Engineering Ethics Cases with Numerical Problems
from an NSF & Bovay Fund sponsored workshop
August 14-18, 1995
Texas A&M University
Electrical Engineering Case 3
Control Design
Authors:
Ottis Barron
Suggested Courses:
Control Design
Level:
Junior
I. Narrative
Your company is designing a new compress to be used in baling scrap fabric. The baling
process requires that the machine be cleaned of lint between every use to avoid mixing
material colors. The compress is to have four ram positions: a) the up position allows the
scrap to be loaded; b) the retract position allows the bale to be removed; c) the press
position holds the scrap in the compressed state for strapping; and d) the down position
allows access to the upper part of the compress for cleaning.
Four pushbuttons (PB) are to be used to control the motion of the ram and four sensors
are to be used to indicate the ram position. A 220 volt ac motor is to be used to power
the hydraulic pump for driving the hydraulic cylinder which positions the ram. A
2-position 110 volt solenoid will operate a valve to determine the direction of ram
movement when the pump is running.
II. Engineering Questions
1.
Design a logic circuit for controlling the valve position and the power to the motor .
Prepare a parts list and cost estimate for your design. Be prepared to present and defend
your design at the next class meeting.
Questions: a) Did you make use of "don't care" states to simplify your
design?
b) If your answer to 1) is "yes", what happens to the system operation if the
impossible "don't care" conditions do in fact occur?
c) Are there safety considerations which should be included in your design?
2. (For use in in-class discussion) Several years after compress production has begun,
you are examining the schematic of the control circuit when you notice a potential
problem. Pump power will be applied when the retract PB is pushed with the ram in the down
position. This of course is the desired action for moving the ram up to the retract
position where the pump power is removed. However, if the down sensor is again activated,
pump power is again applied and the ram will move upward. Under what conditions might this
present a problem?
3. Prepare a short written presentation for your group leader which presents your
analysis of the seriousness of the problem. Also be prepared to present your analysis in
the weekly staff meeting.
Further class discussion may include:
a) What is your responsibility to examine the system response to "don't care" states?
b) How much consideration should you give to the possibility of operator error (or stupidity)?
c) Under what conditions should you attempt to "idiot proof" your design?)
4. Suppose the ram is placed in the retract position and left there for an extended
time. As the hydraulic pressure in the cylinder gradually bleeds down, the ram slowly
lowers. As the ram continues to drop, the down sensor is eventually activated and the ram
retracts. If the operator happens to be cleaning the machine at the time, a serious injury
is likely to occur. What recommendations would you make to your manager to guard against
this unlikely event`?
5. What can you include in your design to protect the operator in a potentially
dangerous situation? (Interlocks, warning labels, operating proceedures, instruction
manuals, etc. How likely is it that the operator may be poorly educated, maybe illiterate?
Should this be a design consideration?)
III. Ethical Questions
1. In view of the fact that no problems have been reported with the 10,000 machines
presently in operation, management holds that no action is needed with respect to the
problem. What is your response? Would your response change if production included only 500
machines? 500,000?
2. Suppose that the machine is scheduled to go into production next Monday.
Incorporation of safety interlocks to prevent the motor running when the access gate is
open would cost only $2.00 per unit but would result in an 8 week delay in production.
This delay would seriously impact the company market position because a competitor is
expected to have a comparable machine available in 4 weeks. Would you recommend
incorporation of the safety interlocks? Be prepared to defend your position.
IV. Engineering Solutions
There are a number of safety features that should be considered. These include:
a) panel lights to alert the operator to the operational status of the machine,
b) interlocks to prevent pump operation when the access gate is open,
c) location of control panel so that it is visible from the gate area of the machine,
d) others.
There are several solutions to the design problem, some better than others. One
possible solution is presented here.
The four push-buttons (PBU for up, PBR for retract, PBP for press, and PBD for down)
are used to individually set four latches (LU, LR, LP, and LD). The four position sensors
(U, R, P, and D) provide two outputs; one indicates that the ram is in position (indicated
by 1), the other that it is not (indicated by 0). Panel lights are turned on by the 0
output of the latch and indicate the last activated push-button (and therefore the ram
position if the motor is not running).
Assumptions include: 1) only one PB at a time is activated,
2) once a PB is activated, the motor runs until the desired position is reached.
Logic equations are:
Vd = U1*(LD1+LP1+LR1) + R1*(LD1+LP1) +( P1*LD1)
Vu = D1*(LP1+LR1+LU1) + P1*(LR1+LU1) + (R1*LU1)
M = (LU1*U0) + (LR1*R0) + (LP1*P0) + (LD1*D0)
Vd activates the down direction solenoid, Vu activates the up direction solenoid, and M
activates the motor power circuit.
V. Solutions to Ethical Questions
1. According to the code of the Institute of Electrical and Electronics Engineers
(IEEE), members of the IEEE are obligated to "accept responsibility in making
engineering decisions consistant with the safety, health, and welfare of the public, and
to disclose promptly factors that might endanger the public or the environment." This
requirement applies whether 500 or 500,000 machines are sold. Given the safety problems
with the machine, the danger should be disclosed. The The dangers may only rarely appear.
This is a factor in determinging how far one should go in trying to secure design changes.
The expense involved in the changes should also be considered.
2. Safety interlocks are inexpensive, and they could be featured prominently in
advertising. They might also prevent expensive lawsuits. The delay might be costly in the
short run, but pay off in the long run. Besides, it would definitely promote safety.
Management might even be able to get customers to accept the delay, considering that the
machine will be safer than the competition's product.
There are several models of professional responsibility. One model (the Malpractice Model) advocates only avoiding directly causing harm. The Due-Care Model promotes attempts to prevent problems, not simply not cause them. The second model clearly justifies making the safety changes. Which model do you think is more in accord with engineering professionalism?