The Personal Website of Mark W. Dawson

Containing His Articles, Observations, Thoughts, Meanderings,
and some would say Wisdom (and some would say not).

Engineering Failures

1. Introduction
2. Failure of Knowledge
   1. de Havilland DH 106 Comet Aircraft
3. Failure of imagination
   1. The 1940 Tacoma Narrows Bridge
4. Failure of Management
   1. The Challenger Disaster
5. The Failure of all Three
   1. The Hyatt Regency Walkway Collapse
6. Nonfeasance, Misfeasance, Malfeasance, and Malpractice
7. Mathematical Tools of Modern Science and Engineering
8. Computer Modeling Issues, Concerns & Limitations
9. Final Thoughts
10. Further Readings
11. Disclaimer

Introduction

In this article, I will discuss failures in engineering. As engineering failures become apparent and lead to dramatic consequences to the public, and politicians, often demand answers as to how they could have happened. As there are many scientific and technological reason for an engineering failure it can be difficult to discover and pinpoint the exact cause of the failure. This paper is not about specific reasons for an engineering failure. It is, instead, about the types of failures as it relates to the human endeavor of engineering. These types of failures can be categorized as resulting from 1) Failure of Knowledge, 2) Failure of Imagination, or 3) Failure of Management.

Whenever we conduct scientific experiments or create an engineering design, it is subject to failures. In scientific experiments, this failure leads to false hypothesis and is usually discovered when others attempt to validate or invalidate a scientific hypothesis. If undetected the scientific hypothesis can lead to a scientific theory, which is wrong, and the theory could lead other scientists astray. Over time the scientific theory will be discovered to be wrong and a correct theory will take its place. In engineering, if these failures go undetected it can lead to a disaster that causes a loss of lives, bodily injuries, or damage to property.

No one person can know all the scientific factors and engineering constraints that can affect the success or failure of an engineering design. That is why modern engineering is done by a team. Even a team effort may result in missing a factor or factors that could negatively affect an engineering design. But we can try to negate the consequences of an engineering failure by adopting engineering practices and procedures that reduces the possibility of failure. However, failure will still occur, and it will occur because of the three previously stated reasons. This is due to a normal human error which will be with us a long as humans lack knowledge or vision and make mistakes or miscommunicate with each other. When we discover the cause of an engineering failure the critics often state that the engineers should have known about that, or thought about that, or prepared for that. But this is often not possible because of the unknown, unimaginable, or unmanageability that occurs in normal human enterprises. Therefore, you need to examine an engineering failure to determine if it was because of these factors before you assign responsibility or liability. The most important thing to be learned when the unknown, unimaginable, or unmanageability occurs is to incorporate the lessons learned in future engineering efforts, to reduce the possibility of failure in future engineering endeavors.

I should point out that I am NOT a scientist or engineer, nor have I received any education or training in science or engineering. This paper is the result of my readings on this subject in the past decades. Many academics, scientists, and engineers would critique what I have written here as not accurate nor through. I freely acknowledge that these critiques are correct. It was not my intentions to be accurate or through, as I am not qualified to give an accurate nor through description. My intention was to be understandable to a layperson so that they can grasp the concepts. Academics, scientists and engineers’ entire education and training is based on accuracy and thoroughness, and as such, they strive for this accuracy and thoroughness. When writing for the general public this accuracy and thoroughness can often lead to less understandability. I believe it is essential for all laypersons to grasp the concepts of within this paper, so they make more informed decisions on those areas of human endeavors that deal with this subject. As such, I did not strive for accuracy and thoroughness, only understandability.

Failure of Knowledge

The first engineering failure factor is simply that something is unknown, or it is not fully known or appreciated. Engineering is always discovering new principles and improving current engineering principles. A Failure of Knowledge can often lead to a disaster as the following example typifies:

de Havilland DH 106 Comet Aircraft

Two De Havilland Comet passenger jets broke up in mid-air and crashed within a few months of each other in 1954. As a result, systematic tests were conducted on a fuselage immersed and pressurized in a water tank. After the equivalent of 3,000 flights, investigators at the Royal Aircraft Establishment (RAE) were able to conclude that the crash had been due to failure of the pressure cabin at the forward Automatic Direction Finder window in the roof. This 'window' was in fact one of two apertures for the aerials of an electronic navigation system in which opaque fiberglass panels took the place of the window 'glass'. The failure was a result of metal fatigue caused by the repeated pressurization and de-pressurization of the aircraft cabin. Also, the supports around the windows were riveted, not bonded, as the original specifications for the aircraft had called for. The problem was exacerbated by the punch rivet construction technique employed. Unlike drill riveting, the imperfect nature of the hole created by punch riveting caused manufacturing defect cracks which may have caused the start of fatigue cracks around the rivet.

The Comet's pressure cabin had been designed to a safety factor comfortably in excess of that required by British Civil Airworthiness Requirements (2.5 times the cabin proof test pressure as opposed to the requirement of 1.33 times and an ultimate load of 2.0 times the cabin pressure) and the accident caused a revision in the estimates of the safe loading strength requirements of airliner pressure cabins. In addition, it was discovered that the stresses around pressure cabin apertures were considerably higher than had been anticipated, especially around sharp-cornered cut-outs, such as windows. As a result, all future jet airliners would feature windows with rounded corners, greatly reducing the stress concentration. This was a noticeable distinguishing feature of all later models of the Comet. Investigators from the RAE told a public inquiry that the sharp corners near the Comets' window openings acted as initiation sites for cracks. The skin of the aircraft was also too thin, and cracks from manufacturing stresses were present at the corners.

This is a classic case of failure of knowledge. Although metal fatigue was known at the time its importance and consequences were not fully understood, nor that the design or construction of windows could increase the likelihood of failure. Because of this disaster metal fatigue became a much more important factor when creating an engineering design, and construction details needed to be incorporated into the design.

Failure of imagination

Failure of imagination occurs when the engineers do not take into consideration all the possibilities that can occur when doing their designs, or when their design is manufactured or constructed, or during the utilization of their product. This is best exemplified as follows:

The 1940 Tacoma Narrows Bridge

The 1940 Tacoma Narrows Bridge, the first Tacoma Narrows Bridge, was a suspension bridge in the U.S. state of Washington that spanned the Tacoma Narrows strait of Puget Sound between Tacoma and the Kitsap Peninsula. It opened to traffic on July 1, 1940, and dramatically collapsed into Puget Sound on November 7 of the same year. At the time of its construction (and its destruction), the bridge was the third-longest suspension bridge in the world in terms of main span length, behind the Golden Gate Bridge and the George Washington Bridge. Construction on the bridge began in September 1938. From the time the deck was built, it began to move vertically in windy conditions, which led to construction workers giving the bridge the nickname Galloping Gertie. The motion was observed even when the bridge opened to the public. Several measures aimed at stopping the motion were ineffective, and the bridge's main span finally collapsed under 40-mile-per-hour (64 km/h) wind conditions the morning of November 7, 1940.

Following the collapse, the United States' involvement in World War II delayed plans to replace the bridge. The portions of the bridge still standing after the collapse, including the towers and cables, were dismantled and sold as scrap metal. Nearly 10 years after the bridge collapsed, a new Tacoma Narrows Bridge opened in the same location, using the original bridge's tower pedestals and cable anchorages. The portion of the bridge that fell into the water now serves as an artificial reef. The bridge's collapse had a lasting effect on science and engineering. In many physics textbooks, the event is wrongly presented as an example of elementary forced resonance, with the wind providing an external periodic frequency that matched the bridge's natural structural frequency. In reality, the actual cause of failure was aeroelastic flutter. Its failure also boosted research in the field of bridge aerodynamics-aeroelastics, the study of which has influenced the designs of all the world's great long-span bridges built since 1940.

The failure of imagination was that a bridge span could act aerodynamically. It was not thought that a solid structure could be impacted by air flow. Engineers knew that solid structures were impacted by water flow and allowed for this in their designs. Airflow was thought to be negligible on solid structures and was therefore not accounted for. Now, because of this failure, all open-air structures go through aerodynamic design analysis to determine the impact of air flow.

Failure of Management

Modern engineering requires good management be put in place to oversee the engineering team to assure that sound engineering practices are being followed, as well as the cost and schedule constraints are being met. Yet mistakes can be made by the management team that can have a negative effect on the engineering design. If incorrect or incomplete engineering practices are in place things can go very badly. If management prioritizes cost and schedule over engineering practices corners may be cut to meet the cost and schedule constraints. And often the marketing decisions on what functions and features need to be included, the product esthetics, how much it should cost, and when it needs to reach market have an impact on the engineering. The following an excellent example on the failure of management:

The Challenger Disaster

On January 28, 1986, the NASA shuttle orbiter mission STS-51-L and the tenth flight of Space Shuttle Challenger (OV-99) broke apart 73 seconds into its flight, killing all seven crew members, which consisted of five NASA astronauts and two payload specialists. The spacecraft disintegrated over the Atlantic Ocean, off the coast of Cape Canaveral, Florida, at 11:39 EST (16:39 UTC). Disintegration of the vehicle began after an O-ring seal in its right solid rocket booster (SRB) failed at liftoff. The O-ring was not designed to fly under unusually cold conditions as in this launch. Its failure caused a breach in the SRB joint it sealed, allowing pressurized burning gas from within the solid rocket motor to reach the outside and impinge upon the adjacent SRB aft field joint attachment hardware and external fuel tank. This led to the separation of the right-hand SRB's aft field joint attachment and the structural failure of the external tank. Aerodynamic forces broke up the orbiter.

The Presidential Commission on the Space Shuttle Challenger Accident, also known as the Rogers Commission after its chairman, was formed to investigate the disaster. The commission members were Chairman William P. Rogers, Vice Chairman Neil Armstrong, David Acheson, Eugene Covert, Richard Feynman, Robert Hotz, Donald Kutyna, Sally Ride, Robert Rummel, Joseph Sutter, Arthur Walker, Albert Wheelon, and Chuck Yeager. The commission worked for several months and published a report of its findings. It found that the Challenger accident was caused by a failure in the O-rings sealing a joint on the right solid rocket booster, which allowed pressurized hot gases and eventually flame to "blow by" the O-ring and make contact with the adjacent external tank, causing structural failure. The failure of the O-rings was attributed to a faulty design, whose performance could be too easily compromised by factors including the low temperature on the day of launch

The actual inside story of the disaster illuminates the failure of management. The United States government had a great impetus for launching the flight – mainly pride and showmanship, as well as demonstrating the skills and abilities of NASA, and NASA was eager to cooperate with this impetus. The real story was discovered by Sally Ride from her contacts with the engineers at NASA and the companies who designed and developed the solid booster rockets that contained the O-Rings. As a NASA employee, she felt constrained to reveal it herself and did not want to compromise the confidentiality of those employees who revealed the truth to her. She, therefore, informed Richard Feynman (one of the greatest physicist of the second half of the 20th century) of the true situation, who felt no such constraints, and he was unaware of the names of the personnel involved.

During the design and development of the Space Shuttle there were many cost overruns and schedule delays. To cut down on these cost and schedule impacts NASA decided that not all engineered systems be thoroughly tested, and some systems would only pass a modeling test rather than an engineering test. The O-Ring design was one of the systems that were model tested, as it was so simple that NASA management considered it an unlikely potential failure. The design and development engineers, as well as the NASA engineers, knew that prolong cold could impact the O-Rings capabilities, and modeled the acceptable minimal temperature over an acceptable exposure time. On the morning of the launch the temperature was at the minimal point, but because of launch delays, the exposure time was greater than that which was modeled. The engineers responsible for the design and development of the O-Rings recommended that the launch be delayed for warmer weather, but NASA management decided that the risk was acceptable and gave the OK to launch, with disastrous results.

Richard Feynman realized the absurdity of these decisions and decided to reveal this to the American people at a public hearing. On the morning of the public hearing, he arrived early and placed a sample of the O-Ring in a glass of ice (the minimal temperature). He then waited for the same amount of time that the shuttle sat waiting to be launched to reveal the real reason the O-Ring failed. He explained his findings and actions, then took the sample O-Ring out of the glass and banged it on the table, where it promptly shattered. A very simple and inexpensive experiment revealed that the model testing was inaccurate and an engineering test could be done inexpensively that would have revealed the true parameters of a safe launch. This revelation and follow-on investigation finally uncovered the management decisions that led to the Challenger disaster.

I can think of no better example of the Failure of Management than the Challenger disaster, and the dangers of management decisions overriding the engineers’ judgment.

The Failure of all Three

All failures are a result of the combinations of knowledge, imagination, and management failures. The previous examples highlight the primacy of one of the types of failure that played a significant factor in the failure. Sometimes, however, two or all the factors are significant in a failure. The following is an excellent example of all three factors being significant in the failure. 

The Hyatt Regency Walkway Collapse

On the evening of July 17, 1981, approximately 1,600 people gathered in the atrium to participate in and watch a tea dance. At 7:05 p.m. the second-level walkway held approximately 40 people with more on the third and an additional 16 to 20 on the fourth level who watched the activities of the crowd in the lobby below. The fourth-floor bridge was suspended directly over the second-floor bridge, with the third-floor walkway offset several meters from the others. Construction difficulties resulted in a subtle but flawed design change that doubled the load on the connection between the fourth-floor walkway support beams and the tie rods carrying the weight of both walkways. This new design was barely adequate to support the dead load weight of the structure itself, much less the added weight of the spectators. The connection failed, and the fourth-floor walkway collapsed onto the second-floor walkway. Both walkways then fell to the lobby floor below, resulting in 111 deaths at the scene and 219 injuries. Three additional victims died after being transported to hospitals, bringing the total number of deaths to 114. Investigators concluded that the basic problem was a lack of proper communication between Jack D. Gillum and Associates and Havens Steel. In particular, the drawings prepared by Jack D. Gillum and Associates were only preliminary sketches but were interpreted by Havens as finalized drawings. Jack D. Gillum and Associates failed to review the initial design thoroughly, and accepted Havens' proposed plan without performing basic calculations that would have revealed its serious intrinsic flaws — in particular, the doubling of the load on the fourth-floor beams. It was later revealed that when Havens called Jack D. Gillum and Associates to propose the new design, the engineer they spoke with simply approved the changes over the phone, without viewing any sketches or performing calculations. The Hyatt collapse remains a classic model for the study of engineering ethics and errors, as well as disaster management.

The failure of knowledge was in the engineers not knowing the issues (scientific, engineering, and construction) in regard to the new type of connections and support system they designed for the walkways. The failure of imagination occurred due to the engineers not allowing for the possibility that a walkway could break with serious consequences, and how to mitigate for this possibility. And because of this failure they did not anticipate the cascading failure of one walkway causing a failure to the other walkways. The engineers also did not imagine that a small design change during the construction would have significant impacts. And finally, the management of this effort failed to institute formal design reviews and approvals, that allowed for disastrous possibilities, and design change reviews during construction.

Nonfeasance, Misfeasance, Malfeasance, and Malpractice

The Three Failures previously discussed are not the only, and not the major reasons for engineering failures. The most common causes of engineering failure are Nonfeasance, Misfeasance, Malfeasance or Malpractice as defined below.

Nonfeasance - the failure of an agent (employee) to perform a task he/she has agreed to do for his/her principal (employer), as distinguished from "misfeasance" (performing poorly) or "malfeasance" (performing illegally or wrongly). Misfeasance - management of a business, public office or other responsibility in which there are errors and an unfortunate result through mistake or carelessness, but without evil intent and/or violation of the law. Misfeasance is distinguished from "malfeasance" which is conduct in violation of the law. Malfeasance - intentionally doing something either legally or morally wrong which one had no right to do. It always involves dishonesty, illegality, or knowingly exceeding authority for improper reasons. Malfeasance is distinguished from "misfeasance," which is committing a wrong or error by mistake, negligence or inadvertence, but not by intentional wrongdoing. Malpractice - an act or continuing conduct of a professional which does not meet the standard of professional competence and results in provable damages to his/her client or patient. Such an error or omission may be through negligence, ignorance (when the professional should have known), or intentional wrongdoing. However, malpractice does not include the exercise of professional judgment even when the results are detrimental to the client or patient.

When Nonfeasance, Misfeasance, Malfeasance or Malpractice occurs there could be civil or criminal penalties as a result, and there should be. Those engineers or engineering firms that have engaged in Nonfeasance, Misfeasance, Malfeasance or Malpractice need to be brought to justice if only to deter others from committing Nonfeasance, Misfeasance, Malfeasance or Malpractice acts. However, in the pursuit of justice, all should be aware that if the engineering disaster is a result of the Three Failures discussed previously there may not be Nonfeasance, Misfeasance, Malfeasance or Malpractice involved. In those cases, engineers and engineering firms must learn from their mistakes and not repeat them. Some other engineering failures can be viewed on the YouTube videos "Most Expensive Mistakes in All History - Part 1" and "Most Expensive Mistakes in all History - Part 2".

Mathematical Tools of Modern Science and Engineering

Galileo was the first scientist of the modern scientific world, in that he applied Observation and Experimentation, along with Mathematical Equations, to describe his scientific hypothesis. Since then math has been integral to science, and Mathematical computations have become more complex and difficult to compute, and often fraught with error. In their attempts to perform these Mathematical computations scientists and engineers have invented tools to assist them in these Mathematical computations. The most significant of these Mathematical computational tools are Slide Rulers, Calculators, and Computers, which my article Mathematical Tools of Modern Science and Engineering examines.

Computer Modeling Issues, Concerns & Limitations

Most scientific and engineering endeavors utilize Computer Modeling. Therefore, you need to know the issues, concerns, and limitations of Computer Modeling to determine its impact on the scientific and engineering endeavors. Computer Modeling is another paper I have written that examine the issues, concerns, and limitations of Computer Modeling. I would direct you to this paper to better understand Computer Modeling. However, the conclusions of this paper are as follows.

Computer modeling has at its core three levels of difficulty – Simple Modeling, Complex Modeling, and Dynamic Modeling. Simple modeling is when you are working on a model that has a limited function; a few (hundreds or maybe a thousand) of constants and variables within the components of the model, and a dozen or so interactions between the components of the model. Complex modeling occurs when you incorporate many simple models (subsystems) together to form a whole system, or where there are complex interactions and/or feedback within and between the components of the computer model. Not only must the subsystems be working properly, but the interactions between the subsystems must be modeled properly. Dynamic modeling occurs when you have subsystems of complex modeling working together, or when external factors that are complex and varying are incorporated into the computer model.

The base problem with computer modeling is twofold; 1) verification, validation, and confirmation, and 2) correlation vs. causation. Verification and validation of numerical models of natural systems are impossible. This is because natural systems are never closed and because model results are always nonunique. The other issue of correlation vs. causation is how can you know that the results of your computer model are reflecting the actual cause (causation), or are they merely appearing to be the cause (correlation). To determine this, you need to mathematically prove that your computer model is scientifically correct, which may be impossible.

Therefore, all computer models are wrong – but many of them are useful! The first thing to keep in mind when dealing with computer models is that when thinking about a computer model it is very important to remember three things:

1. That we know what we know, and we need to be sure that what we know is correct.
2. That we know what we don't know, and that allowances are made for what we don’t know.
3. That we don't know that we don't know, which cannot be allowed for as it is totally unknown.

It is numbers 2 and 3 that often is the killer in computer modeling and often leads to incorrect computer models.

You also need to keep in mind the other factors when utilizing computer models:

1. Constants and Variables within a component of the computer model are often imprecisely known leading to incorrect results within the components, which then get propagated throughout the computer model.
2. The interactions between the components are often not fully understood and allowed for, and therefore not computer modeled correctly.
3. The feedback and/or dynamics within the computer model is imprecise, or not fully known, which leads to an incorrect computer model.

All these factors will result in the computer model being wrong. And as always remember GIGPGO (Garbage In -> Garbage Processing -> Garbage Out).

You should also be aware that when computer modeling is utilized to model for a long period of time the longer the time period modeled the more inaccurate the computer model will become. This is because the dynamics and feedback errors within the computer model build up which affects the long-term accuracy of the computer model. Therefore, long-term predictions of a computer model are highly suspect. Another thing to be aware of is that if you are computer modeling for a shorter period of time it needs to be of a sufficient period of time to determine the full effects of the computer model or to provide results that are truly useful. Too short of a time period will provide inconclusive (or wrong) results to be practicable. Therefore, short-term predictions of a computer model can be suspect.

And finally, Chaos, Complexity, and Network Science have an impact on computer models and cannot be properly accounted for, which affects the accuracy of the computer model.

The lesson from this paper is that a computer model is not an answer but a tool – and don’t trust the computer model but utilize the computer model. The computer modeling system itself may contain errors in its programming. The information that goes into the computer model may be incorrect or imprecise, or the interactions between the components may not be known or knowable. And there may simply be too many real-world constants and variables to be computer modeled. Use the computer model as a tool and not an answer, and above all use your common sense when evaluating the computer model. If something in the computer model is suspicious examine it until you understand what is happening.

Final Thoughts

As to what can be learned from engineering failures it is that they will always occur. Human knowledge is limited but expanding, and this limitation may lead to engineering failure. Human imagination is also limited and imprecise, which leads to engineering failures. And humans make mistakes and miscommunicate with each other, that can also lead to engineering failure. Good management and teamwork can reduce these possibilities, but not eliminate them. And management has other than engineering factors that can negatively affect the engineering, which leads to engineering failures. Environmental conditions such as stress, forces, weather, temperature, etc. cannot be accurately known and predicted, which will eventually lead to the failure of engineering systems.

It is a truism that all engineering systems will eventually fail. We hope and design engineering systems so that they don’t fail within their design lifetime, and that we can fix problems if and when they are discovered. But we must accept engineering failure as a fact of life. When it occurs, we should learn from the engineering failure, incorporate this knowledge into future engineering efforts, and try to not repeat the factors that led to the failure.

Further Readings

One of the best books that examines these issues is “To Engineer is Human – The Role of Failure in Successful Design” by Henry Petroski. Although the book is several decades old the principles he expounds are still applicable. In addition, it is an easy and entertaining read. I would recommend this book to all. I would also recommend the Wikipedia article on Engineering disasters which provides more information on this subject, as well as links to other Wikipedia articles on other disasters and their causes.

Some interesting website with general scientific topics are:

• Ask a Mathematician / Ask a Physicist
• Ask the Physicist!
• Physics and Astronomy Ask the Experts
• The Skeptic's Dictionary
• Understanding Science – how science really works

Disclaimer

Please Note - many academics, scientist and engineers would critique what I have written here as not accurate nor through. I freely acknowledge that these critiques are correct. It was not my intentions to be accurate or through, as I am not qualified to give an accurate nor through description. My intention was to be understandable to a layperson so that they can grasp the concepts. Academics, scientists, and engineers entire education and training is based on accuracy and thoroughness, and as such, they strive for this accuracy and thoroughness. I believe it is essential for all laypersons to grasp the concepts of this paper, so they make more informed decisions on those areas of human endeavors that deal with this subject. As such, I did not strive for accuracy and thoroughness, only understandability.

Most academics, scientist, and engineers when speaking or writing for the general public (and many science writers as well) strive to be understandable to the general public. However, they often fall short on the understandability because of their commitment to accuracy and thoroughness, as well as some audience awareness factors. Their two biggest problems are accuracy and the audience knowledge of the topic.

Accuracy is a problem because academics, scientist, engineers and science writers are loath to be inaccurate. This is because they want the audience to obtain the correct information, and the possible negative repercussions amongst their colleagues and the scientific community at large if they are inaccurate. However, because modern science is complex this accuracy can, and often, leads to confusion amongst the audience.

The audience knowledge of the topic is important as most modern science is complex, with its own words, terminology, and basic concepts the audience is unfamiliar with, or they misinterpret. The audience becomes confused (even while smiling and lauding the academics, scientists, engineers or science writer), and the audience does not achieve understandability. Many times, the academics, scientists, engineers or science writer utilizes the scientific disciplines own words, terminology, and basic concepts without realizing the audience misinterpretations, or has no comprehension of these items.

It is for this reason that I place understandability as the highest priority in my writing, and I am willing to sacrifice accuracy and thoroughness to achieve understandability. There are many books, websites, and videos available that are more accurate and through. The subchapter on “Further Readings” also contains books on various subjects that can provide more accurate and thorough information. I leave it to the reader to decide if they want more accurate or through information and to seek out these books, websites, and videos for this information.