On Sun, Feb 19, 2023 at 1:13 PM Nathan Hartman wrote: > Rather than use the default GPIO driver, I would probably consider a custom > driver that doesn't present to applications as individual GPIO pins, but > rather as higher level constructs (motor off, star-left, star-right, etc), > with mappings to specific GPIO pins in board.h. That custom driver would > initialize the actual pins to the safe state (motor off) on boot, would > return the pins to that state when the driver is closed, and would produce > only allowed combinations of GPIO outputs.
Thank you Nathan! Sounds like a good idea.. and I could learn to write drivers in NuttX :-) > In addition, never trust software when it could cause real-world big bangs! > Since industrial controls must be connected to a safety controller > (emergency stop or "E Stop"), that can put the entire machine or line in a > safe state, I would design logic on the circuit board that E-stops the > system if: (1) any forbidden combination of GPIOs is ever output, or (2) a > hardware watchdog that ensures the software hasn't frozen. Exactly :-) I always smiled at devices that could be physically broken via software modification / error.. now I am facing the issue myself from the other side :-P As the time is short for the proof of concept device and the risk is too high, after consideration, I will use only 2 groups of relays for now, that completely eliminates the big bang scenario, different motor type will require simple rewire of the relays, this is the simplest and safest approach (kiss rule = keep it simple stupid). More versatile but also complex design may follow if the initial project pays off ;-) Thank you for your time and hints!! :-) Tomek -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
