For novel ideas about building embedded systems (both hardware and firmware), join the 28,000+ engineers who subscribe to The Embedded Muse, a free biweekly newsletter. The Muse has no hype and no vendor PR. Click here to subscribe.
By Jack Ganssle
In the early `80s I worked on a system that used radiation from 5 curies of Cesium to measure the thickness of hot, 6 inch thick steel. This was a big industrial device whose main processor was a DEC (remember them?) PDP-11/45 (remember that?) A number of Z80s pushed data around the mill.
Like a lot of factory gear the instrument had an impressive front panel dominated by numerous switches, displays and blinking lights. Bob, one of the company's sales guys, returning from a long trip abroad, was fascinated and told an interesting story.
Seems he had been an engineer before changing over to the dark side, and had applied for a job at Cape Canaveral, working in a launch facility. The interview occurred in the blockhouse, in a room awash with those cool switches and lights that could easily form the backdrop of a high-tech thriller. Sitting at the desk he was adjacent to a big control panel, one with a 2 inch diameter cable snaking to the floor. The cable had been cut and anyone could see the panel wasn't connected to anything. Maybe it was a spare, or something headed for depot repair.
The usual tour followed, but it seems they kept coming back to the dead control panel. Coffee there, interview questions, and more. Finally he just couldn't resist the urge anymore and pressed one of the switches.
All of the blockhouse's alarms sounded.
Turns out this was part of the interview, a test to see if he could keep his hands in his pockets. An interviewer said "we can't afford to have someone in a launch complex who likes to randomly push buttons."
Bob was shown the door. NASA never did extend him a job offer.
I'm the same way. Aren't buttons meant to be pressed? What happens if we turn this one? Visiting so many engineering companies over the years I've trained myself to be good, to admire the equipment without touching. But it's hard.
On a transatlantic flight recently Swissair provided all of the passengers with personal LCD screens on the seat backs. Mostly they're to watch the movie, but a rather complex set of controls and menus that controlled games and other features beckoned. It's boring to sit in a seat for hour after hour. What happens if I try, well, this?
The system crashed. For the rest of the flight the display was on the blink. My wife, a much more disciplined person, hadn't played with her controls so saw the entire movie, as did most of the people on the plane.
But not the guy across the aisle and one seat forward. I'd watched. He'd monkeyed with the controls, too. And now his display was on the fritz. So, now completely bored and movie-less, I leaned over and asked.
Yep, he's an engineer too.
My wife gently berated me for wrecking the system. But, in my opinion, there should be no way that I can crash a product meant for non-techies. I couldn't find a reset button, but imagine that when they landed and power-cycled the plane everything came back to normal. But that's unacceptable. As the best embedded head I know says "None of my systems has a reset button. They simply don't crash."
I'm not sure I agree with that philosophy as perfection is a terribly difficult state to attain. But we do rely too much on resets to cure software problems. People - well, some people - will press every button in utterly unexpected ways.
My Dell Jukebox MP3 player has a reset button. In fact, the manual describes how to reset the machine. long before it talks about actually using the device. How does a consumer feel when the user's manual immediately leaps into a "when the device's software crashes do this" narrative?
Every PC has some sort of a reset. Hold the power button for 7 seconds and the machine will shut down.
Any device that runs from removable batteries has the virtual reset switch. Pull the AAs out, wait 10 seconds, and try again.
Do we need reset switches? Is a watchdog timer adequate defense against odd modes invoked by users doing unexpected things? What do you think?