Post on 12-Jan-2016
description
Famous Failures:The Vasa
The Story of the VasaTaken from http://www.cise.ufl.edu/~jnw/OOCourse/Lectures/01.05.html
• 1625: King Gustav of Sweden commissions construction of a new flagship, the Vasa.
• Hendrick Hybertszoon (master shipwright from Holland) is selected to build it. • No written specifications • Shipbuilder assumes ship will be 108 feet in length.
– After first review, King Gustav requests a 135 foot ship. – Timber is added to make the ship 120 feet.
• While on vacation, King Gustav finds out that the Danish king is building a ship with three gun decks.
– He asks that a third gun deck be added to the two already on the Vasa.– 50 brass 24-lb cannons (at one ton each) will be added.
• Stability tests are conducted (involving 30 sailors who run from one side of the ship to the other). The ship appears to be unstable, but the problems are ignored and not communicated up the chain.
• On a Sunday in August 1628, the Vasa sets sail. One mile from harbor a wind gust catches the main sail and the ship overturns and immediately sinks.
• The Vasa was later brought up from the briny deep at greater cost than was expended in her manufacture.
Parallels between Shipbuilding in the 1600's and Software in the 1990's
• Shipbuilding in the 1600's was a craft based on engineering practice.
• Specifications for ships were ad hoc and usually verbally communicated.
• Designs for ships were inadequate to insure the finished product would satisfy the needs of its users.
• The full implications of changes to the design were not always understood.
• Too much time was wasted carving decorative sculpture prior to determining if the ship would sail.
• Success breeds failure. Those who succeeded in building small ships would believe they knew how to do it even though they had no idea of the fundamental physical principles involved.
• Shipwrights in the 1600's (one in particular) did not know how to say ``no'' to customers.
Implications:
• Systems may last longer than we think (sometimes hundreds of years).
• Maintenance costs may exceed the original development cost.
• We can examine, in minute detail, components of systems we have built decades or even centuries later.
Famous System Failures 1Name Year poor
requirements?Probable cause of failure
Hubble Space Telescope
1990 NoLack of total system test. Mirror was too flat on one edge by 1 / 50th of the width of human hair.
Ariane 5 missile 1996 NoIncorrect reuse of softwareFaulty scaling up, Faulty software testing, Software operand error
SuperConductingSuperCollider
1995 NoCost overruns, Failure to maintain public support
GE rotary compressor refrigerator
1986 No Inadequate testing of new technology
Motorola, Iridium 1999 NoMisjudged competition and miss-predicted technology
IBM PCjr 1983 Yes An attempt to impose customer needs
Space Shuttle Challenger
1986 NoFailure to communicate with design,Motivation to make client “happy”
War in Vietnam 1967-72 YesNo problem statement,Micromanagement
Edsel automobile 1958 Yes Failure to discover customer needs
Titanic 1912 No Poor quality control
Apollo-13 1970 No
http://tucson.sie.arizona.edu/sysengr/slides/failures.doc.
Famous System Failures 2Name Year poor
requirements?Probable cause of failure
Tacoma Narrows Bridge
1940 NoScaling up an old design (remind you of something?)
New Coke 1988 YesArrogance, The “wrong question” questionnaire, Underestimating the effects of social influence
A-12 airplane 1980s No Mismanagement ($2B for nothing)
Chernobyl Nuclear Power Plant
1986 NoBad design, Bad risk management,Cost cutting
Lewis Spacecraft 1997 NoDesign mistakes, Ineffective assurance processes at NASA
Mars Climate Orbiter
1999 NoLack of training of Navigation team, Technical error (use of English and not Metric units)
Mars Polar Lander 2000 No Failure of middle management
Sept 11 attack on WTT
2001 Yes Flimsy cockpit door
Super-Conducting Super-Collider Failure
• In the 1980s a project got underway in the U.S. to build a device in Texas.
• It had the support of 3 presidents from both parties: Reagan, Bush (senior), and Clinton.
• Billions were spent on research and development
• Land for the 'runway' was purchased and excavation begun.
• And then Congress pulled the plug. back
Challenger
• On January 28, 1986 the challenger space shuttle exploded about 1 minute after launch killing all 7 astronauts on board.
• The shuttle exploded because two rubber O-rings leaked after losing their resiliency because the shuttle was launched on a very cold day (less than 0 Celsius).
• On the day before the launch the engineers who designed the rockets were opposed to launching the challenger because they were concerned that the rings would not seal at such cold temperatures. This was to be the EXACT cause of the accident.
Edward R. Tufte: Visual Explanations. Back
Challenger
• The engineers presented their case using 13 charts which they faxed to NASA.
• A high level NASA official was “appalled” by the recommendation, and asked that the rocket maker (Morton Thiokol) should reconsider – even though this was the ONLY no-launch recommendation in 12 years.
• Other NASA officials pointed out serious weaknesses in the charts.
• Reassessing their the situation after such responses, the Morton Thiokol managers changed their minds and favored a launch.
• They explained their change of mind by saying that the evidence presented by the engineers was inconclusive in showing that O-ring problems were linked to cool temperatures.
Edward R. Tufte: Visual Explanations. Back
Challenger
Back
Challenger
Edward R. Tufte: Visual Explanations. Back
Tacoma Narrows BridgeCollapsed in 1940
• If engineers like had solved the same problem nearly a century ago- why did it happen?
• Two reasons—By the 1920s and 1930s, after– many successful suspension
bridges had been built – engineers became overly confident
in their ability to extrapolate from earlier experience
– Preoccupation with with economy and aesthetics
http://www.cis.gsu.edu/~mkeil/cis8150/why%20study%20failure.pdf Back
See movie
Why Study Failures?
• There is probably more to learn from failures than from successes– As long as you are willing to look honestly at
the reasons for failure– Too many times failures are brushed away
and not learned from- ensuring that more failures will occur
Those who do not remember the
past are condemned to repeat it