HOW TO DESIGN, VERIFY AND VALIDATE EMERGENCY SHUTDOWN SYSTEMS

This paper describes one method to select equipment data and to use en gineering tools to design, verify or validate Emergency Shutdown Syste m (ESS) performance. The paper demonstrates ''how to'' in a manner tha t is easy to follow and understand, thus allowing users to duplicate t he approach in a way that reflects their company's operating environme nt and needs. A hierarchy of equipment data sources is discussed as to desirability, applicability and selection. From quantitative methodol ogies and representative engineering tools, one is chosen and validate d a simple fault tree analysis software tool. The tool is used to illu strate how to evaluate hypothetical designs to develop validated quali tative ''cookbooks'' adhering to a selected set of Primary Integrity P arameters (PIPs). Developing qualitative ''cookbooks'' can speed up th e design process for the majority of ESSs. Design verification is appl ying the tool to the actual equipment and the configuration proposed a nd can be used if the ''cookbook'' PIPs do not meet the operation's ne eds. Validation is applying the tool to systems as installed and maint ained, using actual documented equipment performance. Installed ESSs p erformance can be validated to support documented maintenance procedur es, such as test frequencies.