Mailing List lml@lancaironline.net Message #59231
From: <Sky2high@aol.com>
Sender: <marv@lancaironline.net>
Subject: Re: [LML] Re: Fw: Re: Re-doing my panel - carefully thinking through failures
Date: Sun, 07 Aug 2011 10:56:47 -0400
To: <lml@lancaironline.net>
 Message Header

Undecoded Message
Fred,
 
Single pilot operation is a great example. The pilot usually has two of everything - hands, feet, eyes, ears, etc.  But, only one brain that may be shrunken by age, depleted of cells by regular use of adult beverages and hampered by other misadventures over the years.  Anyway, it is a single point of failure that must not require complex thought when caught between a rock and a hard place.
 
Using this guidance whilst assembling my aircraft systems late in the last century, I retained the forehead slapping simplicity of the main fuel tank being the LNC2 designed header (wings are just aux tanks) with the added automatic function of keeping it above 8 gallons - enough to safely reach the ground if the engine is still running.  Just think, no selector valve, no manual timing and always laterally in balance by concurrent pumping from both aux tanks as needed. 
 
Avionics and flight instrumentation were treated similarly.  Idiot lights and noisome beeps are used to remind the pilot to actually look at various out of range condition gauges to determine things such as alternator failure - a serious problem in an airplane with dual electronic ignitions.  (side note - how many certified aircraft ran the battery dry because the pilot was not informed of alternator incapacity?)  Anyway, one ignition is on the main bus and one on the on the essential bus with a separate backup battery that can be switched on to one should all else fail.  That switch cover is in the shape of a Bible.  The AI and DG are vacuum driven, but the backup AP is stabilized by the electric turn coordinator (or is it the other way around?). 
 
Yes, I sinfully have an avionics switch of high quality, but it is not quite a single point failure - it is a DPST type so either the radio on the essential bus or the radio on the main should work as needed when the F16's arrive (barring an external mechanical failure in the simple part of the switch).
 
Alas, even though I have an AOA and two Airspeed indicators (one electric) that are (Gulp) all dependent on the same pitot system - but, the altitude hold is on an independent static source.
 
Uh, I have two sticks and ailerons, but only one elevator or rudder.
 
If I have a problem with any system element it is time to land because I don't have a backup for any of my backups...............
 
Oh well,  I alone will just have to muddle through...............
 
Grayhawk
 
PS: Oh, that's right, I only have one engine and prop.  I feel the cloud of impending doom swirling about - on top of me being the most common single source of failure as toted up by the NTSB.  Wanna be my backup co-pilot (uh, no brakes on your side)?
 
Two of everything, independent power modes, independent pathways, cross connects, multiple layers of electrical spike and surge protection and independent and different principles of gyroscopic display and  electrical power supply.  Now one begins to achieve realistically (and defensible) high levels of reliability.  
 
If I could only achieve the same with the pilot.
 
Fred Moreno
 

 
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster