Not harsh. I agree that the problem with microcontroller control of critical systems has been solved. In this case it could be something as simple as turning on the watchdog timer, or just ensuring that all tasks are non-blocking. I also think OP is worrying needlessly. The requirement is to have a relay switched on for several seconds to several minutes. Even the shortest period here is eons in processor time. Plenty of time to detect a problem and deal with it.I think that's a bit harsh and unrealistic. Unless we are all going to forego using microcontrollers and computers to automate and control things we have to accept that things will fail and that a fail-safe is useful to have, recommended even.Why are you inserting a microcontroller into the critical path anyway? If you can't afford the pump control code to fail if the WiFi or higher-level processes fail then just hook up the switches to the pump and don't use relays at all. Use the Pico only for monitoring and reporting.
Having a fail-safe which keeps on running things may be unusual, maybe a little extreme, but it's not unreasonable. It doesn't preclude a Pico or Pico W from being used in IoT and control applications, doesn't mean they should or must only be used for monitoring.
I'd be looking at doing the same as the OP to be honest if I were using a Pico W to autonomously water my garden or abstract water given that what the OP fears is what I would also fear; what happens should Wi-Fi, Bluetooth or other comms, lock up, go down, and the higher-level code hangs, stalls, crashes or simply doesn't do what it should be doing ?
I think the OP should be applauded rather than told they shouldn't be using a Pico, though I would recommend a hard fail-safe should the soft fail-safe fail itself.
Trying to squeeze a full control program into 64 PIO instructions is however a bit of an ask. I'm not convinced it will be feasible.
Statistics: Posted by ame — Sat Aug 03, 2024 7:15 pm