Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Year 2000 (Y2K) Embedded Systems & Infrastructure Problem -- Ignore unavailable to you. Want to Upgrade?

To: John Mansfield who wrote (374)	5/15/1998 4:33:00 PM
From: John Mansfield	Respond to of 618

[HVAC] Technical stuff but very interesting! 'Like many in the building industry I have been skeptical of the potential implications of the glitch. Why? Especially when companies like General Motors are reported as handling Y2K and embedded systems more as a catastrophe than an inconvenience. Firstly let me preface all with: imvho. I have little knowledge of computers and cannot hack code. (Therefore lack technical acuity of the glitch). I have however been involved in installing and commissioning embedded systems within the building industry for a period of time. To a degree, most embedded systems can be divided into control systems or data gathering/monitoring systems. Few data gathering/monitoring systems impact operationally on plant and equipment (yes, a simplistic generalisation fraught with hazard but you have to start somewhere) so let me concentrate on controls. All control systems break down, with or without Y2K. So all control systems have a fail safe method of operation. In a factory or process engineering environment, this fail safe is STOP. Plant and equipment winds down in a controlled manner, or by crashing instantaneously to an abrupt halt where "e-stops" (emergency stop) are in operation. There is an obvious potential for progressive or fail-creep and this sort of ripple effect is far more likely if the failure is factory-wide and more-or-less instantaneous (albeit random and effecting perhaps only a percentage of the embedded systems) as with Y2K. How can it be more benign in buildings? First and foremost, in fail safe operation the essential services remain operational at all costs (the heart of the matter, but bear with me). Non-essential services fail-safe differently. A building is unlikely to immediately endanger lives or associated equipment when a given piece of equipment fails. So much of the fail safe operation is "keep running". The equipment that fails safe with STOP, does within a design that keeps the building running - albeit in a sort of stand by mode. Holistically the building goes into "at ease". Not particularly comfortable, nor particularly efficient, but still operational. Lifts will "work to rule" so you wait longer. Thermostatic feedback to HVAC (heating ventilation and air conditioning) fails so you can get hot(ter) or cold(er) depending on external ambient conditions. But ventilation continues. Of course if a specific portion of an embedded system is critical to the standby operation, then that part of the building's systems will stop. These conditions will certainly stress out the building's facilities management, but we simply set the equipment running parameters manually. Sounds simplistic and understated? Yep. But one way or another I think most buildings could be made tenantable a little quicker than the dissolution of society - if all we had to concern ourselves with was keeping plant going that was previously operational. But we have the essential services to consider. Essential services are fundamentally designed to warn people to get out, and to keep the building as safe as possible long enough for them to do so. Building services, and their embedded systems, operate differently in an emergency. I have been ruminating on generic worst case scenarios from a(n) holistic building systems perspective but some themes first. (These are off-the -cuff descriptions not text book theory.) BMS = building management system, primarily controls HVAC but may cover other systems like power, water and gas. This is where the lion's share of the embedded systems exist in a complex building. Mechanical electrical = with or without BMS the HVAC has a large quantity of controls of their own. Fire electrical = smoke and heat (flame) detection (data gathering) to logic controllers that take over control of the HVAC from the BMS in an emergency. Interfaces (outputs) also with the DBA and EWIS and takes signals (inputs) from the fire sprinklers. EWIS = emergency warning and intercommunication system, break glasses (data gathering) to logic controllers that provide visible and audible alarms ("please leave the premises"). May also interface and override electrical systems eg turn the lights on in a dark theatre or turn the music off at a night club. Fire hydraulic = (my terminology) 2 systems - sprinklers, and fire hydrants and hose reels. Sprinklers trip the fire electric system if there is a (pipework) pressure drop and trips the DBA. Hydrants and hose reels provide water for the fire fighters. DBA = direct brigade alarm, dedicated phone line to the local fire brigade (drives them mad if it's on a hair trigger). 1/ With due respect to BMS personnel and imho we can run HVAC without BMS (and mechanical electrical local controls). Fans can be controlled manually (on/off from the mechanical DBs), dampers left in preset positions. Condensers, boilers, pumps and coils can be set manually to "best guess" positions by the facilities managers. Note that this is to keep a building tenantable, not to keep it comfortable. Note also that sod's law states that we will greet the new millennium in the middle of unprecedented cold conditions (northern hemisphere) where heating can easily become an essential service. 2/ We cannot override emergency systems. At least, a building with an inoperable fire electric system or EWIS cannot responsibly be tenanted. 3/ It's all irrelevant without power. Two main issues here; a) controls over the operation of emergency generators (note that usually building generators are sufficient to power essential services, but insufficient to run anything else); b) supply from the grid (I refrain from comment here being outside my expertise - but follow with interest relevant threads on this group). In the first instance, emergency lighting is fine. But batteries wont last much more than a couple of hours, and after that we need 24 hours of power to re-charge. 4/ Monitoring of air quality is more stressed without BMS eg. air filtration, cooling towers, fresh air (sick building syndrome) CO monitoring. We can cover it manually if we have planned for it, but if data monitoring fails there could be legal implications. This can be overcome by reducing the quantity of return air. Not only more expensive, but should external ambient conditions be extreme, may push HVAC beyond it's design parameters. ie It will get cold(er) or hot(ter) depending on what the fresh air is like. 5/ Interestingly enough, fire hydraulic systems fare OK. Generally fire sprinkler systems have sufficient capacity water tanks and/or inherent pipework capacity to cover incipient spread of fire. So even if there is no power for sprinkler pumps it is safe to occupy. (Check your local regulations however). Theoretically the hydrant pumps are redundant - covered by the fire brigade ( a fire truck is essentially a large diesel powered hydrant pump). Poor form by the building manager relying solely on external services but probably safe. (Again, check your local regs.) The exception is the DBA - possibly better considered a fire electric problem. (see 2/ above). Any comments on the above? I see 2 major issues: fire electric, and power. Does anyone know of any compliance testing on: FFCPs - fire fan control panels, which override the BMS to drive fans in a fire; FIPs/FIBs - fire indicator panels/boards, a graphical representation of a facility that the fire brigade uses to monitor fire status.); Fire/smoke detection system PLCs/logic controllers; EWIS ECPs - evacuation control panels/ WIPs warden intercommunication points, used for communication between fire fighters in the field the fire control room (which houses the FFCP and MECP); EWIS MECPs - master evacuation control panels, control the audible and visible alarms in a fire and where PA announcements are made from ("the ground floor is stuffed, go to the roof"); Control systems to magnetic door hold open/closed devices, open/close fire doors (fire electric system overriding of security systems); Transfer switches and logic controllers to electrical main boards (detects mains failure and switches power supply to essential circuits; Control systems for generator start up and loading. Believe it or not, it still seems to me that we can face Hogmanay (the big one) with a "manual" contingency plan, but ONLY if a) the essential services are tested and made compliant before 01/01/00; or b) we have the right skills available immediately after (some people are going to be very popular). Wait for mechanical and electrical specialists to NOT return to construction sites - too busy re-commissioning systems constructed years ago. After that, "you pays your money and takes your chances". Cheers Dru Spork (but you can call me optimist) _______ Subject: Essential (embedded) systems and glitched buildings From: "dru" <dry-kerry@NOSPAMbucksnet.co.uk> Date: 1998/05/13 Message-ID: <01bd7e93$7c1cdac0$3b0470c3@ecom> Newsgroups: comp.software.year-2000 [More Headers] [Subscribe to comp.software.year-2000]

To: John Mansfield who wrote (374)	5/15/1998 4:37:00 PM
From: John Mansfield	Read Replies (3) \| Respond to of 618

[ELEVATORS] Again elevators are mentioned. It remains a bit vague whether there will be problems in them IMO. John _____ 'Mike Mooney wrote in message <355BFD78.CD2@bradford.ac.uk>... >Stephen Poley wrote: > >> >> The source is personal communication from a consultant who I know >> well, who advises several organisations on y2k - he got it first-hand >> from the project manager responsible for solving y2k problems in >> embedded systems at the airport. The project team got the maintenance >> organisation to test one of the lifts, not expecting anything to go >> wrong. When they set the clock forward the lift froze. The >> manufacturer concerned is Schindler. >> > >Has there been any reaction from Schindler about this? According to >their website - > >http://www.schindler.com/man_corporate/webnews1.nsf/821fc40d0df923eec125651 7002d66ef/a12c08ef59086643c12565a9005c1f94?OpenDocument > >- 'in general, elevators and escalators are not affected by the >Millennium problem as their operation is not reliant on the calendar >date. Therefore Schindler expects no problems in the functioning of >Schindler elevators and escalators, or the transmission of their alarm >calls, at the change of the Millennium.' ____ Subject: Re: Electric Utilities vs Fear Mongers From: "D. Scott Secor - Millennial Infarction Mitigator" <y2k@uswest.net.NO$PAM> Date: 1998/05/15 Message-ID: <355c1e92.0@news3.uswest.net> Newsgroups: comp.software.year-2000 [More Headers] [Subscribe to comp.software.year-2000]