Introduction
In this section we will look at how safety case legislation is applied in certain high hazard industries, particularly those with a footprint in Scotland. Whilst it can be tempting to only look at one’s own industry – and certainly this is where it makes sense to concentrate – an understanding of other industries can lead to cross-pollination of ideas that help improve safety in all areas.
As already discussed, whilst there is commonality across industries, each will tend to have its own approach toward them. This is largely driven by the differing legislation between industries – not just legislation specifically relating to safety cases but the whole range of safety legislation that applies to each industry. Over the course of this section we will look at legislation relating to certain industries and case studies of good and bad safety practices as appropriate.
By the end of this section you will be able to evaluate the following:
- Nuclear industry legislation
- Oil and gas specific legislation – particularly offshore
- Transport specific legislation
Nuclear Industry Regulation
In this subsection we will look at the nuclear industry in the UK, as well as some of the regulation around it, including the purpose and scope of safety cases as defined by the Office for Nuclear Regulation (ONR). We will also use case studies to look at things that can go wrong (the Windscale Fire) and things done correctly (Winfrith Reactor).
Within the United Kingdom (UK), the responsibility for regulation of civil nuclear sites lies with the Office for Nuclear Regulation (ONR), and for military sites this responsibility lies with the Ministry of Defence (MoD), the ONR or, most commonly, a combination of the two.
The nuclear industry is one of the most controversial industries in the world, partly fuelled by justifiable concerns around accidents, possible terror threats, and the issues around the long term nature of nuclear waste storage, but also driven by a lack of understanding by the public at large.
To a certain extent this has been increased in recent times by the excellent mini-series ‘Chernobyl’ produced by HBO and SKY. Conversely though, this TV series has driven a recent surge in interest, not just in the disaster but also in the nuclear industry – and its risks – as a whole (Noack 2019: 74). This increase in desire to understand can only be considered a good thing.
The ONR has produced a series of guides, such as A Guide to Nuclear Regulation in the UK and The Purpose, Scope, and Content of Safety Cases, links to which are included below which are included below.
- A guide to Nuclear Regulation in the UK
- The Purpose, Scope and Content of Safety Cases Sections 4 and 5 of this second guide are of particular relevance to this course.
The role of the ONR is well explained in this video:
We will look at the writing of safety cases – in nuclear and other industries – later in the module.
Nuclear Safety Failure – The Windscale Fire
The nuclear industry in the UK began shortly after the Second World War and was born largely out of the UK government’s political desire to have an independent nuclear deterrent. This led to the establishment of a facility at Windscale in Cumbria, which became the site of the world’s first nuclear power station to export energy to the grid, and developed over time into what is now possibly the most complex nuclear site on the planet – Sellafield. It is also now home to the two most dangerous buildings in Western Europe – B30 and B38, aging storage facilities containing nuclear waste of unknown provenance and origin (McKie 2009: 28).
Whilst there are many successes and failures in the Sellafield story, we will look at what is probably the most significant failure, along with being one of the earliest and most far reaching in terms of consequences, namely the Windscale Fire of 1957, which scored 5 out of a maximum 7 on the International Nuclear Event Scale.
The documentary below is a little sensationalist, and is also over 30 years old so the quality is a little poor, but it gives a reasonable overview of what occurred not just during the fire, but also prior to the fire, and why, when working in high hazard industries, we must be extremely careful to ensure that safety is the highest priority.
Windscale documentary - Our Reactor Is On Fire (Youtube)
As was explored in the documentary, the Windscale fire occurred largely because political influence and excessive pressure around time, led to the development of a design that was inherently unsafe. Whilst safety cases as a concept did not exist in 1957 – and certainly not in the 1940s when the Windscale Piles were designed – the idea of occupational Safety and Health did, and documentation was produced to show that the piles were safe (a safety case in all but name). This safety case was flawed from the outset, as rather than being developed alongside the design case, it was written afterwards – explaining why the design as it stood was safe, rather than creating a safe design.
The Windscale fire was the subject of investigation at the time, but the report was not released. The version found by following the link below is from the Journal of Radiological Protection in 2017 (Penney et al, 2017: 780-796):
Nuclear Safety Success – The Winfrith Reactor
Winfrith was a site in Dorset, set up in 1957 to provide additional space for nuclear research to be carried out in the UK. Over the course of its life Winfrith was home to at least nine different types of experimental reactor, most famously the Steam Generating Heavy Water Reactor, a design that was intended to be rolled out commercially but never progressed beyond the Winfrith prototype.
Having looked at the mistakes that were made at Windscale, it may be thought likely that similar issues may have been encountered at Winfrith – it opened in a similar era, and included a significant number of experimental reactors, any of which could have behaved in an unexpected manner. However, the opposite is largely true.
The last reactor at Winfrith closed in 1990, since which time decommissioning has been ongoing, which has seen the removal of 7 of these reactors along with other buildings, and it remains on target to reach an interim end state by 2021.
At this point all the remaining facilities will have been decommissioned, and all intermediate level waste removed from the site. Winfrith will then enter a phase where it remains under nuclear license and institutional control, but is largely in a period of monitoring before the nuclear license is revoked, and it becomes the first UK nuclear site to be entirely decommissioned. Magnox – who operate the site on behalf of the Nuclear Decommissioning Authority – predict this could be as soon as 2023; though this seems optimistic (Tappenden 2017).
One may wonder why there is such a significant difference between the two sites, and a slightly pessimistic but unfortunately reasonable conclusion is that the military pressures encountered at Windscale led to corners being cut in a manner that did not happen at Winfrith. In addition lessons were learned from the Windscale fire that helped Winfrith operate in such a safe manner, not least of which was the more appropriate approach to safety and safety legislation. Most important of although though the process was designed with safety foremost, which lead to designs being inherently safe, rather than having safety features added later in an attempt to make an inherently unsafe process appear otherwise.
This process remains ongoing, with an application to vary the terms of the license of the site – including an official review of the safety case – being approved as recently as January 2019. The report into this application is included below, for interest, along with the site report for quarter 4 of 2019. Also included is the report into the review of the safety case for the decommissioning of Consort – another experimental reactor owned by Imperial College that is in the early stages of decommissioning.
The review of the application is found here:
The Winfrith site report for Q4 of 2019 is at this location:
Whereas the review of Consort’s safety case is found at this one:
Oil and Gas Industry Regulation
As we looked at in the earlier session, the oil and gas industry began to use safety case methodology in the offshore industry following the Piper Alpha tragedy. In this section we will look at some of the regulation that applies to the oil and gas industry – particularly the offshore oil and gas industry – with a focus on safety case regulation. Again, we will look at case studies showing what can go wrong, and how to do things correctly.
Within the UK’s substantial oil and gas industry, a number of partners are involved in the regulatory context. The three partners that are of major interest to us in the context of this module are the Oil and Gas Authority (OGA), The Health and Safety Executive (HSE), and to a lesser extent, the Scottish Environment Protection Agency (SEPA). As we have already discussed the HSE at length, it will not be necessary to discuss that agency further here, but suffice it to say that of the three it is the HSE that has the single biggest remit in terms of ensuring safety within this industry.
The Oil and Gas Authority is a relatively new body in the UK, having been created following Sir Ian Wood’s Review of the UK Continental Shelf in 2014. The OGA came into being on 1st April 2015, before becoming a government owned company in 2016. The Wood review is beyond the scope of this course, and is not really relevant to it, but if desired the report can be read.
The role of the OGA is not specifically a safety-based role – that belongs to the HSE – but rather their role is primarily to maximise the recovery of the UK’s oil and gas resources. However, as it is within their remit to regulate and influence the industry, they can and will have an influence on industry behaviour – particularly when it come to the ‘reasonable’ of the ALARP principle. HSE has retained its role as the regulator in this case, as, to give this authority to an agency that is also responsible for promotion, could be a conflict of interest (as was pointed out in the Cullen report after Piper Alpha).
The following promotional video from the OGA succinctly explains their role:
With regards to SEPA, it might be considered that they have an even less overtly safety-based role, and there is certainly truth in this statement. However, they are responsible for monitoring and regulating both the natural environment and waste removal and disposal, two areas that are often overlooked to a greater or lesser extent when safety literature is produced. These areas – particularly the latter – will become of greater and greater importance as we move from the production to the decommissioning phase of the oil and gas industry.
SEPA will provide advice and guidance with regards to what is considered safe or best practice from an environmental point of view, with the intention of reducing environmental harm to the lowest possible level. They will also act to carry out enforcement action in line with their enforcement policy should the need arise.
Again, what they do is probably best described in their own words:
Oil and Gas Industry Failure – Deepwater Horizon
We have already looked somewhat extensively at the Piper Alpha tragedy in previous sessions, so whilst it is an excellent example of what can go wrong, here we will instead look at another disaster that involved the UK O&G industry, despite being outside the UK, namely the Deepwater Horizon spill in 2010.
This event lead to the deaths of 11 people, and the loss of around 5M barrels of oil, most of it directly into the Gulf of Mexico, making it the largest ever accidental marine spill, as examined in this documentary:
As is mentioned in the documentary, and as would be expected, following the initial events a clean-up operation was undertaken that ran on until 2013, and to some extent can still be said to not be complete as of 2020. Further to this a series of investigations were carried out, that whilst not in total agreement, did have significant commonalities. One of these was the lack of communication as mentioned in the documentary; we will look at this as a cause of failure in a later session.
In terms of the safety case, it was largely agreed that the safety case appeared at first examination to be adequate, but when examined more closely did have room for failure. It is possible that this potential failure, counter intuitively, had crept in due to the exemplary safety record of the Deepwater Horizon. To go 7 years, without a lost time accident, can lead to complacency creeping in, especially if the current task appears less challenging than one that has been completed previously – such as drilling the deepest well ever.
One issue with the safety case is that it left excessive room for interpretation, and in some case failed to define clear lines of authority. This allowed for decisions to be made that were potentially unsafe and allowed safe decisions to be overruled by persons who were perhaps less qualified, though of higher standing. It is also likely – though by no means certain – that commercial pressures were allowed to take too much of a role in the decision making process, losing site of the true meaning of the ALARP principle and allowing too much flexibility in the use of the word “reasonable”. BP’s internal report is worth reading, as is the US Government report into the incident.
Oil and Gas Industry Success – Brent Spar
The Brent Spar or Brent E was a semi-submersible oil storage and tanker loading buoy in the North Sea, located in the Brent oil field off Shetland. Originally installed in 1976, by 1991 it was no longer needed and was considered obsolete, which clearly meant that there was now a need to dispose of it. This made it one of the first major pieces of offshore infrastructure that needed to be disposed of, a responsibility that fell to Shell as its operator and co-owner. During the course of its life Brent Spar operated safely, with the exception of a helicopter crash in 1990 that lead to the deaths of 6 people on board the helicopter. Despite this tragedy Brent Spar can be considered a success, as this accident was found to be the fault of poor airmanship rather than an issue with the platform itself.
Brent Spar became well known in the mid-90s following controversy that developed regarding the decision reached as to the method of disposal. Shell assessed several options, and finally decided that the best method would be to sink the remains of the platform in deep water in the North Atlantic. There were several reasons this decision was reached, partly economic but also legitimate environmental concerns.
Brent Spar is examined in this documentary about the North Sea oil industry – the section specifically begins at 9:45 but the whole episode is interesting, as is the rest of the series.
Brent Spar can be considered a success as, following careful analysis and taking into account external factors (public opinion), Shell updated their plans and created a safe alternative. This is the very definition of an effective safety case. For interest, a brief precis of the initial investigation carried out that suggested deep water disposal, is included below. Interestingly it concludes with a statement that an external review found that dumping at sea would have had little environmental impact.
The FRS dossier produced in association with Shell on Brent spar is found here:
- FRS - Brent Spar Dossier
Transport Industry
To effectively refer to the entire transport industry in one section is perhaps a little ambitious, as there are significant differences between the various sections, not just in how they operate but also, to a certain extent, how they are regulated.
For that reason, in this section we will touch very briefly on certain major areas, signposting the direction to more in depth information, and then we will look at case studies that give the opportunity to learn lessons no matter what specific area we are considering.
Rail Industry Regulation
Britain’s rail network is the oldest in the world, and one of the most maligned, with frequent reports of cancellations, overcrowding, high costs and terrible customer service.
Despite this, it is also one of the safest in the world. As of 2016 it was the 3rd safest in Europe – beaten only by Ireland and Luxembourg – and of the 10 biggest, it is by far the safest (Ruddick, 2016: 74).
This enviable situation has been reached over an extended period, including many failures, which has led to what is arguably the most effective and advanced rail regulatory system in the world, the responsibility for which now falls to the Office of Road and Rail (ORR), having been transferred from the HSC in 2006. The issue of rail safety under the HSE was examined during a speech by Bill Callaghan, former chair of the HSC, as he retired, and responsibility was passed to the ORR.
The full text of his speech can be found here:
The function of the ORR is nicely summed up in this infographic:
Of specific interest to us, though, is the rail industry’s treatment of safety cases. Unlike many areas there are specific regulations relating to safety cases in the rail industry, specifically, The Railways (Safety Case) Regulations 2000 and The Railways (Safety Case) (Amendment) Regulations 2003. These regulations revoked the original act passed in 1994, meaning that the rail industry is one of the earliest adopters of this methodology. These regulations are also referenced and carried out in conjunction with The Railways and Other Guided Transport Systems (Safety) Regulations 2006.
The ORR has provided a guidance document which is available here:
The original 1994 regulations were the subject of a paper by Professor Evans of University and Imperial College, in 1995, where he discusses the introduction of safety cases in the industry. His paper is can be found here:
The renewed and amended regulations were also the subject of an extensive evaluatory review in 2004, which can be found here:
Aviation Legislation
Given the international nature of the aviation industry, perhaps in a way even more so than any other form of transport, the regulatory arrangements of the aviation industry are extremely complex, but interestingly a significant proportion of them are based around a trust system.
Within the UK, ultimate responsibility for the aviation industry falls to the Department of Transport, but this power is realistically derogated to the Civil Aviation Authority. At the time of writing (2020) the CAA acts as a partner competent authority of EASA (the European Aviation Safety Agency) but following the UK’s exit from the European Union this may change.
At the time of writing however it appears that UK and EASA regulation will remain aligned and as such it makes sense to consider the role of EASA, as they explain in this corporate video:
Should the CAA and EASA separate in future, then the actions currently carried out by EASA would revert to the CAA.
The other significant body that should be considered is ICAO (International Civil Aviation Organisation). Whilst ICAO does not have any rule-making ability, it is one of the most significant regulatory organisations on the global scale.
ICAO and aviation law more broadly are explained in the following video:
Unlike the rail industry, there is no specific legislation, rather aviation has adopted a more generic approach, as examined by Clifford Edwards of SHELL aircraft in a paper that can be found here:
However, ICAO did provide guidance on building a safety case for ADS-B separation (a specific protocol in the aircraft industry), which can be used as a template for other areas in the industry.
ICAO’s Guidance Material on Building a Safety Case for Delivery of an ADS-B Separation Service is available to read.
Marine Industry
Another international industry – in some ways even more international than aviation – the marine industry is one of the UK’s oldest.
Within the UK there are various sources of regulations, but ultimate responsibility lies with the Department of Transport, who again derogate their responsibility to a separate agency, in this case the Maritime and Coastguard Agency (MCA). Whilst the UK retains sovereignty of its territorial waters, the MCA works extremely closely with international agencies to ensure a safe and level playing field.
The majority of regulation is carried out by the International Maritime Organisation (IMO), whose role is examined and explained in this video:
As already mentioned, in the UK the guidance of the IMO is adopted by the Department for Transport, whose legislation is then carried out by the MCA. What the MCA does is explained in the first video below, the second video looks more closely at the purpose of the Coastguard, who are the operational arm of the MCA.
Whilst there are no specific regulations regarding marine or maritime safety cases in the UK, the HSE’s guidance on Marine Risk Assessment, reproduced below, does contain safety case guidance and hence is a worthwhile read.
Finally we come to Maritime Safety Case in a Box which was guidance produced at an Australian safety case. Whilst this might be as far geographically from the UK as it is possible to be, the principles hold firm and lessons can be learned from their guidance.
Summary
Legislation of various industries within the UK can be extremely complex, with a variety of national and international agencies potentially having responsibility for one or more aspects of their work.
Whilst there is no generic regulation covering how safety cases should be developed in any industry, many industries have their own specific safety case regulations, and those that do not have usually developed a generic system of their own.
Whilst it cannot be assumed that information from one industry can be applied directly to another, very often cross-seeding of information can be extremely useful as it can show another way of looking at a problem.
Finally, in all cases, if there is a lack of clarity in any situation help and guidance should be sought, either from an industry expert or from an external source such as the HSE, the IMO or the CAA.
References
McKie, R., 2009. “Sellafield: The Most Hazardous Place in Europe”, The Observer
Noack, R., 2019. “Thanks to HBO, more tourists are flocking to the eerie Chernobyl nuclear disaster site”, Washington Post
Penney, W., Schonland, B. F. J., Kay, J. M., Diamond, J. and Pierson, D. E. H., 2017. “Report on the Accident at Windscale No. 1 Pile on 10 October 1957”, Journal of Radiological Protection 37.
Ruddick, G., 2016. “Britain’s rail safety record deserves some credit”, The Guardian
Tappenden, R., 2017. From nuclear to nature: Dismantling an atomic site [online]. Available from <https://www.bbc.co.uk/news/uk-england-dorset-38075798> [6th February 2020]