Fault tolerant drives for safety critical applications
The correct operation of adjustable speed drives, which form part of a larger system, is often essential to the operation of the system as a whole. In certain applications the failure of such a drive could result in a threat to human safety and these applications are termed 'safety critical'. The chance of a component failure resulting in non-operation of the drive can be dramatically reduced by adopting a fault tolerant design. A fault tolerant drive must continue to operate throughout the occurrence of any single point failure without undue disturbance to the power output. Thereafter the drive must be capable of producing rated output indefinitely in the presence of the fault. The work presented in this thesis shows that fault tolerance can be achieved without severe penalties in terms of cost or power to mass ratio. The design of a novel permanent magnet drive is presented and a 'proof of concept' demonstrator has been built, based on a 20 kW, 13000 RPM aircraft fuel pump specffication. A novel current controller with near optimal transient performance is developed to enable precise shaping of the phase currents at high shaft speeds. The best operating regime for the machine is investigated to optimise the power to mass ratio of the drive. A list of the most likely electrical faults is considered. Some faults result in large fault currents and require rapid detection to prevent fault propagation. Several novel fault sensors are discussed. Fault detection and identification schemes are developed, including new schemes for rapid detection of turn to turn faults and power device short circuit faults. Post fault control schemes are described which enable the drive to continue to operate indefinitely in the presence of each fault. Finally, results show the initially healthy drive operating up to, through and beyond the introduction of each of the most serious faults.