Rijkswaterstaat is part of the Dutch Ministry of Infrastructure and the Environment. Rijkswaterstaat is responsible public works and water management, including the construction and maintenance of waterways and roads and, importantly, flood protection and prevention.
The history of the Netherlands has been shaped by struggles with the sea. After the great flood disaster of 1953, the Netherlands initiated a series of major projects called Delta Works to build storm surge barriers and dams to protect its land from flooding. The Maeslant barrier is part of the Delta Works and one of the largest moving structures in the world. For client Rijkswaterstaat, CGI developed and manages a decision and support system that controls the Maeslant barrier, as well as the Hartel barrier.
The challenge
The 360-meter wide Nieuwe Waterweg is an important shipping river for Rotterdam, the second largest city in the Netherlands, and an outlet for the Rhine. The river poses a major risk for flooding, and therefore a storm surge barrier, the Maeslant barrier, was constructed.
Because Rotterdam is a major port, it was critical to ensure that the Maeslant barrier was closed only when absolutely necessary and as briefly as possible. A closed barrier restricts shipping traffic, costing millions of euros. The barrier also had to be extremely reliable, with an error rate of no more than one flood every 10,000 years. To achieve this degree of reliability, an erroneous decision to leave the barrier open during a storm could not be made more than once every 100,000 times.
A marvel of engineering
The Maeslant barrier is a unique example of engineering ingenuity. One of the largest moving structures in the world, it consists of two hollow floating walls called sector doors (each 240 meters wide and 22 meters high) connected with steel arms to pivot points on both banks. Each of these arms is as large as the Eiffel Tower. There is also a ball hinge 10 meters in diameter and weighing 600 tons. During normal weather conditions, the two sector doors rest in their docks. They are closed only when storms are expected with a danger of flooding.
No room for error
Careful analysis determined that manual control of the barrier would limit its reliability. It is scientifically proven that a human being fails once every 1,000 times when making a decision. The Ministry of Infrastructure and the Environment decided that it was safer to let a computer make the decisions to close the Maeslant and Hartel barriers.
The solution
CGI accepted the challenge to build a system to control the barriers on a fixed-price and fixed-time basis. Our experts developed and implemented BOS (an acronym for the system’s Dutch name Beslis & Ondersteunend Systeem). The decision and support system decides whether to close the barriers in a storm based on weather readings from nearby weather stations and buoys.
BOS uses this data to calculate expected water levels near Rotterdam and Dordrecht every 10 minutes. When it recognizes a threat of flooding, it implements a series of required precautions and eventually starts the process to close the storm surge barriers independently, if necessary.
Mission-critical reliability requirement
The extremely low failure rate demanded of the BOS is very difficult to attain. In PC software, for example, a failure occurs almost every day. BOS had to be 36 million times more reliable, and this degree of reliability could not be proven by tests. It would take at least 2,000 years to do so.
The high reliability requirements of the BOS placed it in the same category as nuclear power stations and the space shuttle.
The results
Conventional development methods were inadequate to build a system like BOS. Instead, risk management had to be central to the development process right from the start. A well-structured, risk management-based development process with advanced methods and techniques was used.
More than 2,500 pages of specified technical design requirements were drafted, and more than 400,000 lines of code were written to support the system’s two fault-tolerant computers.
Because of the risks and costs involved, a very strict quality system was formulated specifically for the project. As a result, the BOS project is the only one in the Netherlands to achieve ISO 9001 certification.
Further, techniques to ensure reliability were used, such as fault tree analysis, structured testing, an automatic test "environment" with periodical regression tests, design and code inspections, software reliability engineering, fault tolerance and many others.
The result is a system that experiences less than 10 minutes of downtime per year. Further, reliability per barrier operation is higher than 99,995 percent.
Fully autonomous and uninfluenced by most conditions, the Maeslant barrier is sometimes referred to as the largest robot in the world. BOS has also attained the highest Safety Integrity Level based on international safety standard IEC 61508.
Contact us for more information.