And speaking of safety, old FPV flight control software didn’t handle a very common mistake. It is very easy to put the wrong propeller on a motor. For example you might accidentally put on the counterclockwise propeller on the motor that spins clockwise. The result is when you arm the quad (as in turn on the motors), it flips its shit because the quad starts moving in a completely unexpected way. The flight control software is designed to “lock the angle (attitude) of the quad in and fight any uncommanded deviation”. Well, a backwards prop produces a hell of an uncommanded deviation!! So the controller tells the motor to spin faster to compensate but all that does is make things worse as the backwards prop pushes the thing in the exact wrong way. So it becomes an out of control quad that can and will cause property damage and injury (the propellers on a quad are large, very sharp and attached to very powerful motors. Coming into contact with a spinning propeller will send you to the hospital). This was a big problem in tight spaces like races and stuff.
A while ago somebody submitted a pull request that added a safety. When first arms, if the quad starts to behave “wrong” or “unexpected”, it immediately disarms. From what I recall it was actually fairly simple to detect too… if the “error” in the PID loop got too high it means something is very wrong mechanically and it’s best shut down. Countless fingers have no doubt been saved by this patch.
It’s probably very similar detection code to what is in 3d printer firmware or espresso machine firmware. If the PID error is “unexpected” something is mechanically wrong and it needs to shut down before Bad Things happen.
There isn't enough detail of the boiler to tell if there's an overpressure relief valve. The boiler can't be made safe without one. If they're cheap enough to be standard in cheap knockoff moka pots one should be here...
This machine's wiring diagram shows an unlabelled shape wired in series with what might possibly be the heating element and a shape with "ssr" in its label. Which places the first unlabelled shape in the right place to be a thermal fuse or switch. If they're cheap enough to be standard in Mr Coffee machines one should be here...
Safety discussion in this project is conspicuously absent. Knowledgable users shouldn't be making assumptions like this about safety features. Assumptions and safety aren't compatible. Average users should be informed in detail about the safety features they're tasked with assembling.
On the assembly instructions, page 39 shows the boiler assembly has a therm-o-disc thermostat fixed to the top. It's not labelled, you just have to recognise it. The schematic on page 44 shows it's wired in series with the boiler's heater. That provides redundancy for the main temperature control, which is presumably the microcontroller sensing from the PT1000
Page 32 also describes the installation of an overpressure valve (which appears to return water to the cold tank?)
The machine does lack hardware run-dry protection though; as far as I can tell, it relies on a load cell to detect if there's water in the tank. If you ran it without water to conduct heat from the heating element to the thermostat, the thermostat wouldn't function. So it's not entirely safe, as you say.
[1] https://diypresso.com/wp-content/uploads/2024/05/2024-05-27-...