What might be interesting to discuss here: how could this chain of events have been prevented?
My assumptions: Overvoltage on the MPPT led to a MOSFET becoming shorted and the full PV voltage being present on the output. The BMS disconnected due to overvoltage, so there was overvoltage on the Quattro’s battery inputs.
Fuses would not have helped, as the currents were limited by the PV panels to a level where a fuse makes no sense.
What could have helped would be relays triggered by overvoltage, disconnecting the Quattro and the MPPT from the DC bus – but they’d need to be present in every device on the DC bus, as there could be overvoltage from various sources.
Or maybe a crowbar circuit on the bus that shorts it in case of overvoltage? But given the normal operating currents, and the short circuit currents LiFePOs can deliver, that is a dangerous proposition in itself. Also, the margins are narrow – a Multi is rated to 65V, and people might run 18S batteries at 3.6V/cell, which is 64.8V.
Given the added complexity and cost, would that make sense for such a uncommon case? On the one hand, one can argue that the installer must read the datasheet of the MPPT and make sure Voc stays within limits in every realistic operating condition, on the other hand, as we see, the damage is huge.
The first step in the safety chain is design.
To deliberately ignore specs, calculators, exceed voltages and then continue to do so under cold conditions (this being a known variable and is considered basic knowledge) is frankly negligence, expecting the system to be the backstop for poor decision making is a very poor design philosophy.
For the RS, the limit is actually 8x float, not the rating of the charger itself, so if the installation failed to even take that into account, I think the OP can consider themselves to be lucky.
What fire prevention was in use? Was this mounted on a flammable board as we often see here?
Make these admissions to an insurance company and they will not pay. If someone got hurt, you would be liable. This is serious stuff, that people do not always get.
Safety is an ecosystem, it is not a system feature.
There is a lot of external safety to be built in, what fusing/isolators have or have not been used, what their ratings are.
Gauge of wiring, quality of connections.
All this adds up.
Let’s not disrupt this particular topic with a tangent, I have moved this to a dedicated topic where it can be discussed without the emotional baggage that no doubt accompanies the original topic. For any new DIY members tackling these systems themselves, let this be a reminder that the risks of not doing it right can be severe.