(Errors are not the art, but the artificers – I just twisted NEWTON’s words to make the central point of this blog)
Everything fails. Hopefully, failure will not surprise us: we have foreseen it, and precautions have been taken for the eventuality. If we are surprised, we will hopefully learn from the failure and include the reasons for it in the design/execution of the next project. “Engineering design is all about projecting past experience through the lens of present methods into the future.” Twisting NEWTON’s words: errors are the artificers of future success.
We are obsessed with “doing things right” and with “success”- we forget that the best we can do is to plan for “good failure”. “Failure mode” rather than “success mode” should be foremost on our minds.
Design nowadays includes much “past experience”. It makes us confident – in fact overconfident: “Every success sows the seed of failure. Success makes you overconfident.” Economists’ drive for “optimization” is often the culprit. Design includes “safety margins” for the unforeseen. Such margins come at a cost. As we try to save money we whittle away at the safety margin.
Confidence leads us to design “improvements”: it become more complex, more “daring”. As we go for “bells and whistles” we forget: “The overarching lesson is that making any change in design can alter the entire context in which the detail is embedded and thereby introduce a failure mode that would have been impossible in the original design. A single change can change everything.” In other words: the “think local” trope may be wrong and in any case misleading.
Design is no better than its implementation. As design becomes more complex, the executive tasks are spread out between more and more independent contractors and subcontractors. Creating proper interfaces between these units to achieve seamless compliance with design becomes more difficult – read costly. The collapse of Terminal 2E at Roissy-Charles de Gaulle International Airport was traced to a complex building chain in which each contractor worked as close as possible to the limit – with no regard to the overall effect. On paper complex building chains may save costs: we can squeeze the last once of inefficiency through competitive bidding each step of the way. Control of such complex chains, however, may overwhelm the system. And when “control of costs” becomes critical, “cost of control” may be one of its first victims.
(Official) regulations may lag behind design and mislead designers: the British Board of Trade, which should have determined the seaworthiness of the Titanic, failed miserably. Self-regulation is notoriously self-serving.
Failure to incorporate experience is, of course, the scourge of design. A good example is the race to the South Pole in 1911-12. Clothed in furs, using sled dogs and skis, properly fed, AMUNDSEN’s men arrived at the South Pole in mid-December. SCOTT arrived more than a month late as he fumbled and failed in his use of motorized tractors, poneys, and sled dogs, and ended up pulling sleds by hand. Foreseeably the expedition succumbed to the Antarctic winter. They were done in by a deadly mix of incompetence and poor leadership, papered over by lofty ideology of gallantry.
(SCOTT’s photographer Herbert PONTING – note the inadequate clothing)
I’d second Ernest SHACKLETON, who had said in 1909, after turning back just short of the Pole, “I should rather be a live donkey than a dead lion”.
Never trust design to a lion…
 Henry PETROVSKI (2012): To forgive design. Understanding failure. Belknap. Harvard University Press, Cambridge Mass. (p. 37)
 Henry PETROVSKI (2012): op. cit. p. 31.
 Henry PETROVSKI (2012): op. cit. p. 39.
 While Olympic and her sister ship had grown to five times the size of liners certified for the Atlantic trade, statutes governing the number of lifeboats had not grown one wit. Worse, Board rules called for a steamer to lower two boats, while in harbor, see them circle the ship twice, and winch them back in their davits. With two crews of four seamen, Titanic accomplished this and was cleared for sea by the Board. Titanic steamed off with few crew having seen these new, large boats or their unique davits AND … like the passengers, not one of them assigned to a particular station or boat. While it is true that one boat arrived at the side of the rescue ship with two more souls than her stated capacity of 65, one boat left Titanic with twelve people aboard … (I’m indebted to Tom SLOSS for these insights).
 The Inuit let their dogs fan out, abreast, with individual leads to a common ring behind them; the simplest tool to motivate the dog team was a fore-runner on skis – something to run to. The Brits attached their dogs in pairs on either side of a single harness strap as though they were dray horses. The Brits planned to drag their heavy sledges in teams of four men … either afoot or on ski. They even took an accomplished Norskie skier on the journey for the express purpose of teaching them how to ski. Few men of the party bothered. So they mostly just slogged across the snow and ice and up the Beardmore Glacier on foot.
 These skills had been honed during the earlier effort to force the Northwest Passage between the Atlantic and the Pacific. AMUNDSEN learned them from the Inuit, but also from NANSEN’s experiences. A further example: Amundsen knew that “paraffin” (kerosene) for his portable cookers which doubled as heaters in the impossible cold of the Antarctic, “creeped” as was said then. Stored in insecurely sealed cans, it evaporated. So he had all those container caps soldered tightly against the loss of fuel. Scott on the other hand was often met by almost half-empty cans when his life and those of his companions depended on that precious gas. His paraffin tins, as in 1902, had cork gaskets that failed their most crucial test.