[Federal Register Volume 76, Number 6 (Monday, January 10, 2011)]
[Notices]
[Pages 1504-1507]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2011-208]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Pipeline and Hazardous Materials Safety Administration

[Docket No. PHMSA-2010-0381


Pipeline Safety: Establishing Maximum Allowable Operating 
Pressure or Maximum Operating Pressure Using Record Evidence, and 
Integrity Management Risk Identification, Assessment, Prevention, and 
Mitigation

AGENCY: Pipeline and Hazardous Materials Safety Administration (PHMSA); 
DOT.

ACTION: Notice; issuance of Advisory Bulletin.

-----------------------------------------------------------------------

SUMMARY: PHMSA is issuing an Advisory Bulletin to remind operators of 
gas and hazardous liquid pipeline facilities of their responsibilities, 
under Federal integrity management (IM) regulations, to perform 
detailed threat and risk analyses that integrate accurate data and 
information from their entire pipeline system, especially when 
calculating Maximum Allowable Operating Pressure (MAOP) or Maximum 
Operating Pressure (MOP), and to utilize these risk analyses in the 
identification of appropriate assessment methods, and preventive and 
mitigative measures.

FOR FURTHER INFORMATION CONTACT: Alan Mayberry by phone at 202-366-5124 
or by e-mail at [email protected]. All materials in this docket may 
be accessed electronically at http://www.regulations.gov. General 
information about the PHMSA Office of Pipeline Safety (OPS) can be 
obtained by accessing OPS's Internet home page at http://www.phmsa.dot.gov/pipeline.

SUPPLEMENTARY INFORMATION: 

Background

    PHMSA's goal is to improve the overall integrity of pipeline 
systems and reduce risks. To adequately evaluate risk, it is necessary 
to identify and evaluate the physical and operational characteristics 
of each individual pipeline system. To that end, the Hazardous Liquid 
and Gas Transmission Pipeline Integrity Management (IM) Programs were 
created with the following objectives:
     Ensuring the quality of pipeline integrity in areas with a 
higher potential for adverse consequences (high consequence areas or 
HCAs);
     Promoting a more rigorous and systematic management of 
pipeline integrity and risk by operators;
     Maintaining the government's prominent role in the 
oversight of pipeline operator integrity plans and programs; and
     Increasing the public's confidence in the safe operation 
of the nation's pipeline network.
    The IM regulations supplement PHMSA's prescriptive safety 
regulations with requirements that are intelligent, performance based 
and process-oriented. One of the fundamental tenets of the IM program 
is that pipeline operators must be aware of the physical attributes of 
their pipeline as well as the physical environment that it transverses. 
These programs reflect the recognition that each pipeline is unique and 
has its own specific risk profile that is dependent upon the pipelines 
attributes, its geographical location, design, operating environment, 
the commodity being transported, and many other factors. This 
information is a vital component in an operator's ability to identify 
and evaluate the risks to its pipeline and identify the appropriate 
assessment tools, set the schedule for assessments of the integrity of 
the pipeline segments and identify the need for additional preventive 
and mitigative measures such as lowering operating pressures. If this 
information is unknown, or unknowable, a more conservative approach to 
operations is dictated.
    An IM program must go beyond simply assessing pipeline segments and 
repairing defects. Improving operator IM programs, the analytical 
processes involved in identifying and responding to risk, and the 
application of assessment and development of preventive and mitigative 
measures is also a critical objective. In addition, the ability to 
integrate and analyze threat and integrity related data from many 
sources is essential for enhanced safety and proactive integrity 
management. However, some operators are not sufficiently aware of their 
pipeline attributes nor are they adequately or consistently assessing 
threats and risks as a part of their IM programs.
    Over the past several years, PHMSA inspections and investigations 
have revealed deficiencies in individual

[[Page 1505]]

operators' risk analysis approaches, the integration of data into these 
risk assessments, the abilities to adequately support the selection of 
assessment methods, identification and implementation of preventive and 
mitigative measures, and maintenance of up-to-date risk information and 
findings about their pipeline segments. In particular, operators' 
programs fail to adequately address stress corrosion cracking, seam 
failure, or internal corrosion in their threat identification and risk 
assessments. The actual use of threat and risk information to determine 
assessment methods, to evaluate other preventive and mitigative 
measures, and to use those measures during periodic evaluation have 
been found to be deficient. Inspections and investigations have 
revealed examples where assessment methods, specific tools, and 
schedules were not based on a rigorous assessment of the type of 
threats posed by the pipeline segment, including consideration of the 
age, design, pipe material including seam type, coating, welding 
technique, cathodic protection, soil type, surrounding environment, 
operational history, or other relevant factors. Finally, inspections 
and investigations indicate that efforts to collect and integrate risk 
information can be inappropriately narrow, lack verification and fail 
to take into account relevant risk information and lessons learned from 
other parts of their system.
    In recent pipeline accident investigations, NTSB and PHMSA have 
discovered indications that operator oversight of IM programs has been 
lacking and thereby failed to detect flaws and deficiencies in their 
programs. The level of self-evaluation and oversight currently being 
exercised by some pipeline operators is not uniformly applied. The NTSB 
is also concerned that pipeline operators throughout the United States 
may have discrepancies in their records that could potentially 
compromise the safe operation of their pipelines. NTSB has recommended 
that operators diligently and objectively scrutinize the effectiveness 
of their programs, identify areas for improvement, and implement 
corrective measures.
    On January 3, 2011, NTSB recommended that PHMSA inform the pipeline 
industry of the circumstances leading up to and the consequences of the 
September 9, 2010, pipeline rupture in San Bruno, California, to ensure 
that both PHMSA and NTSB findings and recommendations with respect to 
the verification of records used to establish or adjust MAOP or MOP are 
expeditiously incorporated into the IM programs for pipeline operators. 
The pipeline rupture in San Bruno, CA involved a 30-inch-diameter 
natural gas transmission pipeline owned and operated by Pacific Gas and 
Electric Company (PG&E). The rupture occurred in a residential area 
killing eight people, injuring many more, and causing substantial 
property damage. The rupture created a crater about 72 feet long by 26 
feet wide. A ruptured pipe segment about 28 feet long was found about 
100 feet away from the crater. The resulting fire destroyed 37 homes 
and damaged 18. NTSB's preliminary findings indicate that the pipeline 
operator did not have an accurate basis for the MAOP calculation.
    There are several methods available for establishing MAOP or MOP. A 
hydrostatic pressure test that stresses the pipe to a designated 
percent of the desired MAOP or MOP, without failure, is generally the 
most effective method. Hydrostatic testing requirements and 
restrictions for natural gas pipelines are specified in Title 49 CFR 
Part 192, Subpart J. Similar requirements for hazardous liquid 
pipelines are found in 49 CFR Part 195, Subpart E. Although hydrostatic 
testing is recognized to be the most direct and effective methodology 
for validating a MAOP or MOP, its implementation requires that 
operating lines be shut down, which may adversely affect customers 
dependent on the natural gas supplied by the pipeline, particularly if 
the pipe fails during the test, which could necessitate a protracted 
shutdown. Consequently, operators prefer to use available design, 
construction, inspection, testing, and other related records to 
calculate the valid MAOP or MOP. However, this method is susceptible to 
error if pipeline records are inaccurate. With respect to the portion 
of the pipeline that failed in the September 9, 2010, San Bruno 
incident, PG&E used available design, construction, inspection, 
testing, and other related records to calculate the MAOP. The NTSB's 
examination of the ruptured pipe segment and review of PG&E records 
revealed that although the as-built drawings and alignment sheets mark 
the pipe as seamless API 5L Grade X42 pipe, the pipeline in the area of 
the rupture was constructed with longitudinal seam-welded pipe. The 
ruptured pipe segment was constructed of five sections of pipe, some of 
which were short pieces measuring about four feet long, containing 
different longitudinal seam welds of various types, including single- 
and double-sided welds. Consequently, the short pieces of pipe of 
unknown specifications in the ruptured pipe segment may not have been 
as strong as the seamless API 5L Grade X42 steel pipe listed in PG&E's 
records. PG&E's records also identify Consolidated Western Steel 
Corporation as the manufacturer of the accident segment of Line 132. 
However, after physical inspection of the ruptured section, 
investigators were unable to confirm the manufacturing source of some 
of the pieces of ruptured pipe.

Integrity Management Regulatory Provisions

    For hazardous liquid pipelines, Sec.  195.452 establishes 
requirements for IM programs in HCAs. Section 195.452(b)(1) requires 
that each operator of a hazardous liquid pipeline ``develop a written 
IM program that addresses the risks on each segment of pipeline.'' 
Section 195.452(e) defines the minimum list of risk factors that must 
be included in the risk assessments used to schedule segment 
assessments. Appendix C provides additional guidance on these risk 
factors. Section 195.452(f) defines the required elements of an IM 
program. These elements include an analysis that integrates all 
available information about the integrity of the entire pipeline and 
the consequences of a failure, including data gathered during previous 
integrity assessments and data gathered in conjunction with other 
maintenance inspections and investigations. These elements also include 
an identification of additional preventive and mitigative measures to 
protect the HCAs (Sec.  195.452(i)), including conducting a risk 
analysis in which an operator must evaluate the likelihood of a 
pipeline release and how it could affect the HCAs. Preventive and 
mitigative measures to be evaluated based on risk factors include, but 
are not limited to, leak detection system modifications and 
installation of additional Emergency Flow Restricting Devices.
    For natural gas pipelines, Subpart O of 49 CFR Part 192 establishes 
the requirements for IM programs in HCAs. Section 192.911(c) requires 
that IM programs include ``[a]n identification of threats to each 
covered pipeline segment, which must include data integration and a 
risk assessment.'' This section further requires ``[a]n operator must 
use the threat identification and risk assessment to prioritize covered 
segments for assessment (Sec.  192.917) and to evaluate the merits of 
additional preventive and mitigative measures (Sec.  192.935) for each 
covered segment.'' Section 192.917(b) requires an operator to integrate 
existing data and information on the entire pipeline that could be 
relevant to a covered segment. In performing this data gathering and

[[Page 1506]]

integration, an operator must follow the requirements in ASME/ANSI 
B31.8S, section 4. At a minimum, an operator must gather and evaluate 
the set of data specified in Appendix A to ASME/ANSI B31.8S, and 
consider both on the covered segment and similar non-covered segments, 
past incident history, corrosion control records, continuing 
surveillance records, patrolling records, maintenance history, internal 
inspection records, operating stress levels, past pressure test 
information, soil characteristics, and all other conditions specific to 
each pipeline. Section 192.917(c) states that an operator must conduct 
a risk assessment that follows ASME/ANSI B31.8S, section 5, and 
considers the identified threats for each covered segment. An operator 
must use the risk assessment to prioritize the covered segments for the 
baseline and periodic reassessments, and to determine what additional 
preventive and mitigative measures are needed for the covered segment. 
Sections 192.919 and 192.921(a) further require that the operator 
explain why the particular assessment method for each segment was 
selected to address the identified threats to each covered segment. 
Specifically, Sec.  192.921(a) requires the operator to select the 
method or methods best suited to address the identified threats to the 
covered segment (pipeline), which include internal inspection tool[s], 
pressure test, direct assessment, or other technology that an operator 
demonstrates can provide an equivalent understanding of the condition 
of the pipeline. More than one assessment method may be required to 
address all the threats to the covered pipeline segment. Section 
192.935 requires that an operator take additional measures beyond those 
already required by Part 192 to prevent a pipeline failure and to 
mitigate the consequences of a pipeline failure in a HCA. An operator 
must base the additional measures on the threats the operator has 
identified to each pipeline segment. This section requires that an 
operator conduct, in accordance with one of the risk assessment 
approaches in ASME/ANSI B31.8S, section 5, a risk analysis of its 
pipeline to identify additional measures to protect the HCA and enhance 
public safety.

Advisory Bulletin (ADB-11-01)

    To: Owners and Operators of Hazardous Liquid and Gas Pipeline 
Systems.
    Subject: Establishing Maximum Allowable Operating Pressure or 
Maximum Operating Pressure Using Record Evidence, and Integrity 
Management Risk Identification, Assessment, Prevention, and Mitigation.
    Advisory: To further enhance the Department's safety efforts and 
implement the NTSB's January 3, 2011, recommendation to PHMSA [P-10-1], 
PHMSA is issuing this Advisory Bulletin concerning establishing MAOP 
and MOP using record evidence and integrity management; threat and risk 
identification; risk assessment; risk information collection, accuracy 
and integration, and identification and implementation of preventive 
and mitigative measures.

I. Establishing MAOP or MOP Using Record Evidence

    As PHMSA and NTSB recommended, operators relying on the review of 
design, construction, inspection, testing and other related data to 
calculate MAOP or MOP must assure that the records used are reliable. 
An operator must diligently search, review and scrutinize documents and 
records, including but not limited to, all as-built drawings, alignment 
sheets, and specifications, and all design, construction, inspection, 
testing, maintenance, manufacturer, and other related records. These 
records shall be traceable, verifiable, and complete. If such a 
document and records search, review, and verification cannot be 
satisfactorily completed, the operator cannot rely on this method for 
calculating MAOP or MOP. Copies of the recommendations issued by NTSB 
to PHMSA, PG&E, and the California Public Utilities Commission, are 
available in the public docket and at PHMSA's Web site: http://www.phmsa.dot.gov/pipeline/regs/ntsb.

II. Performing Risk Identification, Assessment, Data Accuracy, 
Prevention, and Mitigation

    Pipeline operators are reminded of their responsibilities to 
identify pipeline integrity threats, perform rigorous risk analyses, 
integrate information, and identify, evaluate, and implement preventive 
and mitigative measures as required by the Federal pipeline safety 
regulations. Operators should thoroughly review their current IM 
programs and make any changes necessary to become fully compliant with 
the Federal pipeline safety regulations. Future, PHMSA inspections will 
place emphasis on the areas noted in this Advisory Bulletin.
    Operators are also advised that PHMSA and its State partners intend 
to sponsor a public workshop on threat and risk identification, risk 
assessment, risk information collection and integration, and 
identification of preventive and mitigative measures. The purpose of 
the workshop will be to expand the industry's knowledge base about 
effective IM programs. At this workshop, PHMSA will discuss the 
progress it has seen and the challenges remaining. Operators with 
demonstrably effective programs will be invited to share information. 
Public participation will be encouraged.
A. Risk and Threat Identification
    PHMSA emphasizes the need for operators to be fully cognizant of 
the physical and operational characteristics of their systems, 
understand the threats to their systems, and the risks posed by their 
systems. Each operator is ultimately responsible for identifying all 
risk factors and cannot rely solely on the factors in Sec.  195.452(e) 
and Appendix C of Part 195 or Sec.  192.917. Any operator of a 
hazardous liquid or gas transmission pipeline that is not fully 
cognizant of the location, pipe material and seam type, coating, 
cathodic protection history, repair history, previous pressure testing, 
or operational pressure history, and other assessment information, 
incident data, soil type and environment, operational history, or other 
key risk factors of a pipeline operating at or above 30% SMYS should 
(1) institute an aggressive program as soon as possible to obtain this 
information, (2) assess the risks, and (3) take the proper mitigative 
measures based upon the operator's IM program risk findings. In 
addition, if these operators do not have verified information on key 
risk factors, an immediate and interim mitigation measure that should 
be strongly considered is a pressure reduction to 80 percent of the 
operating pressure for the previous month, hydro testing the pipeline 
or creating a remediation program to identify threat risks. Operators 
of transmission pipelines operating below 30% SMYS should also conduct 
an integrity threat and risk review of these pipelines to ensure safety 
in HCAs. PHMSA will require an operator that has not adequately 
identified all threats to take mitigative measures.
B. Risk Assessment
    Operators are advised to re-examine the basis for their IM 
assessment, as well as their MAOP or MOP calculations and documentation 
to meet Federal regulations in 49 CFR Parts 192 and 195. Operators must 
consider all significant risk factors in their risk assessments; 
conduct risk assessments capable of supporting identification of 
preventive and mitigative measures; integrate into their threat and 
risk

[[Page 1507]]

assessments all relevant risk information from prior integrity 
assessments, inspections, investigations, and incidents with design, 
construction, operational and maintenance data; to critically analyze 
the integrated data and incorporate the analysis into their risk 
assessments and integrity-related decision making; update and maintain 
their risk information; and to ensure that the risk information is made 
available throughout the organization in a form that can effectively 
support decisions on integrity assessment methods, tools, process and 
procedure changes, and schedule during the required periodic 
evaluations of pipeline integrity. PHMSA and its State partners intend 
to verify that operators have taken these actions during the course of 
future pipeline safety inspections and investigations.
C. Data Accuracy
    Operators must review and scrutinize pipeline infrastructure 
documents and records, including but not limited to, all as-built 
drawings, alignment sheets, specifications, and all design, 
construction, inspection, testing, material manufacturer, operational 
maintenance data, and other related records, to ensure company records 
accurately reflect the pipeline's physical and operational 
characteristics. These records should be traceable, verifiable, and 
complete to meet Sec. Sec.  192.619 and 195.302. Incomplete or partial 
records are not an adequate basis for establishing MAOP or MOP using 
this method. If such a document and records search, review, and 
verification cannot be satisfactorily completed, the operator may need 
to conduct other activities such as in-situ examination, pressure 
testing, and nondestructive testing or otherwise verify the 
characteristics of the pipeline when identifying and assessing threats 
or risks.
D. Risk Mitigation and Prevention
    PHMSA advises operators to implement a robust IM process that 
includes methods best suited to address the threats and risks 
identified (Sec.  192.921(a) and Sec.  195.452(f)). Operators must use 
post assessment and continuing evaluation processes to evaluate program 
effectiveness in identifying threats, addressing threat preventative 
and mitigative measures, and providing internal IM program feedback of 
assessment findings so the assessment process can be updated based upon 
threat findings.

    Issued in Washington, DC, on January 4, 2011.
Jeffrey D. Wiese,
Associate Administrator for Pipeline Safety.
[FR Doc. 2011-208 Filed 1-7-11; 8:45 am]
BILLING CODE 4910-60-P