Therac 25 teaches us that mechanical interlocks and switches are a good thing. The probability of failure of a well designed switch (1e-5 to 1e-6) is a lot lower and better analyzed than the probability of failure of half baked (or any kind of) software.
Making the final output of the system go through a mechanical switch for a real alert means that the system can't send a real alert without the switch being closed e.g. the signal path is physically open at the switch. P(false alert)=P(software fails)*P(switch fails)
If you feed the output of the switch through possibly defective software, you've changed the equation to P(failure)=P(software fails)+P(switch fails) which is similar to what caused the Challenger disaster.
In Challenger, the two seals on the booster rockets were deemed redundant with independent failure probabilities P(failure)=P(fail_seal1)*P(fail_seal2) however a common failure path for both seals,low temperature, was overlooked giving the equation as roughly P(failure)=P(fail_seal1)+P(fail_seal2).
Since the probability of the switch failing is near zero, with the switch in place as the sole last step, the chance of a false alert is near zero. If the switch is read by software then the chance of sending a false alert reverts to the failure percentage of the software negating the value of adding a switch to begin with .
Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce