Email: Password: Remember Me | Create Account (Free)

Back to Subject List

Old thread has been locked -- no new posts accepted in this thread
???
05/28/08 09:34
Read: times


 		 #155215 - Irrespective....
Responding to: ???'s previous message

I proposed a watchdog circuit that runs a relay to allow the changeover. Why would this not be a reasonable solution? Nevertheless, you need to understand the possible ways your controller could fail - otherwise how do you formulate a solution? As I mentioned, the controller could fail in a number of ways - not necessarily due to the microcontroller getting upset or dying but nevertheless the controller fails to control the temperature and may even fail in a way that might cause a dangerous condition. The 'usual' method is to perform a FMEA to identify failure points and to formulate the method of handling such failures. How do you think they design aeroplanes?


List of 32 messages in thread
TopicAuthorDate
stanby controller for emergency            01/01/70 00:00      
   ALE pulse            01/01/70 00:00      
   What are the expected problems?            01/01/70 00:00      
   The problem here is...            01/01/70 00:00      
      What about processing speed            01/01/70 00:00      
         processing speed should not be an issue            01/01/70 00:00      
   How do you know if it has failed?            01/01/70 00:00      
      my querry            01/01/70 00:00      
         Use a watchdog            01/01/70 00:00      
            I think watchdog not suitable            01/01/70 00:00      
               watchdog            01/01/70 00:00      
                  if it is critical system            01/01/70 00:00      
               Backup controllers            01/01/70 00:00      
         does that going to help            01/01/70 00:00      
            Where are erik and Andy            01/01/70 00:00      
               Irrespective....            01/01/70 00:00      
                  What you say is correct            01/01/70 00:00      
                     engineering procedure            01/01/70 00:00      
               Where are erik and Andy - asleep            01/01/70 00:00      
   much simpler            01/01/70 00:00      
   always operating or failsafe            01/01/70 00:00      
   Have you considered this ...            01/01/70 00:00      
      there is always a gotcha            01/01/70 00:00      
         Yes, but it always depends ...            01/01/70 00:00      
            hardware description is needed            01/01/70 00:00      
               Is this feasible            01/01/70 00:00      
                  No,            01/01/70 00:00      
                  You have reinvented a watchdog            01/01/70 00:00      
                     this is running in circles because ....            01/01/70 00:00      
                        Nothing's perfect            01/01/70 00:00      
                           not if you are only concerned with hardware failur            01/01/70 00:00      
                              it's all about testing            01/01/70 00:00      

Back to Subject List