The oil pan, the electronics box in front, and the remote computer control cabinet at the rear.The high power machining unit of the EDM after the fire.The modem circuit in the EDM electronics box where the failure occurred.
EDM Fire: System Design Failure
Click images within report to see full content
Electrical Discharge Machining (EDM) uses an arc passed across the top of a piece of metal to remove material. It can be more precise than milling with a mechanical cutter, and eliminates the need to change milling tools. The process takes tens of hours and uses computer control, which gives the option to run the machine unattended through several work shifts or over a weekend, an enticing feature when justifying the high cost of the machine.
The weekend alarm at the small exurb commercial building brought the local fire firefighters. They found no smoke or fire yet noted water running out from beneath the building’s doors. Turning off the sprinkler system would shift any fire liability to the fire department so they would never do that unilaterally. Since there was no fire, they had no other approved response and thus returned to their station.
On Monday the owner found the same running water condition outside and discovered that his EDM machine had burned and been extinguished by the building’s automatic sprinkler system, which continued to spray even as he assessed the damage.
His property insurance company referred the claim for the machine fire to its manufacturer and, quite commonly, provided no insurance for flooding.
The assignment called for determining the cause of the fire and exploring a subrogation claim against the manufacturer for the water damage to the building.
The machine has an electric probe that operates just above the desired metal part when creating the arc. The process works under oil for cooling, and to avoid warping the part. The oil leaked out. The fire started when the surface of the oil at the arc mixed with oxygen from the air. There are heat and oil level sensors, as well as others, that should warn the remote operating computer of an impending disaster and shut down the considerable power supplied to the arc.
In this design, there was one fiber optic control path used for both controlling the EDM and sending alarm signals back to the computer. A modem on one end of this cable had failed, blocking the signals that would notify the computer of trouble, and safely shut down the EDM. Remote control of systems should have redundant sensors and switches that will shut down the machine even when computer control is lost. Further modem signal links should include a “watchdog” pulse that occurs every few seconds. If the system doesn’t get this “I’m checking in” signal it assumes a lost communication link and affects a fail-safe shutdown.
The manufacturing company denied liability citing an instruction in their operating manual warning that a machinist must be in attendance whenever the machine is operating. However their sales literature and communication touted the savings when using a machine that could operate unattended. Such unattended use was predictable, and therefore basic design concepts dictated incorporation of redundant safety controls and the use of the watchdog signal in lieu of merely instructing against the danger. These elements formed the conclusion of the report in this case.
Fire Cause and Origin
Power Wiring and Circuits
National Electrical Code (NEC)
General Order 95
Electrician Trade Practice
Lock Out / Tag Out
708 Trancas Street
Napa, CA 94558