Thread: Modern car paint and rust
View Single Post
  #66   Report Post  
Posted to rec.crafts.metalworking
Jim Wilkins[_2_] Jim Wilkins[_2_] is offline
external usenet poster
  
Posts: 5,888
Default Modern car paint and rust
"dpb" wrote in message
news
On 02/23/2017 8:29 AM, Jim Wilkins wrote:
...

I knew something of the issue from designing industrial control
panels
and then watching mindless UAW drones misuse them. I learned that
controls had to be not only idiot-proof but vandal-proof. Although
I
had no design input on the aerospace electronics I prototyped I
paid
attention to the discussions about their possible effect on cockpit
situational awareness. There was a joke circulating at the time
that
the automated airliner cockpit of the future would contain a man
and a
dog. The dog was trained to bite the man if he touched the
controls.
The man's only task was to feed the dog.

Not only aircraft; TMI-II became something more than just a turbine
trip causing a reactor trip with the sidebar of a steam relief valve
not reclosing automagically because the latter caused an anomolous
level reading in the physically nearby pressurizer level. This was
misinterpreted by reactor operators and they subsequently turned off
the safety system HPI (high pressure injection) pumps fearing were
going to overfill the pressurizer and if that were to happen, risk
over-pressurizing the primary system itself. The incident
progressed downhill from there until a fresh shift came on and the
SRO on that shift recognized the problem and restarted HPI plus RCPs
to restore primary coolant flow and begin the recovery process.

If the original crew had done nothing but let the control and safety
systems do their job instead of intervening, the incident would have
consisted of no more than an unscheduled trip and restart once the
initiating fault in the transmission yard that was the initiating
event. (They lost connection to the grid owing to transformer
failure at full power (850 MWe) which left nowhere for the generator
output to go so that initiated the turbine trip. System was
designed to be able to handle a "full load rejection" trip, but
owing to various other conditions, runback couldn't always be fast
enough so a reactor trip could also be expected maybe half the
time.)

Neon John is the expert on that incident. I've discontinued my
research on recent infrastructure accidents which could be mistaken
for a search for exploitable vulnerabilities.


Reply With QuoteReply With Quote