Not quite the sexiest of topics, but an interesting one nonetheless. My work finds me at current designing and architecting conventional albeit highly reliable and fail-safe (literal failure of anything results in electrical and physical isolation/safety states) cabled systems. A combination of both electrical and pneumatic actuation, coupled with two and three wire sensors.
A feature of all these systems, as hinted at, is the necessity of safe failing design. To ensure that the failure of a sensor, cable, relay, contactor or controller results in a safety state, rather than a potentially lethal state. A prime example, is to energise-to-run, and close-to-permit. Translating this to wireless sensors and actuators proves a little more challenging.
My underlying concern is always with a software failure within the wireless stack or within the gateway controller. With most wireless being ZigBee based, at some point a software stack that's less than bullet-proof will be involved with processing the data.
Yes, everything has a mode of failure. It's a given. But some things have significantly high numbers of modes of failure. Anything with code is a prime example of the latter. So, rule one would be to reduce the criticality of the modes of failure - prepare for the worst, so ensure the modes of failure give you an appropriate feedback, rather than false feedback.
I'll expand more on safe design a little later, but this really just scratches the surface and introduces Wireless I/O for some interesting projects to come...
