Kongsberg ACC20 Engine Safety Unit: Redundant Guardian of Industrial Power

Kongsberg ACC20 Engine Safety Unit: Redundant Guardian of Industrial Power

In the operation of industrial engines, compressors, and critical power equipment, safety monitoring and emergency shutdown systems are the last line of defense to ensure the safety of equipment and personnel. Any monitoring failure or misoperation could lead to catastrophic consequences. The ACC20 Engine Safety Unit (ESU) is a highly integrated and multi redundant safety monitoring module designed for this purpose. It can not only monitor engine speed and sensor status in real-time, but also reliably execute shutdown commands in emergency situations.

This article is based on the technical specifications of ACC20 ESU, and deeply analyzes the core architecture, redundancy design concept, input-output characteristics, communication capabilities, and strict environmental adaptability of this device. It provides a comprehensive technical reference for engineers and technicians in fields such as ocean engineering, generator sets, and industrial compressors.

Chapter 1 Overview: What is an Engine Safety Unit?

1.1 Equipment positioning

ACC20 ESU (Engine Safety monitoring and Emergency Shutdown Unit) is a control module specifically designed for engine safety monitoring and emergency shutdown. Its core task is to continuously monitor the key operating parameters of the engine and reliably cut off the fuel or ignition system of the engine when abnormalities are detected or manual shutdown commands are received, ensuring its safe stop.

1.2 Core Functions

The main monitoring input groups of ESU include:

Engine sensor monitoring: Connect various sensors (such as temperature, pressure, vibration, etc.) to real-time evaluate the health status of the engine.

Speed monitoring: Monitor the engine speed through a dedicated channel to prevent mechanical damage caused by overspeed operation.

Manual emergency stop: Provides a dedicated digital input channel for connecting emergency stop buttons in the control room or nearby.

1.3 Preset Parameters

All key monitoring parameters and circuit definitions are pre-set according to the specifications of the engine supplier before leaving the factory. This preset mechanism simplifies on-site configuration work, ensuring that the equipment meets the protection requirements of specific engine models from the beginning of installation, reducing the complexity and possibility of errors in on-site debugging.

Chapter 2: Redundant Architecture and Failure Safety Design

2.1 Redundant power input

ACC20 ESU has designed two independent power input channels and built-in automatic switching function. This means that when a power supply fails, the module can seamlessly switch to the backup power supply, ensuring the uninterrupted operation of the monitoring system itself. This is crucial for long-term continuous operation of generator sets or ship engines.

Voltage range: 18 to 32 VDC

Power consumption: The rated power consumption is only 7.5W, and the maximum power consumption does not exceed 10W (including the power of the solenoid valve)

2.2 Built in multiple redundancies

Redundancy "is the core keyword of ACC20 ESU design. The device achieves redundancy through various means:

Line redundancy: Most input channels are equipped with line detection function, which can promptly detect open or short circuit faults in sensor lines.

Communication redundancy: Dual CAN bus interfaces are used as the main communication line. When one bus fails, the system can automatically switch to the other bus.

Functional redundancy: The most critical redundancy is reflected in the "hard wire bypass" function. If the microcontroller (CPU) of the module fails, the internal logic will automatically hard wire specific digital input channels (20 to 22) directly to output channels (5 to 13), ensuring that emergency stop instructions can still be executed even if the main control chip fails.

2.3 Comprehensive internal self inspection

ACC20 ESU has a powerful built-in self-test (BIST) function. The self inspection scope covers most critical circuits, including:

Module temperature monitoring: Real time monitoring of internal working temperature to prevent overheating.

Power overload detection: Check whether the power supply exceeds the load.

Input/output line inspection: Periodically or continuously check the health status of input/output channels, and promptly report disconnection or short circuit faults.

CAN bus status detection and error handling: Monitor bus communication status, identify and handle communication errors.

Chapter 3: Detailed Explanation of Input/Output Architecture

ACC20 ESU provides multiple types of digital input and output channels, each with its specific functions and fault handling logic.

3.1 Output Channel

3.1.1 Relay output

Number of channels: 4 channels

Contact type: Conversion contact (normally open/normally closed/common terminal)

Load capacity: 3 A at 230 VAC inductive load

Purpose: It can be used to drive alarm lights, control other logic circuits, or serve as a status indicator.

3.1.2 Electromagnetic valve driver

Number of channels: 9 channels

Function: Directly drive the shutdown solenoid valve. These channels have built-in line detection function (only for wire breakage detection).

Output characteristics:+18 to 32 VDC output, maximum current 500mA.

Design feature: Input channels 14 to 19 are directly hard wired to these output channels. This means that even without CPU involvement, as long as the input conditions are met, the output can take action, greatly improving the speed and reliability of shutdown response.

3.2 Input Channel

The input channels are mainly divided into three categories, all of which require the connection of dry contacts or optocouplers to ensure electrical isolation and signal purity.

3.2.1 Special input for shutdown (with line detection)

Number of channels: 9 channels (input channels 14 to 22, etc.)

Function: Used to connect sensors or buttons that trigger shutdown. These channels not only monitor the switch status, but also continuously detect the integrity of the circuit (disconnection detection).

3.2.2 Ordinary digital input (with line detection)

Number of channels: 6 channels

Function: Used to monitor regular switch signals, such as operating status, mode selection, etc. It also has line detection function.

3.2.3 Safety bypass input

Number of channels: 3 channels (input channels 20 to 22)

Special feature: This is the input channel with the highest security level in the entire module. As described in section 2.2, if the CPU stops working, the internal logic will automatically hard wire these three inputs to the designated solenoid valve output. This is the ultimate guarantee to ensure that a 'hard shutdown' can still be achieved in the event of electronic control system failure.

Chapter 4 Communication and Status Indication

4.1 Dual CAN bus interface

ACC20 ESU uses dual CAN bus as its main communication line. CAN bus is widely used in industrial control and shipbuilding fields due to its high reliability and real-time performance. The dual CAN design provides physical layer redundancy and enhances communication reliability. Through these interfaces, ESU can upload monitoring data, alarm information, and event records to upper level monitoring systems (such as PLC or ship comprehensive alarm systems), while receiving remote configuration or control instructions.

4.2 Onboard LED Status Indication

For the convenience of on-site maintenance and fault diagnosis, the module front panel is equipped with high brightness light-emitting diodes (LEDs). By observing the status of the LED, technicians can quickly understand:

Power status: Whether the main power supply and backup power supply are normal.

Watchdog status: Whether the CPU and software are running normally.

CAN bus status: Whether the communication line is established and whether there are error frames.

This intuitive indicator light design greatly simplifies the initial troubleshooting process, and key information can be obtained without connecting to a computer.

Chapter 5 Technical Parameters and Environmental Adaptability

5.1 Environmental Tolerance

ACC20 ESU is designed for harsh industrial environments, especially in high temperature, high humidity, and high vibration places such as engine compartments and compressor rooms.

Working temperature: -15 ° C to+70 ° C

Storage temperature: -25 ° C to+70 ° C

Humidity: 96% relative humidity (without condensation)

Protection level: IP20 (suitable for installation in clean control cabinets)

Mechanical environment: Complies with IACS E10 standard and can be directly installed on the engine or compressor (with appropriate cabinets).

5.2 Electromagnetic compatibility

The design of ESU meets the requirements of IACS E10 and IEC 60945 for electromagnetic compatibility, which means it can resist electromagnetic interference from industrial environments, while the electromagnetic radiation generated by itself is also within a controllable range, ensuring stable operation in complex electromagnetic environments.

5.3 Physical specifications

Terminal capacity: maximum 2.5 mm ²

Equipment weight: 1.7 kg

Isolation characteristics:

Power supply: non isolated

Digital input: non isolated

Relay output: Isolation

Electromagnetic valve output: non isolated

CAN interface: photoelectric isolation

5.4 Classification Society Certification

One major advantage of ACC20 ESU is its type approval from multiple mainstream classification societies worldwide. This means that the device can be directly applied to ships and ocean engineering platforms without the need for separate certification in each project, greatly simplifying the project approval process.

Certification bodies include: DNV (Det Norske Veritas), LRS (Lloyd's Register), BV (French Classification Society), GL (Germanischer Lloyd, now merged with DNV), RINA (Italian Classification Society), NK (Japan Classification Society), ABS (American Bureau of Shipping), KR (Korean Register of Shipping), PRS (Polish Classification Society), MRS (Russian Classification Society), CCS (China Classification Society).