Posts about: "High Pressure Shutoff Valve" [Posts: 31 Pages: 2]

Hi

This got me thinking, looking at the engine mounted shutoff valve (HPSOV) in ATA 76, I see that its operated by three sources

• FADEC, as discussed in a number of posts above
• RUN / CUTOFF switch
• engine fire control panel

I have a hard time believing the pilots would have touched the engine fire controls under such conditions (obviously they are highly trained for engine failure before Vr), but am I correct when I say that the behavior of the plane systems closely resembles what would happen if the engine fire signal was triggered?

• engine fuel spar and high-pressure valves would be cutoff (obviously)
• hydraulics pump would be depressurized and shutoff from the circuit
• electrical generators would be disconnected

We wouldn't be talking about this flight had this occured on a single engine, so I believe this should had happened on both at about the same time.

Looking at ATA26 the engine fire control panel is energized by the hot battery bus (HOT BB). Is it credible that a failure of the hot battery bus (for example due to damage or liquid ingress in the P300 panel ) could lead to this situation?

tdracer posted - " Commanded engine cutoff - the aisle stand fuel switch sends electrical signals to the spar valve and the "High Pressure Shutoff Valve" (HPSOV) in the Fuel Metering Unit, commanding them to open/close using aircraft power. The HPSOV is solenoid controlled, and near instantaneous. The solenoid is of a 'locking' type that needs to be powered both ways (for obvious reasons, you wouldn't want a loss of electrical power to shut down the engine). The fire handle does the same thing, via different electrical paths (i.e. separate wiring)."

Search this thread for "HPSOV" if you need confirmation of the quote.

Note there are two shut off fuel valves per engine - the HPSOV and the Spar valve. Both stay where they are if power is lost.

And that\x92s the only way it makes any sense.

Wouldn't "fail safe open" imply that the valves would open on loss of control signals or power. They don't. They stay just where they were before loss of power or control signal. If I understood tdracer's description of the HPSOV it can only be open or closed. That's not true of the spar valves which are motor driven and can stop in any intermediate position if power is lost.

The only way this is relevant to the accident is if the shut off valves had been commanded closed and then power had been lost. The valves would not open.

Agreed, my brevity in reply doesn't tell the whole story.
What I mean is that with engines running, fuel shut off valve(S) open, if there is a loss of electrical power the valves will remain open.
This is standard design on all the gas turbine engines I have worked on.

Without going round the hamsterwheel again does anyone have an actual reference for this? Because I've gone back through each of tdracer's very informative posts about this see here and there is a discrepancy in the two points he makes below in adjacent posts. Is tdracer talking about the same HPSOV valves? Can anyone confirm that with both AC power loss and and a temporary DC power loss there are no critical engine related shutoff valves that will fail safe (unpowered) in a closed position?

The spring loaded valve he is talking about is surely behind (in sequence) the engine driven fuel pump. It assures that no fuel is leaking into the engine while the engine isn't running.
However, it could easily have different modes of operation (closed, electrically actuated), activated (electrically actuated), open (transition from activated + fuel pressure > 300psi).

Thanks for those two quotes. I had only used the first one in my previous reference to HPSOV operation. I have only been involved with Boeing spar valves and not any HPSOV. However, I do not see that spring shutoff when less than 300 psi is in conflict with staying open if electrical power is lost.

Hopefully tdracer will provide more detail if/when he re-joins the discussion.

There's actually no discrepancy.

The HPSOV is made up of 2 parts which I'll call the main valve and the pilot valve. The pilot valve is actuated by a solenoid and supplied with fuel from the high-pressure side. The main valve is held shut by a spring. As long as the pilot valve is open and the high-pressure fuel pump is operating, fuel flows through the pilot valve, then pushes and holds the main valve open. The pilot valve and solenoid are 'latching,' i.e. they maintain their position until electrical power is applied. However, a certain pressure still has to be provided by the pump in order to hold the main valve open. Note that when I say 'high-pressure fuel pump,' I'm referring to the one that's mechanically driven by the engine's high-pressure shaft, not any of the electric pumps.



Note: The HPSOV is mistakenly labeled as 'PSOV' in this diagram.

HPSOVs within the FADEC are solenoid controlled but hydraulic (fuel) actuated. The valve will remain in the last commanded position if power is lost. This is very unlikely as FADECs have a small gearbox driven generator that supplies basic electrical power and engine speed info for engine control and command functions.

LPSOVs are motor driven sliding gate valves 28V DC from a hot battery bus.

Why would spring loaded valves fail on both engines? The final valve in the GEnx Fuel Metering Unit (FMU) before the fuel flow meter and things like the fuel nozzles, is called the HPSOV and is spring loaded to closed, but fuel from the Fuel Metering Valve (FMV) can keep it open with minimal pressure (certainly enough presssure for engine start). Tank electric pumps and the engine-mounted, mechanically-driven two-stage pump supply fuel to the Fuel Metering Valve. During main tank pump failure, the engine mounted pump suction feeds the engine. There are altitude limitations during climb (according to the FCOM).

There are several ways that the HPSOV can close:
An EEC (engine ECU) can close the upstream Fuel Metering Valve (FMV) electronically, so the HPSOV will lose its opening pressure.
The HPSOV can be acted on by a Shutoff Solenoid Valve (which directs fuel pressure in an opposite manner to the pressure coming from the Fuel Metering Valve).

Unfortunately, the diagram I am using is truncated, and I can't see if the Shutoff Solenoid Valve is magnetically latched in its last commanded position like typical fuel shutoff valves. Nor can I see what controls it. I suspect things like the respective cockpit fire handle and fuel cutoff lever, but also EEC commands.

There is probably a copyright on the diagram, so I won't post it here. Perhaps someone can fill in the gaps for me?