How to Approve Engineering Changes Safely

🙈 “Risks in the Shadow of Change“ 🙉 The basic goal of Management of Change (MOC) is to determine the risks brought by changes to be made in a hazardous process in advance, to eliminate or minimize these risks and to ensure that the change is implemented safely and sustainably. This approach is of vital importance, especially in technical areas. Because even a small change can have major consequences; it can cause rupture, leak, fire or even a major industrial accident. Unfortunately, many change approvers make decisions by evaluating this process only on paper. It is a common mistake to approve without seeing the reflection of the change in the field and without making the necessary analyses and observations. This can ironically turn change management into a process that creates risks rather than reducing risks. MOC is not only a procedural approval process, but also a critical discipline that requires technical expertise, field experience and a multi-faceted evaluation. Therefore, it is essential to adopt a multidisciplinary approach, especially in technical changes. Different areas of expertise such as mechanics, electricity, chemistry, operator, automation, occupational health and environment should come together to make an evaluation. Many industrial accidents in the past have resulted from the implementation of changes without sufficient analysis. For example, a small design change made in a pipeline may not be able to withstand the system pressure and may eventually cause explosions. Similarly, a small error made in software updates may hide alarms of processes that will create risks in PLC or DCS systems. In order to prevent such results, the MOC process must be supported by field observation, engineering calculations, and function tests. Although analyses on paper provide some basic insights, they cannot always reflect the complexity of real conditions. Therefore, conducting onsite inspections, interviewing employees, and observing the physical condition of equipment are critical steps. It should not be forgotten that change inherently involves uncertainty. This uncertainty can only be managed through a planned, systematic, and participatory MOC. It is necessary not only to analyze risks, but also to be prepared for these risks, to provide transparency in processes, and to create systems that can reverse change when necessary. Creating an effective MOC not only prevents accidents, but also paves the way for continuous improvement and innovation. Therefore, it is a critical requirement for change management practitioners to have field awareness as well as technical knowledge. #oil #gas #LPG #refinery #process #safety #learning #engineering #MOC #managementofchange #risks #riskassessment #terminal #safeoperation #safechange #LNG #oilandgas #evaluation.

Most architecture decisions fail before a single line of code is written. Not because the tech is wrong. Because the questions are. This is the framework I use to approve (or kill) architecture changes 👇 Before we add complexity, we must answer yes to all of these: 1. Does it solve a real pain happening RIGHT NOW? No future scale stories. No hypotheticals. Name the pain. If the pain isn’t concrete, we stop. 2. Is the pain caused by the system, or by how we use it? Bad workflows, unclear ownership, or missing guardrails are not architecture problems. If usage causes the pain, fix that first. 3. Is architecture the simplest way to fix this pain? Could code cleanup, limits, caching, or better defaults solve it? If architecture is not the simplest fix, we reject it. 4. Does this make the system easier to reason about? Good architecture reduces mental load. If diagrams get bigger and explanations get longer, that’s a red flag. 5. Can we undo this without major damage? Reversible decisions can be tried. Irreversible ones require strong proof. If rollback is unclear, approval stops. 6. Do we have evidence, not opinions? Metrics, incidents, queues, timeouts, error rates. If we can’t point to numbers, we measure first. 7. Who owns this when it fails at 2 a.m.? Clear owner. Clear on-call path. Clear responsibility. No owner means no approval. Architecture exists to remove pain, not to prepare for imagined futures. Everything else is optional complexity. Which question do teams skip the most?

A typical lifecycle of a network change in a hyperscale environment. At scale, even “just a policy update” needs to behave like a product launch! In traditional networks, a config change might be tested in a lab, typed into a router, and marked as “done”. In hyperscale environments, the process is radically different, and necessarily so. When your change affects thousands of devices, millions of routes, and billions of customer requests, you don’t just push and hope: You engineer the entire lifecycle of that change, from idea to impact. 1. Proposal: It all starts with a problem Every change begins with a clearly defined intent: - A policy is too permissive - An interface isn’t fault-resilient - A region is underutilized - A new failure mode has emerged Engineers don’t jump to the fix. They define the "why", capture the desired outcome, and frame it in terms of customer impact, risk, and scalability. 2. Narrative and design review Before any code is written, a 6-pager or HLD is prepared: - What is the change? - What paths are impacted? - What are the risks and rollback paths? - What telemetry will confirm success? Senior engineers and stakeholders review the document silently and debate it rigorously. No slides. Just clarity. 3. Simulation and pre-validation In hyperscale networks, no change goes directly to production: - Routing policy is tested in emulated topologies - Config is rendered and diffed in dry-run pipelines - Shadow updates are applied in staging fabrics - CI/CD systems run intent validators and safety checks Nothing moves forward unless what you intend and the network sees match exactly. 4. Deployment: Guardrails over heroics Approved changes go live through phased rollouts, often: - According to a specific rollout strategy, depending on the fabric and layer, touch specific devices at a time and in a given order - With health checks gating each step - Guarded by rate limits and dependency awareness - Logged, versioned, and monitored in real time - If anything deviates from expected behavior, the rollout halts automatically 5. Validation and observability After rollout, observability pipelines check: - Prefix propagation and routing convergence - Latency and path symmetry - BGP/IGP stability - Fault domain integrity Validation ensures success by detecting silent drift or unintended side effects. 6. Rollback Strategy If something breaks: - The system knows how to reverse the change - A previously known-good config is versioned and ready - Automation undoes the state surgically, not blindly Rollbacks are not shameful. They’re safety mechanisms by design. 7. Postmortem (Yes, even for “Non-Incidents”) Whether the change succeeded or failed, a brief RCA or lessons learned doc is captured. What worked? What didn’t? How can the next one go faster and safer? Every change is a system event. At hyperscale, there is no such thing as “just another config update".

What is MOC (Management of Change), and How to Implement It Effectively? Change is inevitable in any process-driven organization, but unmanaged change can lead to risks, inefficiencies, or even disasters. MOC is a systematic approach to ensure that changes in processes, equipment, personnel, or technology are reviewed, approved, and implemented safely and effectively. It is a critical part of Process Safety Management (PSM) and operational excellence. Key Steps to Implement MOC 1. Recognize All Changes: Identify any changes—big or small—that might impact safety or operations. Example: Changes in equipment, materials, or operating procedures. 2. Identify Hazards and Risks: Assess potential risks associated with the change. Example: Will the new material cause a chemical reaction? 3. Note Hazards That Can Be Controlled: Document controls to mitigate risks. Example: Engineering controls, alarms, or safety procedures. 4. Conduct Pre-Startup Safety Review (PSSR): Before implementing the change, conduct a final safety review to ensure all precautions are in place. 5. Is the Change Feasible?: Evaluate if the change is practical and beneficial without introducing unacceptable risks. 6. Train Affected Workers: Inform and train all impacted personnel on new processes or systems. 7. Implement the Change (if Safe): Only proceed once all risks are addressed and approvals are obtained. 8. Monitor and Adjust: After implementation, continuously monitor for unexpected outcomes and make adjustments as needed. Why MOC is Critical Prevents unforeseen risks or accidents. Ensures regulatory compliance. Promotes operational consistency and safety. #ProcessSafety #ManagementOfChange #SafetyCulture #OperationalExcellence #RiskManagement #HSE

#DCS(ABB AC800M) #PLC #MODIFICATIONSSTEP #CHECKLIST I have successfully modified the logic based on the requirements in the ABB AC 800M DCS system. The steps I followed during this process are the ones I typically follow whenever similar challenges arise, and I have shared them with you. Here are the standard steps to follow whenever PLC logics are modified to ensure safe and proper implementation ✅ 1. Understand the Requirement Review the change request or problem statement. Identify which logic needs to be modified and why (troubleshooting, upgrade, optimization, etc.). ✅ 2. Backup Existing PLC Program Take a full backup of the current logic. Save with a clear version name and date. Backup HMI or SCADA configuration if linked. ✅ 3. Analyze and Modify the Logic Open the PLC program in the respective software (e.g., RSLogix, TIA Portal, etc.). Modify the ladder logic/function blocks as per the requirement. Add proper comments for traceability. ✅ 4. Validate Logic in Offline Mode Simulate the logic (if simulation is supported). Check for errors, warnings, and expected operation without affecting the running plant. ✅ 5. Inform Concerned Teams Notify operators, maintenance, and safety personnel. Take approval if required from authorized persons or supervisors. ✅ 6. Download Logic to PLC (Online Update) Ensure the system is in safe condition (manual mode or machine stopped). Download the updated logic to the PLC. Monitor for any errors during transfer. ✅ 7. Perform Functional Testing Test the modified part in manual or test mode. Ensure inputs/outputs respond as expected. Observe SCADA/HMI signals, alarms, and interlocks. ✅ 8. Document the Changes Note down what was modified and why. Update the change log/version history. Store the updated program in the project folder or server. ✅ 9. Monitor for Stability Run the system for a while and monitor for unexpected behavior. Check alarms, performance, and process values. ✅ 10. Take Final Backup Once everything is working correctly, take a final backup of the updated logic. Label it with the version, date, and description of changes. ✅ PLC Logic Modification Checklist 📅 Date of Modification: __________________________ 👨🔧 Engineer Name: __________________________ 🏭 Location/Panel Name: __________________________ 🔧 PLC Make/Model: __________________________ 🗂️ Project/File Name:

OSHA requires companies working in hazardous industries to have a Management of Change (MOC) process. Any change can introduce new hazards, so everyone involved with the proposed change must be aware of it. They must approve the MOC and document it.   However, we have occasionally taken this process for granted and sometimes abused it.   The MOC process is NOT a documented email on a Microsoft Word document. It is a few emails saved somewhere. It is an interface where everyone can input comments and upload and download drawings.   Unless it is emergency work, you must follow the guidance below.   1-    You must include every discipline the changes will touch—Civil, electrical, instrumentation, environmental, whatever.   2-    Everyone involved must approve the MOC before the work starts   3-    You must not be pressured. If you disagree with what the MOC says, do NOT approve it. Contact the MOC owner and work with them   4-    You must upload all the documentation involved with the change   5-    The scope of work must be cleared and detailed   6-    When you approve it, you can't say: "I did not know about this." It is your responsibility to read everything in the MOC.   7- The work can begin once the MOC is approved and authorized for use.   8-    Once the work is done, someone has an additional task to upload the new drawings/documents. The MOC must stay open until everyone closes their tasks.   9-    You must upload all pertinent drawings/documents to the MOC system and your external database   It is dangerous when we do not adequately follow that process. I have seen $100 million projects being built, and the MOC was never approved. The MOC was written for 6 months and left hanging.   I have seen countless MOCs being left open for up to 5 years after the change occurred.   I have seen people approving MOC without even reading them.   If you see all the CSB safety videos, you can understand how a MOC could have saved people's lives. EEEngineering, LLC #engineering #electricalengineering #electrical #epassa #powergeneration  

The process for commissioning completion, often referred to as “Management of Change” (MOC) in the context of commissioning, involves several crucial steps to ensure that all modifications to a project are documented, assessed, and implemented correctly. Identification of Change recognize the need for a change in design, equipment, or procedure that affects the commissioning process. Documentation complete a change request form to document the proposed change. This form should include details such as the description of the change, the reason for the change, and any associated risks. Evaluation Assess the impact of the proposed change on the project's scope, costs, safety, timeline, and compliance with regulations. This may involve technical evaluations, risk assessments, and consulting with relevant stakeholders. Approval Obtain approval from necessary stakeholders, which might include project managers, safety officers, or regulatory bodies. This step ensures that all parties are informed and agree on how to proceed. Implementation Planning Develop a clear plan for how the change will be implemented, including timelines, responsibilities, and resources required. Execution Carry out the change according to the implementation plan. This step may also include updating drawings, procedures, and documentation to reflect the new changes. Commissioning Activities Revise commissioning plans as necessary, along with conducting any required tests or inspections to ensure that the system meets operational requirements after the change. Training If applicable, provide training for personnel on the new systems, procedures, or equipment resulting from the change. Documentation Update Ensure that all relevant documentation, such as operation manuals, maintenance plans, and project records, are updated to incorporate the changes. Review and Closeout Finally, review the change to ensure objectives have been met and close out the MOC process. This may involve a final approval sign-off and ensuring that all records are properly archived!!

Handling Scope Changes for EPC (Engineering, Procurement, and Construction) Projects: Step 1: Identify and Document Scope Change 1. Recognize potential scope changes 2. Document changes in writing (e.g., change request form) 3. Describe impact on project scope, schedule, and budget Step 2: Assess and Evaluate Scope Change 1. Conduct impact assessment (technical, schedule, cost) 2. Evaluate feasibility and viability 3. Identify potential risks and mitigation strategies Step 3: Obtain Stakeholder Approval 1. Notify project stakeholders (client, team members) 2. Obtain formal approval from client (e.g., signed change order) 3. Update project documentation (e.g., scope statement, contract) Step 4: Implement Scope Change 1. Update project plans and schedules 2. Assign responsibilities and resources 3. Monitor and track progress Step 5: Verify and Validate Scope Change 1. Confirm scope change implementation 2. Verify compliance with project requirements 3. Validate scope change benefits Best Practices: 1. Establish clear scope change procedures 2. Communicate changes effectively 3. Document all changes and approvals 4. Conduct regular scope reviews 5. Continuously monitor and control scope Tools and Techniques: 1. Change management software (e.g., Procore, Asana) 2. Project management information systems (PMIS) 3. Scope management plans 4. Change request forms 5. Impact assessment templates Challenges: 1. Managing stakeholder expectations 2. Balancing scope, schedule, and budget 3. Ensuring scope change traceability 4. Maintaining project documentation 5. Minimizing scope creep EPC Contract Considerations: 1. Lump Sum Turnkey (LSTK) contracts 2. Reimbursable contracts 3. Unit price contracts 4. Change order procedures 5. Dispute resolution mechanisms

Mastering complexity in BIW Structures Engineering. In BIW engineering, there is no such thing as a “just a small change.” A call like “just move this hole 5 mm” may seem trivial, but behind it lies a network of interfaces, tooling stages, welding fixtures, clamps, gages, and logistics - Yes, someone needs to load the right parts into the line, right? One minor adjustment can affect the stamping dies, assembly, and even production schedules. Understanding system interfaces is critical. Every part interacts with others, directly or with clearance. Changes must consider part-to-part dynamics, assembly ergonomics, tooling access, and the entire production chain. Sheet metal knowledge is essential. Engineers must understand forming methods, die types, springback, punch directions, and how processes affect design decisions. Features like beads, flutes, escalope flanges, and edge treatments are not just cosmetic, they mitigate springback, control stress, reduce weight, aid welding, and improve assembly. Managing ongoing design changes requires a disciplined validation process. We start with small batches for stamping validation, move to system-level checks, and finally confirm vehicle-level performance before permanent production implementation. Each step ensures quality, manufacturability, and integration without stopping the line. Best practices include using smooth radii, gradual section transitions, even weld distributions, and stress mitigation around joints. Design gaps and triggers help manage assembly and load distribution, while flutes and escalope flanges support e-coat drainage, reduce squeaks, and maintain stiffness without adding unnecessary weight. Safety is also key: properly flanged edges prevent operator injuries during assembly. The lesson for future engineers is clear: mastering BIW design requires combining technical expertise, process understanding, and hands-on intuition. Technology and simulation are tools, but human judgment drives safe, manufacturable, and high-performing structures. How do you approach “just” changes in your BIW projects? Share your experiences or strategies in the comments and let’s discuss practical best practices for complex vehicle structures. Daniel Perez #automotive #engineering #manufacturing

🔷 Offshore Jacket – Engineering Decisions That Changed Everything A forensic series on small decisions with massive offshore consequences By.Eng.Elsayed Ramadan 🎯 Series Philosophy This series is not about mistakes. It is about reasonable engineering decisions that were approved, documented, and justified yet changed load paths, fatigue life, or global behavior of offshore jackets. Each episode focuses on ONE decision: • Why it was taken • Why it looked safe • What it actually changed • What engineers should learn 🟦 EPISODE 01 Brace Diameter Change – “Only 20 mm, What Could Go Wrong?” ✅ STEP 1 – THE DECISION (Why It Looked Safe) Decision Brace OD reduced (e.g. Ø914 → Ø890 mm) due to: • Steel availability • Weight optimization • Fabrication simplification • Cost saving • Procurement delay mitigation Engineering justification used • Unity checks still < 1.0 • Axial capacity still adequate • Global analysis showed no overstress • “Change is within tolerance” • Fatigue reassessment considered unnecessary Why approval was easy • Global model unchanged • No red flags in static strength • Decision treated as local • Fatigue seen as a design-stage issue 👉 On paper: completely reasonable ________________________________________ ⚠️ STEP 2 – THE CONSEQUENCE (What Actually Changed) What really changed (but wasn’t checked): 🔴 Load Path Sensitivity • Brace stiffness ↓ → load redistributed to adjacent members • Increased force cycling in neighboring joints 🔴 Joint SCF Increase • Smaller brace OD → higher stress concentration at node • Existing SCF assumptions became invalid 🔴 Fatigue Life Collapse • Δσ increased even if mean stress didn’t • Fatigue damage accumulated silently 🔴 Dynamic Behavior Shift • Slight stiffness reduction → different modal response • Higher response to wave-frequency content 🔴 Inspection Reality • Cracks appeared where nobody expected • “Good welds” but wrong geometry 📌 Critical Lesson A brace diameter change is not a strength issue — it is a fatigue + stiffness + load-path issue ________________________________________ 🧠 ENGINEERING TAKEAWAYS • Small geometry changes are system-level decisions • Fatigue is governed by stiffness & SCF, not capacity • “Still passing unity” is not a safety argument • Every jacket modification must ask: What load path did I just change?