I working on implementing the dead-man launch switch functionality for my
> controller. Here's my problematic scenario:
>
> Normally, one would immediately abort if the launch switch is released. But
> what about a cluster launch wherein stopping the launch (or attempting to)
> might actually result in a subset of the cluster's engines being ignited
> with the result being a spectacular and potentially more dangerous flight
> than if the launch had not been interrupted?
>
> This answer may be affected by the fact that the processor will be measuring
> current flows in each
> of the igniters and so could possibly have a "bit" more information about
> igniter status (e.g. one of three has already "gone open", so the launch
> should not be aborted).
>
> Any thoughts?
>
>
Well, the traditional dead-man safety is used precisely because control systems may fail; it needs to "safe" the system regardless of any other controls.
It seems to me that a manual, pushbutton launch power switch IS a dead-man safety. Perhaps a power switch (dead-man) AND a launch initiate switch/button would work for your concern. Launch initiate could trigger a set firing sequence (GO, as long as any igniter has current flow) but the entire process is terminated/safed when the power button (foot switch?) is released.