Author Topic: designing to meet regs - "utilization category"  (Read 1246 times)

0 Members and 1 Guest are viewing this topic.

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
designing to meet regs - "utilization category"
« on: January 20, 2023, 09:01:21 am »
I am designing the electronics for a machine, this must meet the machinery directive part of which is EN 60204-1. This states that there must be a disconnect device such as a switch or connector. Where a connector is used it must be designed to be hot plugged/unplugged at maximum load. It also states that interlocks with the connector are also acceptable to trigger another switch of suitable utilization category.

Now I already had a connector and knowing that no connector is really designed to be hot plugged/unplugged I already planned an interlock and was going to use signal pins in the connector that mate last and break first to control a MOSFET (well several in parallel). However the reg's have beat me to this and now my switch must meet the appropriate utilization category.

Is it time to admit defeat and fit an off the shelf contactor, if I use something like a solid state relay with relevant ratings can I argue that my design therefore is of the correct category or would I need to have my switch separately validated?

This is a 48V DC system.
 

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: designing to meet regs - "utilization category"
« Reply #1 on: January 20, 2023, 09:07:53 am »
If I remember correctly you need physical disconnect device (a mechanical contactor or connector).
No solid state devices because they can fail short..
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #2 on: January 20, 2023, 09:20:24 am »
That does make it a contactor then although EN60204 is not specific probably because separate standards about the utilization categories will state what can and cannot be used.
 
The following users thanked this post: 2N3055

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: designing to meet regs - "utilization category"
« Reply #3 on: January 20, 2023, 09:26:46 am »
That does make it a contactor then although EN60204 is not specific probably because separate standards about the utilization categories will state what can and cannot be used.
Yes, unfortunately you need to go to specific details.
But most will specify separate disconnect device in addition to normal on/off switch. I believe normal ON/OFF device can be solid state but security disconnect device must fail safe..
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Offline AndyC_772

  • Super Contributor
  • ***
  • Posts: 4315
  • Country: gb
  • Professional design engineer
    • Cawte Engineering | Reliable Electronics
Re: designing to meet regs - "utilization category"
« Reply #4 on: January 20, 2023, 09:30:14 am »
knowing that no connector is really designed to be hot plugged/unplugged

This is nonsense. (Trivial example: how do you turn on your kettle?)

A disconnect device really does mean that - a device that can physically disconnect the supply, not a solid state, electronic switch.

I recommend spending the afternoon looking through data sheets on the Molex web site.

Online tom66

  • Super Contributor
  • ***
  • Posts: 7336
  • Country: gb
  • Electronics Hobbyist & FPGA/Embedded Systems EE
Re: designing to meet regs - "utilization category"
« Reply #5 on: January 20, 2023, 09:32:41 am »
It's possible to use MOSFETs in safety critical systems, for instance TI make a number of eFUSE devices which are rated to replace traditional fuses in automotive applications.  These devices are extensively tested to ensure they do not fail short in any expected operating condition.  I am not sure if they would be approved for your application - it took a lot of effort and development to get eFUSEs in cars.
 

Offline Siwastaja

  • Super Contributor
  • ***
  • Posts: 9336
  • Country: fi
Re: designing to meet regs - "utilization category"
« Reply #6 on: January 20, 2023, 09:44:40 am »
It's possible to use MOSFETs in safety critical systems, for instance TI make a number of eFUSE devices which are rated to replace traditional fuses in automotive applications.  These devices are extensively tested to ensure they do not fail short in any expected operating condition.  I am not sure if they would be approved for your application - it took a lot of effort and development to get eFUSEs in cars.

This, plus mechanical switches and relays have exactly same failure mode - they fail short, too, due to contacts welding.

Sure, one could claim that on average, maybe, given some engineering budget or level of experience, mechanical switch has higher chances of sustaining larger fault currents and voltages than solid state, but that gets pretty handwavy.

No solid state devices because they can fail short..


I'm 99% sure standards do not prohibit use of semiconductor based switches. Standards may require things not to ever fail short in given conditions*, and then it's up to you to prove the reliability, and you can't escape that requirement by saying "mechanical switches never fail short", because that's simply not true.


*) all switches will fail short if you apply, say, 10000000000000V with 10000000000000A available; you have just a huge fireball of conducting plasma
« Last Edit: January 20, 2023, 09:46:44 am by Siwastaja »
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #7 on: January 20, 2023, 09:57:12 am »
It's possible to use MOSFETs in safety critical systems, for instance TI make a number of eFUSE devices which are rated to replace traditional fuses in automotive applications.  These devices are extensively tested to ensure they do not fail short in any expected operating condition.  I am not sure if they would be approved for your application - it took a lot of effort and development to get eFUSEs in cars.

BMS systems are solid state, but also extensively tested and well engineered.
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #8 on: January 20, 2023, 10:12:47 am »
knowing that no connector is really designed to be hot plugged/unplugged

This is nonsense. (Trivial example: how do you turn on your kettle?)

A disconnect device really does mean that - a device that can physically disconnect the supply, not a solid state, electronic switch.

I recommend spending the afternoon looking through data sheets on the Molex web site.


Well you could design your own but then it may have to be separately tested and approved to the required category. You kettle example does not, erm, hold water ;), the ultimate disconnect device is the UK 3 pin plug which while rated for 13A will not weld under higher currents, this exonerates the switch from any requirements.
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #9 on: January 20, 2023, 10:14:23 am »
It's possible to use MOSFETs in safety critical systems, for instance TI make a number of eFUSE devices which are rated to replace traditional fuses in automotive applications.  These devices are extensively tested to ensure they do not fail short in any expected operating condition.  I am not sure if they would be approved for your application - it took a lot of effort and development to get eFUSEs in cars.

This, plus mechanical switches and relays have exactly same failure mode - they fail short, too, due to contacts welding.

Sure, one could claim that on average, maybe, given some engineering budget or level of experience, mechanical switch has higher chances of sustaining larger fault currents and voltages than solid state, but that gets pretty handwavy.

No solid state devices because they can fail short..


I'm 99% sure standards do not prohibit use of semiconductor based switches. Standards may require things not to ever fail short in given conditions*, and then it's up to you to prove the reliability, and you can't escape that requirement by saying "mechanical switches never fail short", because that's simply not true.


*) all switches will fail short if you apply, say, 10000000000000V with 10000000000000A available; you have just a huge fireball of conducting plasma

Yes so my question is, if I do my own, does my own testing justify my choice of own brew component or will it always need an official category certification under the machinery directive. If that is the case maybe I should just buy one.
 

Online tom66

  • Super Contributor
  • ***
  • Posts: 7336
  • Country: gb
  • Electronics Hobbyist & FPGA/Embedded Systems EE
Re: designing to meet regs - "utilization category"
« Reply #10 on: January 20, 2023, 10:18:12 am »
Yes so my question is, if I do my own, does my own testing justify my choice of own brew component or will it always need an official category certification under the machinery directive. If that is the case maybe I should just buy one.

If something goes wrong with your device, is it likely to lead to death, serious injury or substantial property damage?
 

Offline jonpaul

  • Super Contributor
  • ***
  • Posts: 3656
  • Country: fr
  • Analog, magnetics, Power, HV, Audio, Cinema
    • IEEE Spectrum
Re: designing to meet regs - "utilization category"
« Reply #11 on: January 20, 2023, 10:20:45 am »
OP kindly details? post  is too vague.

Environment industrial,consumer, vehicle, seaborne?

Mains V, cfg 1, 3 ph wye, delta ?
Rated KW/KVA/Irms ?
different answer for a 120 V fractional HP lathe vs. a 480V 3 ph 50 HP crâne hoist.

If safety, shock, fire  is a concern consider your  liability.
The excellent electricians forums may be a better resource, eg Mike Holt.

Bon courage

Jon

« Last Edit: January 20, 2023, 10:24:00 am by jonpaul »
An Internet Dinosaur...
 

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: designing to meet regs - "utilization category"
« Reply #12 on: January 20, 2023, 10:27:35 am »
It's possible to use MOSFETs in safety critical systems, for instance TI make a number of eFUSE devices which are rated to replace traditional fuses in automotive applications.  These devices are extensively tested to ensure they do not fail short in any expected operating condition.  I am not sure if they would be approved for your application - it took a lot of effort and development to get eFUSEs in cars.

This, plus mechanical switches and relays have exactly same failure mode - they fail short, too, due to contacts welding.

Sure, one could claim that on average, maybe, given some engineering budget or level of experience, mechanical switch has higher chances of sustaining larger fault currents and voltages than solid state, but that gets pretty handwavy.

No solid state devices because they can fail short..


I'm 99% sure standards do not prohibit use of semiconductor based switches. Standards may require things not to ever fail short in given conditions*, and then it's up to you to prove the reliability, and you can't escape that requirement by saying "mechanical switches never fail short", because that's simply not true.


*) all switches will fail short if you apply, say, 10000000000000V with 10000000000000A available; you have just a huge fireball of conducting plasma

These are disconnect devices. They are supposed to break in emergency. They don't weld because they are not used as ON/OFF switch. Also they have special construction.
But even if you use standard relays, one that is used as ON/OFF and another that is always on and don't get connect/disconnect cycles, they won't both weld at the same time.
That is the logic behind it. Also, on single phase systems, if you use separate contactors to break live and neutral you can pass some safety standards.

As I said, it is very specific, based on application..
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #13 on: January 20, 2023, 10:36:42 am »
Yes so my question is, if I do my own, does my own testing justify my choice of own brew component or will it always need an official category certification under the machinery directive. If that is the case maybe I should just buy one.

If something goes wrong with your device, is it likely to lead to death, serious injury or substantial property damage?

It's a winch type application but not lifting:

Death no
Injury if you do not follow instructions and do something stupid yes
Property damage, not really, maybe you materials.

Ultimately a fuse blows, this disconnect device is to cut power at maximum operating conditions, the physical connector cannot interrupt this current so something else must.
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #14 on: January 20, 2023, 10:40:47 am »


These are disconnect devices. They are supposed to break in emergency. They don't weld because they are not used as ON/OFF switch. Also they have special construction.
But even if you use standard relays, one that is used as ON/OFF and another that is always on and don't get connect/disconnect cycles, they won't both weld at the same time.
That is the logic behind it. Also, on single phase systems, if you use separate contactors to break live and neutral you can pass some safety standards.

As I said, it is very specific, based on application..

Primarily this is to completely remove power from a machine. The standard covers all machinery and heavily focusses on fixed installs where you wire the machine in so put a bit switch in to turn the power off so that you can work on it. We are doing portable machinery so there are connectors, these are acceptable as disconnects but as the connector is not designed to be hot plugged it must interlock with a switch device of appropriate rating. As it happens I would put the estop into this interlock as well so that the one power on/off is controlled by the connector or the estop button.
 
The following users thanked this post: 2N3055

Offline Siwastaja

  • Super Contributor
  • ***
  • Posts: 9336
  • Country: fi
Re: designing to meet regs - "utilization category"
« Reply #15 on: January 20, 2023, 12:56:28 pm »
These are disconnect devices. They are supposed to break in emergency. They don't weld because they are not used as ON/OFF switch.

And emergency cannot happen when current is flowing? Worse, emergency cannot happen when short circuit current is flowing, and there is inductance before the short circuit?

These are the cases when semiconductor switches fry short, and mechanical contacts weld. Proper design is needed in either case and safety proved, although arguably it's easier to design the mechanical version. That doesn't mean it's forbidden to use a solid state design.
 

Online tom66

  • Super Contributor
  • ***
  • Posts: 7336
  • Country: gb
  • Electronics Hobbyist & FPGA/Embedded Systems EE
Re: designing to meet regs - "utilization category"
« Reply #16 on: January 20, 2023, 01:20:08 pm »
It's a winch type application but not lifting:

Death no
Injury if you do not follow instructions and do something stupid yes
Property damage, not really, maybe you materials.

Ultimately a fuse blows, this disconnect device is to cut power at maximum operating conditions, the physical connector cannot interrupt this current so something else must.

So the way I think about problems like this is imagine that something has gone wrong and I have to defend it to ordinary, technically experienced people.  A good example might be a regulator or, hopefully not, a judge.  Would your implementation be seen as a reasonable compromise or are you just shaving pennies and having a greater risk? What additional steps could you take to improve safety and reduce failure modes - for instance, why could you not use a better connector?

This is one reason I'm never keen to be involved in safety-critical systems.
 

Online 2N3055

  • Super Contributor
  • ***
  • Posts: 7466
  • Country: hr
Re: designing to meet regs - "utilization category"
« Reply #17 on: January 20, 2023, 02:22:31 pm »
These are disconnect devices. They are supposed to break in emergency. They don't weld because they are not used as ON/OFF switch.

And emergency cannot happen when current is flowing? Worse, emergency cannot happen when short circuit current is flowing, and there is inductance before the short circuit?

These are the cases when semiconductor switches fry short, and mechanical contacts weld. Proper design is needed in either case and safety proved, although arguably it's easier to design the mechanical version. That doesn't mean it's forbidden to use a solid state design.

Contacts weld predominately on switch on. There is arc and force pushing them together. On disconnect, force is working to tear them apart and arc starts when they already start moving out.. There will be arc event of course, but a properly dimensioned disconnect device will extinguish it.
Contacts weld more likely on ON/OFF device because of wear and arc pitting. That creates larger and rougher contact surface that will stick better and more likely have more arcing (geometry and oxides and whatnot).
When you are trying to disconnect relay and you realize it is stuck, it is most likely it got welded on previous connecting event...
Then you tap on it with screwdriver handle and it releases alright. As soon as you overcome bond force, regardless if current is still flowing.That is for small relays that have small disconnect forces. Industrial contactors have significant force and welding is even less likely on disconnect.
"Just hard work is not enough - it must be applied sensibly."
Dr. Richard W. Hamming
 

Offline SimonTopic starter

  • Global Moderator
  • *****
  • Posts: 18118
  • Country: gb
  • Did that just blow up? No? might work after all !!
    • Simon's Electronics
Re: designing to meet regs - "utilization category"
« Reply #18 on: January 21, 2023, 07:52:09 am »
It's a winch type application but not lifting:

Death no
Injury if you do not follow instructions and do something stupid yes
Property damage, not really, maybe you materials.

Ultimately a fuse blows, this disconnect device is to cut power at maximum operating conditions, the physical connector cannot interrupt this current so something else must.

So the way I think about problems like this is imagine that something has gone wrong and I have to defend it to ordinary, technically experienced people.  A good example might be a regulator or, hopefully not, a judge.  Would your implementation be seen as a reasonable compromise or are you just shaving pennies and having a greater risk? What additional steps could you take to improve safety and reduce failure modes - for instance, why could you not use a better connector?

This is one reason I'm never keen to be involved in safety-critical systems.

This is not a case of safety critical, it's a case of any machine can pose a threat if not designed properly and sensible precautions are not taken to prevent incorrect use so there are laws and directives and standards that need adhering to and if you want to sell it you have to take it to a company that does the required approvals.

There are two aspects here, I need to provide a method of disconnecting power, this may be a switch or a connector. We don't really fit switches to these machines as they are portable and the power is plugged in at each use so I have to put a plug on anyway. Any plug I use will not have the breaking capacity, there is a reason your UK 13A plug has terminals 10x the size of the contacts I have used in the past that will carry 13A but not break 13A. So I for myself already envisioned a controlled/interlocked breaker to prevent damage to the connector.

Now I find that this requirement and my very method of interlocking a breaker with the connector are a requirement, but the standard demands a utilization category. In my case DC-13 at 50A and in the future 120A

I also have to provide an emergency stop and not wanting to have more than one high current switch will make this the same. This makes it more important for me to look at something with proper ratings rather than cobble my own and argue about it.

But, no one is using 48V at 120A or even 50A. I cannot find anything that is rated to DC-13 utilization category with a 50A capacity. I can find contactors like the ones from albright and these also came as a contactor and emergency stop combined. It therefore makes sense I think to use one of these so that we kill several birds with one stone.

What I was hoping was to put the switch device in the battery so that we did this work once and it cost once and then no machine would require a chuncky contactor and several machines can run off the same battery.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf