Comment by stinos
11 hours ago
> If it is really, really safety critical
Your suggestions should be fine for hardware failure but I'd be more concerned about software failure: what if a bug in your software makes it unresponsive and stuck in the state with the flow open? Maybe a watchdog or some other system running in parallel checking for a heartbeat or a max amount of time water can be flowing?
Good point. In my case the program was so simple and the risk low enough that this wasn't needed. The worst thing thar could have bappened was some minor water damage to an exhibition space.
Also my track record of writing stable, bug free embedded software has been pretty solid as of now. But if human life would be on the line (for example) special precautions like multiple independent failsafe mechanisms are non-negotiable.