Secured backup feature for an embedded system

What is claimed is: 1. A system comprising: a controllable component of an engine configured to regulate fuel flow to the engine; digital control circuitry configured to control the engine by at least communicating with the controllable component of the engine; backup digital control circuitry configured to control the engine, responsive to the digital control circuitry failing, by at least communicating with the controllable component of the engine; a protection component comprising: input circuitry configured to send a disable signal to an isolation component that is not susceptible to cyberattacks when inputs to the digital control circuitry and the backup digital control circuitry are inconsistent with previous inputs to the digital control circuitry and the backup digital control circuitry; output circuitry configured to send the disable signal to the isolation component when outputs from the digital control circuitry and the backup digital control circuitry are determined to be inconsistent with previous outputs from the digital control circuitry and the backup digital control circuitry; and protection circuitry configured to disable, responsive to receiving the disable signal via the isolation component, communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine; analog control circuitry configured to control the engine by at least communicating with the controllable component of the engine in response to the protection component disabling communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine; analog controls mechanically coupled to the analog control circuitry to enable mechanical modulation of the engine; and a battery electrically coupled to the analog control circuitry, wherein the analog control circuitry is configured to draw, in response to the protection component disabling communication between the digital control circuitry and the controllable component of the engine, power from the battery, and not draw power from power electronics that power the digital control circuitry. 2. The system of claim 1 , wherein the protection component is configured to disable communication between the digital control circuitry and the controllable component of the engine by irreversibly disabling an electric interface between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine. 3. The system of claim 1 , wherein the protection component is further configured to enable communication between the analog control circuitry and the controllable component of the engine while disabling communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine. 4. The system of claim 3 , wherein the protection component is configured to enable communication between the analog control circuitry and the controllable component of the engine by enabling an electric interface between the analog control circuitry and the controllable component of the engine. 5. The system of claim 1 , wherein the protection component is further configured to isolate the battery at least from the digital control circuitry in response to the protection component disabling communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine. 6. The system of claim 1 , wherein the digital control circuitry is further configured to receive first electrical power produced by the power electronics that are coupled to the engine; wherein the battery is configured to receive second electrical power produced by the power electronics; and the protection component is further configured to disconnect the battery from the power electronics and cease receiving the second electrical power in response to the protection component disabling communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine. 7. The system of claim 1 , further comprising: a user control that comprises the protection component, wherein the user control is configured to receive user input for disabling communication between both the digital control circuitry and the backup digital control circuitry and the controllable component of the engine. 8. The system of claim 1 , wherein the protection component includes monitoring circuitry configured to: determine whether a response from the engine is inconsistent with commands to a fuel pump meter unit; and send the disable signal to the isolation component when the response from the engine is determined to be inconsistent with the commands to a fuel pump meter unit. 9. The system of claim 1 , wherein the controllable component of the engine comprises at least one of a fuel pump metering unit or a variable vane. 10. The system of claim 1 , wherein the battery is electrically isolated, responsive to ceasing controlling the controllable component of the engine with the digital engine controller, from the power electronics. 11. The method of claim 1 , further comprising electrically isolating the battery from the power electronics used to power the digital engine controller circuitry. 12. A method comprising: controlling, with digital engine controller circuitry of a system, a controllable component of an engine of the system to control the engine of the system; sending, by a protection component, a disable signal to an isolation component that is not susceptible to cyberattacks when inputs to the digital engine controller circuitry are inconsistent with previous inputs to the digital engine controller circuitry; sending, by the protection component, the disable signal to the isolation component when outputs from the digital engine controller circuitry are determined to be inconsistent with previous outputs from the digital engine controller circuitry; ceasing controlling, responsive to receiving the disable signal via the isolation component, the controllable component of the engine with the digital engine controller circuitry, wherein ceasing controlling the controllable component includes disabling an electrical interface between power electronics coupled to the engine and a battery that powers analog engine controller circuitry; and responsive to ceasing controlling the controllable component of the engine with the digital engine controller circuitry, controlling, with the analog engine controller circuitry of the system, the controllable component of the engine to control the engine, wherein controlling, with the analog engine controller circuitry, the controllable component of the engine comprises drawing, with the analog engine controller circuitry and responsive to ceasing controlling the controllable component of the engine with the digital engine controller circuitry, power from the battery and not the power electronics, wherein analog controls are mechanically coupled to the analog control circuitry to enable mechanical modulation of the engine. 13. The method of claim 12 , wherein controlling the controllable component of the engine to control the engine with the analog engine controller circuitry comprises: disabling a previously enabled electrical interface between the controllable component of the engine and the digital engine controller circuitry. 14. The method of claim 12 , wherein controlling the controllable component of the engine to control the engine with the analog engine co