On Sun, Apr 14, 2024 at 10:50=AFAM wsimpso1 <wsimpso1@comcast.net> wr
ote:
>
>
> We all know we need backups on any circuit needed for comfortable
> completion of a flight. I aimed for that. I have several circuits that fi
t
> that need, things like pumps and ECU's and Ignition Coils. I am Installin
g
> Z-14 (IFR and Electrically Dependant Engine). I would like your review an
d
> criticisms of the schemes offered, and any alternatives you can offer too
.
>
> I have two of each important devices (pumps, coil power, ECU's, injector
> power) and two always hot buses. I suspect we benefit from being able to
> connect either pump to either bus, and have two independant
> switches/circuits to do so too. For take-off and landing, many of us will
> want both pumps (or other paired devices) running, so I am looking to tha
t
> as well.
>
> The clever way seemed to be two 700-2-10's for each device pair, in
> parallel, with one connected to the Main Battery Bus, the other to the Au
x
> Battery Bus. I KNEW that gave me an error state that we would not do
> deliberately but which was likely to occur: both buses running one pump.
> Upon first review with both buses hot, this is a "so what?" with the onl
y
> loss being only one pump on when we were trying for both. But when one bu
s
> has gone cold, we are then trying to power everything left On on that col
d
> bus through the fuse and switch for the Hot bus. Sure, if we REMEMBER to
> close the Bus-Tie first and both buses do go hot, no problem, but if one
> bus is still cold, we lose access to pump. One more out of order switch
> throw and we are out both pumps or coils or .... BAAAD.
>
> Yes, I have run Fault Tree Analysis and then FMEA for my base scheme the
> way I was taught by duPont using order of magnitude estimates with
> detectability, severity, and failure probability. I plan to run the
> exercises on the alternatives too. Fault Tree Analysis and Failure Modes
> and Effects Analysis are very useful tools for estimating if one scheme i
s
> better or worse in total.
>
> So, what are the alternatives?
>
> Two SPST switches in parallel for each function, each connecting one bus
> to one pump. That costs me half of the bus-pump possibilities, which soun
ds
> detrimental.
>
> Series switch set that uses a 2-10 sequenced to a 2-1 that let's me
> connect either bus to either pump and to run both pumps, without running
> one pump on both buses simultaneously. This looks worse with two switches
> in series - instead of having a SPOF, I have doubled it - UGH.
>
> The scheme I like is paired 700-2-1's for each function with one switch
> per pump. This allows either bus to power each pump. No cross bus
> connection is possible, each pump (or other device) is separately powered
> by either bus, and there is always the other pump.
>
> Thoughts please on all of these schemes and my judgment here... If you
> have a better scheme to be replicated several times in my panel to allow
> running both devices from either bus, I am all ears.
>
> Bill
>
>
I'll take a short swing at it, by simply describing my thought process &
resulting decisions. I decided that *buses* don't fail. As long as they're
installed properly and inspected regularly, they should be given the same
confidence as wing spars. Power supplied to one could fail, in which case a
backup source should be available. With that starting point, I planned two
buses; one with *everything* for the electrically dependent engine, and the
other for airframe power. Crossfeed ability between the two. Individual
circuits protected by individual fuses, protecting the bus. I have
redundant fuel pumps, etc, but both are controlled from the engine bus. Ev
en
then, switchology was still more complicated than I wanted, but it was
stripped down as clean as I could reasonably get it with the
'unconventional' engine.
Trying to power each item (if you're doing the pumps, the ECUs need it too,
etc etc) from multiple source buses seems to me like planning for multiple
failures in the same function-path on the same flight, a possibility so
remote that the mitigation attempts actually increase the risk, and it's
also a strong magnet drawing one into pilot overload if something does go
south in flight. We manage to mismanage stuff in stressful situations even
with all the control motions being hardwired by decades of flying. A
radical departure in 'switchology' beyond that absolutely required, and/or
multiple added layers, seems to me to make it more likely that something
minor will become something major very easily.
Just my thought path and results; yours will likely vary.
Charlie
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_c
ampaign=sig-email&utm_content=webmail>
Virus-free.www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_c
ampaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
