Peter wrote:
ndeed – damn hard to make power electronics reliable enough for this job. One can over-engineer everything massively, which helps, but it is obvious from the various development grant applications exhibits that a lot of heat is being generated / a lot of cooling is needed, and thermal cycling is the biggest killer of power electronics.
Well for this kind of job we have hardware failures analysis FMEA, FTA and FMEDA which can tell if the design is fit for the purpose, there is no need to grossly over-engineer, just to make it right.
The failure mechanisms in power electronics are not that predictable.
Then we would not have EV on the street … powertrains are rated ASIL D, the highest integrity level in automotive.
Peter wrote:
The failure mechanisms in power electronics are not that predictable
Which is why certifying the electronics of aircraft electrical systems to guarantee low failure rates is very costly. This also explains the still widespread use of heavy power relays on commercial aircraft. I am not familiar with current-gen aircraft (A350 B787..) but the previous gen is all relayed.
A very safe efficient system for a small aircraft could be one large propeller with two independent power systems (controller+battery+engine) linked mechanically at the prop. Reduction drives, although frequently a piston aircraft achiles’ heel, are comparatively light, simple and reliable for electric engines where torque is relatively flat.
Failing that, could you not have a single engine with dual (or multiple) independent synchronized parallel controllers and batteries? Worst case you would lose 50% power except in the case of failure in the part of the circuit where the individual systems merge/isolate to drive the engine.
Even if such part of the circuit cannot done efficiently and safely via electronics (diodes?) you could use relays that would be tested on every pre-flight, so you would ensure protection from (partial) power system failure. Similar-size power relays on a large aircraft weigh “only” around 5 kg.
byteworks wrote:
powertrains are rated ASIL D, the highest integrity level in automotive.
But even then, requirements are surely lower than on an aircraft, since on ground vehicles worst-case you can design them so most failure modes ultimately end in a power shut-down (the danger would be failing to a high-power mode). The option to fail-safe to shut-off is not available on aircraft.
Edited to add they are also rather heavily built on ground vehicles…
ASIL D in automotive means life threatening hazards – think of unintended acceleration (ASIL-C) and inadequate deceleration (ASIL D). Both can result for example in a terrible multiple vehicles accident.
Peter wrote:
ndeed – damn hard to make power electronics reliable enough for this job. One can over-engineer everything massively, which helps, but it is obvious from the various development grant applications exhibits that a lot of heat is being generated / a lot of cooling is needed, and thermal cycling is the biggest killer of power electronics
A big issue in electric cars is battery management and temperature control. In an aviation application where ambient temperatures are often lower there is probably the possibility to use power electronic cooling flow in battery heating.
Antonio wrote:
A very safe efficient system for a small aircraft could be one large propeller with two independent power systems (controller+battery+engine) linked mechanically at the prop. Reduction drives, although frequently a piston aircraft achiles’ heel, are comparatively light, simple and reliable for electric engines where torque is relatively flat.
Couldn’t you just have both engines on a common shaft instead?
Airborne_Again wrote:
Couldn’t you just have both engines on a common shaft instead?
In terms of ‘reduction gear’ yes, but you still need some kind of clutching gear to mechanically isolate one from the other, or else any failure modes which result in significant negative torque from one engine will hurt the good one. Perhaps those modes are extremely improbable?
byteworks wrote:
ASIL D in automotive means life threatening hazards – think of unintended acceleration (ASIL-C) and inadequate deceleration (ASIL D).
I see…so does ASIL-D also address loss of power, rather than excessive accel/decel, as part of the life-threatening modes, as would be the case on aircraft?
