Controller for a washing machine (IEC 60730 / IEC 60335, ‘Class B’)
On this page, we explore the design of part of a controller for a domestic washing machine.
This system is to be developed in compliance with international safety IEC 60730 / IEC 60335 (‘Class B’).
Our design is based on a ‘Time Triggered‘ (TT) software architecture.
[This page was last updated: 2018-03-06]
A short video related to this design example is available.
[This is Video 23 (out of 28 videos) from the ‘online’ version of our popular TTb course.]
Hazard and risk analysis
Early in the development cycle for any safety-related embedded system, we need to consider potential threats and hazards. This will include an assessment of the risks posed to users of the system or to those in the vicinity. The role of our system design process is then to include mechanisms in our design that will reduce such risks to an acceptable level.
At heart, a domestic washing machine consists of powerful electric motor enclosed in a metal casing. As a normal part of the device operation, the electric motor is used to rotate a heavy metal drum at high speed. Access to this potentially-dangerous mechanism is controlled by a door with an electronic locking mechanism.
The device is used in a domestic environment. There is a risk of injury if access is obtained to the drum while it is rotating. Such injuries could potentially be severe (including loss of a limb), or even life-threatening, particularly for a small child.
The device is connected to a pressurised water supply. The drum is filled with water as a normal part of its operation. There is a risk of flooding if the door is opened at the wrong time: we will assume that this is a ‘nuisance issue’ (rather than a safety issue). However, a combination of water and an electrical supply must always be treated with caution.
As a consequence of the potential risks that arise from such products, controllers for a washing machine must comply with international safety standards IEC 60730 / IEC 60335 (at ‘Class B’).
Selecting a TT platform
Various ‘TT platforms’ are described in the ‘ERES2‘ book: use of one of these platforms can help to simplify the process of achieving compliance with various different safety standards.
A summary of the recommended TT platforms is given in the table below.
As we have noted, this is to be a ‘Class B’, in compliance with IEC 60730 / IEC 60335.
Choices between different platform options may depend on a number of factors. In this case, it is assumed that the designers select a CorrelaTTor-A platform: this is illustrated schematically in the figure below.
Read the complete case study in ‘ERES2’
The Second Edition of ‘The Engineering of Reliable Embedded Systems’ (ERES2), documents an industry-proven approach to the development of software for reliable, real-time embedded systems, based on the use of ‘Time Triggered’ (TT) architectures.
What distinguishes TT approaches is that it is possible to model the expected system behaviour precisely. This means that: [i] during the development process, we can demonstrate that all of the requirements have been met; and [ii] at run time, we can detect problems very quickly.
The end result is that we can have a high level of confidence that a TT system will either: [i] operate precisely as required; or [ii] move into an appropriate state if a problem occurs.
The above characteristics mean that appropriately-implemented TT systems provide a particularly effective means of meeting the requirements of various international safety standards.
In order to illustrate how the TT techniques presented in ERES2 can be employed in practical designs, five detailed case studies are included. These studies describe the development of embedded control and monitoring systems for the following products:
- an industrial alarm sounder unit (IEC 61508, SIL 2);
- a domestic washing machine (IEC 60730, Class B);
- a hospital radiotherapy machine (IEC 62304, Class C);
- a steering-column lock for a passenger car (ISO 26262, ASIL D);
- an aircraft jet engine (DO-178C, Level A).
Complete your cost-effective IEC 60730 / IEC 60335 design successfully using a SafeTTy Solutions™ package
Our SafeTTy Solutions™ packages are designed to help your development team produce a safety-related embedded system quickly and cost-effectively, in compliance with one or more international safety standards (IEC 60730, IEC 60335, IEC 61508, ISO 26262, DO-178C, IEC 62304 …).
SafeTTy Solutions packages are based on TT designs and include carefully-selected combinations of our various products and services.
SafeTTy Solutions packages include an appropriate ReliabiliTTy® Technology Licence.
Learn more about SafeTTy Solutions packages …