×
INTELLIGENT WORK FORUMS
FOR ENGINEERING PROFESSIONALS

Log In

Come Join Us!

Are you an
Engineering professional?
Join Eng-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here
*Eng-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Voting 2oo2

thread962-447313

Voting 2oo2

Voting 2oo2

(OP)
Hi,
We have 2 sensors and we are planning on wiring them so that both have to reach there setpoint before a controller action takes place.

I have been reading that the reliability will be improved because spurious tripping will be reduced but on the other hand the failure rate has now doubled as if one sensor fails the controller action won’t take place.

What is the general consensus on using 2oo2 voting on machinery, is this something that is normally done ?

Thanks

RE: Voting 2oo2

Let's say failure rate of a single sensor is 0.01

When using 1oo2 logic, failure rate is effectively doubled because failure of ANY of the sensors will cause spurious trip. You have two sensors with failure rate 0.01 hence the system failure rate is 2x 0.1 = 0.02
When using 2oo2 logic, you need both sensors to fail simultaneously, i.e. 0.01 x 0.01 = 0.0001 hence the system failure rate is effectively reduced 100 times.

Dejan IVANOVIC
Process Engineer, MSChE

RE: Voting 2oo2

(OP)
Hi,
Thanks for this. I just have a question. If the sensors are “ANDED” together and one fails to read the desired setpoint then would this not prevent the other sensor from working correctly as would this not feed into the second sensor ?

Thanks

RE: Voting 2oo2

Your OP is necessarily not true; if one of the controllers actually fails, you could be no worse off than if you only had a single controller, which you still would have. That's predicated on whether the downstream client can detect or be informed of the failure, in which case, it could revert to a single controller operational mode. Presumably, you have some indication that a controller actually failed, otherwise, you'd be running the process with a failed controller, which ought be possible.

IF (NOT (Fail_A OR Fail_B)), then Trip = Trip_A AND Trip_B
IF (Fail_A OR Fail_B), then Trip = ((Trip_A AND (NOT Fail_A)) OR (Trip_B AND (NOT Fail_B)))

Now, your actual hardware failure rate is doubled, but that's a cost/maintenance time issue.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! https://www.youtube.com/watch?v=BKorP55Aqvg
FAQ731-376: Eng-Tips.com Forum Policies forum1529: Translation Assistance for Engineers Entire Forum list http://www.eng-tips.com/forumlist.cfm

RE: Voting 2oo2

Voting arrangement might be susceptible to common cause failure modes - examples would be instrument sensing line blockage (if both sensors are connected to the source vessel via single sensing line), and in such case indeed both instruments would fail simultaneously and you will not have any increased reliability due to voting/redundancy. So to answer your question, you need to look at your system and confirm if there is any scenario during which both sensors would fail simultaneously from a common cause. If there is, reliability is reduced for the fraction (X%) of all failures (100%) that occur due to common cause failures. If there isn't any common cause failure scenario, the voting arrangement would effectively reduce failure rate 100 times compared to single sensor case.

Dejan IVANOVIC
Process Engineer, MSChE

RE: Voting 2oo2

(OP)
Thanks for the replies. The problem is we have two sensors placed at opposite sides of a room. These will detect water leakage. If the first one detects leakage then an alarm will be generated and operators should then pull a plug to allow the water to drain away. However if they do not and the water continues to rise and activates the second sensor then this should trip the pumps in the room.

Both sensors will be taken back to relays in a panel and the second sensor will only be initiated if the first has detected water, so if there is a fault in the first then the second sensor would never be initiated to look for water and the pumps would never trip.

Thanks

RE: Voting 2oo2

OK, so why can't the second one always be looking for a leak all the time?

If S2 = Trip, AND S1 <> Trip, Pull Plug (anyway) Check S1 and room

Seems to me that you are actually trying to prevent inaction on the operator's part, so why is there even a human in the loop? All the testing and actual usage on autonomous cars and other systems show that the human is the weakest link and least able to sustain alertness for more than about 10 to 15 minutes. If the plug is automated, then you can apply normal reliability and redundancy calculations to crank up the probability of missed leaks to as much as you want. If the human is in the loop, then even a 99.99999% consistent trip can still be missed by a texting operator.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! https://www.youtube.com/watch?v=BKorP55Aqvg
FAQ731-376: Eng-Tips.com Forum Policies forum1529: Translation Assistance for Engineers Entire Forum list http://www.eng-tips.com/forumlist.cfm

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Eng-Tips Forums free from inappropriate posts.
The Eng-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Eng-Tips forums is a member-only feature.

Click Here to join Eng-Tips and talk with other members! Already a Member? Login

Resources

White Paper - The Criticality of the E/E Architecture
Modern vehicles are highly sophisticated systems incorporating electrical, electronic, software and mechanical components. Mechanical systems are giving way to advanced software and electronic devices, driving automakers to innovate and differentiate their vehicles via the electric and electronic (E/E) architecture. As the pace of change accelerates, automotive companies need to evolve their development processes to deliver and maximize the value of these architectures. Download Now
White Paper - Model Based Engineering for Wire Harness Manufacturing
Modern cars, trucks, and other vehicles feature an ever-increasing number of sophisticated electrical and electronic features, placing a larger burden on the wiring harness that enables these new features. As complexity rises, current harness manufacturing methods are struggling to keep pace due to manual data exchanges and the inability to capture tribal knowledge. A model-based wire harness manufacturing engineering flow automates data exchange and captures tribal knowledge through design rules to help harness manufacturers improve harness quality and boost efficiency. Download Now
White Paper - Modeling and Optimizing Wire Harness Costs for Variation Complexity
This paper will focus on the quantification of the complexity related costs in harness variations in order to model them, allowing automated algorithms to optimize for these costs. A number of real world examples will be provided as well. Since no two businesses are alike, it is the aim of this paper to provide the foundational knowledge and methodology so the reader can assess their own business to model how variation complexity costs affect their business. Download Now
Close Box

Join Eng-Tips® Today!

Join your peers on the Internet's largest technical engineering professional community.
It's easy to join and it's free.

Here's Why Members Love Eng-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close