This article points out that people screwed up, which is fine, and also pretty obvious, considering the size of the screw up. But what about BP's corporate culture that would allow people to screw up this badly, and this many times? Isn't that indicative of systemic failure?
Or is it just that people just screw up, no matter the system? If that is the case, and no matter how good the system is, eventually there will be another drilling disaster like this one, it begs the obvious question of whether there should ever be this sort of drilling again.
Just want to point out this is a letter to the editor, not a WSJ-authored article.
As to BP's corporate culture, who is to blame for it's failures - isn't the culture created by humans?
I think the distinction being made here between "human failure" and "systemic failure" is incredibly subtle, since any system has to be created by humans in the first place.
I think many people would really like to blame BP's corporate culture, since it puts the blame on the shoulders of somebody with deep pockets instead of some random schmo with two kids and a mortgage. In fact, I'm certain that this is where the blame is going to wind up, regardless of the merits.
I think you're losing the forest for the trees. Corporations are made up of individuals. Individuals who bear the responsibility and power invested in them by the corporation for whom they work.
If the individual is liable, the corporation is liable, both for having initiated the project in the area, as well as imbuing the individual with the power and responsibility they have.
That's why it's a total non-starter that BP, Transocean and Halliburton appear to be trying to make responsibility evaporate (much like the hydrocarbons on the Gulf) by passing the buck to other parties.
The contract for drilling is in BPs name. It doesn't matter if they hired incompetent drillers (Transocean) to do the drilling. They did the hiring, it's their responsibility.
Good human factors engineering should make human inattention or negligence result in a safe(r) outcome. Clearly these systems are not designed this way and require careful attention to a variety of metrics (if the OpEd is to be believed) in order to proceed in a safe manner.
Given that this is the industry standard, it is morally reprehensible, if not criminal, that more care was not paid to the red flags indicated in the oped, or the clear signs that something was going horribly horribly wrong in their piping operation. Lives were at stake, both of the workers and of the wildlife and aquaculture in the Gulf.
It looks like the systems, ie standard practices, were in place, but that the appropriate practice was overridden at several places. Haliburton did a poor cementing job but BP chose not to fix it. That is BP's failure, not Haliburton's. BP chose to ignore the warnings about pumping out the heavy mud, overriding Transoceanic. BP seems to have a culture of ignoring government regulations, industry practices, and operational warning signs, not to mention going for cheap rather than fully functional safety equipment. The blame for the dysfunctional culture lies squarely on the shoulders of Tony Hayward.
We do have a problem of the regulators being in bed with the regulated. The rig should have been shut down because of violations long before the blowout, just as the WVA coal mine should have been shutdown because of safety violations
There's also been specific allegations that BP's cementing specifications to Haliburton were supar to (we assume) cut costs. E.g. use 4 of X instead of the recommended 20 and that sort of thing.
BP were the architects/designers of the whole affair as well as the entity that made the high level operational decisions like when and how to replace the mud with seawater.
Yes, but what is the ultimate failure condition if everything goes wrong? If everything screws up in a car, you have a chance to pull off the road and you're walking. Even if even more things than that screw up, your steering locks while simultaneously your brakes fail while your wheels fall off, you're going to flip over a few times. Even then, you're just sitting on the ground and still usually in easy reach of rescuers.
Why didn't someone ask, "what if the blowout preventer fails more than a mile under water?" I bet somebody did, but no one listened to them.
EDIT: If it's possible for someone to screw up using the BOP, why didn't they plan for this? The entire industry only needed one TopHat that they knew would've worked.
Questions of system versus human failure are not as fuzzy as they first seem. Systems are just rules-based solutions. If following the rules wouldn't result in the desired outcome, that's clearly a system failure. If the rules are not fault-tolerant, such as when a mistake causes substantial harm, that's a failure of the system; no redundancy.
When the people operating the entire system simply disregard the rules in a massive scale, that's a human failure. No rules-based solution can work, or be blamed, if the people are ignoring it, and "flying by the seat of their pants." All good systems have redundancy/fault-tolerance built in, and will tolerate some cheating. When the people, including the auditors (government employees) choose to throw out the rules, that's a human failure.
That's a good first step, but the next step is to ask why people didn't follow the rules. What sort of pressure were they under and what were their incentives? That's when you start asking questions about corporate culture.
The company is not called British Petroleum since '98 when it changed its name to just BP. It is a true multinational which employs a substantial number of Americans and pays more in tax to the US government than it does to the UK. That rather glaring mistake early indicates the author is not as familiar with the background as perhaps he ought to get published in the WSJ.
There is a short bio for Terry Barr at http://www.samsonoilandgas.com/IRM/content/aboutus_boardandm... he seems to have considerable experience in oil and gas. He only uses the name British Petroleum once and refers to it as BP thereafter, seven times in total in the letter.
Mr Barr was appointed Managing Directors of the Company on 25 January 2005.
Mr Barr is a petroleum geologist with over 30 year's experience, including
11 years with Santos. In recent years, Mr Barr has specialised in tight
gas exploration, drilling and completion and is considered an expert
in this field. Prior to joining Samson, Mr Barr was employed as Managing
Director by Ausam Resources from 1999 to 2003 and as was the owner of Barco
Exploration from 2003 to 2005.
On the other hand politicians in the US are emphasizing the old name for their own agendas ... and I'm not sure you really can get away from your original name when you e.g. try to become Beyond Petroleum as BP's former CEO? put it.
It was a Transocean rig that BP had leased. The US govt has remained very quiet about that, e.g. Transocean will be paying a dividend to its shareholders this year and not a whisper of criticism about that from Obama.
Heck, even the irredeemably eeeevil Haliburton which did the (apparently) failed cementing is getting off easy, so far.
In all fairness, I've read detailed accounts about how BP specified an inadequate cementing, but since when have inconvenient facts like that mattered in D.C.?
Puzzling in a way, though right? I mean this administration didn't hesitate to give AIG and Goldman Sachs very public tongue lashings. What's different about an oil rig company that screwed up?
Very good, and limiting itself entirely to hard facts.
Backing up those facts are e.g. the reports on the top Transocean guy on the rig, Jimmy Harrell. Another worker has reported that after the meeting with BP where the latter decided to remove the mud Harrell said "Well, I guess that's what we have those pinchers for" (the BOP shears that failed for one reason or another).
A less well sourced report has him saying this while on a boat to someone in Houston:
"Are you fucking happy? Are you fucking happy? The rig's on fire! I told you this was gonna happen.
"I am fucking calm. "You realize the rig is burning?"
There are a few components involved in this disaster:
1) The "system" which, in the article, refers to the standard procedures and best practices one should follow when monitoring and running an oil well of this type. From what the author said, it appears that if the people at the well had followed these procedures the blowout wouldn't have happened.
2) Human error -- people being careless, rushed, drunk, tired, not understanding procedures, etc. This is the "people aren't immune to screw-ups" factor. It's not clear how much this applies to this particular incident.
3) There's another sort of "system" that 1) and 2) are embedded in, and that is the system of incentives in which people operate. This includes things like your manager pressuring you to "do it anyway", or knowing that your promotion depends on cutting corners and being under budget. I suspect that this is the root of the problem, in this case.
One reason these incentives are the way they are is because they often work --- the company saves money (or the individual gets his promotion) and even when things go wrong the cost of the failure may be less than the money saved (though, that likely won't be true in the case of BP). Other reasons may involve not fully understanding the risks, or principal/agent issues.
The WSJ editor who picked the headline doesn't understand anything about systems. There exists a plausible explanation by which any system failure can be described as a human failure. Just say that one of the human designers screwed up!
That's a bit pedantic. What I would consider the key difference between systematic and human failure is whether or not there was actually a system in place to prevent the failure, that humans simply failed to work within. That was clearly the case here.
Systems themselves are sometimes inadequate to prevent failure, but this follows from a lack of human creativity, rather than the inability to follow straightforward rules.
I was confused by the headline, too. I guess system means in this context something like technology and the rules and guidelines that come with it. A system failure would be a failure where rules and guidelines were followed exactly and the system failed nevertheless. That definition would make sense in light of the article.
What about the platform itself? An explosion and fire is one thing, but is that enough to sink the platform and cause the pipe to snap?
Is it normal procedure to flood the platform with water when there's a fire? Can enough water sprayed on a platform make it capsize? I guess if the blowout preventer fails, there's no other choice to put out the fire. Who oversaw the recovery mission after the explosion?
Without breaking the riser pipe connection to the rig an uncontained fire like this is pretty clearly going to sink it, boats next to it aren't going to be able to keep it cool enough (you have seen pictures of the fire, haven't you?).
I think the Coast Guard oversaw the initial recovery, although many are questioning the decision to put out the fire and the failure of the Federal government to keep in stock fire booms as called for by a 1995? or so government study/recommendation for Gulf oil well blowouts.
Yeah, I've seen the fire. If you can't tame it like a land-based well blowout and let it burn, how does it sink the platform? The fire's hot enough to melt the metal and lose water-tightness?
Why not let it burn while trying to figure out how to clinch the pipe from below?
Asymmetrical fire can destroy a steel structure by warping it. According to one analysis by a MIT materials science professor I've read of the fall of the WTC towers, what ultimately killed them was the difference in heat between the side that was facing the wind and the back side. The difference in expansion stressed the already weakened by heat floor supports to the point where cascading failures occurred.
And as I noted, many people are asking the latter question, alhtough once the riser pipe detached and formed a shape like this (inverted V)_ on the sea floor that became much less clean of an option, one the Feds weren't in position to reconsider after putting it out due to their failure to procure fire booms ahead of time.
The whole scenario plays out a lot like what led up to the Chernobyl explosion. Even after problems became evident there were several chances to shut down and avoid a catastrophe, but the safeguards, standard procedures, and warnings were ignored.
In all fairness the operators at Chernobyl were running an experiment that had been done all of 3 or so times before at reactors of this design. The biggest failing was the design of the reactor (positive void coefficient (illegal to build in the US) and slow moderator tipped control rods) and their not knowing or realizing that their deviations from the experiment's known safe procedure could have such disastrous consequences.
Or is it just that people just screw up, no matter the system? If that is the case, and no matter how good the system is, eventually there will be another drilling disaster like this one, it begs the obvious question of whether there should ever be this sort of drilling again.