Risks, Contingencies & Disasters
My approach to safety in design arises from my background. In my twenties, I was Chief Pit Marshall at Le Circuit Mt. Tremblant, responsible for fighting gasoline and nitrous oxide (invisible) fires in the pit lane at Formula 1, Indy, Can-Am and Trans-Am races in the glory days of 600-1000-bhp cars like the fabulous Porsche 917 [1], Lola T70, etc. To do this, I was trained in emergency rescue and fire fighting at a BP Oil Refinery in Montreal.
Later, I worked a medium-sized beef and horse farm for more than 15 years as a single operator. With no one to rely on for help, except Murphy a giant wolfhound, this meant that every single move I made had to involve a conscious or subconscious risk calculation. This included man handling 2500-lb bulls; dealing with fear-crazed horses; making many snap life-or-death decisions with severely injured and frightened animals; and working with even more frightening industrial equipment. (Try to imagine what it is like to inject penicillin into the eyelid of an enraged ton bull, all by yourself.)
I didn’t get it all right. I was fortunate in having Murphy and Lady Luck’s help in a few serious missteps when I narrowly avoided death. This is the “red light” phenomenon. No matter how well you plan, there is always the possibility of someone running the red light, and broadsiding you (see Britannic, below). By definition, a red-light incident cannot be foreseen.
Sometimes skill and luck will serve you well; at others nothing will forestall disaster once the red-light incident has occurred. Worse, initial red-light incidents can appear quite innocuous, i.e., they do not look like one. It is only when you respond inappropriately to the first small triggering incident that they open like a Pandora’s Box to reveal the full scope of the disaster that awaits. Events then unfold too rapidly for human response. Mistakes multiply. A chain reaction sets in.
Chernobyl goes critical. Three Mile Island barely escapes a similar fate. The unhappy bottom line is that you can never plan for everything.
During this period, the farm was in the path of the worst part of the 1998 ice storm that paralysed eastern North America. With over 50 trees down in the lane alone, we were trapped on the farm for 10 days with no electricity or running water. More than 40 large animals were dehydrating rapidly and tipping toward hypothermia as their bodies desperately tried to convert forage to energy in freezing temperatures. On the 11th day, the Army drove up and asked if we needed help. By then we had figured out how to survive. They gave us some candles.
Later that year, I woke up to a “fully involved” house fire and shepherded family, dogs and cats to safety. After, for the Y2K computer problem, I led a team of eight in analysing risk and developing business continuity plans for the Bank of Canada and the national debt. All to say I have a good grasp of risk (a polite word for danger in the context of boats), contingency planning and disaster recovery. This is the mindset I brought to the design of Sharina.
As mentioned, an interesting aspect of disasters is that they always arise from cumulative human error, usually starting with innocent-looking small events. Remember Three Mile Island, Chernobyl, and the Britannic. I understand this all too well. In my case, a series of three independent, crucial, small missteps spaced over several hours culminated in Murphy’s slow and painful death one terrible day that is seared forever into my memory.
The example of Titanic’s sister ship the Britannic, is instructive. She was launched after Titanic and incorporated in her design many lessons learned from Titanic, including watertight bulkheads. In World War I, she hit a mine off the coast of Greece. She went down in five minutes – faster than the Titanic [2].
Britannic was being used as a hospital ship before the era of antibiotics. At dawn every day the nurses would open the portholes to air out the stench from suppurating wounds. The stevedores slept in the forepeak, while the coal bunkers were aft. To change shifts quickly, the watertight doors were opened. Open portholes, open doors. That’s when she struck the mine.
By the end of World War II the lessons of the Titanic had been institutionalised. Hundreds of thousands of people were crossing the oceans safely in passenger liners.
Yet on July 25, 1956 at 11:10 pm, disaster struck again. The Italian liner Andrea Doria was inbound for New York. The Swedish liner Stockholm was outbound for Sweden. Both ships were travelling at excessive speed in dense fog because fast crossings were a competitive advantage. As a precaution, the captain of the Andrea Doria ordered all watertight doors closed.
Each had the other identified on radar. They were on parallel tracks, with the Stockholm to the north, heading east. For some reason, the Stockholm planned to pass port-to-port, red light to red light. The Andrea Doria thought they would pass green-to-green. As the two ships neared, the Stockholm turned to starboard, to pass in front of the Italian liner at a safe distance of 15 miles, as indicated by three rings on the radar screen.
But the radar was set to a range of five miles, not 15. The closing distance was only three miles. The Stockholm struck the bow of the Andrea Doria, tearing a hole into her huge near-empty fuel tanks, slicing open seven levels of deck and crushing the forward watertight bulkhead.
The next day, a spellbound world watched newsreels of the Andrea Doria lying on her side, before slipping slowly beneath the North Atlantic [3]. Disasters are always the result of cumulative human error.
The Gaul is another example. On December 17, 2004 the UK Commissioner for Wrecks, Mr Justice Steel, released the results of a re-investigation into the 1974 sinking of the fishing trawler Gaul. The then 18-month-old state-of-the-art watertight vessel had sunk in minutes in the Barents Sea in a Force 9 [4] gale and seas of only 3 m.
Based on new video footage of the wreck, the Commissioner found that it sank because two duff and offal chutes were open in the stern. A following sea poured tons of water down the chutes. When the captain realised the danger, he turned to face the wind. The beam-on waves and wind, and tons of sloshing water inside the hull caused the trawler to roll and sink with the loss of all 36 hands.
Yet another example of cumulative errors is the tragic fire that disabled the Canadian submarine HMCS Chicoutimi off Northern Ireland on October 5, 2004. In this case, in a gale with 9-m waves, the sub was running on the surface with both conning-tower hatches open (top and bottom). This is not normal.
The hatches were open because a nut had fallen off an air vent in the tower, preventing a dive, and sailors were working to repair it. Directly below in the hull, 400-Amp electrical cables had only one layer of waterproof sealant instead of the specified three. A wave swept over the bridge and poured into the control room. There were several feet of water sloshing around. The water caused short circuits and a major electrical fire.
The electrical fire disabled the submarine completely. It had to issue a Mayday. The British navy mounted a rescue operation. Eventually the Chicoutimi was towed to Scotland for repairs. During the fire, Lieutenant Chris Saunders for some reason did not access the emergency air supply. In the dense smoke, no one noticed. He later died from smoke inhalation. Eight other sailors were injured.
In March 2006, B.C. Ferries’ 125-m Queen of the North was transiting Wright Sound southerly on the Inside Passage on the night of March 22 when it ran aground on Gil Island at 12:43 am, hung for an hour on Gil Rock and then quickly sank in 365 m of water. The topography is fiord-like, with rocky shores shelving rapidly to vast depths. Local villagers saved 99 out of 101 passengers.
The weather was good. The ferry had three radars, GPS, electronic charts, gyro compass, automatic pilot and three watch officers. She ran aground at a reported 19 knots, tearing her bottom out and sinking in one piece.
Coming down Grenville Channel the watch would have been looking for a flashing light to port at Sainty Point. It marks a transit to shift course to the east to line up with the distant Point Cumming light at the entrance to McKay Reach. Without this shift, a ship will remain on course for the northern shore of Gil Island.
(Four years later in March 2010 fourth officer Karl Lilgert was charged with criminal negligence.)
These stories are not meant to scare but:
“Although it may not be very comforting, the truth is there is no such thing as an unsinkable ship. No matter how sophisticated the safety features or how impressive the size, all ships are vulnerable given the wrong circumstances. [5]”
The wrong circumstances: Recreational passage makers have a choice. They can choose routes and seasons that minimise danger.
So, the first rule is: Do not sail into danger. The second is: Have situational awareness. Be prepared for any and all eventualities. Preparedness starts with your state of mind, the design of your vessel, followed by careful maintenance, and well practiced procedures.
The Titanic sank because of hubris. The Britannic sank because of expediency. The Andrea Doria sank because the Stockholm mis-set its radar. The Gaul sank because the chute doors were not maintained and were seized open with rust. HMCS Chicoutimi almost sank because of expediency. The Queen of the North sank because of an inexplicable error in navigation.
Design Considerations
At the outset, you must understand your main design goal – the intended use of your trawler in a safe and effective manner – and price/performance range.
As previously stated, “The objective of Sharina’s design is to create a small coastwise and offshore power yacht for living aboard, with the additional requirement of being a capable long-range ocean voyager.” In the winter, she might be pulled out but still used for living aboard. Thus, her temperature regime is from -30 to +30 C.
The beam and draft allow operation in inland water systems such as the Rideau Canal, as I expected more local than long-distance use. But she still had to have full passage making capability in safety.
Some decisions were easy. In looking at many designs, reading books, and trolling the web, it was obvious to me that in terms of price/performance, offshore and inshore, comfort for living aboard and entertaining, and being managed by one or two people, a length of 50 to 65 ft is ideal. This is considerably larger than the 40-45 ft of most coastal and inland trawlers used for recreation, and the 30-45 ft typical of cruising sail boats [6].
Of course, size correlates to your pocketbook, which is probably the primary determinant behind these 30-45-ft lengths. Not many of us can afford one million plus for a Cape Horn. Ballpark estimates circa 2005 for a small trawler are USD $18 per displacement pound and/or USD $12-18 thousand per foot LOA, depending on the degree of luxury. SeaSkills [7] has a very nice calculator for the total cost of ownership based on length and number of screws. Another factor favouring smaller boats is the size that can be managed by one person alone.
In Sharina’s case, living aboard and true passage making meant bigger was better, up to a point. Too big, and Sharina could not be handled by one person. Because of the requirement to operate in the local canal, draft could not be more than 5 ft.
Consequently, lengths more than 60 ft were problematic, since a shallow-draft boat of that size would not be ideal offshore. Lengths in the 60-ft class also pushed the cost into the low USD $1 million range for a production boat, which was out of the question.
The hull design eventually selected was 55 ft LOA x 54 ft LWL x 17 ft 9 in Beam x 4-5 ft Draft, depending on final ballasting and loading. This also fit my budget. Almost.
The next consideration was the general arrangement. Sharina had to be comfortable as a live-aboard for two people. She had to be a small apartment. One advantage of a trawler is that with at least two decks, you can get away from She Who Must Be Obeyed (SWMBO) when tensions arise.
As you will read, whether you select mechanical, hydraulic or electrical propulsion will dictate the location of the engine room and the basic layout of your trawler. After the engine room, the considerations are number and type of cabins, and whether the galley should be up or down. Do you maximise sleeping space for occasional guests at the expense of amenities like an office? Do you put the galley topside to please the cook, at the expense of salon space?
Next I considered the found value of the boat. The overall design and finish had to conform to tradition (e.g., wood interiors), a reasonable degree of luxury and practicality (e.g., non-slip deck instead of high-maintenance teak – but more on that later), innovation, and provide a robust set of mechanical systems.
Ideally, robust systems are completely independent with redundant backup [8, 9]. Where they must be interdependent, they are loosely coupled (mutually independent or well separated). This can be expressed as a variant of Occam's Razor [10]: “Do not needless multiply dependencies among the parts of a system [11].” In tightly coupled systems, the loss of one component can bring down others. In a loosely coupled system the opposite is true.
Well separated has two meanings in this context:
- Interdependent systems are well separated if their interface is loosely coupled.
- Independent systems in close proximity are tightly coupled if they can damage each other.
- A gearbox in the sump of an engine that shares engine oil is more tightly coupled than a separate gearbox attached through a clutching mechanism.
- A water hose running next to the electrical panel is tightly coupled.
- The water hose is an example of systems that interact in unexpected ways.
Robust systems also provide a lot of information about their true state. A ball cock valve that rises when it is opened is better than a fancy modern type where you can’t tell from the handle whether it is open or closed.
A temperature sensor and indicator that fails to zero is better than one that fails to ‘overheated’. If the water temperature gauge on your engine fails and drops to zero, it won’t take long to figure out that everything seems normal and that you have time to figure things out. If it fails in the other direction, you might be panicked into shutting down the engine. Maybe you skimped on the size of the house bank, and this happened just as the alternators were going to kick in. Now you have an engine shut down and dangerously low batteries. Next…well you get the picture.
You can reduce the probability of an operational disaster by analysing a dependency tree. Systems that are mutually dependent on a common subsystem are easy to identify so, in particular, look for systems that interact in unexpected ways.
By definition, passage makers are diesel-driven displacement hulls. You can tool around the coast at 20 knots in a semi-displacement gasoline-powered performance trawler, but you can’t carry enough gas to cross an ocean. If you do want a trawler mainly for recreation, then you should look at designs like the Grand Banks 49 or the Sabreline 42 [12, 13].
Many trawlers today supplement the diesel with propane in the galley. It’s much cleaner than diesel, and easier to cook with. (An alternative is to use AC if you have enough electrical power.) For Sharina, I made a high-level decision that only one fuel (diesel) would be carried on board with the possible exception of a small propane tank for a barbecue.
While diesel will burn, it will not explode. Diesel flashes at 100-160 F, depending on the grade, while propane flashes at -156 F. Because of past experience, I have a strong antipathy for any fuel that is explosive. This has an impact on heating, fireplace and, as just mentioned, the galley.
Safety at sea was paramount. Since Sharina would be a custom build but not a custom design there were limits to what could be achieved in this respect. Ideally, a trawler should be:
- Easy to drive under storm conditions
- Self-righting from a knockdown of 90-130 degrees (65-70 is the norm in the industry)
- Able to withstand an accidental grounding
Design Standards
The principal standards organizations are:
- American Boat & Yacht Council [15]
- American Bureau of Shipping [16]
- Bureau Veritas [17]
- Det Norske Veritas [18]
- Lloyd’s Register of Shipping [19]
- Nippon Kaiji Kyokai [20]
In particular see Lloyd’s Rules & Regulations for the Classification of Special Services Craft (Lloyd’s is more conservative than ABYC).
Summary
Developing a specification for a passage maker has complex inter-related design issues. These must be resolved with safety and performance uppermost. Resolution should be based on robust systems to mitigate risks, and provide contingency fall backs and the capability to recover from disasters. These systems should be loosely, not tightly, coupled.
Start by defining your budget and main design goal based on the intended usage of your trawler. Select an appropriate hull size, and decide the general arrangement. This may require early consideration of the propulsion type. Don’t overlook the need to protect the resale value of your boat. Diesel is the fuel of choice for propulsion, but cooking is a different proposition. Finally, don’t ignore security.
References
1. Fast Autos, http://www.fast-autos.net/porsche/porsche91730.html
2. Web Titanic, http://www.webtitanic.net/frameBritannica.html
3. Andrea Doria – Tragedy and Rescue at Sea, http://www.andreadoria.org/
4. Beaufort Scale, Wikipedia, http://en.wikipedia.org/wiki/Beaufort_scale
5. Public Broadcasting Service, http://www.pbs.org/wgbh/nova/titanic/unsinkable.html
6. World Cruising Survey, Jimmy Cornell, ISBN 0-87742-250-8, Adlard Coles, 1989
7. SeaSkills, http://www.seaskills.com/
8. Normal Accidents, Charles Perrow, Princeton University Press; Updated edition (September 27, 1999), ISBN 0691004129
9. What Went Wrong?: Case Studies of Process Plant Disasters, Trevor A. Kletz, Gulf Professional Publishing; 4 edition (June 23, 1998) ISBN 0884159205
10. “One should not increase, beyond what is necessary, the number of entities required to explain anything”, William of Occam (1285-1349), http://pespmc1.vub.ac.be/occamraz.html
11. Kendall Grant Clark, Reviewing Web Architecture, http://www.xml.com/pub/a/2004/02/11/deviant.html
12. Grand Bank Yachts, Ltd., http://www.grandbanks.com/
13. Sabre Yachts, http://www.sabreyachts.com/
14. The Independent, Piracy poses threat to world trade as maritime attacks hit record levels, Arifa Akbar, London, 08/03/04
15. American Boat & Yacht Council, http://www.abycinc.org/
16. American Bureau of Shipping, http://www.eagle.org/
17. Bureau Veritas, http://www.bureauveritas.com/
18. Det Norske Veritas, http://www.norwayonline.no/
19. Lloyd’s, Society of, http://www.lloyds.com/
20. Nippon Kaiji Kyokai, http://www.nkkk.jp/
21. Construction Standards for Small Vessels (TP1332), Transport Canada, http://www.tc.gc.ca/marinesafety/TP/TP1332/menu.htm
© 2008 David Shaw
david.shaw.x23@gmail.com
No comments:
Post a Comment