl, though widely known, is not widely understood by most. In condensed form, the story is simple: A test needed to be performed to determine the reactor's ability to cool itself down if there were an external power failure. Like the human heart, the energy produced within the reactor does not power the reactor itself, so external electricity (or, in the heart's case, blood vessels) must power the critical safety and environmental systems. However, the test was delayed due to unexpected power loads, and was moved onto the schedule for a skeleton night shift with a substantially reduced crew of competent engineers. When the reactor was put in an unstable, low-power state to begin the test, problems occurred, pushing the test out of the safety envelope. Seeing this, the engineers demanded an abort, but were pushed, by managers under extreme cost pressures. to continue by removing nearly every fail safe available. This included disabling no less than 10 devices which would have otherwise stopped the meltdown.

Then, the rest is history. The test began, a "power excursion" occurred, and then the poorly engineered RBMK reactor failed. The meltdown happened because the rector was poorly built, poorly shielded, and poorly operated. The meltdown happened because a schedule had to be met, because there were external cost pressures, and because the test was controlled by unqualified engineers. The meltdown happened because, along the line, wrong decisions after wrong decisions, over the course of years, conglomerated. The entire situation was compounded by awful post-incident decision making, allowing national pride to stand in the way of citizen safety.

My point is that there is no single failure locus, as engineers so often say.

The Deepwater Horizon blowout is eerily similar, in this regard. An accelerated schedule, businesspeople exerting financial pressure on engineers, engineers exerting pressure on workers, and a disregard for safety at every level produced a perfect environment for disaster. The catastrophe could have been averted had Transocean and BP discussed their differing methods for capping the well over the course of weeks, not hours. It could have been averted had the lead engineer on the rig forced work to stop after pieces of the blowout preventer came up the drill pipe. It could have been averted had industry best practices been followed, if proper tests and analysis had been performed, and if more careful monitoring had been implemented.

The response has, of course, been contentious. BP, while appearing to be fully engaged in the recovery effort, nevertheless clearly lacked a real contingency for such an event. The two tested options for a well blowout were a functioning BOP cutting off the well, and a relief well. The first option takes 30 minutes, the second three months. The containment dome, the top hat, and the "top kill" procedure have never been tested at such depths, and thus have taken weeks to implement. The government, on the other hand, lacks the resources to suitably manage such an event, and is such at the mercy of BP for mitigation and cleanup.

Much as Chernobyl and Three Mile Island placed a nearly 30-year moratorium on new reactor construction in the United States, the Deepwater Horizon blowout is likely to end offshore drilling in the US for the foreseeable future. However, the correct response demands that drillers have enough safety devices in place to generate more than a single pair of contingency plans. If nothing else, they should be forced to have enough containment boom to PROPERLY boom the coastline which might be affected by a blowout within a couple days, not weeks.

This was easily preventable, despite the great scientific uncertainty that surrounds deep offshore drilling. As an engineer, I find it frustrating that otherwise good technology has, again, been sold out by a string of human errors.

1 comment:

Unknown said...

As an engineer these things bother me, why aren't I in charge of BP I'd do a way better job, and I would be filthy rich