Managing System Integrity for Hazardous Liquid Pipelines

Pipeline Segment

API STANDARD 1160

FIRST EDITION, NOVEMBER 2001 ANSI/API STD 1160-2001

SPECIAL NOTES

API publications necessarily address problems of a general nature. With respect to partic- ular circumstances, local, state, and federal laws and regulations should be reviewed.

API is not undertaking to meet the duties of employers, manufacturers, or suppliers to warn and properly train and equip their employees, and others exposed, concerning health and safety risks and precautions, nor undertaking their obligations under local, state, or fed- eral laws.

Information concerning safety and health risks and proper precautions with respect to par- ticular materials and conditions should be obtained from the employer, the manufacturer or supplier of that material, or the material safety data sheet.

Nothing contained in any API publication is to be construed as granting any right, by implication or otherwise, for the manufacture, sale, or use of any method, apparatus, or prod- uct covered by letters patent. Neither should anything contained in the publication be con- strued as insuring anyone against liability for infringement of letters patent.

Generally, API standards are reviewed and revised, reaf?rmed, or withdrawn at least every

?ve years. Sometimes a one-time extension of up to two years will be added to this review cycle. This publication will no longer be in effect ?ve years after its publication date as an operative API standard or, where an extension has been granted, upon republication. Status of the publication can be ascertained from the API Pipeline Segment [telephone (202) 682- 8000]. A catalog of API publications and materials is published annually and updated quar- terly by API, 1220 L Street, N.W., Washington, D.C. 20005.

This document was produced under API standardization procedures that ensure appropri- ate noti?cation and participation in the developmental process and is designated as an API standard. Questions concerning the interpretation of the content of this standard or com- ments and questions concerning the procedures under which this standard was developed should be directed in writing to the standardization manager, American Petroleum Institute, 1220 L Street, N.W., Washington, D.C. 20005. Requests for permission to reproduce or translate all or any part of the material published herein should also be addressed to the gen- eral manager.

API standards are published to facilitate the broad availability of proven, sound engineer- ing and operating practices. These standards are not intended to obviate the need for apply- ing sound engineering judgment regarding when and where these standards should be utilized. The formulation and publication of API standards is not intended in any way to inhibit anyone from using any other practices.

Any manufacturer marking equipment or materials in conformance with the marking requirements of an API standard is solely responsible for complying with all the applicable requirements of that standard. API does not represent, warrant, or guarantee that such prod- ucts do in fact conform to the applicable API standard.

All rights reserved. No part of this work may be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without prior written permission from the publisher. Contact the Publisher,

API Publishing Services, 1220 L Street, N.W., Washington, D.C. 20005.

Copyright ? 2001 American Petroleum Institute

FOREWORD

Regulatory Requirements for Pipeline Integrity Management

This standard?Managing Pipeline System Integrity for Hazardous Liquid Pipelines? provides guidance to the pipeline industry for managing integrity. It is important that opera- tors using this standard understand the Federal pipeline safety requirements for pipeline integrity management in high consequence areas when establishing or enhancing their integ- rity management programs. Although pipeline operators must comply with the pipeline safety regulations, a robust, high quality pipeline integrity program requires more than a compliance approach to managing pipeline integrity. Operators should build upon the foun- dation established by the regulations to develop an integrity management program that best serves their unique operational needs. To assist users of the standard, this foreword provides a summary of the regulatory requirements for integrity management.

Effective May 29, 2001, the Code of Federal Regulations (CFR) governing hazardous liq- uid pipeline operation and maintenance was amended to establish new requirements for

?Pipeline Integrity Management in High Consequence Areas? (49 CFR 195.452, referred to here as ?the rule?)1 . The purpose of these new requirements is to enhance and validate pipe- line integrity, and provide improved protection for high consequence areas that could be affected by an unintended release of hazardous liquids from a pipeline system.

High consequence areas are de?ned in 49 CFR 195.450 as:

1. A high population area, which means an urbanized area, as de?ned and delineated by the U.S. Census Bureau, that contains 50,000 or more people and has a population den- sity of at least 1,000 people per square mile.

2. An other populated area, which means a place, as de?ned and delineated by the U.S. Census Bureau, that contains a concentrated population, such as an incorporated or unin- corporated city, town, village, or other designated residential or commercial area.

3. A commercially navigable waterway, which means a waterway where a substantial likelihood of commercial navigation exists. These waterways are identi?ed in the National Waterways Network, a geographic database created by the National Waterways GIS Design Committee.

4. An area of the environment that has been designated as unusually sensitive to oil spills (an ?unusually sensitive area? or USA). USAs are de?ned in 49 CFR 195.6.

This API standard includes guidance for complying with these requirements based on proven industry practices for managing pipeline system integrity. The following discussion provides a description of the requirements in 49 CFR 195.452, and identi?es the location in this standard where guidance and information is provided to facilitate operator compliance.

The rule requires that operators develop and implement a written integrity management program. This integrity management program must include:

• An identi?cation of all pipeline segments that could affect a high consequence area in the event of a pipeline failure.

• A plan for conducting baseline assessments of the line pipe in these segments.

• A framework that addresses how each element of the operator?s integrity management program will be implemented.

  Pipeline segments that could impact high consequence areas must be identi?ed by December 31, 2001. The Baseline Assessment Plan and framework must be completed by March 31, 2002. Section 5 of this standard provides an overview of a pipeline integrity man- agement program, and the steps necessary to craft the required framework.

  
  

  
  

  1This rule applies to operators who own or operate 500 or more miles of hazardous liquid pipeline. At the time this standard was being prepared, a similar rule covering other hazardous liquid pipeline oper- ators was in preparation.

  iii

  
  

  The Baseline Assessment Plan for assessing the condition of line segments that could affect high consequence areas must:

  1. Identify all line segments that could affect a high consequence area. Section 6 of this standard describes where to get information on the location of high consequence areas and how to determine if a line or line segment could affect a high consequence area.

  2. Specify the method(s) used to assess pipeline integrity for each segment. The accept- able methods for conducting integrity assessments are pressure testing, instrumented internal inspection2, or another technology that the operator demonstrates can provide an equivalent understanding of the pipe?s condition.

  3. Provide a schedule for completing the initial integrity assessment for each segment.

  4. Explain the technical basis for the integrity assessment method(s) selection and the evaluation of risk factors considered in scheduling the assessment. Sections 7 and 8 of this standard provide guidance for selecting important risk factors and prioritizing seg- ments for scheduling integrity assessments. Section 9 describes the different integrity assessment methods and tools, and important considerations in determining the appropri- ate approach for a particular situation.

  The Baseline Assessment Plan must be available for review by the U.S. DOT Of?ce of Pipeline Safety (OPS) during inspections. Operators should periodically review this plan to be sure it continues to re?ect the appropriate priorities in conducting integrity assessments for line segments that may impact high consequence areas. If necessary, the Baseline Assess- ment Plan may be revised to re?ect new operating experience, the insights gained from the initial integrity assessments, and other maintenance and surveillance data.

  Although the rule requires a Baseline Assessment Plan only for segments that could affect high consequence areas, an operator may ?nd that such a plan is useful for its entire system, and could expand the scope of its program accordingly. The guidance provided in this stan- dard is suitable for complete pipeline systems and is not limited to high consequence areas.

  The rule requires operators to perform a baseline integrity assessment by March 31, 2008 for all pipeline segments that could affect a high consequence area. Furthermore, ?fty per- cent of this pipeline mileage must be assessed by September 30, 2004, beginning with the highest risk segments. Operators, who have performed and documented integrity assess- ments after January 1, 1996, may use these assessments to validate line integrity if the assessment approach and documentation are consistent with the provisions of the rule.

  In evaluating the results of the integrity assessment, operators must integrate information from other relevant sources with the inspection or testing results to fully identify and charac- terize the potential threats to pipeline integrity. Other information sources might include cathodic protection system data, close interval surveys, results of previous internal inspec- tions, operating and leak history, patrolling reports, exposed pipe reports, etc. Section 7 of this standard addresses gathering, reviewing, and integrating information and data. From this evaluation, the operator should identify the location, nature, and relative risk of features that could threaten pipeline integrity. Operators must use a risk-based approach in prioritizing repair and mitigation activities, in which any defects or other features that have the potential to result in a near-term leak or failure are addressed promptly. The rule establishes speci?c time limits by which certain anomalies identi?ed by in-line inspection must be repaired or mitigated. Section 9 provides additional guidance for prioritizing and scheduling anomalies. As an integral part of a continuing integrity management program, the rule also requires that operators periodically reassess pipeline integrity on line segments that could affect high consequence areas at intervals not to exceed ?ve years. The risk represented by the segment should be used to establish the appropriate assessment interval within this ?ve-year period. Operators may be allowed variances from this ?ve-year interval if a reliable engineering evaluation in combination with other activities such as external monitoring provide a compa-

  
  

  2For low frequency, electric resistance welded (ERW) pipe or lap welded pipe subject to longitudinal seam failures, an operator must select a method capable of assessing seam integrity, and capable of detecting corrosion and deformation anomalies.

  iv

  
  

  rable understanding of the pipe?s condition. The risk assessment methods described in Sec- tion 8 provide one approach for establishing a technical justi?cation for longer inspection intervals. Variances may also be allowed if a particular assessment technology desired for a given segment(s) is not available (e.g., new, more sophisticated internal inspection devices). Operators requesting such variances must notify OPS in advance and maintain documenta- tion justifying these decisions.

  After completing a baseline assessment, an operator must conduct a risk analysis for the line segments that could affect high consequence areas. This analysis should identify and evaluate the need for additional preventive and mitigative actions to protect high conse- quence areas. Such actions might include enhancing damage prevention programs, improved cathodic protection monitoring, reducing surveillance and inspection intervals, enhanced training, conducting drills with emergency responders, and other management controls. Sec- tion 10 describes a number of common preventive and mitigative risk control measures that can be used to provide additional protection. Operators must also explicitly evaluate the need for Emergency Flow Restricting Devices and enhancements to leak detection systems to pro- tect high consequence areas. The rule provides important factors to be considered in per- forming these evaluations.

  As noted previously, the rule requires an operator to develop and implement an integrity management program. This program must include the following elements:

• A process for determining which pipeline segments could affect a high consequence area (Section 6 of this standard).

• A Baseline Assessment Plan (Section 9).

• A process for periodic integrity assessment and evaluation of segments that could affect high consequence areas (Sections 9 and 11).

• An analytical process that integrates all available information about pipeline integrity and the consequences of a failure (Section 7 discusses information sources, and Sec- tion 8 describes a risk assessment process that integrates this data to identify pipeline risks).

• Repair or mitigation to address issues identi?ed by the integrity assessment method (Section 9).

• A process to identify and evaluate preventive and mitigative measures to protect high con- sequence areas (Section 8 describes a risk-based process for making these determinations).

• Methods to measure the integrity management program?s effectiveness (Section 13).

• A process for review of integrity assessment results and data analysis by a quali?ed individual.

An operator?s approach for developing and implementing each of these elements must be addressed in the framework.

Finally, the rule identi?es records that must be maintained by the operator. An operator must have a written integrity management program description that includes how each ele- ment of its integrity management program is implemented. Documentation supporting the decisions and analyses performed as part of the program are also identi?ed. It is important that the operator have documented technical justi?cation for key integrity management deci- sions, as well as for any variances or deviations allowed by the rule.

v

1. Data Sources 8

2. Identi?cation and Location of Data 9

3. Establishing a Common Reference System 9

4. Data Collection 9

5. Data Integration 10

1. RISK ASSESSMENT IMPLEMENTATION 10

   1. Developing a Risk Assessment Approach 10

   2. De?nition of Pipeline Risk 13

   3. Estimating Risk Using Risk Assessment Methods 13

   4. Characteristics of a Sound Risk Assessment Approach 15

   5. First Step in the Risk Assessment Process 15

   6. Risk Assessment. 15

   7. Core Risk Assessment Methodology Components 16

   8. Identify and Gather Data Required for Risk Assessment 18

   9. Validation and Prioritization of Risks 18

   10. Risk Control and Mitigation 20

   11. Continuous Risk Assessment 21

2. INITIAL BASELINE ASSESSMENT PLAN DEVELOPMENT AND IMPLEMENTATION 21

   1. Initial Baseline Plan 21

   2. Pipeline Anomalies and Defects 21

   3. Pipeline Internal Inspection and Testing Technology 21

   4. Determination of Inspection Interval/Frequency 23

      vii

      Page

   5. Hydrostatic Testing 25

   6. Strategy for Responding to Anomalies Identi?ed by In-line Inspections 27

   7. Repair Methods 29

3. MITIGATION OPTIONS 29

   1. Prevention Of Third-party Damage 29

   2. Control of Corrosion 31

   3. Detecting and Minimizing Unintended Pipeline Releases 31

   4. Pipeline Operating Pressure Reduction 34

4. REVISION OF THE INTEGRITY MANAGEMENT PLAN 34

5. INTEGRITY MANAGEMENT OF PIPELINE PUMP STATIONS AND TERMINALS 34

   1. Data Gathering 34

   2. Concerns Unique to Mitigation Options 35

   3. Mitigation Options 35

6. PROGRAM EVALUATION 36

   1. Performance Measures 37

   2. Performance Measurement Methodology 37

   3. Measuring Performance Using Internal Comparisons 38

   4. Measuring Performance Using External Comparisons 38

   5. Audits 38

   6. Performance Improvement 40

7. MANAGING CHANGE IN AN INTEGRITY PROGRAM 40

   1. Recognizing Changes That Affect the Integrity Program 40

   2. Updating the Pipeline Integrity Program 41

APPENDIX A ANOMALY TYPES, CAUSES, AND CONCERNS 43

APPENDIX B REPAIR STRATEGIES 47

APPENDIX C STANDARD DATA FIELDS FOR TRACKING PIPELINE RELEASES 51

APPENDIX D STANDARD DATA FIELDS FOR PIPELINE

INFRASTRUCTURE INFORMATION 69

Figures

5-1 Framework for an Integrity Management Program 5

1. Simpli?ed Depiction of Risk. 14

2. Simpli?ed Risk Assessment Hierarchy 17

Tables

7-1 Types of Data to Collect 11

1. Sample Environmental Variables 19

2. Sample Design Variables 19

3. Variables Affecting Pipeline Risk (Partial List) 19

1. Anomaly Types and Tools to Detect Them 24

2. Summary of Commonly Used Permanent Pipeline Repairs 28

13-1 Example Performance Measurement Categories 39

viii

Managing System Integrity for Hazardous Liquid Pipelines

1 Introduction

1.1 PURPOSE AND OBJECTIVES

The goal of the operator of any pipeline is to operate the pipeline in such a way that there are no adverse effects on employees, the environment, the public, or their customers as a result of their actions. They do this while they ?ll the needs of the customer and earn a reasonable return on their invest- ment. The goal is error-free, spill-free, and incident-free oper- ation of the pipeline.

An integrity management program provides a means to improve the safety of pipeline systems and to allocate opera- tor resources effectively to:

• Identify and analyze actual and potential precursor events that can result in pipeline incidents.

• Examine the likelihood and potential severity of pipe- line incidents.

• Provide a comprehensive and integrated means for examining and comparing the spectrum of risks and risk reduction activities available.

• Provide a structured, easily communicated means for selecting and implementing risk reduction activities.

• Establish and track system performance with the goal of improving that performance.

This standard outlines a process that an operator of a pipe- line system can use to assess risks and make decisions about risks in operating a hazardous liquid pipeline in order to reduce both the number of incidents and the adverse effects of errors and incidents. Section 5 describes the integrity man- agement framework that forms the basis of this standard. This framework is illustrated schematically in Figure 5-1. This standard also supports the development of integrity manage- ment programs required under Title 49 CFR 195.452 of the federal pipeline safety regulations.

This standard is intended for use by individuals and teams charged with planning, implementing, and improving a pipe- line integrity management program. Typically a team would include engineers, operating personnel, and technicians or specialists with speci?c experience or expertise (corrosion, in-line inspection, right-of-way patrolling, etc.). Users of this standard should be familiar with the pipeline safety regula- tions (Title 49 CFR Part 195), including the requirements for pipeline operators to have a written pipeline integrity pro- gram, and to conduct a baseline assessment and periodic re- assessments of pipeline management integrity.

1.2 GUIDING PRINCIPLES

In developing this standard on managing pipeline system integrity, certain guiding principles underlie the entire docu- ment. These principles are re?ected in many of the sections

1

and are provided here to give the reader the sense of the need to view pipeline integrity from a broad perspective.

Integrity must be built into pipeline systems from initial planning, design, and construction. Integrity management of a pipeline starts with the sound design and construction of the pipeline. Guidance for new construction is provided in a number of consensus standards, including ASME B31.4, as well as the pipeline safety regulations. As these standards and guidelines are applied to the design of a pipeline, the designer must consider the area the pipeline traverses and the possible impacts that the pipeline may have on that area and the people that reside in its vicinity. New construction is not a subject of this standard, but the design speci?cations and as-built condi- tion of the pipeline provide important baseline information for an integrity management program.

System integrity is built on qualified people, using defined processes to operate maintained facilities. The integrity of the physical facility is only part of the complete system that allows an operator to reduce both the number of incidents and the adverse effects of errors and incidents. The total system also includes the people that operate the facility and the work processes that the employees use and follow. A comprehen- sive integrity management program should address people, processes, and facilities.

An integrity management program must be flexible. An integrity management program should be customized to sup- port each operator?s unique conditions. Furthermore, the pro- gram must be continually evaluated and modi?ed to accommodate changes in the pipeline design and operation, changes in the environment in which the system operates, and new operating data and other integrity-related information. Continuous evaluation is required to be sure the program takes appropriate advantage of improved technology and that the program remains integrated with the operator?s business practices and effectively supports the operator?s integrity goals.

Operators have multiple options available to address risks. Components of the facility or system can be changed; addi- tional training can be provided to the people that operate the system; processes or procedures can be modi?ed; or a combi- nation of actions can be used that will have the greatest impact on reducing risk.

The integration of information is a key component for man- aging system integrity. A key element of the integrity man- agement framework is the integration of all available information in the decision making process. Information that can impact an operator?s understanding of the important risks to a pipeline system comes from a variety of sources. The operator is in the best position to gather and analyze this information. By integrating all of the available information,

2 API STANDARD 1160

the operator can determine where the risks of an incident are the greatest, and make prudent decisions to reduce these risks. Preparing for and conducting a risk assessment is a key element in managing pipeline system integrity. Risk assess- ment is an analytical process through which an operator determines the types of adverse events or conditions that might impact pipeline integrity, the likelihood that those events or conditions will lead to a loss of integrity, and the nature and severity of the consequences that might occur fol- lowing a failure. This analytical process involves the integra- tion and analysis of design, construction, operating, maintenance, testing, and other information about a pipeline system. Risk assessments can have varying scopes, varying levels of detail, and use different methods. However, the ulti- mate goal of assessing risks is to identify and prioritize the most signi?cant risks so that an operator can make informed

decisions about these issues.

Assessing risks to pipeline integrity is a continuous pro- cess. Analyzing for risks in a pipeline system is an iterative process. The operator will periodically gather additional information and system operating experience. This informa- tion should be factored into the understanding of system risks. As the signi?cance and relevance of this additional information to risk is understood, the operator may need to adjust its integrity plan accordingly. This may result in changes to inspection methods or frequency, or additional modi?cations to the pipeline system in response to the data. As changes are made, different pipelines within a single oper- ating company and different operators will be at different places with regard to the goal of incident-free operation. Each pipeline system and each company will need speci?c goals and measures to monitor the improvements in integrity and to assess the need for additional changes.

Mitigative actions are taken for injurious defects. Opera- tors should take action to address integrity issues raised from assessments and information analysis. Operators should eval- uate anomalies and identify those that are injurious to pipe- line integrity. Operators should take action to mitigate or eliminate injurious defects.

New technology should be evaluated and utilized, as appropriate. New technology must be understood and incor- porated into integrity management programs. Such new tech- nology can enhance an operator?s ability to assess risks and the capability of analytical tools to assess the integrity of sys- tem components.

Operators should periodically assess the capabilities of new technologies and techniques that may provide improved understanding about the pipe?s condition or provide new opportunities to reduce risk. Knowledge about what is avail- able and effective will allow the operator to apply the most appropriate technologies or techniques to a speci?c risk to best address potential impacts.

Pipeline system integrity and integrity management pro- grams should be evaluated on a regular basis. The Of?ce of

Pipeline Safety provides a periodic review of the integrity management program for the operator through its enforce- ment personnel. Operators are encouraged to perform internal reviews to ensure the effectiveness of the integrity manage- ment program in achieving the program?s goals. Some opera- tors may choose to use the services of third parties to assist with such evaluations

1. Scope

   This standard is applicable to pipeline systems used to transport hazardous liquids as de?ned in Title 49 CFR 195.2. The use of this standard is not limited to pipelines regulated under Title 49 CFR 195.1, and the principles embodied in integrity management are applicable to all pipeline systems.

   This standard is speci?cally designed to provide the opera- tor with a description of industry proven practices in pipeline integrity management. The guidance is speci?c to the line pipe along the right-of-way, from scraper trap to scraper trap, but the process and approach can and should be applied to all pipeline facilities, including pipeline stations, terminals and delivery facilities associated with pipeline systems. Certain sections of this standard provide guidance speci?c to pipeline stations, terminals, and delivery facilities.

   
   

2. References

3.1 REFERENCED CODES, GUIDES, AND STANDARDS

API

Std 5T1 Imperfection Terminology

RP 1110 Pressure Testing Liquid Pipelines

Publ 1156 Effects of Smooth and Rock Dents on

Liquid Petroleum Pipelines

RP 579 Fitness for Service

Std 653 Tank Inspection, Repair, Alteration, and Reconstruction

API 570 Piping Inspection Code: Inspection, Repair, Alteration, and Rerating of In-service Piping Systems

DOT1

49 CFR Part 195 Transportation of Hazardous Liquids

by Pipeline

ASME2

B31.4 Pipeline Transportation Systems for Liquid Hydrocarbons and Other Liquids

1U.S. Department of Transportation, 400 7th Street, S.W., Washing- ton D.C. 20590.

2ASME International, 3 Park Avenue, New York, New York 10016- 0518.