| ▲ | buildsjets 9 hours ago | ||||||||||||||||
In a well engineered control system, any single failure will not result in a loss of control over the system. Was a FMECA (Failure Mode, Effects, and Criticality Analysis) performed on the design prior to implementation in order to find the single points of failure, and identify and mitigate their system level effects? Evidence at hand suggests "No." | |||||||||||||||||
| ▲ | CGMthrowaway 9 hours ago | parent | next [-] | ||||||||||||||||
"Catastrophe requires multiple failures – single point failures are not enough. The array of defenses works. System operations are generally successful. Overt catastrophic failure occurs when small, apparently innocuous failures join to create opportunity for a systemic accident. Each of these small failures is necessary to cause catastrophe but only the combination is sufficient to permit failure. Put another way, there are many more failure opportunities than overt system accidents. Most initial failure trajectories are blocked by designed system safety components. Trajectories that reach the operational level are mostly blocked, usually by practitioners." | |||||||||||||||||
| ▲ | Aurornis 8 hours ago | parent | prev | next [-] | ||||||||||||||||
> In a well engineered control system, any single failure will not result in a loss of control over the system That's true in this case, as well. There was a long cascade of failures including an automatic switchover that had been disabled and set to manual mode. The headlines about a loose wire are the media's way of reducing it to an understandable headline. | |||||||||||||||||
| ▲ | jojobas 9 hours ago | parent | prev [-] | ||||||||||||||||
Most cargo ships have a single main engine with plenty of backup-less failure points. They are sort of engineered so these failures can't happen suddenly but you can help yourself to a bunch of videos on how substandard fuel and parts shortages cause week-long poweroffs in a middle of the ocean. | |||||||||||||||||
| |||||||||||||||||