dave@murphy.UUCP (Lerxt) (10/15/86)
Summary: software-controlled power down may violate electrical codes
Line eater: yes
Apology: My apologies if you are seeing this for the second time. I tried
to post it yesterday, but it never appeared in the newsgroup, so my gateway
machine appears to have thrown it on the floor, but I'm not certain.
I have been following the discussion about the 3b2's which switch their own
power on and off via software-controlled relays or triacs. (Did anyone in
netland ever see the Apple Lisas that also did this? When you turned the
power off, a box appeared on the screen that said "The Lisa is preparing to
shut down", followed a couple of minutes later by another box saying "The
Lisa is shutting down", after which the screen would slowly and dramatically
fade to black, and then a relay would click and the light in the power switch
would go out.) I got to thinking about some things that I picked up about
electrical codes from my father (that's what happens when you have an EE for
a father :-)), and this occurred to me: those 3b2's and Lisas might be
violating the electrical codes in a number of cities.
Here's the deal: the National Electrical Code, which a number of cities and
states have adopted as their local code, specifies that any electrical device
must have at least *two* mechanisms for shutting off the power (switch,
circuit breaker, plug that can be pulled from an outlet, etc.). These
cutoffs must meet these criteria:
1. A cutoff must be within 1000 feet of the device that it controls.
2. The cutoff must be visible from the device and vice versa.
3. The cutoff must be "readily accessible". The phrase is open to inter-
pretation, but generally it means that the cutoff must be clearly labeled,
in a freely accessible area (i.e., not in a locked room), the cutoff must
not be locked, taped, or screwed down, and must not be inside the cabinet
of the device that it controls.
4. The cutoff must be "reliable", which means that it is capable of
interrupting the load and that the probability of the cutoff failing to
work when activated is low.
There are some exceptions to the two-cutoff requirement for low-amperage
120-volt devices; the 3b2 may qualify as a low-amperage device which
admittedly makes this argument moot. Still, most minis (Vax 11/7xx and 86xx,
for example) do not qualify and are subject to the two-cutoff provision.
Now, on most computers, the power switch on the front panel is one cutoff,
and either the line cord, a back-panel circuit breaker, or a nearby branch
circuit breaker is the second. However, I don't believe that the power
switch on the 3b2 meets the criteria for a cutoff, since software can delay
the power interruption or even disable it altogether. If there is no readily
accessible circuit breaker on the machine (breakers inside the cabinet don't
count), then there is only one cutoff: the line cord. Big deal, you say; all
you have to do is pull the plug out. Well, what if the line cord overheats,
or the insulation cracks? Do you know where the circuit breaker for that
outlet is? Can you even get to it, or is it in a locked electrical area? At
our site, we have two upstairs machine rooms whose breakers are in another
area. Since the plugs are mostly in either the ceiling or the floor, we had
to install "panic buttons" that shut off power to the room to meet the two-
disconnect requirement.
Is the 3b2 UL-certified, and does it have a circuit breaker on the back
panel? If not, then I'd be a bit surprised that it would pass UL inspection.
Please not that this is not a flame against the 3b2 in general, just against
this particular feature.
The moral of the story is: software-controlled power disconnect is a code
loser. If you're designing a computer, and you're thinking about putting
this feature in, DON'T!
---
It's been said by many a wise philosopher that when you die and your soul
goes to its final resting place, it has to make a connection in Atlanta.
Dave Cornutt, Gould Computer Systems, Ft. Lauderdale, FL
UUCP: ...{sun,pur-ee,brl-bmd}!gould!dcornutt
or ...!ucf-cs!novavax!houligan!dcornutt
ARPA: wait a minute, I've almost got it...
"The opinions expressed herein are not necessarily those of my employer,
not necessarily mine, and probably not necessary."james@reality1.UUCP (james) (10/27/86)
The 3b2 meets these requirements. In the unlikely event that the 3b2 refuses to recognize the power off request, you just hit the reset button and then the power switch, and this *will* work every time. Note that the reset switch is as destructive as pulling the power cord. And in any case were it necessary to meet some law on this, you could put a litte power isolator with a switch on the power cord, and this would give you that switch and pulling the plug, or both of the required cutoffs. So meeting the requirements is pretty trivial. Doesn't anybody care about file system integrity any more? It is exceedingly rare that power must be cut off without even time for a sync. I can't even think of such a case off hand. If unix machines are ever going to be used by non-programmers, those people are going to have to be protected from themselves to a certain extent. So long as they can cut the power off, what's wrong with doing a sync and letting their file system survive? -- James R. Van Artsdalen ...!ut-ngp!utastro!osi3b2!james "Live Free or Die"
jgs@sfmag.UUCP (J.G.Smits) (10/27/86)
> Summary: software-controlled power down may violate electrical codes > Line eater: yes > Apology: My apologies if you are seeing this for the second time. I tried > to post it yesterday, but it never appeared in the newsgroup, so my gateway > machine appears to have thrown it on the floor, but I'm not certain. > > (...) > Is the 3b2 UL-certified, and does it have a circuit breaker on the back > panel? If not, then I'd be a bit surprised that it would pass UL inspection. > Please not that this is not a flame against the 3b2 in general, just against > this particular feature. The 3b2 is UL listed Data Processing Equipment code "66L0". (I just looked at the back of the machine...I don't understand electrical codes or what this actually means.) The 3b2 also meets FCC Part 15 as Class A Data Processing Equipment.... > > The moral of the story is: software-controlled power disconnect is a code > loser. If you're designing a computer, and you're thinking about putting > this feature in, DON'T! > (...) > Dave Cornutt, Gould Computer Systems, Ft. Lauderdale, FL > (...) Soft power switches are a valuable feature. They provide a means for naive users to turn the machines off without corrupting the machine. I don't believe there are any electrical code problems with the 3B2's implementation of the feature. If anyone on the net knows of a case where a machine with a soft-power switch violates a local code, I'd be interested. I'll summarize to the net if there is sufficent interest. Jeff Smits AT&T Information Systems ...ihnp4!attunix!jgs 190 River Rd. Summit, NJ 07901 (201)-522-6263
mark@cogent.UUCP (Mark Steven Jeghers) (10/27/86)
In article <105@houligan.UUCP> dave@murphy.UUCP (Lerxt) writes: > >must have at least *two* mechanisms for shutting off the power (switch, >circuit breaker, plug that can be pulled from an outlet, etc.). These ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ We have had to pull our 3b2's plug many times because the automatic powerdown sequence failed to work. >4. The cutoff must be "reliable", which means that it is capable of >interrupting the load and that the probability of the cutoff failing to >work when activated is low. The 3b2's shutdown is *not* reliable, or else we wouldn't be forced to pull it's plug so often. p.s. in light of the grossly disappointing performance of the 3b2, we are now quite happy to pull it's plug ... permanently. (Flames from AT&T will be discarded so save your breath, guys.) -- +----------------------------------------------------------------------------+ | Mark Steven Jeghers - the living incarnation of "Deep-Thought" | | ("You won't like the answer ... you didn't ask it very well.") | | | | {ihnp4,cbosgd,lll-lcc,lll-crg}|{dual,ptsfa}!cogent!mark | | ^^^^^^-------recommended------^^^^^ | | | | "A poodle-free world within a decade. We can do it...together!" | | | | Cogent Software Solutions can not be held responsible for anything said | | by the above person since they have no control over him in the first place | +----------------------------------------------------------------------------+
carroll@snail.CS.UIUC.EDU (10/29/86)
/* Written 1:55 am Oct 27, 1986 by james@reality1.UUCP in snail:net.unix */ (...) Doesn't anybody care about file system integrity any more? It is exceedingly rare that power must be cut off without even time for a sync. I can't even think of such a case off hand. (...) -- James R. Van Artsdalen ...!ut-ngp!utastro!osi3b2!james "Live Free or Die" /* End of text from snail:net.unix */ Well, when the machine totally locks up (which happens to our 3b2's not too infrequently), it's a little hard to do a sync.
dean@violet.berkeley.edu (/violet_g/dean) (10/31/86)
In article <3800010@snail> carroll@snail.CS.UIUC.EDU writes: >Doesn't anybody care about file system integrity any more? It is exceedingly >rare that power must be cut off without even time for a sync. I can't even >think of such a case off hand. This discussion brings to mind an interesting "feature" on the disk drive cabinet in the Data General MV series. There is a rocker switch for the cabinet's power on its top front edge (right where you might bump it accidentally). But that's OK (one thinks) because there is an interlock switch on the CPU cabinet that apparently disables the drive cabinet's power switch, so it can't be accidentally shut off during operation. Does it do that? No. Why not? The word we got was that DG originally designed it that way, but then ran afoul of an electrical code regulation stating that EACH cabinet must have a power switch that will allow it to be easily and instantly turned off in the event of an emergency. In our lab that meant that we had to build little plexiglass protectors to keep the switches safe. Sigh... (which didn't help when a ladder fell on the drive cabinet, but that's another tale). -Dean (dean@violet.berkeley.edu) (but the story comes from my days as uw-nsr!dean@uw-beaver.arpa)
perl@rdin.UUCP (Robert Perlberg) (10/31/86)
>The moral of the story is: software-controlled power disconnect is a code >loser. If you're designing a computer, and you're thinking about putting >this feature in, DON'T! That's a very narrow-minded statement. There's no reason why you can't equip a machine with a software-controlled disconnect AND two code-conforming disconnects. (Or 3, or 4, for that matter.) With the number of super-jerko-dummy computer users in the world at an all-time high and climbing, I cannot conscience doing away with something that makes the world safer for all concerned. Robert Perlberg Resource Dynamics Inc. New York {philabs|delftcc}!rdin!perl
rbl@nitrex.UUCP ( Dr. Robin Lake ) (11/03/86)
.... And my General Electric VCR has two modes (Timer and "OTC") where the Power button will NOT turn it off. It, too, is UL listed. Robin Lake cbatt!nitrex!rbl decvax!cwruecmp!nitrex!rbl