Government of Canada / Gouvernement du Canada
Symbol of the Government of Canada

Search

Canada–Nova Scotia Offshore Area Petroleum Operations Framework Regulations (SOR/2024-26)

Regulations are current to 2024-05-01

PART 10Installations, Wells and Pipelines (continued)

Installations (continued)

Systems and Equipment: Design, Installation, Commission and Other Requirements

The following provision is not in force.

Marginal note:Electrical system

  • The following provision is not in force.

    122 (1) An operator must ensure that any electrical system on an installation is designed to avoid any abnormal conditions and faults that may endanger the installation or, if it is not possible to avoid them, to provide alerts of those conditions and faults and mitigate their effects.

  • The following provision is not in force.

    Marginal note:Safety and reliability

    (2) The operator must ensure that all electric motors, lighting fixtures, electrical wiring and other electrical equipment on an installation are safe and reliable under all foreseeable operating conditions.

  • The following provision is not in force.

    Marginal note:Device for monitoring insulation level to earth

    (3) If a primary or secondary distribution system for electrical power, heating or lighting with no connection to earth is used on an installation, the operator must ensure that the system is equipped with a device that continuously monitors the insulation level to earth and produces an audible or visual alarm to indicate abnormally low insulation values.

  • The following provision is not in force.

    Marginal note:Main electrical power supply

    (4) The operator must ensure that the main electrical power supply on, or to, an installation

    • The following provision is not in force.

      (a) ensures continuous availability of power generation and distribution;

    • The following provision is not in force.

      (b) includes at least two power plants or other power supply sources, not including emergency power plants;

    • The following provision is not in force.

      (c) is capable of supporting all normal operations without recourse to the emergency electrical power supply required under subsection 126(1); and

    • The following provision is not in force.

      (d) is capable of supporting all operations, other than drilling and production, if one of the power plants is out of operation.

  • The following provision is not in force.

    Marginal note:Primary circuit shutdown

    (5) The operator must ensure that the primary circuits from a power plant serving an installation are capable of being shut down from at least two separate locations, one of which must be the site of the power plant.

The following provision is not in force.

Marginal note:Control system

  • The following provision is not in force.

    123 (1) An operator must ensure that a control system is designed in accordance with the measures referred to in clauses 9(2)(b)(v)(D) and 10(2)(b)(v)(D) that are described in the operator’s safety plan and environmental protection plan, respectively.

  • The following provision is not in force.

    Marginal note:Requirements

    (2) The operator must ensure that the control system is designed to meet the following requirements, taking into account human factors:

    • The following provision is not in force.

      (a) controlled equipment must not be capable of being inadvertently activated;

    • The following provision is not in force.

      (b) controlled equipment must not create a safety or environmental hazard in the event of system failure or shutdown;

    • The following provision is not in force.

      (c) the system must have basic diagnostic capability; and

    • The following provision is not in force.

      (d) the system must be capable of being operated simultaneously from multiple control stations without compromising safety.

  • The following provision is not in force.

    Marginal note:Protection of hardware

    (3) The operator must ensure that control system hardware is protected from circumstances, including excessive vibration, high electromagnetic field levels, electrical power disturbances and extreme temperatures or humidity levels or other physical and environmental conditions, that could cause mechanical damage to or degradation of the hardware or that could otherwise adversely affect the performance of the system.

  • The following provision is not in force.

    Marginal note:Wireless remote control system

    (4) The operator must ensure that any wireless remote control system includes

    • The following provision is not in force.

      (a) a means for error checking to prevent the controlled equipment from responding to corrupt data; and

    • The following provision is not in force.

      (b) a means for identification coding to prevent a transmitter other than the designated transmitter from operating the equipment.

  • The following provision is not in force.

    Marginal note:Alternative means of control

    (5) The operator must ensure that all control system functions that are required to ensure safety and are dependent on wireless communication links have an alternative means of control that can be activated without delay and without modification to the control system.

  • The following provision is not in force.

    Marginal note:Inspection and testing

    (6) Equipment that is to be operated by a new, repaired or modified control system must not be put into operation until the operator ensures that the control system has been inspected and tested to confirm that it functions as intended.

  • The following provision is not in force.

    Marginal note:Documentation

    (7) The operator must ensure that documentation containing an up-to-date description of the design, installation, operation and maintenance of the control systems is readily accessible for consultation and examination.

The following provision is not in force.

Marginal note:Integrated software-dependent control system

  • The following provision is not in force.

    124 (1) An operator must ensure that an integrated software-dependent control system whose failure or malfunction would cause a hazard to safety or the environment is maintained to ensure its reliability, availability and security.

  • The following provision is not in force.

    Marginal note:Control measures

    (2) The operator must ensure that control measures are implemented to protect the integrated software-dependent system from any threat, including unauthorized access.

The following provision is not in force.

Marginal note:Safety-critical software

  • The following provision is not in force.

    125 (1) The operator must ensure that any software that is a safety-critical element is

    • The following provision is not in force.

      (a) secure, reliable and capable of being updated;

    • The following provision is not in force.

      (b) designed, commissioned and updated by competent persons; and

    • The following provision is not in force.

      (c) demonstrated to be fit for the purposes for which it is to be used through a testing and validation process that takes into account

      • (i) all foreseeable operating conditions and emergency situations, and

      • (ii) system complexity, dependencies and interactions between systems, software failure modes and the level of risk associated with system failure or malfunction.

  • The following provision is not in force.

    Marginal note:Modification to features

    (2) The operator must ensure that no modification to the features of the software is implemented unless

    • The following provision is not in force.

      (a) the modified software has undergone the testing and validation process referred to in paragraph (1)(c); and

    • The following provision is not in force.

      (b) the necessary internal approvals for the modification have been obtained, including the approval of the installation manager.

The following provision is not in force.

Marginal note:Emergency electrical power supply

  • The following provision is not in force.

    126 (1) An operator must ensure that an installation has an emergency electrical power supply that is independent of the main electrical power supply such that the following systems and equipment continue to function in the event of a failure of the main electrical power supply:

    • The following provision is not in force.

      (a) lights at

      • (i) all embarkation and debarkation stations and evacuation points,

      • (ii) all escape routes, temporary safe refuges, service corridors, accommodations area corridors, stairways, exits and personnel lift cars,

      • (iii) all control centres, control stations and areas from which the communication system referred to in section 129 is controlled,

      • (iv) spaces from which drilling or production equipment, including any equipment that is critical to that equipment’s operation, is controlled,

      • (v) spaces where equipment that is related to the emergency shutdown system referred to in section 133 and to the power plants referred to in paragraph 122(4)(b) is located,

      • (vi) areas where emergency response equipment is stored, and

      • (vii) aircraft landing areas and the location of any obstacle to take-off and landing;

    • The following provision is not in force.

      (b) hazard detection systems, including the central monitoring system referred to in section 169 and the fire and gas detection system referred to in section 132;

    • The following provision is not in force.

      (c) emergency response and life-saving systems, including life-saving appliances that require electrical power;

    • The following provision is not in force.

      (d) the communication system referred to in section 129;

    • The following provision is not in force.

      (e) the emergency shutdown system referred to in section 133;

    • The following provision is not in force.

      (f) the lights and sound-signalling appliances referred to in section 127;

    • The following provision is not in force.

      (g) in the case of a floating platform, the pumps and powered watertight doors and hatches that are necessary to stabilize the installation, having regard to the failure modes and effects analysis referred to in subsection 144(5);

    • The following provision is not in force.

      (h) in the case of a column-stabilized mobile offshore platform, the ballast systems referred to in section 144;

    • The following provision is not in force.

      (i) the systems and equipment that are necessary to safely suspend at any time drilling or production that is in progress, including

      • (i) blowout prevention systems, including the blowout preventer referred to in subsection 68(5),

      • (ii) any disconnectable mooring system referred to in section 148,

      • (iii) any disconnect system referred to in section 150, and

      • (iv) pumping systems; and

    • The following provision is not in force.

      (j) any other system or equipment that requires electrical power and that is referred to in the operator’s safety plan referred to in section 9 or its contingency plan referred to in section 11.

  • The following provision is not in force.

    Marginal note:Mechanically driven generator

    (2) If the emergency electrical power supply is a mechanically driven generator, the operator must ensure that

    • The following provision is not in force.

      (a) the installation is equipped with a transitional source of electrical power, unless the generator will automatically start and supply the necessary power in less than 45 seconds from the time the main electrical power supply fails;

    • The following provision is not in force.

      (b) the installation is equipped with a self-contained battery system that is designed, on failure or shutdown of both the main electrical power supply and the emergency electrical power supply, to automatically supply sufficient power to operate

      • (i) for a period of at least one hour, the lights that are located in any emergency exit route, any escape route, any space where equipment incorporating an internal combustion engine, gas turbine, electric motor, generator, pump or compressor is found, any control centre and any emergency assembly room and at every launching station of life-saving appliances,

      • (ii) for a period of at least one hour, the communication system referred to in section 129 and the general alarm system referred to in section 130, and

      • (iii) for a period of at least four days, the lights and sound-signalling appliances referred to in section 127; and

    • The following provision is not in force.

      (c) the mechanically driven generator has redundancy in its starting capabilities and a dedicated fuel source.

  • The following provision is not in force.

    Marginal note:Design and maintenance

    (3) The operator must ensure that the emergency electrical power supply together with any transitional source of electrical power and self-contained battery system with which the installation may be equipped are designed and maintained such that

    • The following provision is not in force.

      (a) they are able to provide the systems and equipment referred to in subsection (1) with an emergency power supply of sufficient capacity, taking into account starting currents and the transitory nature of electrical loads, and sufficient duration to ensure that the systems and equipment can function as intended and to allow for effective management of the installation during an emergency, including

      • (i) to allow for the complete shutdown and evacuation of the installation,

      • (ii) to facilitate emergency response and the safe escape, refuge and evacuation of persons or to maintain the integrity of the installation,

      • (iii) to ensure sufficient power so that systems that must operate simultaneously can do so,

      • (iv) in the case of a floating platform, to maintain the flotation and stability of the platform, and

      • (v) to bring a well to a safe state and to maintain it in that state;

    • The following provision is not in force.

      (b) their capacity to provide power to essential systems is not compromised during their maintenance;

    • The following provision is not in force.

      (c) they have sufficient redundancy to ensure their reliability and, as far as is practicable, to ensure their functional and physical independence from other essential systems or, if that is not practicable, they are arranged so as not to adversely affect or be adversely affected by the operation of those systems; and

    • The following provision is not in force.

      (d) they are readily accessible.

  • The following provision is not in force.

    Marginal note:Protection from damage

    (4) The operator must ensure that the emergency electrical power supply, transitional source of electrical power and self-contained battery system referred to in subsection (3) are arranged — or are otherwise protected from mechanical damage and damage caused by fire, explosion and physical and environmental conditions to which they may be exposed — so that they remain capable of fulfilling their intended functions under all foreseeable operating conditions, including, in the case of a floating platform, under the static and dynamic angles of inclination referred to in subsection 136(7).

  • The following provision is not in force.

    Marginal note:Alert

    (5) The operator must ensure that, in the event of a failure of the main electrical power supply, all control centres are alerted by means of an audible and visual signal that the installation is being powered by the emergency electrical power supply.

Table of Contents

 

Date modified: