Re "The Black Swan Event"
I spent some time researching the systems on the MV Dali last night. Wiki tells us that it has a single main (propulsion) engine, a Two Stroke MAN B&W S90ME, coupled to a fixed-pitch propeller. For manoeuvring in ports, it has a single 3,000 kW (4,000 hp) bow thruster. Electricity is generated onboard by two 3,840 kW (5,150 hp) and two 4,400 kW (5,900 hp) auxiliary diesel generators. So there is plenty of redundancy in the electrical side of things. I then found (and downloaded) a 353 page installation and operating manual for the S90ME. It's for a slightly later version, so there may be some detail differences, but the main features should be the same. Here's a section of text from the Engine Control System section:
The ME system has a high level of redundancy.
It has been a requirement to its design that no
single failure related to the system may cause the
engine to stop."
Being a modern "Common Rail" design, it has duplicate control computers, which run in parallel, so if one fails the other instantly takes over. They each have separate AC to 24v DC power supplies with battery back up. Each cylinder has its own control module which operates the fuel injector, exhaust valve & air starting valve. These valves all need a high pressure oil supply to work, and that comes from multiple electric pumps, and (standard) crankshaft driven pumps, which will keep the engine running alone above idle speed. All this lot, and multiple control positions, run on two separate computer networks.
It strikes me that the only "Accidental" way the main engine would stop is IF the engine driven pumps were not specified during construction, and then electric power was lost.
But if a crew member (or anyone able to gain access during a stop over) planted malware in the system, then potentially just about everything on the ship could be remotely controlled. This could include the generators, their synchronisation & switching systems and possibly even the bow thruster. Just this sort of scenario is now being reported in the world of cars & trucks, but has been shown to be possible even WITHOUT direct access, via Bluetooth, Wifi or Cellular communications.
I have to assume the rudder is moved hydraulically, and that's going to need electric pumps, so won't have been controllable during the blackout. Even once power was restored it would take time to move from one extreme to the other. It's also a limitation of such vessels that to go into reverse means completely stopping the main engine, and re-starting it in the opposite direction - no gearbox is typically fitted on such large engines. This can (potentially) take in the order of minutes to accomplish, so wouldn't have helped in this case, even if they DID have control.
I spent some time researching the systems on the MV Dali last night. Wiki tells us that it has a single main (propulsion) engine, a Two Stroke MAN B&W S90ME, coupled to a fixed-pitch propeller. For manoeuvring in ports, it has a single 3,000 kW (4,000 hp) bow thruster. Electricity is generated onboard by two 3,840 kW (5,150 hp) and two 4,400 kW (5,900 hp) auxiliary diesel generators. So there is plenty of redundancy in the electrical side of things. I then found (and downloaded) a 353 page installation and operating manual for the S90ME. It's for a slightly later version, so there may be some detail differences, but the main features should be the same. Here's a section of text from the Engine Control System section:
The ME system has a high level of redundancy.
It has been a requirement to its design that no
single failure related to the system may cause the
engine to stop."
Being a modern "Common Rail" design, it has duplicate control computers, which run in parallel, so if one fails the other instantly takes over. They each have separate AC to 24v DC power supplies with battery back up. Each cylinder has its own control module which operates the fuel injector, exhaust valve & air starting valve. These valves all need a high pressure oil supply to work, and that comes from multiple electric pumps, and (standard) crankshaft driven pumps, which will keep the engine running alone above idle speed. All this lot, and multiple control positions, run on two separate computer networks.
It strikes me that the only "Accidental" way the main engine would stop is IF the engine driven pumps were not specified during construction, and then electric power was lost.
But if a crew member (or anyone able to gain access during a stop over) planted malware in the system, then potentially just about everything on the ship could be remotely controlled. This could include the generators, their synchronisation & switching systems and possibly even the bow thruster. Just this sort of scenario is now being reported in the world of cars & trucks, but has been shown to be possible even WITHOUT direct access, via Bluetooth, Wifi or Cellular communications.
I have to assume the rudder is moved hydraulically, and that's going to need electric pumps, so won't have been controllable during the blackout. Even once power was restored it would take time to move from one extreme to the other. It's also a limitation of such vessels that to go into reverse means completely stopping the main engine, and re-starting it in the opposite direction - no gearbox is typically fitted on such large engines. This can (potentially) take in the order of minutes to accomplish, so wouldn't have helped in this case, even if they DID have control.
Try this too:
Plenty more at a site called NOWP.
KISS. The engineer's motto.
ReplyDeleteShades of 737-Max.
The collective West have been attacking the Kerch bridge between Russia and Crimea for a long time.
ReplyDeleteI wonder if there's any connection with this event?