I recently read an article which noted that the traditional way of monitoring for overpressure, by using an on/off limit switch, was being replaced in many cases by a more-sophisticated analog pressure transducers, signal-conditioning circuitry, and algorithms which assessed the transducer and overall situation more thoroughly than a “simple” switch could. (Sorry, I don't remember where the article was, it was most likely Machine Design or Design News ).
The article made good points about the limits of limit switches. They drift and age, they are very hard or impossible to re-calibrate once installed, they difficult to test in-place, and they tell you nothing about what's happening until he problem or limit condition occurs.
Analog transducers and their associated circuitry have come down in price and are much more versatile. Since they are reporting the sensed pressure before a limit condition occurs, they provide more information and can tell you what the trend is. Thus, they are telling you about the pressure vessel and also about themselves, to some extent. They can be tested and re-calibrated and checked, even if they drift or age, and have other virtues.
I agree with this, but only up to a point. Yes, getting continuous readings from a pressure sensor, and looking at the trend curve and rate of change is better than just knowing “whoops, we've hit the limit” which is all a simplistic on/off switch can do, no doubt of that. But making this extra smartness happen also puts many more elements in the safety loop (signal conditioning, processor, memory, and—most worrisome of all—software). And we all know that more the parts there are in a design, the more likely there will be a latent or subtle design defect or even an outright failure.
End result: the more sophisticated system may be smarter but it is also prone to more problems, and these may not be visible until it's too late. Many years ago, I worked on the electronics used in conjunction with hydraulic pumps which were pushing many gallons per minute of fluid at thousands of psi. It was very comforting to know that there was simple safety loop (actually, several), which consisted of pressure-limit switch wired directly to the pump's motor-control relay.
And yes, it tripped a few times, so it was there for a reason, and it was thankfully doing its job in parallel with—and, in fact, regardless of—our much-more advanced electronics.♦