[HH] Spam (9.973):Re: CO detectors self-destruct

[Federico Lucifredi]

My assumption is that either 1) the sensor self-tests and EOLs when the test fails (I think this is unlikely), or 2) the sensor has a timer running internally, since the time of manufacturing, that runs to the actual lifespan (not the warranted life, the longer design life) before alerting with EOL.

Best-F



> On Apr 17, 2017, at 12:33 PM, Tom Metro <tmetro+hhacking at gmail.com> wrote:
> 
> Federico Lucifredi wrote:
>> This excess life span I detected in use leads me to think the sensor
>> chemistry decays even when warehoused and not in powered use.
> 
> Sure, that makes perfect sense given what we know about the sensors. The
> author of the teardown you referenced speculated that the limited
> lifespan was due to evaporation of the liquid and accumulation of
> contaminants in the activated carbon filter.
> 
> 
>> I think the lifespan runs from the date of manufacturing, and exceed
>> the warranty by an unknown amount...
> 
> Yes, I assumed as much. As with any engineering parameter, the system
> should be designed with sufficient margin in excess of what is needed.
> And with a life safety device, even greater margins.
> 
> But the issue at hand - with respect to having all your alarms die at
> once - is not the actual life of the sensor, but the duration of the EOL
> timer.
> 
> 
>> ...it is at least an extra year...
> 
> We're talking an analog device whose lifespan is going to be partly
> dependent on environmental conditions (higher temperature causing more
> rapid evaporation; higher concentration of contaminants clogging the
> carbon faster), so it is going to be a statistical curve. The
> manufacturer might be aiming for 99.9% sensor survival at rated lifespan
> + N years. N probably varies by manufacturer and the risk level they're
> willing to take.
> 
> Quite possible a CO sensor might work adequately for another 5 to 10
> years after the programmed EOL, if the manufacturers engineering margins
> were high and environmental conditions favorable.
> 
> 
>> This leads to unit warehousing, and the sensor must still deliver its
>> full warranty life to the customer once deployed.
> 
> Agreed. You'd think then that they'd have "best sold/used by" dates on
> the product packaging, otherwise a unit kept in storage for 5 years runs
> a high risk of sensor failure, and if the micro can't detect that, the
> detector could fail to alarm in a life threatening condition and be a
> liability for the manufacturer.
> 
> Maybe alarm manufacturers have special contracts with their distributors
> and retailers that prevent the sale of old units?
> 
> 
>> For example, the first set I had in my home were warranted 7 years,
>> but lasted 8 before the annoy-a-tron triggered and forced me to
>> replace all units.
> 
> This part I don't really understand. The EOL alarm should be purely time
> based, so ether the EOL alarm is not set to 7 years, or the unit wasn't
> powered that entire time, or the unit suffers from significant clock drift.
> 
> Given these devices use cheap micro controllers without a real time
> clock, and possibly don't even use a crystal oscillator for the MCU
> clock, clock drift is a real possibility. An RC oscillator could easily
> be off by 10%, which is getting in the neighborhood of adding a year to
> a 7 year timer.
> 
> That could explain why my Kidde alarms haven't EOLed.
> 
> 
>>> I suppose I could always delay activating subsequent units by a month.
>> 
>> I do not believe this will work.
> 
> The First Alert unit with the built-in battery comes powered off. It has
> a switch on the back to "activate it." The switch has a mechanical
> interlock, such that you have to snap off a bit of plastic to deactivate
> it, and once done, it can't be activated again.
> 
> Presumably they do this to start the EOL clock running and to minimize
> cutting in to the 10-year battery life. Given the mechanical interlock,
> they've clearly gone to some expense to accommodate this, so it must be
> advantageous.
> 
> I'm guessing the mechanical interlock exists so 1. a user can't
> intentionally or inadvertently silence an alarm by turning the unit off,
> and 2. you don't end up running across a product that might have been
> powered for a few years, shelved for several, and then deployed again,
> such that the EOL timer trips years later than it should. But you could
> argue #2 is no worse than having a product sitting in a warehouse for years.
> 
> Might it have been cheaper for the manufacturer to skip the switch and
> interlock, sell the unit already activated, add a "use by" date, and
> just derate the lifespan by a few years?
> 
> I'm kind of surprised they didn't use the technique of wedging a bit of
> plastic film between a set of spring contacts, which the user pulls out
> on activation, as commonly used by products sold with batteries. Much
> cheaper. Can't be "unactivated." That they didn't suggests they had a
> strong requirement to be able to deactivate units.
> 
> Not clear to me why you would ever want to deactivate one of these.
> Perhaps to silence a defective unit, given you can't remove the battery
> without disassembly.
> 
> -Tom
>