Hi everyone,
thanks for the answers so far. I have to admit I wasn't really satisfied with "detection is not possible", "DUT must be grounded" and "you just need to be careful". Generally I agree that when working with high voltages being careful and thinking twice before doing anything is the way to go. Still I think it is always good to try and reduce dangers both due to hardware failures and due to user error as well.
High!
The shassis (GND_DC) of your DUT must be grounded in any case.
This is a rule.
Lets assume the DUT is a high voltage capacitor that must be checked for leakage. This means it would be referenced to the isolated DC ground but not to PE.
Let's try to theoretically create protection against breakdown of an isolated secondary source on chassis. So we must monitor the slightest current leakage. Since the resistance between the chassis and this source is quite high (we did our best to isolate it), any capacitance change with the chassis will be difficult to distinguish from a breakdown. The protection will be triggered every time the output is touched like a capacitive field effect sensor.
This might be a way to do it. If this approach can work I'd suspect that there is already either an IC to do the job or a reference design for a monitoring circuit (I'll go into that below).
You are not describing a detectable fault scenario. If the output is floating, then referencing the positive terminal to earth ground should be a perfectly valid use case. With that said, it is usually safer to leave the output of a high voltage supply floating, since that helps to prevent electrocution in some cases.
I agree that it would be possible with the setup above but for what purpose would I use that particular setup. Can you name a use case where it makes sense to reference DC+ to PE?
You are not describing a detectable fault scenario.
Is it really undetectable? Assume we exclude the use case of referencing DC+ to PE. Then if everything is in order the chassis should be completely isolated from both DC+ and DC- at all times, however if due to a breakdown somewhere chassis becomes DC+ there is suddenly a potential difference between chassis and DC- that happens to be (more or less) the same as the potential difference between DC+ and DC- minus. So with the right components one could probably cobble up circuitry to detect just that. As a very crude draft I'm thinking of two voltage monitoring ICs monitoring the potential difference between chassis and DC+ and DC+ and DC-, if those are equal we detect a fault. (Sidenote: OFC I'm aware it will not be as simple as in the picture, we need isolation between the voltage monitors and the 5V logic signals, also a simple OpAmp won't do the job. Actually its a weird use case, usually we have low voltage inputs and high voltage outputs in this case its exactly the other way around so we'd need an "OpAttenuator"-circuit if such a thing exists and might even get away without the intermediate voltage monitors.)
When you look at a high voltage car battery (which is also floating) there is always a isolation tester included.
(DIN EN 61557-8 (VDE 0413-8) / IEC 61557-8)
If the test fails on start up of the car: the high voltage DC-relays (Schütze) in the battery containment are not switched on.
So a single fault cannot lead to a hazard.
Thanks for pointing out the associated standards and the DC-relay. To trigger the relay on or of we of course must have a way to detect the fault (i.e. sth. like the "ISOLATION_FAULT" signal above). Since you mentioned high voltage car batteries as practical use case I'd assume that reference circuitry/ICs for that purpose exist already. Do you happen to have an idea what I need to look for to find more info about that (i.e. the name of that particular IC type or the detection circuitry involved)?
A common way is to connect the secondary winding (or the rectified DC) to PE. Then there is just one less wire to worry about. This is for example how microwave ovens work.
That also might be an option.
You need to apply common sense and not rely on protective circuits to save your butt.
Agreed, but no amount of common sense can prevent eventual hardware failure (i.e. isolation breakdown), and sometimes humans make mistakes. So while it is not good to *rely* on protection circuitry to save you, it surely won't hurt to have it in place.
A fuse?
Is a fuse really going to help here? If insulation between DC+ and chassis breaks down, there is no current flowing. That is unless the unfortunate person in the picture would touch it. Even if the output would be fused with lets say 100mA the little guy would have a *bad* day.
Anyhow thinking about that problem feels to me like reinventing the wheel. High voltage DC supplies, SMUs and other high voltage devices exist for a long time. Someone with a lot more knowledge and experience must already have dealt with this question right?
For instance in the
Keithley 2290 Series datasheet there is the following section:
Series 2290 Power Supplies and a Model 2290-
PM-200 Protection Module protect both user
and instrumentation from hazardous voltages.
An interlock circuit built into the power supplies
can be used to ensure that the output voltage
is disabled if a high voltage test fixture access
door is open. In addition, all Series 2290 power
supplies have low voltage analog outputs to per-
mit safe monitoring of the high voltage and the
output current.
When low voltage measurement instrumentation
is used in the high voltage circuit, the protection
module safely clamps the voltage across the
instrument to a maximum value of 200V even
when a device under test (DUT) breaks down.
Thus, a Series 2290 Power Supply, Model 2290-
PM-200 Protection Module, and Keithley accesso-
ries provide all the elements for building a safe,
high voltage test environment.
I'd be interested in *how* this is done, not necessarily exactly Keithleys solution, but *a* solution on how professional high voltage gear generally deals with security issues. I'd assume that much like with the input protections on DMMs the fundamental principles of protection in those devices will be similar but implementation details may differ inbetween vendors and devices.
Home
Help
Search
Login
Register
