Search Results : programmable logic controller

Beware Of Illogical Logic Controllers

 maritime accidents  Comments Off on Beware Of Illogical Logic Controllers
Jun 022009
 

It’s a little worrying when ship’s take on a mind of their own thanks to inappropriately programmed computer technology. A small fire aboard an oilfield supply vessel is raising concerns about programmable logic controllers.

Here’s the Marine Safety Forum report:

“A supply ship was tasked by the charterer to load cargo for a run to an oilfield. Once at the loading berth and safely moored, the Chief Engineer requested permission to carry out fault finding on an intermittent 24v earth alarm which had come up during the move and had also been reported by the previous crew. The Master and the C/E agreed that as the alarm had only appeared whilst the power plants were running on passage then both engines and shafts should be left running during the fault finding to simulate normal running. At the time the outer engine was running and the inner
engine was stopped.

On this vessel class both propeller shafts (driven by 2 main engines each via a gear box) are fitted with disc brakes which are designed to engage (stop the shaft) once both engines are de-clutched from the gear box. The shaft brake is fitted so as to be able to stop the shaft in cases, where for example, rig hoses are sucked into propellers to avoid serious damage to nozzle and propeller.

The C/E suspected the fault was in the propulsion control system. He switched off power (24v) to the CPU of the propulsion control system of the outer engine and the alarm disappeared. However without warning the shaft brake immediately engaged, resulting in the brake pads overheating and catching fire. This was extinguished very quickly and the only damage was to the brake pads which were destroyed.

It was discovered that the PLC in the propulsion control system was programmed in such a way that if the 24v supply was interrupted whilst the inner engine was stopped both engines were considered stopped and the shaft brake engaged. The PLC has since been reprogrammed.

This incident raises concerns about the verification of programming of PLCs which are used within control systems.”

Dec 022014
 

Curiosity is a much underused tool for improving safety. From the commissioning of the 93m chemical tanker Key Bora in 2005 no-one wondered why the astern response of its controllable pitch propeller, CPP, was four times slower than its forward response, it was accepted with a shrug as just one of the quirks of this particular vessel. It had not gone unnoticed, it had just gone unquestioned until she rammed a jetty in Hull putting a 90cm hole in her bulbous bow just above the waterline.

It is a good example of how something Not Quite Right, NQR, can lead to a close call and when both go unremarked sooner or later there will be a hit. In the old days of naval warfare the first shot rarely hit the target, it would either overshoot or under shoot the target. A range adjustment would be made and a second shot fired. If that didn’t hit the target it still enabled the gun crew to get a more accurate range, to bracket it, and the next shot would hit the target. A wise commander on the target vessel would take avoiding action to prevent the aggressor bracketing his vessel. Continue reading »

NOPSA Alerts On Safety Control Systems Safety

 Offshore, safety alert, Safety Alerts  Comments Off on NOPSA Alerts On Safety Control Systems Safety
Jan 192011
 

Will the PLC do what's expected or what it's told?

Australia’s National Offshore Petroleum Safety Authority has issued a warning regarding the potential for malware or inadequate design of safety-related control functions to cause death or injury when they do not perform in the intended manner. While the alert is aimed at the offshore industry it applies equally to the maritime industry where there has been a number of accidents involving programmable logic controllers.
What happened?
NOPSA has encountered a number of instances, in a diverse range of applications, where Operators have introduced equipment or systems that have potential weaknesses in the design of their safety-related control systems.
In some cases, Operators have been unaware of the significance of control systems as control measures against Major Accident Events and Dangerous Occurrences, and have consequently not used appropriate safety management techniques in their design and operation. Continue reading »