Every EEROS system consists of a control system, a safety system, and a sequencer. In order to guarantee maximum stability we strongly recommend that you adhere to a strict set of design rules as given below.

It is not advisable to use the safety system to check signals of the control system. This causes unnecessary confusion and blows up the safety system. Rather insert a Signal Checker into your control system and let it trigger a safety event from there.

It might be tempting to define elaborate actions in a certain safety level. However, in order to keep the safety system clean and simple avoid such practises. Do not define different states in a safety level. If you need to stay a certain amount of time in a safety level use the field nofActivations as described in counter. As soon as you want to model a more complex behaviour use a Sequence.

input not connected, forget to connect nan initial signals = nan, forget to addBlock remove block

There are cases were a switch block has to switch to a certain input under given conditions. While it might be possible to use the safety system to check this condition it might be preferable if the switch block itself switches when a certain condition is met. To use the sequencer for this purpose is generally not advisable as realtime cannot be met there.
For further information refer to Switch or check the example in Control System Containing Switch Blocks .

Situation: inner states of blocks can be changed only through signals or getter / setter methods. How to implement a slowly changing inertia matrix? You do not want to calculate this matrix out of regular signals with full speed. Solution: use slow time domain for this purpose and change …