Fail safe fault monitoring systems are widely used in engine electric-generator set (gen-set) environments. The systems are used to monitor the status of several parameters of the engine in the gen-set. They may also be used to monitor the status of the electrical generator. In the event of the presence of an operating condition which will cause damage to the engine or generator, it is the system's responsibility to turn the gen-set system off, frequently called "shut down". The system typically does this by grounding the distributor wire in a gasoline powered gen-set and by shutting off the fuel supply in a diesel powered gen-set. Examples of the parameters which may be monitored are oil pressure, fuel supply, engine temperature, engine speed, and improper current or voltage conditions.
Good engineering practices, and often times government specifications, require in a fail safe circuit that all fault monitoring contacts be in series with a run relay for the gen-set. The run relay is connected such that if any one or more fault senders open ("trip"), the run relay will be de-energized and the gen-set will shut down. Typically, the gen-set system's parameters are monitored by electromechanical devices known as fault senders. These senders have two sets of contacts, and are often called double contact fault senders. The first contact is normally closed and completes the ground path for the run relay. As noted above, there are typically several fault senders in series in the run relay ground path. When a sender is tripped, it simultaneously closes its second set of contacts while opening the first set. The closing of the second set of contacts operates to complete a circuit, thereby lighting a fault lamp. The opening of the first set of contacts removes the ground potential from the run relay, thereby de-energizing it and shutting down the monitored process.
Double contact fault senders are relatively expensive and unreliable mechanical devices. In one prior art system, the double contact fault sender for sensing overheating is actuated by wax in an enclosed tube. As the wax heats, it changes state from a solid to a liquid. This change of state causes the wax to expand within the tube against a slideable plunger. The movement of the plunger activates a set of spring loaded contacts, completing a second set of contacts while opening a first. Such a mechanical analog system requires very close tolerances. It is also susceptible to temperature rise time lag, and is further susceptible to the static frictional force of the spring loaded contacts.
In generator set systems requiring the monitoring of numerous types of parameters for fault conditions, any reduction of the number, or complexity, of the discrete fault sender components can result in substantial cost reduction, system reliability and increased efficiency.
It is also desirable in a gen-set environment to electrically isolate the fault senders from the display or output devices. Typically, systems having double contact fault senders use warning lamps connected to the second set of contacts mechanically linked to those controlling the run relay. Use of that style of contact, therefore, introduced a mechanical element into the system.
As can be appreciated, the prior method of analyzing and providing for a fail safe monitoring system is characterized by complex senders. The present invention addresses the problems associated with a dual contact fault sender fail safe system by, among other things, using integrated circuits in connection with single contact fault senders. The system also uses an electrical optical isolator device to electrically isolate the monitoring system from the display output drives. The system also uses a readily available microprocessor which provides increased performance and a reduction in cost over the above described two contact system.