As we all know, oil has been gushing out into the Gulf of Mexico now since April 20th, nearly six weeks now. It’s an unprecedented environmental disaster that will damage the economies of many of the communities along the affected shorelines, and also impact the wildlife in those areas. 11 people lost their lives in the original explosion, and I can’t even fathom how many birds and fish have probably died as well.
This is an accident that many people believe should not have happened. In an ideal world, there would have been multiple blowout preventers and a chain of quick-to-implement disaster recovery schemes that could have patched the well up in short order. Unfortunately, we don’t live in an ideal world, as evidenced by the explosion of the Space Shuttle Challenger, the self destruction of the Tacoma Narrows Bridge, and the collapse of the World Trade Centre buildings, despite the latter being built to withstand airplane impacts.
I’m not saying that BP shouldn’t have done more to prevent this from occurring, but there seems to be the expectation that accidents like this should never occur. The only way to prevent this type of accident from happening is not to drill. If you do drill, then this is an outcome that can happen. And we do drill, because we all want cheaper gas and to pay less for our heating costs.
Unfortunately, engineering isn’t about certainties, it’s about probabilities. Ever flown in a plane before? Next time you do, look out the window. See those wings? They are full of cracks, cracks which are propagating each and every flight. Ever been on a bridge? It’s cracked too. Both of them are made up with components that could fail at any moment, they are just designed such that the probability of occurrence is low enough so as to be determined “safe”, which is a completely relative term.
When you know a component has a probable failure mode, as an engineer you often add a backup (if finances allow), hoping that the destruction of both components will be independent events and that the failsafe will work. Often that’s not the case, and all backup systems fail simultaneously due to an unforeseen event. Despite having triple redundancy, many airplanes have crashed due to lack of hydraulics as a result of an event (such as an airplane engine exploding) that damages all failsafe components simultaneously. These are scenarios that are often impossible to determine in a laboratory or during the design phase.
If finances don’t allow a backup, then it’s an engineer’s responsibility to point out the probable failure modes and the likeliness of each happening. When I was a manufacturing engineer (briefly in Ottawa between 2000 and 2002), I would have to give a FMEA (failure mode and effects analysis) presentation before building any new product. It was a matrix that basically ranked both the probability of a failure occurring and also the severity of a failure occurring. If a product scored high on both of those simultaneously, it probably would have been sent back to the drawing board. That said, at that point it’s a management decision. The failure of a blowout preventer is probably a very unlikely event, but as everyone now knows, it’s a very severe event. In the world of FMEA reports, it probably would have scored in about the middle due to its low probability of occurrence.
There are also components in the engineering world that simply don’t have any backups. In NASA speak, these are called Criticality 1 components. The heat shield is an example of a Criticality 1 component, a lesson the world learned the hard way as the space shuttle Columbia disintegrated over the United States in February of 2003.
As far as I’m concerned, I think BP is doing everything in their power to stop this leak. While I have no proof, there’s no doubt in my mind that if you looked closely at pretty much every other major oil operation, you would seem the same type of safety precautions (or lack of precautions) as shown by BP for this spill. Does the oil industry require oversight? Maybe. Should engineers go back to the drawing board and come up with additional failsafes in the case of an uncontrolled leak? Absolutely. But now is not the time for finger pointing, it’s the time to pool resources and fix the hole at the bottom of the ocean. I don’t really understand why it’s become so political at this point — there will be plenty of time to place the blame after the hole is sealed, and more than enough blame to go around. No point doing it now though and wasting time and resources that could be better spent fixing the spill.