Page 1 of 1
Advices for "mission-critical" applications
Posted: Tue May 01, 2018 2:24 pm
by scardig
Ok, maybe "mission-critical" is a bit exagerated but I refer to real world applications where a failing control unit may lead to a damage to the system. As an example: if at some point in time my main script will crash it will leave the pyboard in the last state (ie timers go on, outputs will remain high...) potentially leading to dangerous situations. Leaving aside external hardware solutions and considering only the pyboard, what are the "best pratices" to ensure safe operations (ie watchdog, ...) ? I admit that the question is a bit generic but I'm asking it also to know if you can show some "real world" example where you are using the pyboard (and micropython) and the solutions you adopted to ensure it serve properly.
Thanx
Re: Advices for "mission-critical" applications
Posted: Wed May 02, 2018 10:12 am
by pythoncoder
I think you need to clarify what you mean by "dangerous situations". If you mean danger to life and limb (fire, electrocution and suchlike) you need much more specialist advice, both technical and legal, than you are likely to receive in this forum.
Even if the only risk is of (say) burning out a motor there is no generic solution: you need to examine the risk and work out how to mitigate it. There are numerous techniques. Hardware watchdog timers can work in some situations but issuing a hard reset may not result in an appropriate outcome, or be sufficiently timely. An option on some types of machinery are physical limit switches which break an electrical circuit until manually reset. Another approach is triple redundancy. I could go on...
It's a substantial engineering discipline unrelated to MicroPython: it applies to all software controlled systems.
Re: Advices for "mission-critical" applications
Posted: Wed May 02, 2018 5:51 pm
by scardig
pythoncoder wrote: ↑Wed May 02, 2018 10:12 am
I think you need to clarify what you mean by "dangerous situations". If you mean danger to life and limb (fire, electrocution and suchlike) you need much more specialist advice, both technical and legal, than you are likely to receive in this forum.
Even if the only risk is of (say) burning out a motor there is no generic solution: you need to examine the risk and work out how to mitigate it. There are numerous techniques. Hardware watchdog timers can work in some situations but issuing a hard reset may not result in an appropriate outcome, or be sufficiently timely. An option on some types of machinery are physical limit switches which break an electrical circuit until manually reset. Another approach is triple redundancy. I could go on...
It's a substantial engineering discipline unrelated to MicroPython: it applies to all software controlled systems.
Thanx for the answer, what you say is absolutely correct. My question was an excuse to fulfill my interest in real world Micropython/pyboard applications and borrow some ideas from them
.
Thanx
Re: Advices for "mission-critical" applications
Posted: Wed May 02, 2018 6:50 pm
by fdufnews
I am not sure MicroPython is qualified for "Mission Critical Applications" and the same remark apply to the underlying code from Espressif.
Re: Advices for "mission-critical" applications
Posted: Thu May 03, 2018 4:18 am
by pythoncoder
See
this thread about Damien's work with the European Space Agency.