The food packing machines we built were designed to include a 12kW servo motor. The drive was equipped with a large external braking resistor that probably was not even required in our application, but the drive manufacturer insisted it could not be eliminated. Some time earlier, a predecessor had realized that these resistors can get hot if they are really used in the application, so they built a Plexiglas guard around the resistor.
Everything went fine for several years until eventually we had several dozen of these machines out in the field. Then, one day, we got the call no machine builder ever wants to hear: "Hey, your machine caught fire last night and burned up." The investigation soon led to the regen resistor and its flammable plastic guard as being a likely suspect for causing the fire. But we had never seen one of these resistors even get warm in operation, and we had had no problems with this servo in years.
The mystery continued until the same customer almost had a repeat of the same event, but the operator managed to kill the power when he started to notice the hot smell of melting Plexiglas in time to prevent the fire. Curiously, even though the plastic guard had melted when the machine was restarted, it ran flawlessly, and extensive testing revealed no bad parts.
Upon further investigation, we discovered that just prior to the event, the operator had mistakenly bumped an E-Stop button, which stopped the machine, and he quickly reset the E-stop circuit and continued to run. It turns out that these drives had always had the same feature, but no one had chanced on just the right sequence of operations to activate it. The drive has large capacitors in it and the manufacturer decided that, since a braking resistor is used with these drives, it would just dump the juice from the capacitors into the braking resistor when the drive was shut down.
A relay connected the braking resistor directly across the drive's DC bus on command from the drive's controller. The controller logic went something like this: “When the main power goes off, connect the braking resistor to the DC bus. Leave it connected until the bus voltage falls to a safe level.” What was lacking was the logic that should have said, “If the main power comes back on, open that relay, even if the DC bus voltage has not dropped to a safe level yet.” Fact is, it never will fall to a safe level with 40A of 480V three-phase power supplying the DC bus.
The drive manufacturer balked at correcting the design defect in the drive, arguing that the drives had been used with no problems for years. Then they suggested that we retrofit every one of these machines in the field with controls that would prevent reset of an E-stop for at least 45 seconds, and they agreed to pay for the parts to do that. Needless to say, this was unacceptable to most everyone. Our customer was a multinational company with an army of lawyers and a collection of color glossy photos of the smoking remnants of their $250k control panel, so about a year later a control revision was issued on the drive.
This entry was submitted by Kim L. Ground and edited by Rob Spiegel.
Tell us your experiences with Monkey-designed products. Send stories to Rob Spiegel for Made by Monkeys.