User talk:Macquigg/Deepwater oilspill prevention

This article is a review of the measures necessary or helpful in preventing offshore oil well disasters. As with many real-world engineering problems, good design requires consideration of both technical and non-technical factors. Technical topics may include surface technologies like floating booms, and subsurface technologies like blowout preventers. Non-technical topics may include regulatory and business issues.

Background information
To understand various solutions to the blowout problem, some basic understanding of deepwater drilling and relevant safety technologies will be helpful.

Deepwater drilling - Here is some information on the well depths, pressures, etc., for the Deepwater Horizon blowout in the Gulf of Mexico, April 2010.

BP diagram of well - showing also the relief wells being drilled alongside.

Oil well pressures - basic facts about "pore pressure" of oil in rock formations. Static pressure could be as high as 17Kpsi, resulting in a lifting force of 17 million pounds on the 36-inch diameter wellhead. No wonder they can't stop it, even with a 30,000 HP pump!

Blowout preventers have been used on land for decades. These devices may need to be modified for deepwater, where access and repair is more difficult.

Blowout_preventer - good general description of Cameron ram-type BOPs, but I would like to see the specific configuration that failed. What was in the stack?

| Design evolution of a subsea BOP, Melvin Whitby, Drilling Contractor, May07 pp.36-8. - lots of detail on a complex control mechanism. My take on this is that their needs to be a simple, direct method that will always work, even if the complex system fails. This could be something like a plug where you can connect an external hydraulic line, and operate the ram directly.

Surface containment technologies are effective with surface spills and calm water. The Deepwater Horizon blowout may have much of the oil not reaching the surface. (need more research)

Floating booms - photos showing typical booms of various sizes.

Operational failures rather than bad engineering design, account for much of what went wrong in the Deepwater Horizon incident.

WSJ article "BP Decisions Set Stage for Disaster", Ben Casselman, Russel Gold (Wall Street Journal, 5/27/2010) - Good discussion of rushed safety checks, a common problem when there is a conflict between management and engineering. Good diagrams of well casing and cement.

Elements of a solution
We cannot count on a blowout preventer or any one measure as our only line of defense. Even if the blowout preventer design is perfect, failures in operations and oversight, and even sabotage, will always be a risk.

Good planning does not depend on any one technique being "perfect". Proper engineering should anticipate almost every failure and have a way to deal with it (again not perfect, but maybe 99.9% reliable).

1) Have several flow regulators (downhole safety valves) at various depths in the well casing. These should be of such simple design that failure is almost unthinkable, and they should be tested at least once a month to ensure that they will work. 2) Have multiple wellheads already in place in case everything goes wrong with the active wellhead. Note: this does not require drilling multiple wells, just extra piping to the alternate wellheads. 3) Re-design the blowout preventer, so that it can be quickly repaired or replaced. Have spare parts, especially an extra riser pipe, ready in a nearby warehouse, to connect an alternate wellhead, and relieve the pressure while replacing damaged parts. 4) Provide a way to quickly insert mud deep in the well, without having to drill a relief well. 5) Practice emergency procedures, so we can be confident that getting the well under control will take no more than 24 hours. 6) Have floating booms ready to deploy, and sufficient pumping capacity to collect all the oil that may come to the surface. The barriers may need a special design to tolerate ocean waves. 7) Have independent oversight of all operations to make sure safety remains the first priority, regardless of delayed drilling schedules.

That last item may be the most difficult, given the sad history of regulated industries acquiring control of the agencies which regulate them. It may require a separate agency free of political control, something like the Federal Reserve Board, with regulators who have lifetime tenure, and can't be fired for doing their job. Yes, the politicians and companies could still ignore the regulators, but they would have to convince the press and the public that the regulator was wrong, or deal with a PR disaster.

Additional Requirements
1a) If a valve cuts off due to "kick" in the well pressure, it must be possible to recover without access to the valve. One possible design is a "constant flow" type of valve that works on the pressure difference across the valve.  In the cutoff state, the valve still lets through a small flow, just enough that shutting off the wellhead will restore pressure on top of the valve, and reset it to normal condition. 2a) The manifold from which the multiple wellheads branch out should be underground, to minimize the risk of sabotage. Likewise, there should be sufficient distance between wellheads that it would take a small nuke to damage them all simultaneously. Sound and motion sensors and a camera should be monitored and recorded from the surface station. 7a) We may need legal restrictions on who can own or operate an oil well that poses an environmental threat, with prior approval of any sale or transfer of operational control.