Page 75 - Oil and Gas Production Handbook An Introduction to Oil and Gas Production
P. 75
Emergency shutdown
actions are defined in a
cause and affect chart
based on a study of the
process. This HAZOP
study identifies possible
malfunctions and how
they should be handled.
On the left of the chart we
have possible emergency
scenarios, on top we find
possible shutdown
actions. At an oil and gas
facility, the primary
response is to isolate and
depressurize. In this case,
the typical action would
be to close the inlet and outlet sectioning valves (EV 0153 20, EV 0108 20
and EV 0102 20 in the diagram), and open the blowdown valve (EV 0114
20). This will isolate the malfunctioning unit and reduce pressure by flaring of
the gas.
These actions are handled by the Emergency Shut Down system (ESD) and
Process Shut Down system (PSD). System requirements are set by official
laws and regulations and industry standards such as IEC 61508/61511
which set certification requirements for process safety systems and set
criteria for the safety integrity level (SIL) of each loop.
Events are classified on a scale, e.-g. 1 to 5, followed by an Abandon
Platform (APS) level. On this scale, APS as the highest level means a
complete shutdown and evacuation of the facility. The next levels (ESD1,
ESD2) define emergency complete shutdown. The lower levels (i.e. PSD 3,
PSD 4, and PSD 5), represent single equipment or process section
shutdowns. A split between APS/ESD and PSD is done in large installations
because most signals are PSD and could be handled with less strict
requirements.
The main requirements concern availability and diagnostics both on the
system itself and connected equipment.
The prime requirement is on-demand failure, or the system's ability to react
with minimum probability to an undesirable event within a certain time. The
second criterion is not to cause actions due to a false alarm or malfunction.
73
