rb1205
commented
7 years ago This will also cover those cases (and I guess are the vast majority) where you use the same UAV both for autonomus missions and manual flights.
Closed rb1205 closed 7 years ago
rb1205
commented
7 years ago This will also cover those cases (and I guess are the vast majority) where you use the same UAV both for autonomus missions and manual flights.
digitalentity
commented
7 years ago Yes, NONE is intrinsically unsafe.
In next phase of failsafe rework we'll have failsafe procedures separately configurable for auto and non-auto modes. I.e. you can have RTL in manual and NONE in auto modes.
rb1205
commented
7 years ago That'd be overdoing it IMHO. The only thing one should be able to configure is if the failsafe should trigger or not, but the failsafe procedure itself should be the same either way.
As no flight is completely autonomous (not yet at least) there's always at least one phase where the UAV is being manually controlled. Conversely, the failsafe_procedure applies to all the flight from beginning to end, without considering if the flight is autonomous or not. Thus, any "stable" failsafe condition happening outside of autonomous flight will result in a crash or a flyaway. This is why I think that the NONE failsafe procedure being introduced in 1.6 is intrinsically unsafe, and with no real world uses in its proposed form. The best course of action IMHO is to always have a real failsafe procedure defined, then having a separate option (eg. failsafe_ignore_when_auto) that prevents failsafe from triggering while on autonomous flight.