Spruiking zero harm or crusading safety ‘because you care’ raises as much suspicion as having a folder on your computer named ‘DEFINITELY NOT PORN’ – would you get on a plane that had “ZERO CRASH” emblazoned all over it?
Archives For Thought for the day
…it is comparatively easy to make computers exhibit adult level performance on intelligence tests or playing checkers, and difficult or impossible to give them the skills of a one-year-old when it comes to perception and mobility.
We shouldn’t be killing people in our haste to get to a safe future
Simply put, it is possible to have convenience if you want to tolerate insecurity, but if you want security, you must be prepared for inconvenience.
It is highly questionable whether total system safety is always enhanced by allocating functions to automatic devices rather than human operators, and there is some reason to believe that flight-deck automation may have already passed its optimum point.
An Outside Context Problem was the sort of thing most civilisations encountered just once, and which they tended to encounter rather in the same way a sentence encountered a full stop.
Never confuse volume with authority.
One of the great mistakes is to judge policies and programs by their intentions rather than their results
Out of this nettle – danger, we pluck this flower – safety.
One can construct convincing proofs quite readily of the ultimate futility of exhaustive testing of a program and even of testing by sampling. So how can one proceed? The role of testing, in theory, is to establish the base propositions of an inductive proof. You should convince yourself, or other people, as firmly as possible, that if the program works a certain number of times on specified data, then it will always work on any data. This can be done by an inductive approach to the proof.
But the virtues we get by first exercising them, as also happens in the case of the arts as well. For the things we have to learn before we can do them, we learn by doing them, e.g., men become builders by building and lyreplayers by playing the lyre; so too we become just by doing just acts, temperate by doing temperate acts, brave by doing brave acts.
An argument is defined by what it ignores and the perspectives it opposes (explicitly or implicitly)
Inertia has a thousand fathers…
[The designers] had no intention of ignoring the human factor But the technological questions became so overwhelming that they commanded the most attention.
It is a very sobering feeling to be up in space and realize that one’s safety factor was determined by the lowest bidder on a government contract.
[I]t is better to think of a problem of understanding disasters as a ‘socio- technical’ problem with social organization and technical processes interacting to produce the phenomena to be studied.
Governance is a lot like being a fireman. You’re either checking smoke alarms or out attending a fire.
The point of an investigation is not to find where people went wrong; it is to understand why their assessments and actions made sense at the time.
The bond between a man and his profession is similar to that which ties him to his country; it is just as complex, often ambivalent, and in general it is understood completely only when it is broken: by exile or emigration in the case of one’s country, by retirement in the case of a trade or profession.
Risk managers are the historians of futures that may never be.
Qui enim teneat causas rerum futurarum, idem necesse est omnia teneat quae futura sint. Quod cum nem…
[Roughly, He who knows the causes will understand the future, except no-one but god possesses such faculty]
We must contemplate some extremely unpleasant possibilities, just because we want to avoid them.
As quoted in ‘The New Nuclear Age’. The Economist, 6 March 2015
There are no facts, only interpretations…
Quality must be considered as embracing all factors which contribute to reliable and safe operation. What is needed is an atmosphere, a subtle attitude, an uncompromising insistence on excellence, as well as a healthy pessimism in technical matters, a pessimism which offsets the normal human tendency to expect that everything will come out right and that no accident can be foreseen — and forestalled — before it happens
The more things change, the more they stay the same…
The Saturn second stage was built by North American Aviation at its plant at Seal Beach, California, shipped to NASA’s Marshall Space Flight Center, Huntsville, Alabama, and there tested to ensure that it met contract specifications. Problems developed on this piece of the Saturn effort and Wernher von Braun began intensive investigations. Essentially his engineers completely disassembled and examined every part of every stage delivered by North American to ensure no defects. This was an enormously expensive and time-consuming process, grinding the stage’s production schedule almost to a standstill and jeopardizing the Presidential timetable.
When this happened Webb told von Braun to desist, adding that “We’ve got to trust American industry.” The issue came to a showdown at a meeting where the Marshall rocket team was asked to explain its extreme measures. While doing so, one of the engineers produced a rag and told Webb that “this is what we find in this stuff.” The contractors, the Marshall engineers believed, required extensive oversight to ensure they produced the highest quality work.
And if Marshall hadn’t been so persnickety about quality? Well have a look at the post Apollo 1 fire accident investigation for the results of sacrificing quality (and safety) on the alter of schedule.
Apollo: A Retrospective Analysis, Roger D. Launius, July 1994, quoted in “This Is What We Find In This Stuff: A Designer Engineer’s View”, Presentation, Rich Katz, Grunt Engineer NASA Office of Logic Design, FY2005 Software/Complex Electronic Hardware Standardization Conference, Norfolk, Virginia July 26-28, 2005.
The reasonable person is not any particular person or an average person… The reasonable person looks before he leaps, never pets a strange dog, waits for the airplane to come to a complete stop at the gate before unbuckling his seatbelt, and otherwise engages in the type of cautious conduct that annoys the rest of us… “This excellent but odious character stands like a monument in our courts of justice, vainly appealing to his fellow citizens to order their lives after his own example.”
It is better to be vaguely right than exactly wrong
The chess board is the world, the pieces are the phenomena of the universe, the rules of the game are what we call the laws of Nature. The player on the other side is hidden from us. We know that his play is always fair, just and patient. But we also know, to our cost, that he never overlooks a mistake, or makes the smallest allowance for ignorance.
The important thing is to stop lying to yourself. A man who lies to himself, and believes his own lies, becomes unable to recognise the truth, either in himself or in anyone else.
Aviation is in itself not inherently dangerous. But to an even greater degree than the sea, it is terribly unforgiving of any carelessness, incapacity or neglect.
Engineers build castles in the air and operators live in them. But nature is the one who always collects the rent…