Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations MintJulep on being selected by the Eng-Tips community for having the most helpful posts in the forums last week. Way to Go!
fail-safe system
- Thread starter 144x
- Start date
It seems a very important consideration is not so much how it works normally, but results of misoperation when part of the system fails.
One scheme uses 5 triacs for a basic 120V AC-control channel, like for, say, a solenoid valve. Four triacs are connected in a series-parallel arrangement, allowing correct operation with a single triac failure—open or shorted. The fifth triac is intended to crowbar a fuse {last-ditch} on one side of the four-triac network.
For failsafe, the starting point is things have to be energised for a "normal" or safe condition and de-energised for a fault/trip condition. You would use normally open contacts, which would be closed (i.e. the contact "driver" energised) for an OK state. Lose power or pull a wire or if a wire breaks you will open a circuit and generate a trip.
As far as switchgear goes, instead of the traditional energise to trip you would need to use an undervoltage release (de-energise to trip, allow close when energised). These are commonly available for LV switchgear and increasingly so these days for MV switchgear as well.
For control relays you can get a SIL 3 "relay" which has 3 coils in parallel and a set of contacts from each coil in series (so that it looks like a single relay). These are used for interfacing to other systems.
Failsafe systems in switchgear can be a pain sometimes.
As far as switchgear goes, instead of the traditional energise to trip you would need to use an undervoltage release (de-energise to trip, allow close when energised). These are commonly available for LV switchgear and increasingly so these days for MV switchgear as well.
For control relays you can get a SIL 3 "relay" which has 3 coils in parallel and a set of contacts from each coil in series (so that it looks like a single relay). These are used for interfacing to other systems.
Failsafe systems in switchgear can be a pain sometimes.
jbartos
Electrical
- Jan 15, 2000
- 6,440
Suggestion: The fail safe system uses normally open contact of a device which is falling into safe or de-energized position on loss of power or malfunction of its input, e.g. relay or contactor coil side. This implies that the normally open contact was closed and its circuit provided power to signaling or carries current in interlocking.
The IEEE Std 100 Dictionary defines a "Fail-Safe Circuit" as a circuit in which the occurrence of a failure causes a specified set of outputs of the circuit to assume predetermined values.
Also, a definition of a Fail-Safe System. A system whose failures can only be, or are to an acceptable extent, benign failures.
The IEEE Std 100 Dictionary defines a "Fail-Safe Circuit" as a circuit in which the occurrence of a failure causes a specified set of outputs of the circuit to assume predetermined values.
Also, a definition of a Fail-Safe System. A system whose failures can only be, or are to an acceptable extent, benign failures.
- Thread starter
- #5
Fail-safe systems are not generally used in electric substations because fail-safe techniques generally reduce overall system reliability and availability. The presumption behind fail-safe systems is that a false shutdown of a system is preferable to a potential loss of protection or control. This is not generally true for electrical distribution systems. Where additional protection against component failure is desired, it is usually provided by redundant systems such as back-up relaying, breaker failure, dual trip coils and other such schemes.
Hybrid systems are sometimes used in power generation facilities, incorporating a two-out-of-three de-energize to trip voting logic for sensing circuits but a one out of two energize to trip scheme for actual tripping.
Hybrid systems are sometimes used in power generation facilities, incorporating a two-out-of-three de-energize to trip voting logic for sensing circuits but a one out of two energize to trip scheme for actual tripping.
- Thread starter
- #7
Failsafe is very big in petrochemical/oil & gas (i.e. hazardous area type)installations. The "safe" state for these plants is with the power off and things are shut down or stopped by removing power. Solenoids de-energise to shut valves, interposing relays de-energise to shut down motors etc. Electricity, even at 24V DC, can be a potential hazard (source of ignition) at times.
Sometimes on such plants it is necessary for a shutdown system to trip an MV circuit breaker and you have to explain to the instrument engineer that your equipment requires control power to trip and he points an accusing finger at you and says "ooooh but thats not failsafe".
Dont know about North American equipment, but increasingly IEC makes of MV switchgear can be fitted with UV release coils so that it is possible to provide a failsafe tripping mechanism if necessary.
Concur with dpc re substation installations.
Sometimes on such plants it is necessary for a shutdown system to trip an MV circuit breaker and you have to explain to the instrument engineer that your equipment requires control power to trip and he points an accusing finger at you and says "ooooh but thats not failsafe".
Dont know about North American equipment, but increasingly IEC makes of MV switchgear can be fitted with UV release coils so that it is possible to provide a failsafe tripping mechanism if necessary.
Concur with dpc re substation installations.
As you can tell , fail-safe has many different applications -- you need to determine what the fail-safe mode is for your application, determine what the failure modes are, and apply those methods to allow the fail-safe mode to function [i.e. we had main gas regulators supplying a major power plant fail open so that a plugged filter would not shut down the entire plant -- other provisions were incorporated to control the gas pressure; or the (steam turbine) Emergency Lube Oil Pump should fail to run (to failure, if need be) to keep the turbine bearings lubricated -- it should start upon other pump failures, even a failed pressure switch...]
some things should fail on, fail off, fail open, fail close -- depending upon the application; even if you purchase a piece of equipment that has a fail-safe function, you should still evaluate (preferably before purchase) to determine if it fits the fail-safe mode you need... [some applications may be dictated by code, so you should also determine what applies to your application, i.e. fire pump service]
In some respects, this involves a separate study of your systems to make sure proper fail-safe modes are adequately designed into your systems..
to answer your question, both N.O. and N.C. contacts have application -- which to use will depend upon what needs to be done in failure mode...
some things should fail on, fail off, fail open, fail close -- depending upon the application; even if you purchase a piece of equipment that has a fail-safe function, you should still evaluate (preferably before purchase) to determine if it fits the fail-safe mode you need... [some applications may be dictated by code, so you should also determine what applies to your application, i.e. fire pump service]
In some respects, this involves a separate study of your systems to make sure proper fail-safe modes are adequately designed into your systems..
to answer your question, both N.O. and N.C. contacts have application -- which to use will depend upon what needs to be done in failure mode...
- Status
Similar threads
- Question
- Locked
- Question
- Locked
- Question