(657d) Safety-Centered Process Control Based on Dynamic Safe Sets

Despite significant efforts to make operation of chemical plants safer, the occurrence of incidents clearly indicates the need for better design approaches. Studies to identify the root causes of incidents in hydrocarbon industries reveal that poor design and inadequate control systems contribute to more than 20% of the offshore incidents[1] and 30% of the thermal runaway incidents [2] analyzed. Characterizing and quantifying process safety performance is a complex problem. Traditional control engineers used the concept of phase margin and gain margin to measure the stability of single feedback loops. Although it can be viewed as a measure of safety, the method does not account for multiloop interactions and the presence of constraints in the system. More recently, researchers have used model predictive control (MPC) theory to address safety concerns. The objective of the MPC optimization problem is maximization of cost and other performance metrics, where safety is modelled as a set of additional constraints that must be enforced. The approach is not adequate as there is not a clear method to quantify the safety performance for application in design. Process safety engineering concepts emerge from cause-effect based analysis like HAZOP analysis, fault trees and event trees. These methods do not account for multivariable and non-linear interactions. The objective of this research is to develop a radical approach for the process control problem with safety as the primary target.

In this paper, the concept of dynamic safe set (DSS) is formulated. The DSS is a set of states of the process that guarantee enforcement of safety critical constraints, in the presence of bounded safety threatening disturbances. Already existing mathematical concepts from the systems literature, namely maximal output admissible sets [3, 4] and the reference governor theory[5, 6] are used for evaluating the DSS. The DSS is calculated around a steady-state operating point. It is safe in the sense that if the initial state belongs to the DSS, then for all modeled disturbances the closed-loop system is guaranteed to not violate the constraints at any time in the future. The safety threatening disturbances that can increase the possibility of safety constraint violation by pushing the system to a risky operation zone are also modeled while calculating the DSS.

A method to quantify the size of the DSS is also proposed by defining the concept dynamic safety margin (DSM). It is defined as the minimum distance of the steady-state operating point from the boundary of DSS. The DSM margin is relevant and important because it is not possible to model all possible disturbances. That is, a DSS with larger DSM will be able to handle unmodeled random disturbances that push the states away from the steady-state. This will be used as a safety performance metric for control system design. This will lead to designing processes with safety as the primary objective and all other performance metrics are treated as secondary considerations.

The DSS approach is also extended to applications in abnormal event management. Under upset scenarios, there is often a need for sudden and large set-point changes. To safely respond to those changes, control strategies need to be designed to stay away from the safety critical constraints. For this purpose, the concept of reference governor is used. The reference governor is a supervisory nonlinear control scheme that works along with an existing closed-loop system. The reference governor works by attenuating the reference signal that is to be tracked, only when necessary, to avoid constraint violations and stay within the safe region. It requires a model that can predict the possibility of future constraint violation. The DSS is used as the predictive tool that enables the implementation of reference governor.

The DSS approach is tested on an exothermic process in a CSTR. The approach helped in selecting the operating condition of the process by identifying steady-states that are relatively safer. The closed loop process design was studied under proportional (P) and proportional-integral (PI) control strategies. It showed that the controller parameters played a significant role on the DSM of the process. The trade-off between control and safety performance can be analyzed using the DSM concept. The effect of maximum available control input on the system’s safety performance was also investigated. The reference governor was also implemented to the CSTR. The dynamic responses of the process under large disturbances, demonstrate significantly superior control performance when compared to the process without reference governor.

In this paper, we aim to reformulate the process control problem bringing safety upfront, without compromising other performance metrics. Already existing theory and algorithms from the systems literature are used to develop engineering guidelines for maximally safe operation of hydrocarbon processing industries. The proposed research will define fundamental principles upon which safety-centered process control design can be based.

References

1. Halim, S.Z., S. Janardanan, T. Flechas, and M.S. Mannan, In search of causes behind offshore incidents: Fire in offshore oil and gas facilities. Journal of Loss Prevention in the Process Industries, 2018. 54: p. 254-265.
2. Saada, R., D. Patel, and B. Saha, Causes and consequences of thermal runaway incidents—Will they ever be avoided? Process Safety Environmental Protection, 2015. 97: p. 109-115.
3. Gilbert, E.G. and K.T. Tan, Linear systems with state and control constraints: The theory and application of maximal output admissible sets. IEEE Transactions on Automatic control, 1991. 36(9): p. 1008-1020.
4. Kolmanovsky, I. and E.G. Gilbert. Maximal output admissible sets for discrete-time systems with disturbance inputs. in Proceedings of 1995 American Control Conference-ACC'95. 1995. IEEE.
5. Gilbert, E.G., I. Kolmanovsky, and K.T. Tan. Nonlinear control of discrete-time linear systems with state and control constraints: A reference governor with global convergence properties. in Proceedings of 1994 33rd IEEE Conference on Decision and Control. 1994. IEEE.
6. Gilbert, E.G., I. Kolmanovsky, and K.T. Tan, Discrete‐time reference governors and the nonlinear control of systems with state and control constraints. International Journal of robust nonlinear control, 1995. 5(5): p. 487-504.