Electronics Guide

Aviation Accidents

Aircraft operate in challenging electromagnetic environments and depend on electronic systems for navigation, communication, and flight control:

Portable electronic devices: Investigation may consider whether passenger electronic devices interfered with aircraft systems. While modern aircraft are designed to tolerate typical PED emissions, unusual devices or multiple devices operating simultaneously could potentially exceed design margins.

High-intensity radiated fields: Aircraft encounter powerful radar installations, high-power broadcast transmitters, and military systems that may produce field strengths exceeding design assumptions. Investigation traces flight paths relative to known high-field locations.

Lightning effects: Lightning strikes can induce transients that exceed protection capabilities. Investigation examines evidence of lightning strikes, including burn marks, magnetization of ferrous components, and recorded atmospheric conditions.

Wiring degradation: Aircraft wiring ages and degrades over service life, potentially creating new coupling paths or reducing shielding effectiveness. Investigation assesses wiring condition and maintenance history.

Aviation accident investigation is typically conducted by specialized agencies (such as the NTSB in the United States) with established protocols. EMC experts may participate as technical specialists within these structured investigations.

Automotive Accidents

Modern vehicles contain numerous electronic systems including engine control, braking (ABS, electronic stability control), steering assist, airbag deployment, and advanced driver assistance systems. Potential EMC-related accident scenarios include:

Sudden unintended acceleration: EMI affecting throttle control systems has been investigated in numerous high-profile cases. Investigation examines electronic throttle control modules, pedal position sensors, and potential interference sources.

Brake system failures: Anti-lock braking and electronic stability systems can be affected by interference. Investigation considers whether brake system electronics experienced EMI-induced failures.

Airbag deployment failures: Airbags may fail to deploy when needed or deploy unexpectedly due to EMI affecting crash sensors or deployment circuits. Evidence of deployment or non-deployment is analyzed relative to crash characteristics.

ADAS malfunctions: Advanced driver assistance features including lane keeping, adaptive cruise control, and collision avoidance may malfunction due to sensor interference. Investigation examines whether radar, camera, or lidar systems were affected by EMI.

Automotive investigation often involves event data recorder (EDR) download, which may capture electronic system states before and during an accident.

Rail Accidents

Railway systems rely on signaling, communication, and control systems that may be affected by EMI:

Signaling system failures: False clear signals or failure to detect train presence can lead to collisions. Investigation examines signaling equipment, track circuits, and potential interference from traction systems or external sources.

Positive train control failures: PTC systems use GPS, radio communication, and onboard computers to prevent collisions and overspeed events. Investigation considers whether EMI affected any component of the PTC chain.

Grade crossing failures: Automatic warning systems at grade crossings may fail to activate or may activate incorrectly. The electromagnetic environment at crossings, including nearby power lines and vehicle traffic, is relevant to investigation.

Traction system interference: High-power traction systems generate significant electromagnetic emissions that may affect other train systems or wayside equipment. Investigation considers whether traction-related interference was a factor.

Marine Accidents

Vessels depend on navigation, communication, and control systems operating in a demanding electromagnetic environment:

Navigation system failures: GPS, radar, AIS, and electronic chart systems may experience interference that affects vessel navigation. Investigation examines whether navigation errors resulted from EMI.

Communication failures: Ship-to-shore and ship-to-ship communication failures may contribute to collisions or groundings. Investigation considers whether radio systems experienced interference.

Propulsion and steering control: Electronic engine and steering controls on modern vessels may be affected by interference from onboard or external sources. Investigation examines control system behavior and potential EMI sources.

Implantable Device Events

Implanted devices operate within the body and may be affected by external electromagnetic sources:

Cardiac pacemakers and ICDs: These devices may experience inappropriate inhibition, inappropriate pacing, or inappropriate shock delivery when exposed to electromagnetic fields. Investigation examines device logs, autopsy findings, and the electromagnetic environment the patient encountered.

Implanted insulin pumps: Interference may affect insulin delivery, potentially causing hypoglycemia or hyperglycemia. Investigation correlates patient glucose levels with device function and environmental exposure.

Neurostimulators: Devices for pain management, epilepsy control, or movement disorders may malfunction due to EMI. Patient symptoms and device logs provide evidence of potential interference events.

Implantable device investigation is complicated by the fact that the device is typically inside a living or deceased patient. Device interrogation, explant for analysis, and autopsy may be required. Coordination with medical professionals is essential.

Hospital Equipment Failures

Hospitals contain numerous electronic medical devices in a complex electromagnetic environment:

Patient monitoring failures: Monitors displaying incorrect vital signs or failing to alarm can lead to delayed treatment. Investigation examines monitor function and potential sources of interference in the clinical environment.

Infusion pump malfunctions: Medication delivery errors may result from EMI affecting infusion pumps. Investigation analyzes pump behavior, error logs, and nearby equipment operation.

Imaging equipment interference: MRI, CT, and other imaging equipment may produce images with artifacts or incorrect diagnostic information due to EMI. Patient harm may result from misdiagnosis based on degraded images.

Telemetry system failures: Wireless patient monitoring depends on radio systems that may experience interference. Investigation considers whether telemetry failures contributed to adverse outcomes.

Home Medical Equipment

Medical devices used in home settings encounter less controlled electromagnetic environments:

Home ventilators: Life-sustaining ventilators may malfunction due to power quality issues or radiated interference from household devices. Investigation examines the home electromagnetic environment and device condition.

Home dialysis equipment: Interference may affect dialysis monitoring and control. Investigation considers whether treatment errors resulted from EMI.

Patient-worn devices: Devices such as continuous glucose monitors, ambulatory cardiac monitors, and wearable defibrillators operate in varied environments where unexpected interference may occur.

Medical Device Investigation Protocols

Investigation of medical device failures follows established protocols:

Device preservation: Secure the device without powering on or attempting repair. Preserve all accessories, packaging, and associated documentation.

Data extraction: Many medical devices maintain internal logs that capture operating parameters and detected anomalies. Extract this data using appropriate tools and procedures.

Clinical correlation: Coordinate with medical professionals to understand the clinical circumstances of the failure. Medical records provide context for interpreting device data.

Regulatory reporting: Medical device failures often require reporting to regulatory agencies such as the FDA. Investigation supports accurate reporting and potential recall decisions.

Process Control System Failures

Industrial process control systems manage complex operations with potentially hazardous materials:

PLC and DCS malfunctions: Programmable logic controllers and distributed control systems may experience interference that causes incorrect outputs. Investigation examines controller behavior, I/O module function, and field wiring.

Sensor errors: Temperature, pressure, level, and flow sensors may produce incorrect readings due to EMI. Investigation determines whether sensor errors contributed to unsafe operating conditions.

Variable frequency drive interference: VFDs generate significant electromagnetic emissions that may affect other process equipment. Investigation considers whether VFD emissions affected sensors or control systems.

Fieldbus communication failures: Industrial communication networks may experience errors or failures due to EMI. Investigation examines communication integrity and error rates.

Safety System Failures

Industrial safety systems are designed to prevent or mitigate accidents. Their failure to operate correctly is a primary focus of accident investigation:

Emergency shutdown system failures: ESD systems should halt hazardous operations when unsafe conditions are detected. Investigation examines whether EMI prevented proper ESD initiation or execution.

Fire and gas detection failures: Detection systems that fail to alarm may allow hazardous conditions to develop. Investigation considers whether interference affected detector sensitivity or communication.

Burner management system failures: BMS failures may result in unsafe furnace or boiler operation. Investigation examines flame detection, fuel valve control, and ignition sequences.

Safety instrumented function failures: SIF components are designed to high safety integrity levels. Failure analysis must determine whether EMC was a factor in SIF failure.

Explosive Atmosphere Ignition

In hazardous locations where explosive atmospheres may exist, electromagnetic energy can provide ignition:

Radio frequency ignition: RF fields can induce currents in conductive objects, creating sparks or heating that ignites explosive atmospheres. Investigation examines RF sources and potential ignition mechanisms.

Static discharge: Electrostatic discharge in hazardous locations may ignite flammable atmospheres. Investigation considers material handling, personnel grounding, and atmospheric conditions.

Intrinsic safety barrier failures: IS barriers are designed to limit energy that can enter hazardous locations. Investigation examines whether barrier failures allowed ignition-capable energy into hazardous areas.

Robot and Automation Failures

Industrial robots and automated systems may behave unexpectedly due to EMI:

Unintended motion: Robots moving unexpectedly may strike workers or equipment. Investigation examines controller behavior, sensor function, and potential interference sources.

Position errors: Robots that position incorrectly may damage workpieces, tools, or fixtures. Investigation considers whether EMI affected position feedback systems.

Safety interlock bypasses: Light curtains, safety mats, and other interlocks may fail to stop motion due to interference. Investigation examines safety system function and integrity.

Emergency Communication Failures

Failures in emergency communication systems can have life-threatening consequences:

911/emergency call failures: Inability to complete emergency calls may delay response. Investigation examines cellular system performance, potential interference sources, and call records.

Public safety radio failures: Police, fire, and EMS communication failures may impair emergency response. Investigation considers whether interference affected radio coverage or clarity.

Emergency notification system failures: Alert systems that fail to activate may leave populations unwarned. Investigation examines system function and the electromagnetic environment.

Aviation and Maritime Communication

Transportation communication failures can prevent critical coordination:

Air traffic control communication: Radio interference affecting pilot-controller communication may contribute to near misses or accidents. Investigation examines radio system performance and potential interference.

Maritime distress communication: Failure to receive or transmit distress signals may delay rescue. Investigation considers whether interference affected distress communication systems.

Intentional Interference

Some communication failures may result from deliberate interference:

Jamming: Intentional jamming of communication or navigation signals may cause accidents. Investigation examines whether abnormal signals were present and attempts to identify sources.

Spoofing: False signals that deceive receivers may cause navigation errors or incorrect operational decisions. Investigation looks for evidence of anomalous signal characteristics.

Grid Disturbance Effects

Power quality events may cascade into equipment failures and accidents:

Voltage sags and interruptions: Brief voltage reductions or interruptions may cause control system upsets, computer restarts, or protection system malfunctions. Investigation correlates power quality data with observed failures.

Overvoltage events: Switching transients, lightning, or fault conditions may produce overvoltages that damage equipment. Investigation examines equipment damage patterns and power system event records.

Frequency excursions: Large frequency deviations may affect equipment timing or cause protective tripping. Investigation considers whether frequency events affected time-critical systems.

Harmonic distortion: High harmonic levels may cause overheating, relay misoperation, or communication interference. Investigation examines power quality measurements and equipment thermal damage.

Lightning-Related Events

Lightning represents a severe electromagnetic threat that can cause widespread damage:

Direct strike effects: Direct strikes may cause massive equipment damage, fires, and injuries. Investigation looks for evidence of strike attachment points and current paths.

Induced effects: Lightning-induced surges may affect equipment over a wide area. Investigation correlates damage patterns with lightning location data.

Ground potential rise: During lightning or fault events, ground potential differences may expose equipment to damaging voltages. Investigation examines grounding system performance during the event.

Electrical Fire Investigation

Fires involving electrical equipment may have EMC-related aspects:

Overcurrent protection failures: Protection devices that fail to interrupt fault current may allow fires to develop. Investigation examines protection coordination and device performance.

Arc fault ignition: Arcing at poor connections or damaged insulation may ignite fires. Investigation looks for arc damage evidence and conditions that promoted arcing.

Electromagnetic heating: RF or induction heating of unsuitable materials may cause fires. Investigation considers whether electromagnetic energy sources were present.

Safety-Critical Data Corruption

Data errors in safety-critical systems may have severe consequences:

Flight management system errors: Corrupted navigation data may cause aircraft to deviate from intended courses. Investigation examines flight data recordings and navigation system logs.

Medical record errors: Incorrect patient data may lead to treatment errors. Investigation correlates data anomalies with potential EMI events.

Process control data errors: Incorrect process data may cause unsafe operating conditions. Investigation examines control system data integrity and communication error rates.

Financial System Errors

Data corruption in financial systems may cause significant losses:

Transaction errors: Corrupted transaction data may cause incorrect account balances. Investigation traces error patterns to potential EMI sources.

Trading system errors: Errors in trading systems may result in unintended trades. Investigation examines system logs and environmental conditions.

Data Integrity Investigation

Investigating data corruption requires specialized techniques:

Error pattern analysis: The pattern of data errors may indicate the corruption mechanism. Single-bit errors, burst errors, and systematic errors have different signatures.

Communication link analysis: Examine error rates and correction statistics on communication links. Correlation with interference events helps establish causation.

Storage system analysis: Storage media may be analyzed for evidence of electromagnetic damage or recording errors.

Safety System Function Analysis

Determine whether the safety system was engaged and whether it operated as intended:

Sensor performance: Did sensors detect the hazardous condition? If not, was sensor function compromised by EMI?

Logic execution: Did the safety logic correctly process sensor inputs and determine appropriate action? Were logic decisions affected by interference?

Final element operation: Did final elements (valves, contactors, brakes) operate as commanded? Were commands correctly transmitted?

Response timing: Did the safety system respond within required time limits? Were there delays attributable to interference?

Common Cause Failure Analysis

Investigate whether EMI caused common cause failures that defeated redundancy:

Identical component susceptibility: Redundant channels using identical components may be equally susceptible to the same interference.

Shared coupling paths: Redundant channels sharing cable routes or power supplies may experience correlated interference.

Environmental commonality: Redundant systems in the same location experience the same electromagnetic environment.

Safety Integrity Level Assessment

Evaluate whether the safety system achieved its designed safety integrity level:

EMC as systematic failure cause: Inadequate EMC design may represent a systematic failure that limits achievable SIL.

Random failure rate effects: EMI that accelerates component degradation may increase random failure rates above design assumptions.

Diagnostic coverage: EMI may affect diagnostic functions that detect degraded performance, reducing diagnostic coverage below design assumptions.

Event Sequencing

Establish the temporal sequence of events leading to the accident:

Timeline construction: Create a detailed timeline using available data sources including event logs, witness accounts, recordings, and physical evidence. Synchronize time bases across different sources.

Latent conditions: Identify conditions that existed before the accident sequence began and that created vulnerability to EMC effects. These may include design weaknesses, degraded shielding, or unusual electromagnetic environment.

Triggering events: Identify events that initiated the accident sequence. EMC-related triggers might include introduction of new interference sources, environmental changes, or equipment failures that created new coupling paths.

Propagation and escalation: Trace how initial events led to subsequent failures and how the accident escalated. EMC effects may appear at any point in this progression.

Barrier Analysis

Examine the barriers (controls and safeguards) that should have prevented the accident:

Barrier identification: Identify all barriers that were in place to prevent the type of accident that occurred. These include physical barriers, safety systems, procedures, and human actions.

Barrier performance: For each barrier, determine whether it functioned as intended. If not, determine why it failed.

EMC effects on barriers: Assess whether EMC affected the performance of any barriers. Interference might have prevented safety systems from detecting or responding to hazards, or might have corrupted information used by human operators.

Causal Factor Charting

Document causal relationships in a structured format:

Events and conditions: Distinguish events (discrete occurrences at specific times) from conditions (states that exist over time). EMC-related conditions might include electromagnetic environment characteristics; EMC-related events might include transient interference occurrences.

Causal connections: Document how each factor caused or contributed to subsequent factors. Use rigorous causation criteria: the proposed cause must precede the effect, a plausible mechanism must connect them, and the effect should not have occurred without the cause.

Root cause identification: Trace causal chains back to identify root causes that, if eliminated, would have prevented the accident. EMC-related root causes might include design deficiencies, inadequate testing, or failure to control the electromagnetic environment.

Design Recommendations

Recommendations for equipment design improvements:

Enhanced immunity: Specify increased immunity levels based on actual environmental conditions encountered. This may involve improved filtering, shielding, or circuit design.

Redundancy and diversity: Recommend additional redundancy or diversity in safety-critical systems to reduce common cause failure vulnerability.

Diagnostic improvements: Recommend enhanced diagnostics that detect EMC-induced degradation before it leads to failure.

Design review processes: Recommend improvements to EMC design review processes that would identify vulnerabilities before products are deployed.

Environmental Control Recommendations

Recommendations for controlling the electromagnetic environment:

Source control: Recommend measures to reduce emissions from identified interference sources, including filtering, shielding, or operational restrictions.

Separation requirements: Specify minimum separation distances between sensitive equipment and potential interference sources.

Installation requirements: Recommend improved installation practices including grounding, cable routing, and shielding integrity.

Monitoring requirements: Recommend ongoing monitoring of the electromagnetic environment to detect changes that might threaten equipment operation.

Procedural Recommendations

Recommendations for procedural improvements:

Operating procedures: Recommend restrictions or precautions for equipment operation in EMC-challenging conditions.

Maintenance procedures: Recommend inspection and testing procedures to verify EMC protection remains effective over equipment service life.

Change control: Recommend processes to assess EMC impact of changes to equipment or environment.

Training: Recommend training for personnel on EMC awareness and proper response to suspected interference events.

Recommendation Implementation

Effective recommendations include implementation guidance:

Priority ranking: Rank recommendations by importance, considering risk reduction, implementation difficulty, and cost.

Responsible parties: Identify who should implement each recommendation, whether equipment manufacturers, facility operators, or regulatory bodies.

Verification measures: Specify how implementation of recommendations should be verified, including testing, inspection, and documentation requirements.

Timeline: Recommend timeframes for implementation, with near-term interim measures where long-term solutions require extended development.