Integrated Software Dependent Systems - ISDS · OS D-203, Integrated Software Dependent Systems…...
Transcript of Integrated Software Dependent Systems - ISDS · OS D-203, Integrated Software Dependent Systems…...
Integrated Software Dependent Systems - ISDS Digital Ship - October 2012
© Det Norske Veritas AS. All rights reserved. 2
Purpose of this presentation
With this presentation we would like introduce ISDS by addressing three questions:
Why has DNV developed ISDS?
What are the key benefits with ISDS?
How has the industry responded to ISDS?
© Det Norske Veritas AS. All rights reserved. 3
Agenda Why has DNV developed ISDS?
What are the benefits with ISDS?
How has the industry responded to ISDS?
© Det Norske Veritas AS. All rights reserved.
Software dependency changes the risk picture for advanced ships and rigs
DNV’s customers are often facing challenges when: - Developing philosophies for testing and integration of software - Identifying root causes for failures and managing “repairs” - Qualifying and assessing suppliers and personnel working with systems and software
INTEGRATED DP/MANOEUVRING/NAVIGATION
THRUSTER CONTROL
SHIP SERVICE SYSTEMS, BALLAST
MACHINERY CONTROLS, PMS
(PORT/STBD SPLIT)
PROPULSION CONTROL AND MONITORING
HVAC CONTROL
SAFETY STATION w/LARGE SCREEN
GAS TURBINE CONTROL AND MONITORING
INTEGRATED MACHINERY CONTROL AND MONITORING, PMS, FLUID CONTROL, HVAC
INDEPENDENT COMM. BUS(ES) FOR MANUAL PROPULSION CONTROL
INTEGRATED DP/MANOEUVRING/NAVIGATION
THRUSTER CONTROL
SHIP SERVICE SYSTEMS, BALLAST
MACHINERY CONTROLS, PMS
(PORT/STBD SPLIT)
PROPULSION CONTROL AND MONITORING
HVAC CONTROL
SAFETY STATION w/LARGE SCREEN
GAS TURBINE CONTROL AND MONITORING
INTEGRATED MACHINERY CONTROL AND MONITORING, PMS, FLUID CONTROL, HVAC
INDEPENDENT COMM. BUS(ES) FOR MANUAL PROPULSION CONTROL
INTEGRATED THRUSTER CONTROL SYSTEM- DYNAMIC POSITIONING- POSMOOR- AUTOSAIL- OPERATOR CONTROL
SYSTEMINTEGRATED MONITORING & CONTROL SYSTEM- EXTENSION ALARM- PROCESS CONTROL
POWER GENERATION& DISTRIBUTION
PROCESS CONTROL STATION
PROPULSION
WIND SENSORS
VRU
GYRO
BACK-UPSYSTEM
SAFETY SYSTEMEMERGENCY SHUTDOWN
FIRE & GAS
ENERGY MANAGEMENTSYSTEM
AZIPOD
INFORMATION MANAGEMENTREMOTE DIAGNOSTIC
DRILLING DRIVESYSTEM
PLANTNETWORK
CONTROLNETWORK
FIELDBUSNETWORK
© Det Norske Veritas AS. All rights reserved.
Non Productive Time (NPT) is a serious problem drilling units
Source: Third Annual Benchmarking Report, Athens group & ModuSpec, 2011, DNV analysis
Acceptable level
5
© Det Norske Veritas AS. All rights reserved.
Software related issues are seen as major NPT causes
Source: Third Annual Benchmarking Report, Athens group & ModuSpec, 2011, DNV analysis
The ISDS standard addresses these issues directly
6
© Det Norske Veritas AS. All rights reserved. 7
Software is critical for operations in the maritime and energy industries - the listing of a converted tanker is an illustrative example
In 2002 a converted tanker almost sank due to malfunction of the ballast system
The ship stabilized at a 32 degrees since the cargo tanks were only using 1/3 of the capacity
DNV supported the investigation panel that was set up to identify the cause of the incident
Inadequate programming of the valve control system was identified as the root cause of the malfunction of the ballast system
© Det Norske Veritas AS. All rights reserved. 8
DNV found that a software failure was the root cause 1. The incident was triggered by a failure in the main
generator
2. Except from the valve control system, all other systems responded correctly to the power failure
3. In the valve control system a Programmable Logic Controller (PLC) unit misinterpreted the 0 mA signal
4. The software error in the PLC caused all valves to open - which destabilized the ship
The circumstances of this failure are not unique:
The PLC software was delivered by a globally recognised leading supplier of control systems
The original software had been modified by a sub-supplier
No one ever checked the supplier that programmed the error into the system
The errors were not picked up in the performed tests
© Det Norske Veritas AS. All rights reserved.
ISDS has been developed through application on real-life projects
2012
9
3rd ISDS release
• DNV-OS-D203 made “permanent”
• Continuous improvement through regular updates is key for our strategy
Class pilot project for Dolphin Drilling
2008 & 2009
1st ISDS release
• DNV launches the Recommended Practice, RP- D201, in 2008
• Gathered experience from 10+ projects for: - Drilling rigs - Advanced ships and offshore assets
Vendor GAP assessments and pre-qualifications
2010
2nd ISDS release
• Offshore Standard (tentative) OS-D203 launched in April
Pilot project for Seadrill
4th ISDS release
• Revised OS planned to be launched April 2012: - Predefined scope - «Ease of use» - Improved requirements for units in operation
Songa - Cat D Fred Olsen Energy - CS60E
2011
© Det Norske Veritas AS. All rights reserved. 10 © Det Norske Veritas AS. All rights reserved Slide 10 05 November 2012
OS D-203, Integrated Software Dependent Systems…
A Process Model describing best management and technical practices for software development and systems integration
- Promotes practices proven effective in other industries - Establishes common expectations for quality assurance
Targeted to offshore units and special ships built to a new or an established design – uses appropriate terminology, organization, etc.
Based on similar models accepted in other industries, e.g., - CMMI: aerospace - ISO/IEC 15504 (SPICE): automotive - IEC 61508, Part 3: railways - ISO 9001: quality management systems
© Det Norske Veritas AS. All rights reserved.
ISDS is a set of best practices to manage software intensive projects
Five responsibilities:
Owner System Integrator Operator Supplier Independent Verifier
Four confidence levels:
CL0 CL1 CL2 CL3
Lifecycle of five phases:
A. Concept
B. Engineering
C. Construction
D. Acceptance
E. Operation M0 M1 M2 M3 M4 M5
O O O
14 process areas >150 activities
© Det Norske Veritas AS. All rights reserved. 12
ISDS Classification Approach Initial comprehensive process assessments
- Determine if the organizations have processes in place that are capable of meeting ISDS requirements
- All project organizations within ISDS scope
Organizations develop action plans to address gaps
DNV reviews and approves action plan
Assessed organization implements actions
DNV Re-assesses organization - Re-assessments accompany project progress - Confirm that actions were completed - Confirm that ISDS required activities were performed
Specific work products are reviewed in more detail as part of product verification activities
DNV prepares a summary report on each organization for every milestone meeting
© Det Norske Veritas AS. All rights reserved.
The requirements are grouped in 13 Process Areas 1. Requirements Engineering (REQ): Activities needed to define, document and manage the requirements
relevant for systems and software. 2. Solution (SOL) and 3. Design (DES): Activities that will produce software architecture, models, description of interfaces. 4. Implementation (IMP): Covers the coding and parameterization needed to develop the software modules 5. Acquisition (ACQ): Activities related to subcontracting to suppliers and sub-suppliers: proposals, invitation to
tender, supplier selection, contract establishment, contract execution, supplier monitoring, deliverables reception, verification and acceptance.
6. Integration (INT): Covers the assembly of the unit (ship, rig etc.) and interface control activities. 7. Verification (VER) and 8. Validation (VAL): V&V activities that each system complies with specification and fulfils its intended use. 9. Reliability, Availability, Maintainability and Safety (RAMS): Activities aiming at identifying and satisfying the
expected system requirements that are not necessarily described as functions of the system. 10. Project Management (PM): Activities required to include systems and software into the overall planning,
monitoring, and controlling of the project. 11. Risk Management (RSKM): Activities related to identifying, qualifying, mitigating and tracking product and
project risks related to systems and software. 12. Process and Quality Assurance (PQA): Activities related to process management and quality assurance, to
ensure that the activities required by this standard are executed in a manner consistent with the defined and expected level of quality.
13. Configuration Management (CM): Covers activities to ensure integrity and consistency of all the work products of the system (ISDS Elements, specifications, documentation, interfaces etc.).
13
© Det Norske Veritas AS. All rights reserved. 14
Example – Activity Characterization from Assessment
Engineering Disciplines Support DisciplinesREQ SOL DES IMP ACQ INT VER VAL RAMS PM CM PQA RSKM
A.1 M M M H L H L L L H LA.2 H M L H M M M M M MA.3 M H NA NA M H NA HA.4 H M M MA.5 M HA.6 L MA.7 MA.8 LB.1 M L NA H L M H L M M M MB.2 M M M H M H H M NA NA HB.3 H H NA H NA NA HB.4 L M NA H NA NAB.5 H NAB.6 HC.1 H M NA NA H M M H L NA M MC.2 M NA H M H L NA NA HC.3 NA H L H L NAC.4 L H H M NA MC.5 M H M LC.6 L NA NAC.7 M M MC.8 NAC.9 NAD.1 M H H L M M M MD.2 H HD.3 H HD.4 NA MD.5E.1 M M H M M L LE.2 M ME.3 H HE.4 H
A: Concept
B: Engineering
C: Construction
D: Acceptance
E: Operations
(Confidence Level 2, responsibilities: operator, owner, system integrator)
© Det Norske Veritas AS. All rights reserved. 15
Agenda Why has DNV developed ISDS?
What are the benefits with ISDS?
How has the industry responded to ISDS?
© Det Norske Veritas AS. All rights reserved. 16
The ISDS notation creates benefits for owners, yards and suppliers
Owner
Reduced risk for delays in new-build project and delayed operation Reduced risk for downtime caused by software in the operational phase Improved processes for maintenance and upgrades throughout the life-cycle DNV business case shows benefits in the 6 to 20 MUSD range by applying ISDS for a new-build project
Yard
Early engagement from owner and suppliers Clearer interfaces Higher probability of on time delivery Less rework during commissioning Less problems during guarantee period Lasting improvement in system integration process from project to project
Supplier
Improved specifications and clarity about their responsibilities and expected deliverables Early findings of potential problems More efficient documentation and verification activities Lasting improvement in software quality from project to project
Benefits are documented in published data and DNV experience from several projects
© Det Norske Veritas AS. All rights reserved.
The ISDS standard can create substantial value also for yards and suppliers
Sources: SEI Report:: Performance Results of CMMI-Based Process Improvement, August 2006 Capers Jones, Software Quality and Software Economics, Software Tech News, April 2010 Barry Boehm, Software Engineering Economics, Prentice Hall, 1981 F. Shull, Victor, Basili, et al., What We Have Learned About Fighting Defects, IEEE Symposium of Software Metrics, 2002 David Card, Managing Software Quality with Defects, Crosstalk, March 2003
…and for the owner’s project
• DNV’s approach reduces the likely delay of
reliable operation by 1 month relative to base case (incl. HIL)
• Estimated value of avoiding delay is $15 million – assuming $ 500k per day in avoided costs
Requirements
Design Code Software Test
FAT
(2 mo.)
Commissioning
(6 mo.)
Rework of Defects
Typically Internal to Supplier
Operation
(7 mo. Delay)
LatentCriticalDefects
Start ofReliable
Operation
Lasting improvements for yards and suppliers…
Studies of long-term effects provide evidence on performance improvements
Cost reduction: 34% Schedule accuracy: 50% Productivity increase: 61% Quality improvement: 48%
Example: Automation systems developed by ABB that are complex, and include HW and SW Improvements over a 2 years period:
Cost reduction: 30% Return on investment: 5:1
© Det Norske Veritas AS. All rights reserved. 18
Agenda Why has DNV developed ISDS?
What are the benefits with ISDS?
How has the industry responded to ISDS?
© Det Norske Veritas AS. All rights reserved.
The group of ISDS adopters is growing
- Statoil has applied DNV’s methodology widely on fixed drilling unit upgrades
- Total has applied ISDS for IWOCS and FPSO (CLOV project)
- Seadrill piloted the ISDS method (see Offshore Engineer Oct. 2010)
- Dolphin Drilling piloted ISDS class notation (see Upstream Online Feb. 2011)
- Dolphin Drilling are building with a full ISDS class notation at HHI
- Songa are building with a full ISDS scope at DSME (see Offshore April 2012)
- NOV have pre-qualified their sites in Norway and USA for ISDS deliveries
19
© Det Norske Veritas AS. All rights reserved.
One of our strongest reference cases was published in October 2010 - on a project with did for Seadrill on an advanced rig upgrade
Link: http://interactive.offshore-engineer.com/DigitalAnywhere/viewer.aspx?id=22&pageId=46&refid=105356&s=undefined
‘They look at the system as an integrated whole and tend to know what to look for when they come out to check if it is working properly.’ - Steve O’Leary, technical services director at Seadrill ‘Our strategy is to prevent software defects from getting deployed in the first place.’ - Steve O’Leary, technical services director at Seadrill
20
© Det Norske Veritas AS. All rights reserved.
Dolphin Drilling / Fred. Olsen Energy will receive the world’s first ISDS class notation certificate
“This DNV initiative is very welcome” - CEO of Fred. Olsen Energy ASA, Ivar Brandvold
“We recognize the new standard as an important contribution to the further quality assurance of our entire business,” - Technical Manager, Ken Myhre
“ISDS creates a win-win situation for all those involved, including the operator, the rig owner, the yard and suppliers, and should contribute significantly to improved health, safety and environmental performance.” - Technical Manager, Ken Myhre
21
© Det Norske Veritas AS. All rights reserved.
Songa are building with a full ISDS scope at DSME
“Statoil is working hard to utilize new technology to increase recovery and extend the life of the fields on the Norwegian continental shelf. We are applying innovative thinking on everything about the Cat-D midwater rigs. This requires solid change management processes, and ISDS will help us do that” - Jan Magne Gilje, technical coordinator for Cat-D in Statoil
“Aside from the potential for software glitches to delay a project, they can ultimately be dangerous to those on board. Therefore, we all want ISDS to be successful” - Steven Durham, Songa's Cat-D project director
“ISDS will not solve all problems but it will hopefully improve the situation. If we can get a 50% improvement in software-related delays during commissioning, then it will be a big success, especially given the complex nature of such projects and their time limits” - Sverre Fjereide, project controls manager for DSME
"It is definitely time for this to happen now” - Jon Fredrik Lehn-Pedersen, Kongsberg's general manager for drilling and offshore automation
Link: http://www.offshore-mag.com/articles/print/volume-72/issue-4/drilling-and-completion/software-standard-gains-momentum-with-new-drilling-rigs.html
22
© Det Norske Veritas AS. All rights reserved. 23
Safeguarding life, property and the environment
www.dnv.com