Boiler Fail-safe systems

	Boiler Fail-safe systems

Any predictable boiler failure must result in a safe situation

How to make a control loop fail-safe
Example: A simple control loop for pressure control of a steam boiler with one oil fired burner.

Control Valve An electro-pneumatic Control Valve for the fuel oil to the burner should close upon control air failure as well as missing current signal.
Pressure Transmitter The Pressure transmitter has normally a direct output signal, that is, the signal increases on raising pressure. Normally the current signal will never be lower than
4 mA, but if it does, the Controller should immediately close the burners fuel oil control valve.
Controller Any internal fault in the Controller must initiate closing of the fuel oil control valve.

A fail-safe relay configuration How to make a relay fail-safe
A relay is almost fail-safe since it is very likely to brake the circuit when it is malfunctioning. However, using two relays will increase the reliability considerably. This can be done in different ways. One method is to wire the relays, A and B, as shown on the picture.
The system cannot be reset unless the pressure switch (PS) makes and both relays work correctly, but the circuit between terminal 1 and 2 will break when PS breaks even if only one relay works rightly.

How to make a computerized control system fail-safe
An output from a computer will become either high or low when it fails. There are some methods using the computer to check its own outputs. Feeding back an output’s signal to an input will enable the computer to check if the output is what it is supposed to be, but the system as a whole will not be fail-safe. The CPU or any other vital part might break down and then the check of the outputs is out of order.
The only way to make a computer system fail-safe is to use another computer to check all the functions. It is, of course, possible to check all the functions by means of hard wiring and relays, but who wants to do that?