Wreck diver killed by leaking computer - UK

Please register or login

Welcome to ScubaBoard, the world's largest scuba diving community. Registration is not required to read the forums, but we encourage you to join. Joining has its benefits and enables you to participate in the discussions.

Benefits of registering include

  • Ability to post and comment on topics and discussions.
  • A Free photo gallery to share your dive photos with the world.
  • You can make this box go away

Joining is quick and easy. Log in or Register now!

dmaziuk:
One kind of failure is when the device is dead. Another kind is when it gives you bad numbers. 5 can work against 4 failures of the former kind; with the latter all bets are off, generally speaking. Consensus vote only works if the majority agrees on the number.

The problem is slightly different with multiple controllers wrestling over one solenoid.
Click to expand...
Yes I simplified it, I said exactly the same thing a bit earlier on (see post below)

However with 2 not giving a result, this increases the chances that you are in fact having 3 failures and the third one is not reliable.

The real probability of having 2 failing without the 3rd one is probably hard to estimate.

IMHO, in a real life system, the probability of the third one not failing when the two other failed is a lot lower than the probability of this unit failing alone, because the failure could be due to a leak or a bad service or something similar that could affect all units.

It’s a bit similar to what’s the probability of flipping head:
  1. if you got two tails previously: it’s 1/2 of course as tosses as independent

  2. If you got 1 000 000 tails in a row previously. Maybe you want to check if you are not being tricked with a two tailed coin, that’s possibly more probable that 1/2 to the power of 1000000
BlueTrin:
You could do this with three sensors:
  1. No failures: 3 sensors give the same reading
  2. 1 failure: 2 sensors give the same reading and you are still fine and possibly indicate the failure
  3. 2 failures: if the two failures give no reading you just take the only reading and report 1/3 units possibly working. If the at least one of the two failures units give a reading, you cannot give a single value
3 units can guarantee only against 1 failure
5 against 2 failures maximum ?
Click to expand...
 
BlueTrin:
However with 2 not giving a result, this increases the chances that you are in fact having 3 failures and the third one is not reliable.
Click to expand...

You can do all sorts of tricks: probabilities, sanity checks (e.g. if your sensor was showing 21 a second ago and it's now 53, you can be sure it's a single bit flip. However one bit flip can turn 21 to 20, or 23, too... or 17.

The easy way out is to fail and let the human bail. If that's what you do, your extra devices are just redundant in the derogatory sense of the word.
 
broncobowsher:
Need to get away from the failed handset/controller being the cause. It was a problem, but not the only problem. Should have been completely safe and nothing more than a nuisance. There are other factors in this fatality. Either more equipment failure, poor training, or the failure to revert to the training. (poor planning is also possible but that goes back to the poor training or failure to revert to the training).
Click to expand...

On the stock JJ there's no ADV shutoff. Maybe he forgot to shut down his dil because he was using his wing a little or just forgets or doesn't think its relevant.

Breathes down the loop at 6m shooting a bag or looking around for buddies, or the boat noise distracts him, etc. His ADV fires, he's diving 10/50 dil (which is totally plausible for a 70m wreck dive). Two ADV squirts and the loop no longer supports life...
 
This accident looks like a tragic illustration of the Swiss cheese model: equipment failure + erroneous decision (staying on the loop) + failure to monitor pO2 + absence of team awareness...
Sad.
 
Jack Hammer:
Just for clarification, the CE JJ (European version) comes stock with an ADV MAV and an inline ADV shutoff. The non CE version does not include either.
Click to expand...
Yes didn't think about that it was probably a CE model in the UK. But it was older so who knows the exact configuration.
 
rjack321:
On the stock JJ there's no ADV shutoff. Maybe he forgot to shut down his dil because he was using his wing a little or just forgets or doesn't think its relevant.

Breathes down the loop at 6m shooting a bag or looking around for buddies, or the boat noise distracts him, etc. His ADV fires, he's diving 10/50 dil (which is totally plausible for a 70m wreck dive). Two ADV squirts and the loop no longer supports life...
Click to expand...
yep thats my take on it - manual not the norm
 
rjack321:
On the stock JJ there's no ADV shutoff. Maybe he forgot to shut down his dil because he was using his wing a little or just forgets or doesn't think its relevant.

Breathes down the loop at 6m shooting a bag or looking around for buddies, or the boat noise distracts him, etc. His ADV fires, he's diving 10/50 dil (which is totally plausible for a 70m wreck dive). Two ADV squirts and the loop no longer supports life...
Click to expand...
As an engineer and an O/C diver this worries me a lot. There is an automatic controller, programmed to keep the PPO2 in the breathing loop within a safe range at all times. Here you are saying it is possible the controller might initiate an action that would drop the PPO2 below the level needed to maintain consciousness. That would go against every principle of engineering critical systems.

How would this be possible? Because the percentage O2 in the dil wasn't correctly programmed into the controller? Even then, it is a closed-loop feedback system where the PPO2 is measured and fed back to the controller, isn't it?
 
John the Pom:
As an engineer and an O/C diver this worries me a lot. There is an automatic controller, programmed to keep the PPO2 in the breathing loop within a safe range at all times. Here you are saying it is possible the controller might initiate an action that would drop the PPO2 below the level needed to maintain consciousness. That would go against every principle of engineering critical systems.

How would this be possible? Because the percentage O2 in the dil wasn't correctly programmed into the controller? Even then, it is a closed-loop feedback system where the PPO2 is measured and fed back to the controller, isn't it?
Click to expand...

No, the controller and the ADV are two different things.

The controller is a computer that fires the solenoid to add O2 to the loop when the PO2 drops below setpoint.

The ADV isn't a piece of electronic equipment, it's basically an OC regulator that automatically injects diluent into the loop when the loop pressure drops below ambient by a certain amount. It's designed to keep loop volume up as you descend. Some people have shutoffs to keep it from firing inadvertently, since if you are just ascending (and not up and down exit like in a cave), you don't need dil on ascent. If your dil is hypoxic and the ADV keeps adding it in shallow enough water, you will get a hypoxic loop.
 
John the Pom:
Here you are saying it is possible the controller might initiate an action that would drop the PPO2 below the level needed to maintain consciousness. That would go against every principle of engineering critical systems.
Click to expand...

The problem is oxtox: raising PPO2 above the level needed to maintain consciousness. You can't have a "safe default" to fail on to.
 
You must log in or register to reply here.

Similar threads

DandyDon
Segontium wreck fatality - Anglesey, North Wales
Replies
0
Views
965
DandyDon
DandyDon
DandyDon
Diver crushed removing wrecks - Outer Hebrides, Scotland
Replies
7
Views
1,817
Jared0425
Jared0425
boulderjohn
Rental computers and newer divers
7 8 9
Replies
87
Views
5,656
Eric802
Eric802
DandyDon
Carbon Monoxide kills SSA diver - Australia
Replies
4
Views
1,345
DandyDon
DandyDon
DandyDon
Bozeman diver drowns attempting vehicle recovery - Montana
2 3 4
Replies
32
Views
4,975
Jared0425
Jared0425

Back
Top Bottom