Abstract
This paper proposes a functional modelling method, called Multilevel Flow Modelling (MFM) for identification of safety objectives and functions of emergency shutdown (ESD) system in the design phase for emergency shutdown safely. Firstly, the required information for designing safety objectives and functions for an emergency shutdown is analysed. The information includes process topology, the initial state of the process, the shutdown objectives, and other constraints, such as design and operational limits of unit operations and hazardous and environmental constraints. Secondly, a procedure is proposed based on the required information by using MFM. The procedure incorporates steps: 1) The MFM model of the process in normal operations are built by following modelling procedures, 2) Initiate states are defined and changing conditions are identified of the process when it shuts down unplanned by using the objective-function tree in the MFM modelling, 3) The goals of the shutdown operation are defined, 4) With the consideration of the shutdown operating goals and changing conditions, the first safety function during shutdown process are identified by using MFM causal reasoning, 5) By using MFM consequence reasoning based on the first identified safety function represented in the MFM model, the rest of the safety functions are identified, and the emergency shutdown procedures are generated. This procedure is demonstrated by designing safety functions in an emergency shut down of a seawater deaeration process in a seawater injection system. The results show that the produced emergency shut down procedure based on the proposed method is feasible and that it can be validated against the real operating procedure.