HOME

INTRODUCTION

REDUNDANCY

TRANSMISSIONS

STEERING

WEIGHT

MISCELLANEOUS

SUV STABILITY

DIALOG

FEEDBACK

REDUNDANCY

Have any of the following events happened to you and stopped your car cold?

  • Fuel pump failure

  • Ignition failure due to failed wire, connection, or other part

  • Radiator hose rupture

  • Weak, discharged or dead battery

  • Alternator or regulator failure

  • Structural failure of any sort; i.e.. suspension collapse

Once upon a time, we all thought such things were the perils of driving, especially when our cars approached the trade-in age of three years. Now, it can be shown that none of the above situations need stop any automobile, especially a luxury car for which up to several times the price of an inexpensive car has been paid. Next time you are stranded somewhere, remind your dealership, manufacturer and if need be, your attorney of some of the following engineering concepts which are feasible to incorporate into upcoming models.

It has long been the practice in the aircraft industry that either a critical part has to be duplicated (that is termed "redundancy") or if it cannot be duplicated, it has to be made so strong that it positively will not fail in use (that is termed "overdesigned"). In the automotive kingdom, redundancy is limited pretty much to dual tail lamps (since about 1938) and dual brake cylinders (introduced in the mid '60s). Dual brake cylinders have been mandated into law: a conventional brake cylinder pictured here works just as well as a dual, tandem unit, except when it fails, usually due to primary cup deterioration. With the brake cylinder illustrated, failure means loss of all hydraulic brakes. One must be quick on the mechanical hand brake to stop; only the two rear wheels were braked in this emergency situation; many accidents were caused by master cylinder breakdown. With a dual unit, (constructed essentially the same as the conventional one except that there are two primary cups, two pistons in tandem and two brake line connections), hydraulic function continues to two wheels (one front and one rear opposite each other in an "x" configuration). The conversion is instant, braking performance reasonably good and a warning light comes on to indicate the partial hydraulic failure. Now that is really good engineering; too bad it took a government mandate to make it universal. This type of engineering philosophy applied to the other automotive systems will indeed make cars roadworthy in the 21st Century. It will take some doing though on the part of consumer demands and compliant factory executive management to make it happen. Hopefully government intervention will be minimal but that remains to be seen.

Lets look at a few key components and examine them for redundancy:

  • Fuel system

  • Ignition system

  • Cooling system

  • Charging and Starting system

  • Suspension system

An automotive engineer has said that the probability of fuel pump failure is 3% in 100,000 miles. Strange, but my father lost a fuel pump on a practically new car. And when it does happen it is really inconvenient. With today's fuel pumps buried inside of the fuel tank, it is impossible to make a field repair. The solution is to design the system using two pumps, working in tandem through check valves. If one pump fails, the redundancy of the second pump provides fuel for continued operation. Ideally, one pump should be electric and the other pump mechanically driven by the engine, if that is feasible. A warning light on the dash would signal pump failure of one pump so that the operator can seek repair at his earliest opportunity.

The earliest cars and to this day, light aircraft, utilize the magneto ignition. This is a self-contained, engine driven ignition that works very simply: So long as the engine runs, the ignition works. So long as the ignition works, the engine runs. To turn such a system off, a grounding wire is used. If the grounding wire opens up or the switch fails, the engine continues to run. One must turn off the fuel to kill the engine if the single wire system fails. Then, came the Kettering ignition. We are familiar with that system as the "battery, breaker points, and coil" ignition. Here we are talking about a one-wire system, but if any part of this circuit opens, it stops sparking and the engine stops. Later came the transistorized ignition, the simplest of them just substituted a transistor switch circuit for the ignition points, thus eliminating the points or limiting the current through the points, greatly extending the intervals for routine maintenance. In general, these are multi-wire systems, and the failure of any will disable the ignition. Finally, we have evolved to the integrated fuel-injected system which combines ignition, fuel injection, and alternator control in one unit. This black box arrangement typically has 100 or more wires to potentially go wrong. While some logic is built in to enable the system to function in a "limp-home" mode if certain failures occur, there are any number of parts failures which will instantly disable this type of system. Field repair is all but impossible. One solution is to go all mechanical diesel. If gas engine technology is to be pursued, then a dual ignition system is needed, somewhat similar to that used in light aircraft. With such an automotive system, there would be two spark plugs per cylinder and two camshaft driven magnetos, appearing something akin to distributors. Each magneto generates its own low and high tension electrical power for its ignition function. Rather than use a breaker point design as is typical in aircraft, a transistorized design, in particular, a circuit known as a "capacitive discharge" circuit is used to provide the low tension pulses to each integral coil. Such an ignition system is a marvel of simplicity and with two of them, total redundancy, forever eliminating ignition failure. The engine would be able to run on one magneto if the other quits. A logic circuit upon startup would disable one ignition at a time to test for both functioning properly. If a failure is detected, a warning light on the dash would signal ignition failure and remind the driver to get service.

There is no need for a ruptured radiator or heater hose. The Aeroquip® hose is a braided metal-over-chemical- resistant-reinforced-rubber with swaged screw-on fittings. At the very worse, these hoses can, with long use, develop pin-hole leaks; they cannot rupture. Present day bulk hose or molded hose clamped in place is totally inadequate, prone to leakage and sudden rupture. It is amazing that clamped hoses are used everywhere under the hood, including for high pressure fuel lines and transmission fluid coolant lines.

If the charging system fails, in present day cars, the electrical system will operate for a time on battery. Within an hour or so, the voltage will drop to a point where the electrical fuel pump and ignition system will quit. A low or dead battery will prevent engine cranking and most cars will not start even if pushed or rolled downhill. Included are standard transmission cars which will rotate the engine with a push, but it is doubtful that a start can be achieved with cars equipped with fully integrated fuel injection systems. The answer to this problem is partly in the above section on magneto ignition and partly as follows: A booster pump, mechanically driven should be installed on the engine. Thus, all that is necessary is to turn the engine, with battery not needed for start. For very light cars with standard transmission, the car can be pushed to a start; but for larger cars, it is necessary to provide a secondary starter, not electric motor based. Believe it or not, the technology for batteryless start was developed sixty years ago! WWII planes had the capability of starting in one of two ways. First, there was the inertia starter. This was a flywheel motor spun up with a crank, then a button was pressed to engage the drive. The engine cranked and started utilizing the stored energy in the flywheel. The second method used nothing less than a blank shotgun shell. The cartridge was inserted in the breech, breech closed, then a mechanism fired the blank. The expanding gases powered a motor to turn over the engine. All cars should have some sort of emergency start mechanism built in because batteries and electrical systems can fail at any time. At least you will get home.

Some cars seem to lose alignment easily. Most McPherson struts are flimsy members with the lower control arm of the front suspension adjusted and clamped with two bolts. It is really the friction bond of the two bolts that keep the alignment angles set by the mechanic. There is cam action that is supposed to lock the assembly, but usually the fit of the cam to the strut projections is so loose that there is a lot of play in the assembly. A few bumps and the bolts slip in their elongated holes and the alignment is lost. These bolts incidentally, do not meet engineering acceptability because they have threads all the way up their shanks. It is considered wrong to apply shear forces on threaded areas of a bolt; thus, these bolts are subject to fracture if overloaded in shear. Alternative designs that work well include shim adjustment and in a later section, I will discuss the possibility of steering control trim.

Other places on the car which place fully threaded bolts in shear are the rear shock absorber retaining bolts (incidentally, on many cars, it is the shock absorber which retains the rear spring in place when in full extension; loss of this bolt can cause the spring to leave the vehicle!). Engineers have known for decades that many structural fasteners as used on vehicles are incorrectly selected. Most fasteners are overtorqued as well, which further weakens them in shear. Anyone who has a structural failure of a critical suspension component and suffers loss should seek counsel with engineering consultation. It is my opinion that all important structural members be secured by proper "AN" bolts or their equivalent with the smooth part of the shank carrying all shearing loads and front suspensions be designed using micrometer screw adjustment for the precise angles of wheel alignment. Bolts should then lock down the assembly for load bearing only, not for holding adjustment. All bolts and nuts should also be "safetied"  in some manner to keep them from loosening. Several choices are available to engineers, including self-locking nuts, safety wire, cotter keys. Few fasteners are safetied on cars; the manufacturers continue to rely on overtorquing.

TOP OF PAGE