Aircraft Electrical Systems:
a Philosophy for Reliability
I have presented numerous forums at Oshkosh, EAA chapter meetings
and kit type gatherings around the country on the topic of electri-
cal system reliability. This is a prominent issue on most aircraft
builder's list of concerns for several reasons: First, the electri-
cal system is generally the least understood of all airplane sys-
tems. Second, some electrical system components are useful (if not
critical) to safe termination of flight during an electrical system
failure.
I will often begin a presentation with questions to the audience
about their own ideas for achieving reliable operation. It's not
surprising to find heavy emphasis on quality (cost) of components
and workmanship. Nearly every magazine on electrical system fabrica-
tion or installation will list tasks to be accomplished or mistakes
to be avoided in the interest of producing a reliable installation.
Reliability discussions often include matters of cost, convenience,
and perceptions founded on incomplete or inaccurate data. For this
article to arrive at its intended conclusion, let us agree that a
reliable flight system permits comfortable termination of flight
(preferably at the intended destination) irrespective of any single
failure of a system component.
It's easy to visualize a situation where one airplane owner is
always doing some kind of work on his airplane but seems to fly
where he wants when he wants without mishap. Contrast this with
another pilot who suffers maintenance conditions causing repairs off
his home base. Worse yet, his problems may precipitate unplanned
arrivals with the earth! These airplanes may be identical and
experience the same problems. Never-the-less, when compared with the
other, one of these aircraft might be perceived very unreliable.
I've often asked groups of pilots and builders to prioritize their
personal flight system reliability requirements. The first consen-
sus is that airframe failures of any type are not tolerable; design
goals require an airframe to withstand normal operations with an
expectation of zero failures. Airframe systems include structure,
skin, gear, flight controls, etc. Second on most everyone's list is
the power plant which would include engine, prop, fuel system,
ignition, etc. The electrical system usually comes in third. Under
electrical systems, people tend to jump on radios as "most desira-
ble."
Consider please my personal list:
I. Airframe
(1) Structure
(2) Flight Controls
(3) Flight Instruments
(a) Airspeed
(b) Turn Coord.
(c) Compass
(d) Altimeter
(e) Gyros
(f) etc.
(3) Gear
(4) etc.
II. Pilot/Builder
(1) Skills
(2) Knowledge
(3) Health
III. Power Plant
(1) Engine
(2) Prop
(3) Ignition
(4) Fuel System
(5) etc.
IV. Electrical System
(1) Battery
(2) Instrument Lights
(3) Turn Coordinator
(4) Engine Support (boost pumps . .
etc.)
(5) Nav/ILS/Comm
(6) Transponder (optional)
(7) Landing Light
(8) Alternator
(9) Position and Strobe Lights
(10) Stereo System
Note that I have added the pilot and his/her "subsystems" at II on
the list. First, consider that when everything thing else (lower on
the list) has gone belly-up, an adequately trained and proficient
pilot has an excellent chance of living to tell the grand-children a
true life, wing-and-a-prayer survival story! The pilot's tool box
must contain knowledge and skills along with a body capable of
utilizing them. Note also that electrical systems and components
thereof are a distant fourth place on the list. Other items are
conspicuous by their absence. Note that engine instrumentation and
fuel gauges are not even on the list. I know of no immediate hazard
to flight posed by failure of these kinds of devices. I do not imply
that electrical systems need not be reliable. I just want to place
them in proper perspective with respect to other flight systems.
Further, I do emphasize a pilot's very important position as a
component in the total flight system.
Your personal list may vary from mine as well it should, provided
you have a rational basis for development along different lines,
unique to your assets. One goal of this article is to suggest tools
for development of your own reliability priorities list. Accom-
plishment requires knowledge of personal needs and skills combined
with an intimate familiarity with your airplane's systems and per-
formance envelopes. This, ladies and gentlemen, is what separates
us from Pilot John Public who has become bored with scuba diving and
decides it would be nice to add flying to his recreational activi-
ties.
As builder/pilots we are permitted alternate approaches to systems
design. Powers-that-be recognize that a majority of Pilot John
Public will never be as familiar with their airplanes as you are
with yours! The inference to be drawn suggests that our personal
flight systems are automatically more reliable. I would say it's
true to a point. It's a sure bet that most of us do understand more
about airplanes than the general pilot population; after all it's
our avocation, perhaps even vocation.
Consider that most of us learned to fly in certified, production
airplanes. We are not permitted to modify these airplanes, they're
accepted as-is. Furthermore, these machines were certified under
rules giving Pilot John Public the best possible chances of survival
knowing that for some, piloting skills (from the systems viewpoint)
will not advance beyond manipulation of levers and knobs.
Since most of us learned to fly in the padded-cockpit environment,
it is possible that we bring detrimental attitudes with us into
amateur-built aviation. For example: existence of a pilot's operat-
ing handbook with mandated topics is intended to afford great com-
fort as we launch into the blue. By federal decree, everything we
must know about that airplane is between covers of the book! If you
can recite emergency procedures, performance and weight/balance
calculations in your sleep, your spouse and offspring may wave you
off wearing broad smiles. These attitudes have been mulched into
fertile soil for the plaintiff bar. "Well now, Mr. Cessna, explain
to this court and jury why you didn't . . . . ."
The most important attribute to be cultivated in amateur built
aviation is the ability to think beyond the present in considering
all "what-if?" scenarios. Yeah, I know, as students we were all
admonished to "stay ahead of the airplane," that's not what I'm
talking about. What-if's I am considering relate to pieces and
parts of the airplane. For example: when building, modifying or
just maintaining any part of your airplane, operate two progressions
of thought. The first involves doing a quality job on a task at
hand. The second is, "what if this part fails?" Go over the ways in
which the part may fail and deduce whether or not any failure
presents a hazard to successful termination of flight. Analyze how
the failure will manifest itself to the pilot (handling qualities,
strange noises, engine roughness, dead radio, etc. etc.) And final-
ly, is the failure pre-flight detectable?
While designing products for the big guys, I've expended hundreds of
hours going over these points. The fancy name for this procedure is
Failure Mode Effects Analysis or FMEA for short. If any failure
does present a hazard, what is the best means for dealing with it?
Re-design may be in order. Example: if the head of a broken screw
is likely to drop into an intake manifold, perhaps a nut plate
installed to bring the screw in from the other side is in order. If
a failure is not pre-flight detectable, is the item is buried too
deep to visually inspect or simply not on your check list?
Note:
Whether you fly factory or home-built airplanes, published check
lists are the MINIMUM to meet bureaucratic and/or institutional
requirements. Nobody says you cannot EXPAND an existing list to
cover items you'd like to peek at before launch time.
Let's suppose failure of an item simply makes some component or
system inoperative. Can you do without it? If not, what system
backs it up? In other words, develop a "plan B" perhaps even "plan
C" to back up most needed components and systems.
This technique is applicable to all airframe systems but let's get
back to the original topic of electrical systems. Referring to the
list I gave earlier, let us agree that if the airframe is in good
shape, engine is running well, you are skilled, rested and ate your
Wheaties this morning, there's no reason for this to become a bad
day in the cockpit. Let's examine the electrical system priorities
in my earlier list:
Numero uno is the battery; your single most reliable source of power
(assuming the battery has been properly maintained). Next comes
instrument lights. Why lights? Recall the admonition: "Aviate,
navigate, then communicate?" "Aviating" at night becomes a jaw
breaking chore of aiming a flashlight with your teeth. Therefore,
number two on my list is instrument flood lighting. I would choose
not to power up a 3-amp string of post lights. Instead, use one or
two, 80-milliamp bulbs rigged to flood the panel with basic light-
ing. Instrument lights on a C-150 are just that. Not elegant but
they work, consume little power and don't make your lower jaw ache.
Flashlights are good only for peering into fuel tanks and reading
maps!
Number three is the turn-coordinator; quite often your only electri-
cally driven flight instrument and capable of literally saving your
buns (you ARE current in needle, ball and airspeed technique, no?).
Fourth, I would support any electrical item needed to keep the
engine running such as electronic ignition (if you have one) and
fuel boost pump. Putting these devices on the list of "essential"
equipment recognizes a remote possibility of double failure . . . an
electrical system condition followed by an engine condition.
Aha! We finally get to THE radio; not the whole 20 kilo-buck stack
of avionics. Remember, we're trying to get home on a power budget
with finite limits. It does you little credit to navigate to final
approach fix with millimeter precision and have everything go dark
over the outer marker! Until favorable outcome of your adventure is
assured, don't turn on anything you don't truly NEED. See why a
PILOT must included in a systems reliability equation? A better
understanding or a little practice may be key to reducing a hazard-
ous situation to a challenging inconvenience.
The transponder I list as optional. Recall that it is more a serv-
ice to ATC than it is to you. It benefits you only if you need ATC
assistance in navigating which assumes he isn't tracking you as a
primary target. Even then, the transponder doesn't do you any good
if you're not talking to the ground and it uses much more energy
than your navigation receiver. However, if you do have the power
budget, a 7600 or 7700 squawk may get you more elbow room.
Landing light is another optional consideration. If you're headed
for an unlighted field or you haven't honed your skills for night
landings without light, then illuminating a landing light just
before you flare is justified (Consider your own personal FMEA, what
will you do if the bulb is out?).
Next is the alternator because it has to be running if you're going
to have any external lights on. [Assume the alternator to be least
reliable of all electrical equipment. It handles lots of electrical
and mechanical power, it sees extremes of temperature cycles and
gets its itty-bitty diodes rattled by being bolted to the engine!
What else could we do to it?] Nav lights use more ENERGY than any
other system in your airplane including landing lights, electric
flaps or landing gear! Six to eight amps continuous drain for the
duration of flight. Even a strobe light may draw more than your
entire compliment of necessary radios. External lights do not help
you get where you are going and have a very low probability of being
useful for being seen. If YOU have the problem and YOU are flying
"dark", then keep your own eyes peeled for the guy who presently
enjoys a luxury of showing external lights!
Now that I've outlined one philosophy of electrical essentials.
Let's consider the hammer-and-tongs aspects of implementing it.
In Figure 1, (see February 93 issue of Sport Aviation or drop 32-
cent SASE to address below. I'll be happy to send you a paper copy
of the figure.) I show a basic power distribution diagram illustrat-
ing the foregoing text. To begin with, if we've done our FMEA
exercise, a way is needed to KNOW when the alternator has failed.
If no device already exists to give an active warning of alternator
failure then consider a low voltage warning light mounted prominent-
ly on the panel. Further, this device should be set to illuminate
the light very soon after alternator failure; when voltage falls
below 13 volts.
When the light does come on, you have several options: If comfort-
able haven is close by and your battery is a known quantity, then
perhaps no special action is needed other than to turn the alterna-
tor off to reduce its field circuit load on the battery. It would
be wise at this time to dump unnecessary loads but a fairly relaxed
activity to get on the ground is appropriate. Most alternators re-
quire a battery to be on line for voltage stabilization and noise
reduction. If (for a variety of reasons) the battery contactor
fails to keep the battery on line, the alternator should be shut
down and ordinary load reductions made.
In event of either alternator OR battery contactor failure, AND if a
desired location for landing is some distance away, make the most of
finite energy stored in the battery. Open both BATTERY MASTER &
ALTERNATOR switches. Pull the ESSENTIAL BUS PRIMARY FEED breaker
and close the ESSENTIAL BUS ALTERNATE FEED breakers. Taking a
battery contactor off-line reduces load on the battery by several
hundred milliamps (equal to several solid state nav receivers!).
Setting the breakers in this manner isolates the essential bus and
provides a direct path to the battery. If a voltmeter is part of
your electrical instrumentation, it should feed from the essential
bus; battery voltage should be monitored during battery only opera-
tions.
Figure 1 illustrates a number of departures from traditional tech-
niques for aircraft power distribution. The most notable variant is
the lack of an AVIONICS MASTER, a device who's time has gone by.
This (and other features) will be topics for future articles. In
the mean time, if you subscribe to the avionics master switch phi-
losophy, certainly all avionics may be fed from the essential bus
and "protected" by opening the PRIMARY FEED breaker during engine
cranking. Just remember, when battery life needs to be maximized,
turn OFF everything not truly needed to get you home.
All this writing may seem like a long way around to a rather simple
concept. I suggest that it's truly simple only if one understands
how it is used and useful only if it adequately addresses require-
ments established by personal FMEA studies. Primary goals for this
article are (1) to encourage builder/pilots to accomplish FMEA
studies in light of their equipment and personal skills, (2) relieve
pressure to purchase the most expensive components in an effort to
improve "reliability", (3) encourage design for failure tolerance
(cheap) instead of striving for failure proof (very expensive and
nearly impossible). Properly implemented, these techniques will
reduce to near zero, probability that any electrical problem will
ruin your day.
The original article text was uploaded without modification. Since
the article was published, conversations and deliberations with
other designers and builders have modified the philosophy somewhat.
We now believe that the normal feedpath from main bus to essential
bus should include a diode that *prevents* the essential bus from
backfeeding the main bus. Poor pilot technique during a perceived
emergency could result in inadverted overloading of essential bus
alternate feed path and leaving one totally in the dark! Given that
the original need for avionics master switches disappeard about 15
years ago, the idea of making a solid connection between main bus
and essential bus via diode makes sense. Any time the main bus is
hot, the essential bus is too. The main bus can be shut down at any
time to conserve finite battery energy with zero risk of backfeeding
---From the essential bus and blowing the altnernate feed protection.
Comments and discussion are welcome!
Regards,
Bob . . .
AeroElectric Connection
////
(o o)
| Nuckolls' first law of air- |
| craft systems design and fab-|
| rication: "Things break!" |
72770.552@compuserve.com
http://www.aeroelectric.com
|