Most of the companies use or envisage a full computed control for crosswind kites.
Is it reasonable for wings weighing tons and operating at more than 50 m/s at the end of 1 km-long tethers stretched out like guillotines, to have a computerized control as a single backup safety?
What happens when the automated control is failing? Within a kite-farm?
Also what strategies could be used to get wings out too much damage in the case of computed failure?
In some way architectures used by @someAWE_cb or @Rodread would allow avoiding a part of these problems as their rotating AWES can work without computerized control most of the time, even as both active and passive control are advisable.
Depends on how well the perimeter is secured. If there is no chance of people being there and the system has been proven to be reliable, computerized control might be enough.
I don’t think the rotary systems have passive physical control at the moment and can be ripped apart by centrifugal force, if uncontrolled.
To discuss security features including hardware I’d recommend choosing a specific system.
Crosswind kites in both flygen and reel-out/in yoyo systems are concerned. But the question as I envisage could comprise also something like what would be the parts of computerized Flight Control and passive Flight Control for different systems by detailling them respectively.
Ripped apart by centrifugal force is a failure mode I haven’t seen.
One of the outer rigid wings did slide 15mm out from the socket in the first test. Being tied in place through the spars and taped to the fuselage prevented repeat.
The tip bend upward due to unbridled lift… That’s the next worry.
I really like the question you raise as the premise for this thread @PierreB.
What are the safety backups?
Did Ampyx have talk of a parachute?
Which systems have glide controls which work after a tether separation? with redundant control circuitry and batteries onboard?
For the autogyro kite turbine network, there is as yet no implemented controller. This may not necessarily mean it is safer in the current working automaton state. Yet it would potentially offer a level of reliability and safety where a control system is later implemented.
Of note here. Some analysts haven’t included kite turbine motion as “crosswind” despite the kite path being exactly the same as other systems which they do consider as "crosswind. "
In my own opinion… a kite turbine stays deeper in the power zone when working, and with kites running smoothly at full whack. (all tech terms)
It is a good question and I have no good answers. We must hope the answers will emerge to make such AWE safe enough.
I believe everything connected to the tether may quite easily be made redundant, if the initial design is simple. That is, the kite can itself detect any failures and land before the consequences are a full crash. To enable this one option is:
redundant power storage for electronics
3 redundant processors
3 of each sensor
3 of each actuator, or at least an actuator combination to allow the loss of a single one
If you add this, the chances of a failure on these are very low.
There are still single points that cannot be made redundant
the software to detect failure modes
the winch (if one is necessary for landing)
the connection point to the tether
structural failure, eg broken wing
radio and GPS (if used)
I guess the probablility of one of these happening along with the probablility of a crash being fatal would have to be be small enough to warrant the usefullness of the plant.
Of these, the tether is the tricky one, as you want to optimize the dimensions as small as possible, while there is abrasion due to wear. If AWE succeeds, we will probably see some effort put into monitoring the condition of the tether.
The backup plan for tethet rupture for many rigs will be flight without tether, landing/crashing at a safe location.
Any power production will cause accidents. A coal power plant will on average have many fatalities. So do traditional windmills. I expect AWE would not necessarily be worst in class here… though the psycological «understood danger» may be quite big, much like nuclear power…
So to answer the question, I think the problem is not the computer, rather the issues with tether rupture for rigs with one or few tethers is the main culprit