Official report: BP oil spill IT systems lacked key alarms

Deepwater Horizon engineers couldn’t track warning signs on industry standard systems

BP's monitoring IT systems on the failed Deepwater Horizon oil rig relied too heavily on engineers following complex data for long periods of time, instead of providing automatic warning alerts.

That is a key verdict of the Oil Spill Commission, the authority tasked by US President Barack Obama to investigate the Gulf of Mexico disaster. It also criticised decisions to ignore cement modeling tests, as well as other cementing and management strategies.

Three weeks ago, the US government launched a $21.1 billion (£13.5 billion) lawsuit against BP and its drilling partners, alleging that they had "failed ... to use the best available and safest drilling technology" to monitor pressure in the well.

The explosion on the rig, last April, resulted as huge pressure of dangerous hydrocarbons built up in the well. Eleven people died in the accident, and over the following months millions of barrels of oil spewed into the sea until the well was eventually capped.

The OSC said in a chapter released today that the monitoring systems on the rig before the explosion did provide the necessary safety data, including about pressure in the well.

However the systems relied on too much on engineers' astute manual observation of data flows. It also noted that the systems used by BP were standard in the energy industry.

When engineers were tasked with so many simultaneous functions over long work days, they needed much more support from systems. The standard industry ones used by BP were too basic, the OSC noted.

In a chapter of their report, the committee members expressed exasperation that while the industry was regularly conducting highly complex drills in order to satisfy the global demand for oil, IT systems simply have not kept pace with the complications and risks of deepwater drilling.

"In the future, the instrumentation and displays used for well monitoring must be improved," said the OSC. "There is no apparent reason why more sophisticated, automated alarms and algorithms cannot be built into the display system to alert the driller and mud logger when anomalies arise."

The OSC said there was no excuse for drilling companies to be relying on engineers to spot small changes in data - which could lead to severe consequences - when the individuals "sit for 12 hours at a time in front of these displays".

BP used the Halliburton Sperry Sun system and the HiTec system from rig owner Transocean for monitoring and these had provided the right data to demonstrate a "kick" or dangerous rise in pressure was occurring.

But the OSC insisted it was "no longer acceptable" for oil companies to rely on a system that "requires the right person to be looking at the right data at the right time, and then to understand its significance in spite of simultaneous activities and other monitoring responsibilities".

The management style was also criticised, as engineers worked long days handling complex data and technology. In recent weeks, a key engineer on the rig said in testimony that he had stepped away from his safety monitor for a brief cigarette break, and that at this moment he missed the complex warning signs on screen.

The OSC also reiterated its concerns that BP had ignored the results of the Halliburton OptiCem cement modeling software, which had stated that more stabilisers - called centralisers - were needed to support the underwater cement work. It had done so in order to save time, it noted.

But Halliburton, the cement contractor, was also criticised for possibly failing to share data with BP from tests on its cement slurry mix. Its early tests may have shown the mix was not stable, the OSC said, yet it had still continued the cement job.

Meanwhile, investigations have still not uncovered what happened to the blowout preventer, which sits on the well head and is intended to prevent this type of accident. Forensic examinations on the device are continuing. The OSC suggested a lack of proper maintenance of those automated and manual safety devices may be at fault.

The full report will be published next week.

Join the CSO newsletter!

Error: Please check your email address.

Tags BPIT management

More about Halliburton AustraliaHiTecSperry

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Leo King

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts