To Engineer is Human: The Role of Failure in Successful Design by Henry Petroski

·

To Engineer is Human book coverBuy the Book: Print | eBook

Henry Petroski, through historical examples, explains the paradox of the engineering design process. Successful designs bring an opportunity to take risks and stretch the limits of design while each failure is an opportunity to learn and innovate on the next one.

The Notes

  • “I believe that the concept of failure—mechanical and structural failure in the context of this discussion—is central to understanding engineering, for engineering design has as its first and foremost objective the obviation of failure. Thus the colossal disasters that do occur are ultimately failures of design, but the lessons learned from those disasters can do more to advance engineering knowledge than all the successful machines and structures in the world. Indeed, failures appear to be inevitable in the wake of prolonged success, which encourages lower margins of safety. Failures in turn lead to greater safety margins and, hence, new periods of success. To understand what engineering is and what engineers do is to understand how failures can happen and how they can contribute more than successes to advance technology.”
  • Designed structures are constantly evolving because people’s tastes, resources, and ambitions change. Change introduces a higher possibility of failure.
  • “Engineering is a human endeavor and thus it is subject to error.”
  • The Code of Hammurabi, a Babylonian text written around 1750 BC, contained safety regulations for the construction of houses and punishment for the builders if the homes were not built to those standards.
  • “We are both fascinated by and uncomfortable with the unfamiliar.”
  • A tradeoff always exists in building structures stronger versus more economical. Bridges and buildings could be built 10x stronger but at a massive increase in costs (but a strain on the economy).
  • Overdesign is structural overkill.
  • “Success may be grand, but disappointment can often teach us more. It is for this reason that hardly a history can be written that does not include the classic blunders, which more often than not signal new beginnings and new triumphs.”
  • Designed Lifetime
    • Nothing is built to last forever. Manufactured things are designed with a usable lifetime in mind.
    • The Deacon’s Masterpiece
      • A poem by Oliver Wendell Holmes about the absurdity of building a horse-drawn carriage with no weak links — an indestructible carriage that lasts forever.
      • If every part of the carriage were equally strong, every part would wear out at the same time because everything has a lifetime.
    • “The exact lifetime of a part, a machine, or a structure is known only after it has broken.”
    • The lifetime of a structure is the most important piece of its design.
    • “One of the most important calculations of the modern engineer is the one that predicts how long it will take before cracks or the simple degradation of its materials threaten the structure’s life. Sometimes we learn more from experience than calculations, however.”
  • “Structural engineering is the science and art of designing and making, with economy and elegance, buildings, bridges, frame-works, and other similar structures so that they can safely resist the forces to which they may be subjected.” — The Structural Engineer
  • “Structural engineering must often deal in probabilities and combinations of probabilities. A safe structure will be one whose weakest link is never overloaded by the greatest force to which the structure is subjected.”
  • The engineering design process is like a hypothesis that you attempt to prove false. The goal is to design a structure that won’t fail and then set out to prove otherwise. If a part fails, the design can be altered and retested until the engineer exhausts all imaginable possibilities. The paradox is that there is no absolute certainty that any design is failproof. Within every structure exists some probability, however small, of failure.
  • Engineering is about anticipating what can go wrong.
  • “We risk remote dangers every day for the benefit of the pleasures of the day.”
  • Beam
    • The most common structural form used to span spaces, resist bending or deflect forces acting 90 degrees to its length.
    • Galileo correctly predicted a cantilever beam’s strength is proportional to the square of the depth of the beam. This was proved 75 years later, in 1713 by a Frenchman named Parent.
  • “Hindsight is always 20/20, but most of us have at some time experienced myopia when we have had to stand back and criticize our own work.”
  • Engineering, going back to the construction of the pyramids, was a process of experimentation and trial and error. Mastabas led to stepped pyramids and then to flat-sided pyramids. The Bent Pyramid proved the limits of steep sides.
  • Medieval cathedrals were also a series of innovations and trial and error in an attempt to build taller, more elegant, open structures.
  • “Every excess causes a defect; every defect an excess.” — Ralph Waldo Emerson
  • “No one wants to learn by mistakes, but we cannot learn enough from successes to go beyond the state of the art.”
  • “Defects are unplanned experiments that can teach one how to make the next design better.”
  • “I have mentioned examples of unfortunate experiences because it is easier to draw lessons from examples of poor performance than from good performance.” — Anton Tedesko, designer
  • “There is the greatest practical benefit in making a few mistakes early in life.” — T. H. Huxley, On Medical Education
  • The lessons of failures pinpoint weak links that can be avoided or strengthened in future designs.
  • “It is important that engineers study failures at least as much, if not more than successes, and it is important that the causes of structural failures be as openly discussed as can be.”
  • “The incontrovertible lesson of a single failed structure is what not to do in future designs.”
  • “While engineers can learn from structural mistakes what not to do, they do not necessarily learn from successes how to do anything but repeat the success without change. And even that can be fraught with danger, for the combination of good luck that might find one bridge built of flawless steel, well-maintained, and never overloaded could be absent in another bridge of identical design but made of inferior steel, poorly maintained or even neglected, and constantly overloaded. Thus each new engineering project, no matter how similar it might be to a past one, can be a potential failure.”
  • Uncertainty exists with every new design. Meaning engineers will always know more about what not to do, than what to do. The engineer can better predict the behavior of new designs by better understanding historic successes and failures.
  • Factor of Safety
    • Also called the “factor of ignorance”
    • Provides a margin of error by making something multiple times stronger than needed to account for several things to go wrong without threatening the success of a structure.
    • The Factor of Safety is the ratio of the Maximum Load to the Designed Load for the system.
    • A rope designed to lift a maximum of 6,000 lbs but used to lift 1,000 lb items, has a Factor of Safety = 6000/1000 = 6.
    • “The essential idea behind a factor of safety is that a means of failure must be made explicit, and the load to cause that failure must be calculable or determinable by experiment. This clearly indicates that it is failure that the engineer is trying to avoid in his design, and that is why failures of real structures are so interesting to engineers.”
    • “Generally speaking, when structural failures occur, a larger factor of safety is used in subsequent structures of a similar kind. Conversely, when groups of structures become very familiar and do not suffer unexplained failures, there is a tendency to believe that those structures are overdesigned, that is to say, they have associated with them an unnecessarily high factor of safety. Confidence mounts among designers that there is no need for such a high factor of ignorance in structures they feel they know so well, and a consensus develops among designers and code writers that the factor of safety for similar designs should in the future be lowered. The dynamics of raising the factor of safety in the wake of accidents and lowering it in the absence of accidents clearly can lead to cyclic occurrences of structural failures.”
    • Washington Monument
      • Structural studies by David Billington of Princeton University calculated its factor of safety based on three possible failures:
        • The weight of the monument crushing the stone at its base = factor of safety of 9.
        • Pushed over by wind = factor of safety of 9.
        • Cracking due to wind = factor of safety of 3.5. Suggests it would take a wind speed twice as high as the highest ever expected wind speed in Washington D.C. to topple the monument.
    • The factor of safety forces engineers to think about the risk of failure of their design.
    • “The goal of the designer is rather to recognize any counterexamples to a structurally inadequate hypothesis that he makes.”
  • Hyatt Regency Walkway Collapse
    • Hyatt Regency Hotel in Kansas City on July 17, 1981.
    • 2 walkways suspended over the atrium of the hotel collapsed on the crowded floor below enjoying a band.
    • 114 died, 200 injured.
    • $3 billion in lawsuits were filed.
    • The investigation keyed in on a design change in the walkway’s suspension system.
    • The original design showed single 45-foot rods attached to the ceiling that ran through beams in both walkways, hung one below the other, and held in place by washers and bolts.
    • The original design was only about 60% as strong as it should have been based on building codes.
    • The design change used rods to connect the lower walkway to the upper walkway, and then separate rods to connect the upper walkway to the ceiling.
    • “The new rod configuration effectively doubled the push of the washer on the box beam supporting the upper walkway’s floor, and this made the already underdesigned skywalks barely able to support their own weight.”
    • The design change made it easier to connect the two walkways but it shifted the entire weight of the lower walkway so that it was held up by the upper walkway instead of the ceiling. It was an accident waiting to happen.
    • “Explaining what went wrong with the Hyatt Regency walkways and pointing out changes that would have worked is a lot easier than catching a mistake in a design yet to be realized. After the fact there is a well-defined “puzzle” to solve to show how clever one is. Before the fact one must not only define the design “puzzle” but also verify one’s “solution” by checking all possible ways in which it can fail.”
    • Alternate load paths — account for shifting stress and strain by transferring the load from a removed element to another structural element. A catastrophic failure occurs when alternate load paths cannot take the extra load or do not exist.
    • The original designed connections for the walkway had a factor of safety of 1. Each connection could support an average load of 18,600 lbs, which was roughly the weight of the structure supported at each connection. There was no excess capacity to account for people walking, running, or dancing on the walkways. There was no margin for error.
  • Fatigue Cracks
    • 50% to 90% of all structural failures are likely due to crack growth.
    • Most cracks grow slowly, so a crack is not cause for alarm. Only when cracks go undetected and reach intolerable points that catastrophe occurs.
    • Brittle Fracture – when a large crack runs through a structure in an instant.
    • Brittle fracture can occur in steel when it’s cooled below its reference temperature.
    • Brittle fracture was the cause of ship breakups in newly adopted welded bridge designs during WWII. The new welded designs replaced the riveted designs that stopped the cracks from spreading.
    • Gestation – slow lengthening of cracks due to fatigue.
    • “All machine and structural designs are problems in fatigue because the forces of Nature are always at work and every object must respond in some fashion.” — Carl Osgood
    • Engineers must predict how fast/large cracks can go without causing failure and are tied to a structure’s lifetime limits.
    • 2 Stages of the Fatigue Process:
      1. Microscopic cracks develop at points of weakness or stress. These cracks grow with repeated stresses.
      2. The crack grows at an accelerated rate until it weakens the structure entirely.
    • “The problem of metal fatigue persists because metallurgist and engineer alike attempt to predict, from limited past experience, the behavior of ever-new materials in an uncertain future environment of use and abuse. The slightest deviation from experience in a new design can have unanticipated consequences.”
    • Prevention:
      • Quality Control – eliminate any workmanship with large flaws.
      • Fail-Safe Design – Structural obstacles to cracks are incorporated into the design where cracks might go undetected.
      • Safe-Life Design – The structure is designed to fail long after its service lifetime ends.
      • Redundancy – building in a margin for error.
      • “Ironically, structural failure and not success improves the safety of later generations of a design.”
    • Liberty Bell
      • One of the most famous engineering failures in US history.
      • Was made in England.
      • Arrived in the US in 1752 and cracked the first time it was wrung.
      • The bell was melted down. They increased the copper content of the bronze and was recast.
      • It was remelted because the second bell had a poor tone. Silver was added to improve the tone before being recast again.
      • The Pennsylvania Provincial Assembly was unhappy with the third bell, but changed their minds. It was rung on July 4, 1776.
      • The bell was removed to be hidden from the British army, suffered some abuse in transport, and was returned a year later.
      • In 1835, it cracked while being wrung for Chief Justice John Marshall’s funeral.
      • The crack grew to its current length after being wrung in 1846 for George Washington’s birthday.
  • “New and sophisticated analytical techniques, modern high-strength materials, and the aid of computers provide even greater confidence. But these advances can also make engineers overconfident that they can depart dramatically, and perhaps prematurely, from traditional designs.”
  • The Crystal Palace
    • One of the most ambitious structures built in the Victorian era for the Great Exhibition in London in 1851.
    • Designed by Joseph Paxton, born in 1801 in Bedfordshire. Duke of Devonshire employed him as a gardener and became the superintendent of the gardens at Chatsworth.
    • Paxton designed and built a greenhouse, the Great Conservatory at Chatsworth, enclosing an acre. It was considered a contemporary marvel.
    • Paxton also designed a lily house for a giant water lily that became the idea for the Crystal Palace.
    • Henry Cole presented the idea of the exhibition to Prince Albert, who loved it. He chose Hyde Park as the site and set up a committee to select the design. The first round of 245 entries found no acceptable designs.
    • Paxton persuaded the committee to allow his entry and it became the favorite after the design leaked to the press.
    • The Crystal Palace measured over 400 feet by 1,800 feet, almost 750,000 square feet.
    • It held over 100,000 exhibits for the first World’s Fair.
    • It was a glass and iron structure with 300,000 panes of glass and 4,500 tons of cast iron. It had no internal walls, low construction costs, and high salvage value.
    • It was designed to enclose 90-foot tall trees in Hyde Park, to avoid concerns about cutting down trees.
    • Building began in August for a January 1851 opening. The first column was erected in September. It took 17 weeks to complete! At £200,000.
    • “Supporting iron columns were placed at twenty-four-foot intervals. Thus, twenty-four feet became the basic unit of scale in the plan for the entire Crystal Palace. Wide interior “avenues” that stretched the length of the building were spanned by wrought-iron trusses forty-eight-feet long. And the spectacular Central Avenue was spanned by trusses three-units, or seventy-two-feet long. The arched central transept was also seventy-two-feet wide.”
    • The floor was designed with slats between wood boards for dirt and debris to be swept through.
    • Paxton’s design predated skyscrapers but followed a similar modular construction that stiffened the structure against the wind, with non-load-bearing internal walls fastened to the iron columns.
    • Many felt the structure was unsafe, including Prince Albert, who warned the King of Prussia: “Mathematicians have calculated that the Crystal Palace will blow down in the first strong gale; Engineers that the galleries would crash in and destroy the visitors.”
    • Queen Victoria opened the exhibit on May 1, 1851 (and returned about 50 times before it closed). Over 6 million people visited over 141 days. The building stood without incident.
    • It was dismantled in 1852. Paxton raised the funds to have it transported and rebuilt on Sydenham Hill, south of London. Fire destroyed it in 1936.
    • Paxton, with no formal professional training, approached design problems free from conventional academic methods.
    • “The Crystal Palace was the first large and truly significant building to be made of metal and glass, the first major building to use outer walls that provided no structural strength, and the first building constructed using prefabricated, standardized units that were shipped to the construction site for rapid assembly.”
    • “Innovation in engineering, as in everything, involves risk and is an invitation for something to go wrong. But it does not follow that innovation must lead to failure.”
  • “The paradox of engineering design is that successful structural concepts devolve into failures, while the colossal failures contribute to the evolution of innovative and inspiring structures.”
  • Bridges
    • Bridge builders have tried to make bridges lighter (lower cost), stronger, and longer throughout history, which has led to spectacular failures and successes.
    • The first iron bridge was built in Coalbrookdale, England in 1779, across the Severn River. It spanned 100 feet.
    • Iron became the primary material used to build railroad bridges.
    • The design of iron bridges went through a long trial and error period in the 19th century that saw numerous bridge collapses in England.
    • Queen Victoria appointed a commission to study iron bridges in 1847 to find a way to improve the safety of iron bridges.
    • The commission’s report, in 1849, published safety requirements for bridge construction but incorrectly theorized the fatigue failure was due to “crystallization” due to vibration.
    • Iron railroad bridges in the US during the 1800s had a similar trial-and-error period due to fatigue failures and collapses.
    • The American Society of Civil Engineers created a committee after a bridge collapsed in Dixon, Illinois. Its 1875 report offered recommendations on railroad and road bridge construction.
    • A truss bridge collapse in Ashtabula, Ohio, in 1876 that killed almost 100 people, drove Harper’s Weekly to ask, “Is there no method of making iron bridges of assured safety?”
    • “The great suspension bridges look so simple in line and principle, yet the history of failures of the genre has demonstrated that their design takes a touch of genius. And geniuses like Washington Roebling and Othmar Ammann can arguably be said to have learned more what not to do from the great failures of their forgotten predecessors than today’s designers can be expected to learn about how to design the next suspended masterpiece from either the Brooklyn or the Verrazano Narrows Bridge.”
    • The custom of soldiers’ breaking step when marching over bridges is rumored to be because a bridge collapsed in Angers, France in 1850 from vibration (structural resonance) created by 500 soldiers marching in step. Half the soldiers died.
    • Railroad Bridges
      • The early expansion of the railroad pushed engineers to design steel bridges for never-experienced conditions.
      • Railroad bridges had to be designed to hold the increasing weight of the trains and rolling stock, the speed and vibration of the train, over new and more rugged terrain.
    • Point Pleasant Bridge Failure
      • Was a 1,750-foot suspension bridge that spanned the Ohio River.
      • It collapsed in 1967 during rush hour, 75 vehicles, and led to 46 deaths.
      • The suspension system was 2 giant chains, made of 50-foot links (linked like a bike chain) instead of the typical round wire cables. It was the first of its kind.
      • The unique chain links increased the possibility of corrosion and made inspection more difficult. The growth of fatigue cracks in the links accelerated with corrosion. Once one link was weakened, it broke under the load, which set off a chain reaction. The load transferred to other links, twisted the chain, severed the connection to the bridge towers, and the bridge collapsed.
      • The poor design allowed a weak link (literally) to get weaker with time.
    • Brooklyn Bridge
      • John Roebling designed the bridge. His son Washington Roebling oversaw the construction after his father’s death.
      • Roebling’s design was based on his owning innovations for double-decked Niagara Bridge. He used a stiffened roadway and diagonal cables to counteract wind forces.
      • Washington Roebling discovered that inferior steel wire was supplied for the bridge’s cables. Rather than redo it, he increased the amount of wire to compensate for the inferior wire. That wire is still in the cables today.
      • It opened in May 1883.
      • A week after it opened, a crowd crossing the bridge panicked at rumors of a disaster, and 12 people were trampled to death. There was no disaster. Newspapers were blamed for sowing public doubt.
      • It was upgraded in 1948 with a redesign by David Steinman to handle heavier traffic for six-lanes of vehicles.
    • Tacoma Narrows Bridge Failure
      • “The Tacoma Narrows bridge failure has given us invaluable information… It has shown [that] every new structure which projects into new fields of magnitude involves new problems for the solution of which neither theory nor practical experience furnish an adequate guide. It is then that we must rely largely on judgment and if, as a result, errors or failures occur, we must accept them as a price for human progress.” — Othmar Ammann
      • One of the most spectacular engineering failures ever.
      • It was the first suspension bridge to connect the Olympic Peninsula with mainland Washington State.
      • It was designed after the Bronx-Whitestone Bridge in New York, only much narrower. The Bronx-Whitestone Bridge opened a year earlier and had extra cables installed to stiffen the bridge because of undulation in the wind.
      • It was a narrow, two-lane bridge over a half mile long.
      • The design called for an unconventional stiffened girder roadway structure rather than a deeper open-truss system. It created a slender silhouette but was more flexible in higher winds.
      • The bridge flexed throughout construction and continued after it opened in 1940. It was called Galloping Gertie. The undulation could be measured in feet.
      • Investigations after its collapse showed the roadway acted like an airplane wing. It led to aerodynamic testing of bridge designs in wind tunnels.
      • The original designers never tested the bridge for crosswinds of 40 mph or more.
      • Theodore von Kármán, director of the Daniel Guggenheim Aeronautical Laboratory, offered the first hint for why bridge failure. He offered an equation that predicted the critical wind speed that would make a narrow, slender bridge deck dangerously unstable. The bridge fell in wind 10 mph less than his calculated estimate.
  • Alexander L. Kielland Oil Rig
    • 10,000-ton steel, five-footed semi-submersible oil rig completed in 1976. It was already obsolete when it was completed.
    • The Norwegian owners turned it into a floating hotel, capable of housing 348 workers, for other rigs in the North Sea. Sleeping quarters were built on top of the drilling derrick, making it top heavy.
    • On March 27, 1980, a leg broke off during 40 mph winds and 25-foot waves. The rig tilted, the wind pushed the deck like a sail, and overturned the rig. Only 89 out of 212 men survived.
    • The broken leg was investigated and a large crack was found that likely grew from a small 3-inch crack in a weld before it was launched. The constant battering of waves caused the crack to grow over time.
    • “The investigation of the wreckage of the Kielland is an example of forensic engineering known as failure analysis… It is especially important to understand how a structure like the Kielland collapsed so that rational decisions can be made about whether or not to modify the design or use of other structures just like it.”
    • The designers anticipated the loss of one of the five legs but failed to correctly predict the consequences of that loss.
  • de Havilland Comet
    • First commercial jet.
    • It went into production without a prototype. The designers believed they over-designed the plane.
    • A Comet was destroyed on takeoff from Dum-Dum Airport in Calcutta, India on May 2, 1953 (the first anniversary of its service).
    • The Indian Government concluded that the plane was hit by too much force from a storm or pilot overcontrol because of the storm. The design was not to blame.
    • A second Comet exploded mid-flight after taking off from Rome on January 10, 1954. Debris pulled from the Mediterranean Sea offered no strong clues as to what was at fault.
    • A third Comet exploded mid-air on April 8, 1954, on a flight from London to Cairo.
    • The third explosion reignited a reinvestigation into all three planes. The evidence found that the pressurized cabin exploded before the tail broke off. The design was faulty.
    • Testing found that fatigue cracks formed near cabin window corners and then shot through the metal skin. It happened after only several thousand hours into the plane’s estimated lifetime of 35,000 hours.
    • The Comet’s pressurized cabin was a new design but fatigue was never anticipated. The designers were more concerned with containing pressure.
    • The window panel was replaced with a reinforced panel to protect against fatigue in the upgraded Comet 4.
    • The Comet 4 was the first passenger plane to service trans-Atlantic travel in 1958.
    • “Even when it seems incontrovertibly clear what is the cause of an aircraft accident, the final report only concludes a ‘probable cause’ because there is no knowing when future evidence, information, or technological understanding will provide a ’cause behind the cause.’”
  • “Technologists, like scientists, tend to hold on to their theories until incontrovertible evidence, usually in the form of failures, convinces them to accept new paradigms.”
  • Slide Rules
    • Were the most important engineering tools before the computer.
    • It only calculated out to 3 decimal places.
    • It was replaced by the Texas Instruments pocket calculator in 1972 which went to 10 decimal places.
    • Computers replaced the calculator, which allowed engineers to perform millions of calculations and analyze complex structures.
    • Tech creates an illusion of power over complexity that didn’t exist with the slide rule. The higher “precision” leads to overconfidence in engineer’s computer models.
    • The risk is that every part in a design is overoptimized for weight and strength to make it the most economical, leaving no room for error in the calculations.
    • “While the computer can be an almost indispensable partner in the design process, it can also be a source of overconfidence on the part of its human bosses.”
    • “Because the answers are so precise there is a tendency to believe them implicitly. The increased volume of numerical work can become a substitute for assessing the true structural action of the building as a whole. Thus, the use of computers in design must be policed by knowledgeable and experienced designers who can rapidly evaluate the value of an answer and the practicality of a detail.” — James G. MacGregor, chairman of the Canadian Concrete Code Committee
    • “Computer models that predict the behavior of the economy have come increasingly to be relied upon to justify major economic decisions, and yet these models are not necessarily any more infallible than the ones that predict the fatigue life of a bus frame.”
  • Cause of Failures
    • “The causes of failures can be as many and as muddled as their lessons.”
    • “Usually buildings fail through men’s ignorance, carelessness, or greed.” — Thomas McKaig
    • Thomas McKaig’s List from Building Failures:
      • Ignorance
        • Incompetent men in charge of design, construction, or inspection.
        • Supervision and maintenance by men without necessary intelligence.
        • Assumption of vital responsibility by men without necessary intelligence.
        • Competition without supervision.
        • Lack of precedent.
        • Lack of sufficient preliminary information.
      •  Economy
        • In first cost.
        • In maintenance.
      • Lapses, or carelessness
        • An engineer or architect, otherwise careful and competent, shows negligence in some certain part of the work.
        • A contractor or superintendent takes a chance, knowing he is taking it.
        • Lack of proper coordination in production of plans.
      • Unusual occurrences — earthquakes, extreme storms, fires, and the like.
    • “To obviate failure, a designer must anticipate it.”
    • “It is the engineer’s constant challenge to conceive the new from the old, and it is his lot to worry about his curious kind of time travel that transcends the instruments of calculation and forces him always to think about the future to avoid the failures of the past.”
  • “Good judgment is usually the result of experience. And experience is frequently the result of bad judgment. But to learn from the experience of others requires those who have the experience to share the knowledge with those who follow.” — Barry LePatner, an attorney for engineering firms who argued for more disclosure on structural failures before a House subcommittee.
  • “Design involves assumptions about the future of the object designed, and the more that future resembles the past the more accurate the assumptions are likely to be. But designed objects themselves change the future into which they will age. It follows that departures from traditional designs are more likely than not to hold surprises. Good design minimizes the effects of surprises by anticipating troublesome details and by overdesigning for an extra measure of safety.”
  • Failure is the combination of inexperience, too restricitive requirements, pressures of deadlines, and worry over profit margins.
  •  “A profession that never has accidents is unlikely to be serving its country efficiently.” — Sir Alfred Pugsley, pioneered the study of metal fatigue in aircraft
  • The constant goal of structural engineering in a changing society is to build safe structures more economically.
  • Each successful structure bring questions of how much larger, lighter, cheaper, the next structure can be made.
  • “Nothing was so instructive to the younger Members of the Profession, as records of accidents in large works, and of the means employed in repairing the damage. A faithful account of those accidents, and of the means by which the consequences were met, was really more valuable than a description of the most successful works. The older Engineers derived their most useful store of experience from the observations of those casualties which had occurred to their own and to other works, and it was most important that they should be faithfully recorded.” — Robert Stephenson, civil engineer, 1856
  • “No disaster need be repeated, for by talking and writing about the mistakes that escape us we learn from them, and by learning from them we can obviate their recurrence.”
  • “We must welcome the future, remembering that soon it will be the past; and we must respect the past, knowing that once it was all that was humanly possible.” — George Santayana
  • “The most dramatic failures have occurred in a climate of overconfidence and carelessness, and the least we can learn from those incidents is to be more vigilant. Accidents and near accidents remain our surest reminders that engineering is a human endeavor that takes place in the context of other human endeavors, including calculated risk and celebration.”

Buy the Book: Print | eBook

Or read other book notes.

Get more weekly wisdom.

Sign up for my weekly newsletter. Join 1,000s of readers and never miss a post.

Newsletter Subscribe Form

Work with Me

Financial Planning

Investment Management

Portfolio Review

Let’s Talk