Section 7 Power system development and integration
Clasification Society 2024 - Version 9.40
Clasifications Register Rules and Regulations - Rules and Regulations for the Classification of Naval Ships, January 2023 - Volume 3 Additional Class Notations - Part 1 Ship Type Capability - Chapter 6 Hybrid Electrical Power Systems - Section 7 Power system development and integration

Section 7 Power system development and integration

Parent topic: Chapter 6 Hybrid Electrical Power Systems

7.1 General

7.1.1 The activities specified in Vol 3, Pt 1, Ch 6, 7.2 System operational concept to Vol 3, Pt 1, Ch 6, 7.13 Through-life accountability: are to be undertaken to deliver and maintain a safe and dependable hybrid electrical power system throughout its development, detail design, construction, integration, verification and acceptance. Procedures are to be made available detailing how these activities will be maintained during ship operation, maintenance and disposal.

7.1.2 The activities should be based on the principles of the following five levels with measures adopted at each level being, as far as practicable, independent of each other:

  1. Prevention of abnormal operation and failures though design and high quality in construction, operating Rules and normal operating procedures;
  2. Control of abnormal operation and detection of failures through control, limiting and protection systems, monitoring/surveillance features and abnormal/emergency operating procedures;
  3. Control of hazards within the system design to protect against escalation to an incident or accident through engineered safety features and emergency operating procedures;
  4. In support of and coordinated by the Owner and ship designer, control of severe ship or infrastructure conditions that may exceed the system design intent including prevention of hazard progression and mitigation of hazardous consequences through complementary procedures and hazard management; and
  5. In support of and coordinated by the Owner and ship designer, mitigation of accident consequences through emergency response.

The system designer is to ensure adoption of principles (a) to (c) during the development and integration of the hybrid electrical power system providing evidence to LR through the documentation that is submitted for design review as detailed in Vol 2, Pt 9, Ch 1, 1.4 Documentation required for design review 1.4.28.

7.1.3 At each phase of a project integration activities are to be managed by a suitably competent single designated party and are to be carried out in accordance with a defined procedure identifying the roles, responsibilities and requirements of all parties involved.

7.1.4 Where the designated party changes during a project then there is to be a full and auditable transfer of necessary integration information between the parties.

7.1.5  Systems engineering processes are to comply with ISO 15288 Systems and Software Engineering – System Life Cycle Processes or an acceptable equivalent National or International Standard.

7.2 System operational concept

7.2.1 The system operational concept is to be defined including a description of how the control, alarm and safety systems for the hybrid electrical power system provide effective means for operation and control during all defined ship operational conditions.

7.2.2 The system operational concept is to detail the capability, functionality and modes of operation under defined operating and emergency conditions and is to be agreed between the designers and Owners.

7.2.3 The system operational concept is to be submitted for design review.

7.3 Operating modes

7.3.1 Operating modes for the hybrid electrical power system are to be defined and agreed between the designers and Owners.

7.3.2 Modes are to cover all normal and reasonably foreseeable abnormal operating and fault conditions.

7.3.3 Modes are to be compatible with the ship’s overall operating modes.

7.3.4 The sequence of transition between operating modes is to be defined for all normal and reasonably foreseeable abnormal operating and fault conditions.

7.3.5 A technical description is to be produced specifying for each of the ship’s possible operating modes:

  1. the type of each electrical power source used to supply the distribution system, such as a.c. generators, d.c. generators, converter, batteries, fuel cells and photovoltaics;
  2. the operating mode of each electrical power source such as constant voltage, constant current or variable voltage;
  3. the configuration of the electrical distribution system, including, but not limited to, the earthing and protection strategies to be used; and
  4. the worst-case failure design intent.

7.4 Consumer categorisation

7.4.1 Consumers supplied with electrical power from the hybrid electrical power system are to be categorised according to their function and the services that they provide in accordance with the requirements of Vol 2, Pt 9, Ch 1, 1.3 Definitions.

7.5 System components

7.5.1 The specifications for all components of the hybrid electrical power system (sources, stores, consumers, distribution system, energy management) are to be validated by the system designer for completeness and correctness in respect of the component’s integration into the overall power system. Validated specifications are to be submitted to LR.

7.5.2 Details of the following are to be specified:

  1. Operating modes and the transition between them;
  2. Control and monitoring functions;
  3. Mechanical components which might affect the hybrid notation (e.g. cooling units with piping arrangements, pumps, valves, etc.);
  4. Safety functions;
  5. Failure modes;
  6. Isolation;
  7. Initial and through-life verification of conformance; and
  8. Human element.

7.6 Energy flows

7.6.1 Energy flows within the hybrid electrical power system are to be determined for all operating modes and all normal and reasonably foreseeable abnormal operating and fault conditions.

7.6.2 The impact of transition between modes on energy flow is to be considered.

7.6.3 For Hybrid Power (+) notation energy flow is to be modelled by a dynamic simulation that can be exercised under normal, reasonably foreseeable abnormal operating and fault conditions and that is maintained for the life of the ship. This simulation may be deployed on board as described in Vol 3, Pt 1, Ch 6, 5.6 Energy management 5.6.7 in support of off-line consequence analysis.

7.6.4 Simulation tools are to conform to appropriate National or International Standards relevant to their use and are to have been validated in an equivalent application.

7.6.5 The dynamic simulation is to be verified against the energy flows encountered during the ship’s real performance to the extent that this is reasonably practicable.

7.6.6 Proprietary simulation tools not conforming to an appropriate National or International Standard will be subject to special consideration. This consideration will include:

  1. Pedigree of the underlying modelling platform on which the simulation is built;
  2. Qualitative assessment of the simulation's functional capabilities and model behaviours;
  3. Configuration management of the simulation model, its architecture, functional blocks and the parameters on which it is based;
  4. Prior quantitative assessment of the simulation’s performance in a similar application; and
  5. An engineering justification that the validation and verification of the simulation is sufficient to enable its application in all normal and reasonably foreseeable abnormal operating and fault conditions.

7.7 Power system analysis

7.7.1 The hybrid electrical power system is to be analysed for its electrical performance under all defined operating modes and all normal and reasonably foreseeable abnormal operating and fault conditions.

7.7.2 The analysis is to include, but not be limited to:

  1. Fault levels under short circuit conditions;
  2. Fault flows under short circuit and overload conditions;
  3. Protection device operation, discrimination and coordination;
  4. Quality of power supplies;
  5. Steady state performance;
  6. Transient performance;
  7. Earth fault currents;
  8. Resonance; and
  9. Common mode and circulating currents.

7.7.3 Information regarding the expected resistance, inductance and capacitance in the system and the installed components is to be provided as part of the analysis study as required by Vol 2, Pt 9, Ch 1, 1.4 Documentation required for design review. The values chosen are to be based upon the component tolerances which result in the worst case for each aspect of the analysis and are to be updated with actual values when determined from component, sub-system or system test.

7.7.4 For Hybrid Power (+) notation the analysis is to be by a dynamic simulation that can be exercised under all normal, abnormal and fault conditions, that is maintained for the life of the ship and that can be exercised to verify operation of the protection system including, but not limited to:

  1. Short circuit, single or multiple phases/poles;
  2. Overload;
  3. Overcurrent;
  4. Current imbalance;
  5. Voltage imbalance;
  6. Zone protection;
  7. Arc fault;
  8. Earth fault;
  9. Under/over voltage;
  10. Under/over frequency;
  11. Harmonic content;
  12. Quality of power supplies including degradation detection;
  13. Energy flow including any regeneration by consumers;
  14. Resonance and stability;
  15. Transient impact of fault detection, clearance and isolation;
  16. Transient impact of sources, stores and consumers being tripped or shut down;
  17. Transient impact of load changes, both increase and decrease; and
  18. Load sharing imbalance.

7.7.5 Simulation tools are to conform to appropriate National or International Standards relevant to their use and are to have been validated in an equivalent application.

7.7.6  The dynamic simulation is to be verified against the ship’s real performance to the extent that this is reasonably practicable.

7.8 Safety functions

7.8.1 Safety functions related to the hybrid electrical power system and its constituent parts are to be clearly defined covering their purpose, their functionality and their location.

7.8.2 Safety functions are to comply with Vol 2, Pt 9, Ch 8, 5 Programmable electronic systems (PES).

7.8.3 Safety functions including ESD, emergency stop and reversionary control procedures for the hybrid electrical power system are to be defined, fully documented and made available to the Operators, maintainers and regulatory authorities.

7.9 Risk assessment

7.9.1 Where the hybrid electrical power system introduces new technologies or topologies not covered by the current Rules and Regulations then a risk assessment study is to be carried out.

7.9.2 A formal method acceptable to LR is to be used to determine if new hazards or significantly greater hazards than those normally associated with the ship electrical power system that would be mitigated by compliance with the Rules and Regulations have been introduced (e.g. a preliminary hazard analysis or a structured checklist approach (HAZID) in accordance with ISO 31010, Risk management – Risk assessment techniques).

7.9.3 Where the results of this formal method establish that new hazards or topologies exist the risk assessment study is to be undertaken to a recognised standard that is acceptable to LR (e.g. ISO 31010, Risk management – Risk assessment techniques) and in accordance with ShipRight Procedure Risk Based Certification (RBC) and the associated annexes.

7.9.4 The objectives of the study are to:

  1. identify potential deviations from the intended operation of the hybrid electrical power system;
  2. identify the causes of each deviation, and the consequences for safety and dependability;
  3. list safeguards to minimise causes and consequences; and
  4. determine and recommend if further safeguards should be considered.

7.9.5 The scope of the study is to consider normal operation, start-up, normal shutdown, non-use and emergency shutdown of the hybrid electrical power system.

7.9.6 The risk assessment technique(s) selected are to be appropriate for their intended use and are to be accepted by LR.

7.10 System Failure Modes and Effects Analysis (FMEA)

7.10.1 An overall hybrid electrical power system FMEA is to be undertaken. The objectives of the analysis are to identify:

  1. potential failures;
  2. consequences of failure on the hybrid electrical power system and on ship operations;
  3. means to eliminate or prevent failure; and
  4. means to eliminate or minimise consequences.

7.10.2 The analysis may identify the requirement for safety measures in addition to those specifically stated in these Rules. Where additional safety measures are identified, evidence is to be provided that demonstrates how they are implemented and validated.

7.10.3 As a minimum, the scope of the analysis is to consider the ‘fail safe’ condition, location and arrangement of the critical system elements.

7.10.4 The analysis is to be undertaken to a recognised standard (e.g. IEC 60812, Analysis techniques for system reliability – Procedure for failure mode and effects analysis (FMEA)), or an equivalent and acceptable National or International Standard.

7.10.5 The FMEA is to consider but not be limited to:

  1. Hidden faults that are not annunciated to or evident to the Operator where a second subsequent fault can directly result in a significant failure and hazardous condition;
  2. Foreseeable inadvertent operation of the hybrid electrical power system;
  3. Failure to complete transition sequences (e.g. change of operating mode or response to a fault including its detection, clearance, isolation and reconfiguration);
  4. Items which can be dormantly failed and unavailable to perform their intended operation on demand (e.g. normal to backup changeover systems or standby start systems);
  5. Enabling systems not part of the hybrid electrical power system (e.g. fuel supply, lubrication, cooling and ventilation systems) whose failure could affect correct functioning of the hybrid electrical power system;
  6. Sensor and feedback errors in programmable electronic systems;
  7. Parameter corruption in programmable electronic systems (e.g. incorrect scaling factors, control rates, alarm thresholds or trip levels);
  8. Common cause effects in programmable electronic systems (e.g. network storms in networked systems, power supply faults, time dependent errors in operating systems with the potential to concurrently impact multiple redundant control or monitoring systems);
  9. Common cause effects in electrical power systems (e.g. power quality outside expected range or multiple earth faults in a parallel connected system);
  10. Consequential failures resulting from a single failure that are to be considered as an integral part of the single failure; and
  11. The viability of the role of the human in the detection and mitigation of faults.

7.10.6 Examples of devices in which hidden failures can occur that are detrimental to the dependability of a hybrid electrical power system include but are not limited to:

  1. Protection devices – protection relays, dead-bus sensing;
  2. Automatic isolation devices;
  3. Circuit breaker open/close/trip functions;
  4. Fault/current limitation devices;
  5. Arc detection;
  6. Load shedding devices;
  7. Safety devices;
  8. Fault detection systems;
  9. Alternator current boost systems;
  10. Interlocks and inter-trips;
  11. Automatic change-over systems, transfer and dual-feed arrangements;
  12. Stand-by start arrangements;
  13. Transducers/sensors – giving an incorrect output;
  14. Slow processors (e.g. watchdog functions);
  15. UPS backed-up supplies; and
  16. Active failures of control systems – working but not doing what was intended.

7.10.7 Hybrid electrical power system failure modes identified through the FMEA that could impact the safe operation and performance of any component of the system (source/store/consumer/combination/distribution system/energy management) are to be notified to, and acknowledged by, the party accountable for the safety of the component through an auditable process.

7.10.8 Component failure modes that could impact the safe operation and performance of the hybrid electrical power system are to be notified to, and acknowledged by, the hybrid electrical power system integrator through an auditable process.

7.10.9 For Hybrid Power (+) notation FMEAs for each of the key components of the system may be requested by LR in support of the system FMEA.

7.11 Operating instructions

7.11.1 Operating Manuals are to be provided on board and submitted for information where requested by LR. The manuals are to include, but not be limited to, the following information:

  1. Particulars and a description of the systems;
  2. Operating instructions for the equipment and systems (including fire isolation aspects);
  3. Maintenance instructions for the installed arrangements, including: procedures to prevent injury from electric shock and arc flash;
  4. Software configuration management procedures which are to include a list of all versions of the software installed in the system, and the settings, values of system or equipment specific configuration parameters; and
  5. Output from the risk assessment processes that is necessary for the safe operation of the system under all normal and reasonably foreseeable abnormal operating conditions.

7.11.2 Overall hybrid electrical power system operating instructions are to be verified by the system designer for their completeness and correctness in all operating modes and for all foreseeable normal and abnormal operating and fault conditions. The verified instructions are to be submitted to LR.

7.11.3 Consistency between the overall system instructions and those for each component of the system is to be confirmed by the system designer.

7.11.4 All mitigating actions arising from the FMEA that require manual intervention are to be confirmed as included in the operating instructions.

7.11.5 Procedures for reversionary (e.g. manual) control of the hybrid electrical power system are to be included and are to be verified during practical operation .

7.12 Operator training

7.12.1 Training needs specific to the ship and necessary for its safe operation are to be identified and documented in the ship’s Operating Manual.

7.12.2 For Hybrid Power (+) notation any ship-specific Operator training is to be verified for its completeness and correctness in all operating modes and for all foreseeable normal and abnormal operating and fault conditions with evidence of verification submitted to LR.

7.13 Through-life accountability:

7.13.1 The activities detailed in Vol 3, Pt 1, Ch 6, 7.2 System operational concept to Vol 3, Pt 1, Ch 6, 7.12 Operator training are to be maintained throughout the whole lifecycle of a ship and are to be verified at Periodic Survey.

7.13.2 Proposed changes to the hybrid electrical power system including its components that may impact on system safety or dependability are to be formally reviewed and accepted by the system integrator before their incorporation with details submitted to LR.

7.13.3 For Hybrid Power (+) notation details of incidents arising during any and all operations of the hybrid electrical power system that has, or could have, resulted in a hazardous consequence for people, platform or the environment are to be monitored.

Copyright 2022 Clasifications Register Group Limited, International Maritime Organization, International Labour Organization or Maritime and Coastguard Agency. All rights reserved. Clasifications Register Group Limited, its affiliates and subsidiaries and their respective officers, employees or agents are, individually and collectively, referred to in this clause as 'Clasifications Register'. Clasifications Register assumes no responsibility and shall not be liable to any person for any loss, damage or expense caused by reliance on the information or advice in this document or howsoever provided, unless that person has signed a contract with the relevant Clasifications Register entity for the provision of this information or advice and in that case any responsibility or liability is exclusively on the terms and conditions set out in that contract.