[HN Gopher] Why isn't Titan classed? (2019)
___________________________________________________________________
Why isn't Titan classed? (2019)
Author : ZeljkoS
Score : 179 points
Date : 2023-06-23 20:41 UTC (2 hours ago)
(HTM) web link (web.archive.org)
(TXT) w3m dump (web.archive.org)
| nakedneuron wrote:
| Everybody seems to be concerned with technical failure. Can we
| rule out the human factor? What if somebody fired a bullet from
| the inside? Would it withstand?
| Mizoguchi wrote:
| If their $30 joystick wasn't a red flag their RTM system should
| had been.
| yreg wrote:
| What's bad about a $30 Logitech controller? It should be more
| reliable than what they can build on their own.
| AHOHA wrote:
| Absolutely nothing wrong! We use similar joysticks in more
| missions critical jobs, but people are ignorant sometimes,
| joystick is bad but a fuse or transistor or other component
| costing $0.3 is completely fine.
| gnfargbl wrote:
| _> While classing agencies are willing to pursue the
| certification of new and innovative designs and ideas, they often
| have a multi-year approval cycle due to a lack of pre-existing
| standards_
|
| "...and although that approach is perfectly reasonable from an
| engineering standpoint, our commercial model can't accommodate
| it."
| jonathankoren wrote:
| "[F]or example, in the case of many of OceanGate's innovations,
| such as carbon fiber pressure vessels"
|
| This ain't the innovative win they thought it was. In fact, it's
| a self-own.
|
| I recently saw a material scientist that specializes in carbon
| say there wasn't enough money in the world to get her to ride
| inside a carbon fiber submarine. Why? Carbon fiber has a very
| high tensile (i.e. stretching) strength. However, it's quite weak
| when under compression.
|
| Guess which strength is important when operating in a high
| pressure environment?
|
| Submarines, including deep submersibles, are kind of a solved
| problem. That doesn't mean there aren't risks involved, but when
| was the last time a submarine imploded above it's intended
| operating depth? The 1950s?
| emeraldd wrote:
| This has to be one of my favorite sentences in the whole page:
|
| > However, this does not mean that OceanGate does meet standards
| where they apply, but it does mean that innovation often falls
| outside of the existing industry paradigm.
|
| in particular:
|
| > ... this does not mean that OceanGate does meet standards where
| they apply ...
| nprateem wrote:
| Anyone else wondering what was causing the banging every 30m the
| media seems to have forgotten about? There were reports saying
| nothing in nature could cause that...
| micromacrofoot wrote:
| it's the ocean, could have been anything really... someone just
| desperately read too much into this one
| fredgrott wrote:
| One should note that carbon composites are not for external
| pressure situations since they delaminate...in shorts words they
| were playing a dice rolling game and lost on damn stupidity.
|
| The whole reason they were not classed is that carbon composites
| would not pass any class certifications due to the limits
| indicated above.
| rossjudson wrote:
| I'm still trying to understand why they _wanted_ to use carbon
| composites. Cost to manufacture? Low mass? I read somewhere
| that the carbon pressure vessel was about five inches thick. I
| 'm not sure how thick a comparable titanium vessel would be, or
| how much that would cost.
| meghan_rain wrote:
| lmao of course it was due to costs. greed killed those
| people.
| ikiris wrote:
| For the same reason we are the only nation that builds water-
| cooled, graphite-moderated reactors with a positive void
| coefficient. (beat) It's ''cheaper''. -- Valery Legasov
| dghlsakjg wrote:
| > They [inspections] do not ensure that operators adhere to
| proper operating procedures and decision-making processes - two
| areas that are much more important for mitigating risks at sea.
|
| As a former tall ship captain:
|
| No Shit. Ships stopped sinking when we started requiring
| inspections and design rules around stability and watertight
| compartments.
|
| We largely eliminated a common failure mode, designer error,
| through inspections and classing, so now we are left with the
| harder failure modes: operator error.
|
| I'm curious if the flag state will get involved here. It's one
| thing to push the limits with experimental design (happens all
| the time in boats, airplanes and cars). It's a while other thing
| to use experimental designs in commercial applications. There's a
| good reason that the FAA doesn't allow commercial operators to
| use experimental registered aircraft...
| Gwypaas wrote:
| As another tall ship, and for that matter in-shore commercial
| captain I found this quite telling.
|
| > While classing agencies are willing to pursue the
| certification of new and innovative designs and ideas, they
| often have a multi-year approval cycle due to a lack of pre-
| existing standards, especially, for example, in the case of
| many of OceanGate's innovations, such as carbon fiber pressure
| vessels and a real-time (RTM) hull health monitoring system.
| Bringing an outside entity up to speed on every innovation
| before it is put into real-world testing is anathema to rapid
| innovation. For example, Space X, Blue Origin and Virgin
| Galactic all rely on experienced inside experts to oversee the
| daily operations, testing, and validation versus bringing in
| outsiders who need to first be educated before being qualified
| to 'validate' any innovations.
|
| Gamble with money all you want. Don't gamble with people.
| Things get fixed, people don't. That is quite a hard lesson for
| inexperienced people to learn.
| lozenge wrote:
| Titan didn't have a flag, it only operated in international
| waters. But the surface support vessel has a Canadian flag, and
| Canada's launching an investigation.
| notreallyauser wrote:
| The Guardian is reporting the submersible as registered in
| the Bahamas
| JimtheCoder wrote:
| A place known for tight regulations
| smitty1e wrote:
| Albeit perhaps not water-tight.
| JimtheCoder wrote:
| Depends one how much pressure is applied...
| TeMPOraL wrote:
| As the proverb goes, even a broken vise grips tightly
| when there are enough journalists in the workshop.
| hadlock wrote:
| Flag of convenience. Where the country of record allows
| ships to register under their name as a way of generating
| revenue from foreigners. Bahamas will not do more than
| issue a statement, if that. You step foot on a flag of
| convenience boat with no prior reputation and you are
| effectively waiving any expectation safety.
| DeRock wrote:
| Their reasoning is fundamentally flawed.
|
| > The vast majority of marine (and aviation) accidents are a
| result of operator error, not mechanical failure. As a result,
| simply focusing on classing the vessel does not address the
| operational risks.
|
| Aka "classing doesn't mitigate all problems, so we're not going
| to do it at all"
| themagician wrote:
| Survivorship bias at play.
|
| Technically correct, too. The vast majority of marine and
| aviation accidents _are_ the result of operator error...
| _because_ engineering standards are so good and mechanical
| failures are so rare.
| arp242 wrote:
| Also: the reason most accidents are due to operator error and
| not mechanical failure is because the requirements exist in
| the first place.
|
| "Why do we have laws against slavery? It's not like anyone
| actually owns slaves. Seems pretty superfluous, so let's just
| get rid of it!"
| schoen wrote:
| Compare https://en.wikipedia.org/wiki/Preparedness_paradox
| xupybd wrote:
| I've heard the same argument against unit testing and strong
| typing.
| brookst wrote:
| And app sandboxing, and masks during covid, and seatbelts,
| and gun control, and ...
|
| The relative merits differ, and any given thing is
| debatable, but "it doesn't solve everything so it's no
| better than nothing" is a nakedly dishonest argument.
| phkahler wrote:
| If I recall correctly, even NASA found unit testing to be
| of limited value, finding a small fraction of software
| bugs. That's not to say "don't do it" but my stance is that
| the developer should do some ad-hoc testing for everything
| they write, just don't formalize and document it or you'll
| land on the wrong end of cost/benefit.
|
| I can point to some subtle logic bugs that no sane unit
| test would have caught.
| sitkack wrote:
| Because their development process before a unit test
| would ever run is so rigorous!
| pessimizer wrote:
| I've heard the same argument against not using heroin.
|
| It's a generic pretend argument: _You say doing(or not
| doing) this thing will be risky. So that means you 're
| saying that people who don't do(or do) the thing have
| perfect lives with no risks and free ice cream?_
|
| _You 're strangling innovation/A coward!_
| p0pcult wrote:
| [dead]
| cjensen wrote:
| Yep. This is like saying "who needs building codes because it's
| more important the owner maintains the roof and paint?"
|
| To have something properly function you need both a solid build
| and maintenance. Doing one well doesn't absolve you of doing
| the other.
| sacnoradhq wrote:
| Emperor's new clothes syndrome of the naive and/or arrogant.
| TeMPOraL wrote:
| As much as I love the show, I'd call it Star Trek's
| approach to OSHA. I mean, Starfleet officers are so well-
| trained and perfect that they don't need safeguards such as
| guardrails on elevators moving engineers up and down a
| three story high room that ends up shaking at least twice
| per episode. And let's not even talk about seatbelts.
| [deleted]
| jtriangle wrote:
| Well, idk, every time the ship gets hit some console on
| the bridge shorts out and the arcflash blows some noname
| ensign across the room. So, star trek probably isn't the
| example I'd pull from.
| jsjohnst wrote:
| GP was using Star Trek as a bad example, similar to you.
| sacnoradhq wrote:
| Arrogance and overconfidence lead inexorably to hubris and they
| won a Darwin Award for thinking they "knew better". It's
| obvious they skimped on testing and were too cavalier with
| unproven "innovation".
| arcticbull wrote:
| > They do not ensure that operators adhere to proper operating
| procedures and decision-making processes - two areas that are
| much more important for mitigating risks at sea.
|
| plane_with_red_dots.jpeg
|
| This sounds an awful lot like survivorship bias.
| derbOac wrote:
| It also sounded to me like dodging the question.
| arcticbull wrote:
| Giving them the benefit of the doubt, they're saying the
| biggest problem with submersibles is operator error. Of
| course it is, when the classing system effectively eliminates
| the majority of mechanical failures. That doesn't mean the
| classing system is failing, on the contrary, it means its
| working.
| mkonecny wrote:
| And yet they allowed passengers to control the sub. Theres
| a video out there where one of the passengers hit the
| ground with a loud thud while at the controls
| lamontcg wrote:
| Reminds me of some code that I've written which got passed
| off to other teams who ripped it out because all they saw
| was the complexity and they didn't recognize what issues it
| was preventing (Chesterton's Fence).
| quickthrower2 wrote:
| Code like that needs a 10 ft comment. I have been save by
| seeing those on otherwise "why the fuck is this needed"
| code.
|
| If they if ignore the comment, well that is hubris.
| lamontcg wrote:
| I'm pretty good about doing that. I've gotten compliments
| before for a massive 10 line code comment above a-single-
| line-that-shall-not-be-deleted.
| dragonwriter wrote:
| It is exactly survivorship bias: its taking the population
| produced by a selection filter (to wit, classing/certification)
| and assuming that the traits of that population are
| representive of what would exist without the filter.
| jackmott42 wrote:
| Yeah, mechanical failure was not a major problem with
| subs...until someone started gluing dissimilar materials
| together to make one!
| tverbeure wrote:
| "We don't need to vaccinate against measles because hardly
| anyone gets measles."
| mr_00ff00 wrote:
| I have a friend who is a professor of history. He jokes that
| human history is basically us creating systems to solve
| problems, then time passes and we remove those systems causes
| "those types of problems never happen."
|
| Rinse repeat
| caseyohara wrote:
| This seems related to Chesterton's Fence
|
| > Chesterton's Fence is a principle that says change should
| not be made until the reasoning behind the current state of
| affairs is understood. It says the rash move, upon coming
| across a fence, would be to tear it down without
| understanding why it was put up.
| dpedu wrote:
| Patent for their hull monitoring system:
|
| https://patents.google.com/patent/US11119071B1/en
| post-it wrote:
| Highly innovative! Instead of their sudden death being a
| complete surprise, they may have had a few awful moments of
| warning.
| DebtDeflation wrote:
| The engineer who worked on it said it would provide only
| milliseconds of warning before the hull collapsed. He was
| promptly fired.
| ikiris wrote:
| Better than being crushed like their CEO.
| krasin wrote:
| Source? (the story does sound plausible, but having a
| source would be helpful)
| lamontcg wrote:
| https://www.cbsnews.com/news/missing-titanic-submarine-
| ocean...
| Grazester wrote:
| Read that also, can't remember where.
| kayodelycaon wrote:
| https://fortune.com/2023/06/21/titan-titanic-missing-sub-
| dav...
| komadori wrote:
| > Lochridge had alleged major safety issues: there had
| been almost no unmanned testing of the craft; the alarm
| system would only sound off "milliseconds" before an
| implosion
|
| https://www.forbes.com/sites/katherinehamilton/2023/06/21
| /oc...
| DebtDeflation wrote:
| https://www.cnn.com/2023/06/23/us/oceangate-submersible-
| tita...
|
| >Lochridge also questioned OceanGate's plans to install a
| monitoring system on the vessel to detect the start of
| hull breakdown. His court filing argued "this type of
| acoustic analysis would only show when a component is
| about to fail--often milliseconds before an implosion--
| and would not detect any existing flaws prior to putting
| pressure onto the hull."
| mytailorisrich wrote:
| Found this article [1] about the employee where this
| "millisecond warning" is mentioned.
|
| It's been in most media on the past few days.
|
| And yes, one has to wonder about a warning system that
| does not warm in advance and which operates in situations
| where no-one can do anything about it, anyway...
|
| [1] https://www.forbes.com/sites/katherinehamilton/2023/0
| 6/21/oc...
|
| Edit: oh dear flood of replies!
| Johnny555 wrote:
| I'd be more interested in a source that shows that such a
| warning system could give a usable warning timeframe at
| great depths under the sea.
| bradgessler wrote:
| Just enough time to hear the "Bu" from "Buzz"
| quickthrower2 wrote:
| I had to check if sound travels fast enough. Just about,
| yes. Half a millisec to go 1.5m.
| eterm wrote:
| Wouldn't they have communicated that back if they had?
|
| There wasn't even an "Uh-oh", as far as we know.
| tverbeure wrote:
| It takes longer than a few milliseconds to say "Uh-oh",
| probably.
| sharikous wrote:
| I remember seeing in the news that it is possible they
| released the ballast before the implosion, according to the
| findings, and they may have done that because of a warning
| georgemcbay wrote:
| James Cameron has been giving various interviews where he
| speculates they probably audibly heard the delamination
| occurring with enough time to cause them to drop the
| weights and try to abort based on what he's hearing from
| people in the know within the circle of deep sea explorers
| involved in the search and rescue.
|
| None of this validates using the audio sensor as a warning
| system because whether you have milliseconds or as much as
| a couple of minutes warning prior to rapid decompression
| makes no difference at the depth it occurred, but it does
| suggest the passengers knew they were doomed prior to the
| actual decompression.
| sangnoir wrote:
| > [...]minutes warning prior to rapid _decompression_
|
| Do you mean rapid _compression_ (i e. implosion)? The
| internal pressure in such subs is kept at roughly 1
| atmosphere at all depths. The massive pressure difference
| at depth is why hull integrity is of the utmost
| importance, if it 's compromised, things go south
| rapidly.
| [deleted]
| bmurray7jhu wrote:
| The acoustic signature predictive of a material compromise or
| potential failure may include a large magnitude, high
| frequency acoustic burst followed by a sustained
| interval of acoustic signals of slightly lower magnitude and
| high frequency, but still well above a predetermined
| healthy structure condition.
|
| The patent concedes that a structural failure may be presaged
| by a. "large magnitude ... burst", but does contemplate if such
| a burst is survivable.
| mrguyorama wrote:
| That makes no sense. Carbon fiber is not known to fail under
| max load gracefully.
| mechhacker wrote:
| Saw this today. https://www.youtube.com/watch?v=0mSq6ibKKXQ
| mustacheemperor wrote:
| Interesting, he says the theory he currently finds most
| plausible and has heard from other experts is that water was
| able to penetrate the flange connecting the titanium caps to
| the pressure hull.
|
| So the hull itself may not have been the first to go. But of
| course that failure is intrinsically connected to the carbon
| fiber nature of the sub.
| ARandomerDude wrote:
| That's pretty wild. The operator was able to tell when they
| were going deeper based on the sound of the carbon fibers
| cracking in the hull.
| Alupis wrote:
| These sort of sounds occur even in metal (steel/titanium)
| submersibles.
| UniverseHacker wrote:
| I would say that is different. A steel part will make
| sounds as it rapidly flexes under pressure or temperature
| cycling, but those sudden movements can be within the
| "endurance limit" of the material, and not lead to
| fatigue or failure.
|
| The hull sounds they were hearing in Titan were likely
| snapping of carbon fibers (based on the linked video
| above), which means a permanent reduction in strength
| each time it happens.
|
| "But the company that built DeepFlight Challenger has
| told The Telegraph it refused to back the project,
| insisting the submarine was suitable for only one dive
| and could not be reused because of the pressure on its
| structure at such depths."
|
| "The problem is the strength of the vessel does decrease
| after each dive. It is strongest on the first dive."
| https://www.telegraph.co.uk/news/science/science-
| news/112919...
| TheCondor wrote:
| True. Those metals have flex and recovery to them though,
| not nearly as rigid as carbon fiber
|
| FWIW, archers tap or attempt to flex arrows and listen to
| them to tell if the carbon has cracked. An intact arrow
| will flex a little, silently where damaged ones will
| crackle and sometimes splinter or shatter.
| mrguyorama wrote:
| Navy subs literally deform while diving. If you tie a
| string tight from one bulkhead to another (from left to
| right, not front to back), as you dive, the string will
| go slack and you can tug on it. Destin (smarter every
| day) demonstrates this in one of his submarine videos.
| RajT88 wrote:
| Holy Shitballs. Cracking noises! Things which you never
| want to hear on a submersible!
|
| (insert "this is fine" meme)
| [deleted]
| lb1lf wrote:
| You hear those in conventional subs, too, as you go
| deeper the hull makes all sorts of worrying creaks.
| (During a sea trial, I had to be aboard a sub from $NAVY
| diving to 900 feet and change - the crew assured me the
| sounds were normal...)
| swayvil wrote:
| With the right waveform analysis algorithm you could monitor
| stress, cracks and the progress thereof. Get more warning.
| jonathankoren wrote:
| Perhaps in with other materials, but the pressure vessel was
| made out of carbon fiber, and carbon fiber _splinters_ with
| almost no warning.
|
| https://youtu.be/DM6J-yw8yjA?t=65
| michaelt wrote:
| It's true - for example, waveform analysis that detected the
| CEO saying "bringing an outside entity up to speed on every
| innovation before it is put into real-world testing is
| anathema to rapid innovation" could have raised warnings as
| much as four years before the fatal accident.
| deeviant wrote:
| It seems likely the Real-Time Hull Monitoring didn't turn out to
| be very useful.
| AHOHA wrote:
| Do we know yet exactly what was the problem?
| aaronscott wrote:
| > Another simple risk mitigation step we take, that we believe to
| be unique to OceanGate is that we draw a small vacuum on the
| inside of the sub at the start of each dive. This step verifies
| the integrity of the low-pressure O-ring seal and eliminates the
| risk of leaks
|
| I wonder what that low-pressure o-ring is sealing. I assume the
| vacuum would only simulate a one atmosphere differential, so that
| o-ring must not be sealing something exposed to the external
| pressures at the depths they go down to.
| noduerme wrote:
| One thing I'm curious about, as someone who knows nothing about
| the engineering of these things... why wouldn't anyone building
| something like this choose to over-pressure the sub once people
| were inside it and it began descending? Wouldn't 2 atmospheres
| inside represent a 50% reduction in the pressure differential
| on the hull at depth?
| quickthrower2 wrote:
| Not an expert so guessing but that would give you 299
| atmospheres differential instead of 300. Also might be
| uncomfortable for the passengers?
| icegreentea2 wrote:
| Separate from the comments about pressure differential - even
| 2 atmospheres is probably enough to risk decompression
| sickness if they just popped the hatch at the end of the
| dive. So you'd need some way to reduce the pressure
| gradually. That either needs a way to vent gas out (which
| means adding a hole in the hull, which you'd really rather
| avoid having to deal with), or having a compressor inside the
| hull, or do the entire hatch popping in another pressure
| vessel. All of those options seem to odds with the 'go cheap
| and fast' approach.
| zippothrowaway wrote:
| Outside pressure is 300 x atmosphere so a difference of 299
| atmospheres. Increasing to 2 internally makes a difference
| of...298 atmospheres.
| AdamJacobMuller wrote:
| The truly scandalous thing here is this:
|
| > Depth Validating
|
| > As an interim step in the path to classification, we are
| working with a premier classing agency to validate Titan's dive
| test plan. A licensed marine surveyor will witness a successful
| dive to 4000 meters, inspect the vessel before and after the
| dive, and provide a Statement of Fact attesting to the completion
| of the dive test plan.
|
| They clearly did not do this. Simply lowering the thing to the
| ocean bottom uncrewed would have found this problem. It would not
| have prevented them from experimenting with crazy designs. It
| would not have significantly impacted their ability to iterate
| and move fast. It wouldn't have cost that much to do in the grand
| scheme of things. I would argue that doing de-risked testing at
| depth would have expanded their ability to be more radical in
| their design and overall could have sped up their design
| iteration. Look at how SpaceX does this, they move fast and break
| things but make sure that the risk is levered to the reward. The
| first Falcon rockets did not have commercial payloads at all, nor
| did the first falcon heavy, Falcon did not fly humans until it
| was a well-proven rocket. Starship is "failing" constantly but
| they are doing it in a way which means the impact is minimal and
| they are learning lots each time.
|
| The really sad part of this is that this probably sets back any
| innovation in submarine exploration decades. Nobody is going to
| experiment with carbon composite subs, nobody is going to set out
| to build a sub with the goal of reducing the per-trip cost by 90%
| or 99%.
|
| Things, overall, could easily have been so different. Very sad.
| mjb wrote:
| They did:
| http://web.archive.org/web/20200814020351/https://www.oceang...
| kristjansson wrote:
| > Simply lowering the thing to the ocean bottom uncrewed would
| have found this problem
|
| It had made several trips to Titanic depth already. A more
| serious testing and classification probably would have
| prevented disaster but let's not pretend this is trivial
| stefan_ wrote:
| Found what problem? You realize they literally took this thing
| to the Titanic and back multiple times?
| mrguyorama wrote:
| I had the same false information. It either came from the Sub
| Brief guy himself, or whoever he used as a source. He
| explicitly stated that the sub had only been tested down to
| between 3000 and 4000 meters, not the full 4000 meters. As
| other links show, this seems to have been incorrect.
| postalrat wrote:
| How would droppingb it to the bottom found the issue? The
| theory is that each dive reduced the integrity of the ship and
| eventually it would fail. Could be 10 or it could be 10,000
| drops. And that number would be different if you built a second
| ship. How many tests do you do?
| aleph_minus_one wrote:
| > The theory is that each dive reduced the integrity of the
| ship and eventually it would fail. Could be 10 or it could be
| 10,000 drops.
|
| It is already of high value to know whether the number is
| more like 10 or 10,000.
|
| > And that number would be different if you built a second
| ship.
|
| That is why you build the second ship either as similar as
| possible to the first one or in a way for which there exists
| evidence that it will have an improved integrity over the
| first.
| post-it wrote:
| They did previously visit the Titanic in the sub, so they may
| very well have had a guy
|
| > witness a successful dive to 4000 meters, inspect the vessel
| before and after the dive, and provide a Statement of Fact
| attesting to the completion of the dive test plan
| JohnMakin wrote:
| This is such a clear fallacy right from the get go. "This thing
| doesn't completely solve the problem, therefore, we will not do
| it."
|
| So many people fall for this or talk in such terms like it's
| perfectly reasonable and it always baffles me. You see it in
| political discussion a lot.
| LeftHandPath wrote:
| See the nirvana fallacy:
| https://en.wikipedia.org/wiki/Nirvana_fallacy
|
| It happens a lot. I think it's one of the big reasons that
| hyped-up video games and movies always disappoint.
| anyfoo wrote:
| It's even worse. The "thing that doesn't completely solve the
| problem" might have actually solved the biggest problem for
| classed vessels, that's why they don't see it as a problem in
| the first place.
| RajT88 wrote:
| > You see it in political discussion a lot.
|
| In political discussions, it's because that's what people do
| when they don't want to plainly state their real reasons for
| opposition.
| [deleted]
| post-it wrote:
| > However, this does not mean that OceanGate does meet standards
| where they apply,
|
| A typo laden with prophecy.
| warkdarrior wrote:
| I do not think it was a typo.
| cobaltoxide wrote:
| Did they take their website offline? Or did it, uh... collapse
| under load?
| rossjudson wrote:
| probably too soon for that one
| cobaltoxide wrote:
| Serious question though. Doesn't look very good if they
| intentionally took the website offline.
| AHOHA wrote:
| It probably had a lot promises and news agencies will be
| "highlighting" those for the next decade, so better just
| take it down in the meantime.
| ineedasername wrote:
| Strange that they use SpaceX as an example. Titan used manned
| missions as they "tested" their designs commercially. Had SpaceX
| done the same they would have killed a lot of people.
| [deleted]
| qwertox wrote:
| OceanGate vs Lochridge [0] is an interesting lawsuit which may
| interest some of the readers here.
|
| It doesn't matter into which page you scroll, all things you get
| to read are related to concerns of the security of the sub. Ok,
| it basically starts at page 9, all before it is legalese
| bootstrapping.
|
| > Defendant David Lochridge has extensive background as a
| submarine pilot and training of the same [...] Underwater
| Inspector, and trained to recognize flaw and points out failure
| in subsea equipment
|
| > May 2015 [...] began working with OceanGate as an independent
| contractor
|
| > As a part of his job duties, Lochridge was the Director of
| Marine Operations and was tasked with "ensuring the safety of all
| crew and clients during submesible and surface operations."
|
| > Issues of quality control with the new submersible Titan were
| raised, as there were evident flaws throughout the build process
| [...]
|
| > Lochridge worked on his report and requested paperword [...]
| was met with hostility and denial of access to the necessary
| documentation.
|
| > Lochridge first expressed verbal concerns over the safety and
| quality control issues regarding the Titan to OceanGate executive
| management. These verbal communications were ignored.
|
| And so on.
|
| [0]
| https://www.documentcloud.org/documents/23854184-oceangate-v...
| [deleted]
| quickthrower2 wrote:
| Wow you could almost paste that verbatim into a wikipedia bias
| article.
| adamredwoods wrote:
| I'm sure Ocean Gate is scrambling to NDA all employees, but at
| some point someone will speak up, and we'll get a better picture
| if the Titan was indeed routinely inspected for safety.
| TazeTSchnitzel wrote:
| It's not classed because nobody would have signed off on it with
| the level of testing they had done. Carbon fibre reinforced
| polymers don't have a defined fatigue limit, so stress cycle
| failure can't be ruled out, and it's difficult to estimate how
| much a design based around that material can endure. To get
| certified, OceanGate would have had to do destructive endurance
| testing on a replica hull, but they only proved it could survive
| a single dive! Their more serious competitors wouldn't dare take
| that risk.
| quickthrower2 wrote:
| Having read enough plain crash stories, first thing I though of
| was material fatigue. Like in the early days fan blades
| snapping off jet engines causing catastrophic failure after so
| many takeoffs. Now they have to inspect these closely in
| manufacturing and during maintenance cycles. Wouldn't surprise
| me if they use ML now as it seemed a difficult human
| observation task.
|
| The stress/unstress cycle of a vessel going that deep must be
| immense.
| paulddraper wrote:
| I recall first learning of "material fatigue" though the
| fictional movie No Highway in the Sky (1951) [1]
|
| [1] https://en.wikipedia.org/wiki/No_Highway_in_the_Sky
| cbzoiav wrote:
| > The vast majority of marine (and aviation) accidents are a
| result of operator error, not mechanical failure.
|
| Could that be because the vast majority of mechanical designs go
| through processes designed to validate them and catch flaws?
|
| They also use SpaceX as an example. SpaceX ran a large number of
| unmanned launches to prove out the design before putting people
| on board. Several of those ended in loss of the vehicle and the
| data from that was used to refine.
| gilney wrote:
| https://xkcd.com/1827/
| justrealist wrote:
| I think the point is that while SpaceX had a lot of
| explosions, they fundamentally approached rocket development
| very responsibly as regards to human risk. It's not about
| observation bias.
| ajross wrote:
| That's exactly it. If OceanGate had build and dropped a few
| dozen of these hulls empty, as many times as needed to reach
| failure, whatever design flaw caused the implosion almost
| certainly would have been noticed. It's the hubris of diving in
| what amounts to a prototype that's at issue here, not any
| fundamental technical mistake.
| rossjudson wrote:
| I think a smaller N number of _more dives_ would yield better
| results. Down, up, down up...repeat _until failure_.
|
| In parallel do it with another hull at the same time. Or
| maybe more than one. Compare.
|
| Testing to failure is a nice option because it finds certain
| types of unwelcome surprises.
|
| But it's not really complete, either -- there are probably a
| lot of ways that a submersible can be compromised, and
| there's no way to be sure _what_ caused this particular
| failure.
| cbzoiav wrote:
| The debris may yield significant clues. Those may then be
| able to be validated with independent testing rather than
| requiring a full vehicle.
| throwanem wrote:
| Not even a prototype! More like a structural test article.
| hadlock wrote:
| The design flaw was that they used a construction material
| strong in tension, but weak in compression. For a task that
| is almost entirely compression. On a vehicle that has no need
| for weight savings. Also in a couple photos looks like they
| have drilled and screwed a monitor mount directly into the
| pressure vessel, creating future failure points, rather than
| gluing a piece of plywood to the hull and screwing into that,
| which is standard procedure.
| mustacheemperor wrote:
| >On a vehicle that has no need for weight savings
|
| Most deep sea submersibles only seat a couple people, which
| wouldn't work for the 'titanic tourism carnival ride'
| business model. I would guess the weight savings were
| intended to enable a sub with more capacity that could
| still be winched on and off the support ship without more
| complex/expensive heavy lifting equipment.
| cactusplant7374 wrote:
| It had already been down quite a few times. Do you mean 100's
| of drops? Although, couldn't they just leave it at the bottom
| for a month and see if it implodes?
| pengaru wrote:
| > Although, couldn't they just leave it at the bottom for a
| month and see if it implodes?
|
| No, cyclic stresses are a different animal altogether.
|
| But considering it's just a matter of attaching ballast to
| sink it, dropping ballast to raise it, there's nothing
| preventing cyclic testing vs. static @ max depth over the
| same duration.
|
| It seems obvious to me that you'd want to burn through a
| few test hulls characterizing the fatigue limits and
| verifying they are at least consistent hull-to-hull with a
| deterministic failure point you can plan for retiring
| before approaching.
|
| You just need resources to burn on destroying enough hulls
| for the data.
|
| And there's a rub there; as you inform the process via
| destructive iteration, odds are you'll first find the
| manufacturing process isn't even controlled/consistent
| enough to make progress on answering the "so how many
| cycles before go boom boom?" question until you've gone
| through a good chunk of runway figuring out how to even
| make it properly multiple times.
| cactusplant7374 wrote:
| Each time they go down they have to jettison some waste
| to return to the surface?
| pengaru wrote:
| I'm no sub nerd but it seems obvious that unless you can
| otherwise alter your buoyancy somehow, your only option
| is to drop weights.
|
| I think submarines use ballast tanks they flood with sea
| water and empty with pumps to vary their buoyancy. Titan
| had none of that complexity AIUI, and multiple articles I
| read mentioned dropping "ascent weights".
| Gwypaas wrote:
| You can use compressed air. The COPV Spacex uses for tank
| pressurization are rated higher than the Titanic depth.
| And as depth increases the differential decreases.
|
| So you really only care about their structural integrity
| at the surface.
| UniverseHacker wrote:
| This is a really good point... from what I've seen they
| estimated the strength with Finite Element Analysis in
| Solidworks, and went for a ~2x margin of safety. There
| seems to have been no attempt to experimentally determine
| the expected number of load cycles to failure, they only
| considered the theoretical case of a perfectly flawless
| composite with no wear and tear.
| ShroudedNight wrote:
| Is 2x abstractly reasonable in this context? My [probably
| flawed] understanding in contexts such as hoisting is
| that safety margins of 5x are considered a bare minimum.
| Even crappy "Don't use this to lift things" chain is sold
| with 3x margins.
| UniverseHacker wrote:
| Yes, I don't know what the norm is in submarines, but I
| don't really trust simple engineering models, and think
| at least 5x is what I'd want in almost any context.
|
| I did see that DeepFlight Challenger, Steve Fossett's
| unused/untested carbon fiber sub which used the same
| basic design as Titan, was only built to a 1.5x margin of
| safety. Experimental tests suggested it was only safe for
| a one time use, and shouldn't be used for multiple dives.
| cbzoiav wrote:
| > You just need resources to burn on destroying enough
| hulls for the data.
|
| Unmanned submersibles have plenty of market value. You
| may still be losing money, but you can strap sensors and
| cameras to the thing / undercut on price for research
| missions and substantially reduce the cash burn while
| building investor confidence.
| cactusplant7374 wrote:
| So Stockton Rush had a lot of options to make money
| during extensive testing? He made it sound like the
| company would go under.
| deelowe wrote:
| I thought the deepest it had gone was 3000 meters and
| there's no evidence of it even having been tested to 4k.
| erik_seaberg wrote:
| They had two successful trips to Titanic, and other tests
| in the Bahamas.
| deelowe wrote:
| On the Titan? I thought this particular sub had never
| been down that far.
| jonathankoren wrote:
| So just enough times to weaken the hull through stress
| fractures.
|
| It wasn't rated for the depth. In fact, I think it was
| rated for 1000 meters _less_ than the target depth.
| foota wrote:
| I believe the stresses of the hull going through changing
| pressures is relevant.
| throw0101a wrote:
| > _I believe the stresses of the hull going through
| changing pressures is relevant._
|
| It certainly does for aircraft, and I doubt the material
| science would be much different for subs (with the added
| challenge(s) that (salt) water often brings):
|
| * https://www.smithsonianmag.com/air-space-magazine/what-
| deter...
|
| * https://simpleflying.com/pressurization-cycles-
| aircraft-life...
| erik_seaberg wrote:
| Worse, going from 1 atm down to 400 atm of pressure is a
| much larger difference than going up to 0.2 atm.
| lamontcg wrote:
| Definitely does for compressed gas cylinders.
| [deleted]
| [deleted]
| Sporktacular wrote:
| That's spot on - it's like survivorship bias. If the majority
| of fighter planes returned with bullet holes on their tops,
| Oceangate would have armoured the tops.
| stickfigure wrote:
| The first space shuttle launch was crewed. It ended up with a
| ~2% failure rate. The Titan made about 50 dives. So, from a
| reliability perspective, on par with the shuttle.
|
| I posit that half the people on HN would volunteer for a
| hypothetical next shuttle flight without thinking twice.
| sebzim4500 wrote:
| I don't think I'd go on a shuttle, but I would definitely on
| a crew dragon and I'd probably go on new shephard (I might
| buy a ticket if the price comes down a bit).
|
| There's no way in hell I'm getting on one of virgin
| galactic's death traps, that looks 10 times worse than the
| space shuttle.
| sacnoradhq wrote:
| The Shuttle was driven by USAF "military" needs that didn't
| matter. Gliding and maneuvering served zero mission
| purpose. It should've reduced horizontal delta v to zero
| like a Falcon engine and had an ablation shield. Like many
| military-involved projects, it was also far too expensive,
| complex, and fragile. These fundamentals made the Shuttle
| unnecessarily risky that proved out in its lifecycle.
| shadowgovt wrote:
| Not me. That thing has a 2% failure rate and I want to live.
| cbzoiav wrote:
| The shuttle did something nobody had done before and was
| viewed as a genuine step forward in human capability. It was
| also over 50 years ago and had to rely on technology of the
| time - uncrewed tests were much harder to perform.
|
| This wasn't a particularly ground breaking vehicle in terms
| of capability and was taking paying tourists...
| wkat4242 wrote:
| It also wasn't built with parts from camper world and cheap
| Xbox controller knockoffs.
|
| NASA actually had a strong focus on safety. They just went
| about it the wrong way, calculating safety ratings
| backwards.
|
| Considering the pressure vessel of this sub was only meant
| to handle 1300m as per another article, the way it survived
| 50 dives at 4000m is pretty amazing though.
| pdxandi wrote:
| Do you have a link to that other article by chance?
| stickfigure wrote:
| > this sub was only meant to handle 1300m
|
| There seems to be a lot of confusion around this, let me
| try to clear it up.
|
| The 1300m limit of the glass number comes from an
| interview with the "whistleblower" in 2018. That would
| mean it refers to the Cyclops 1 vehicle they had then. A
| couple years later they built the Cyclops 2, which has
| the 5" thick hull, titanium bells, and first dove in
| 2021. That's the ill-fated Titan.
|
| If you pay close attention to the videos floating around
| you'll notice two visibly distinct subs - one with a
| large transparent dome in front (v1) and one with the
| titanium bell and tiny porthole (v2).
| spencerflem wrote:
| Its a big hackernews meme that NASA spends way too much on
| safety/beurocracy instead of innovation. Plenty of other
| submarines companies do the same (and get classed).
|
| I don't think this is a very insightful comparison.
| rossjudson wrote:
| I have rarely seen large groups of humans be accused of
| excessive consistency over time when it comes to matters of
| fact and science.
| brookst wrote:
| Consistency isn't possible at a sufficient level of
| context.
|
| I mean, I light campfires and I put them out. At a level
| of reductionism very common in online conversations, I am
| totally hypocritical about whether I want a fire or not.
| sebzim4500 wrote:
| I don't think anyone objects to NASA spending money on
| safety for crew. The fact that an uncrewed SLS launch costs
| $4B is insane by any standard.
| programd wrote:
| Space Shuttle - "a ~2% failure rate"
|
| Which incidentally was exactly what the engineering studies
| predicted while it was being designed. Which really says
| something about the quality of engineering analysis which
| went into creating the Shuttle.
|
| For reference you can nerd out on the following awsome books:
|
| "Space Shuttle Decision, 1965-1972 (History of the Space
| Shuttle, Volume 1)"
|
| "Development of the Space Shuttle, 1972-1981 (History of the
| Space Shuttle, Volume 2)"
| proggy wrote:
| One of the shuttle missions that resulted in loss of crew was
| caused by operating the vehicle outside of the rated
| temperature envelope (for the SSB O-rings). If that
| requirement was honored, the failure rate could have been
| halved.
|
| The other loss of crew was caused by a genuine oversight in
| the design of the system, in that the orbiter was always
| susceptible to strikes from insulating foam falling from the
| external tank.
|
| Unlike Titan, neither one of these failures were due to the
| inevitable cyclic wear of the primary pressure vessel. They
| were both devils hiding in the details, neither one the
| result of reckless hubris.
|
| OceanGate full on admitted that its carbon fiber hull, a
| major red flag component at the center of its design, was
| highly experimental and did not know exactly when it would
| fail. They foolishly thought that strain gauges would detect
| issues well in advance of failure, while completely ignoring
| how immediately and catastrophically composite structures are
| known to fail. They recklessly sold tickets to fund their
| experimental craft, inviting people aboard who were
| definitely not made fully aware of just how flawed the design
| was up front. These were _not_ all members of the Explorers
| Club -- a former head writer for the Simpsons went on a dive,
| for goodness' sake.
|
| So to return back to your point, I'd rather take a shuttle
| after a few dozen flights than get inside a Titan II after a
| few dozen dives.
| [deleted]
| foota wrote:
| Why go on the shuttle when you can go on the dragon?
| sacnoradhq wrote:
| Cargo culting mixed with arrogance. Darwin Award achieved.
| hn_throwaway_99 wrote:
| > OceanGate's submersibles are the only known vessels to use
| real-time (RTM) hull health monitoring. With this RTM system, we
| can determine if the hull is compromised well before situations
| become life-threatening, and safely return to the surface. This
| innovative safety system is not currently covered by any classing
| agency.
|
| > No other submersible currently utilizes real-time monitoring to
| monitor hull health during a dive. We want to know why. Classed
| subs are only required to undergo depth validation every three
| years, whereas our RTM system validates the integrity of the hull
| on each and every dive.
|
| Completely, completely bizarro in my opinion. I'll take the hull
| that is proven to actually withstand the pressures it was
| designed for over some system that gives me a heads up before I
| get crushed to death.
|
| Related question for those more knowledgeable. I always thought
| the primary benefit of carbon fiber was tensile strength. I don't
| even understand how it could sufficiently resist the compressive
| pressures at the bottom of the ocean - it is a fiber after all.
| Edit: After seeing the comments below about James Cameron,
| apparently I'm not alone. From James Cameron's Wikipedia page:
| "He was also critical of the use of carbon-fiber composite in the
| company's Titan submersible, stating that the material has "no
| strength in external compression" when withstanding the pressure
| in deep sea environments."
| hotpotamus wrote:
| Honestly, the "real time health monitoring" felt like almost
| every tech "innovation" over the last decade or so - a half-
| baked excuse not to do things correctly. And when you can't
| switch your lights on because the cloud is down, it's
| inconvenient, but clearly the results of applying this thinking
| to critical safety are self-evident.
| ummonk wrote:
| The epoxy in carbon fiber makes it stiff. Stiffness helps
| reduce buckling loads.
| AdamJacobMuller wrote:
| Truly bizarre. Failures like this happen in milliseconds, it
| doesn't matter how realtime your realtime monitoring is.
|
| I'm not arguing in favor of the classification system, but, I
| think if you went to them and framed things as simply as they
| are here "you require validation every 3 years, we're doing it
| on every single dive" they would say "that's more than once per
| 3 years, APPROVED!" so the situation is clearly far more
| complicated than they are indicating.
| UniverseHacker wrote:
| Yes, I don't understand this acoustic monitoring concept...
| I'm curious what the logic behind it was. It just doesn't
| seem like there would be enough time to take action once the
| monitor starts to detect failure.
| jnwatson wrote:
| It depends on the material. It might work for certain tours
| of steel, since the failure state is gradual.
|
| Carbon fiber, however, is not known to gradually fail.
| mustacheemperor wrote:
| It seems they felt this was one of the novel innovations
| that enabled this design - that the monitoring system was
| so good, they'd never be at risk in the pressure hull at
| depth.
|
| James Cameron said it looks like they had dropped their
| emergency ascent ballast before the implosion, so they may
| have gotten enough warning to take action. But I would
| guess that system was never tested to failure in real life.
|
| It will be interesting to see which of the novel
| innovations supposedly enabling this unconventional design
| failed, if it can be determined. Rush also lampshaded the
| fact that his company had "successfully" bonded the
| titanium endcaps to carbon fiber despite that being
| contradictory to conventional materials science wisdom,
| reading the patent for the monitoring system it looks like
| it may have been intended to provide warning about those
| bonds failing too.
| UniverseHacker wrote:
| It seems like it would be trivial to test how much early
| warning such a system gives by bringing smaller/cheaper
| test hulls to failure, either in the ocean, or in a
| pressure testing chamber. I wonder if they did that?
| learn_more wrote:
| I too am perplexed. Perhaps the compressive strength is all
| derived from the epoxy not from the carbon fiber.
| UniverseHacker wrote:
| Yes, this doesn't make sense to me either. I suppose it could
| help prevent bucking and crack propagation, because as the
| walls of the sub started to bend, one side would have to
| suddenly be in tension? Still, I wonder if a pure
| plastic/epoxy hull would have actually been stronger than
| composite in this situation.
| ReptileMan wrote:
| const int well_before_in_milliseconds = 50;
| cbzoiav wrote:
| The craft survived several launches - that proved it can do it.
|
| Whether it can do it reliably / survive fatigue accross
| repeated cycles is a different question. Imagine we'll find out
| as the investigation progresses.
| hn_throwaway_99 wrote:
| > The craft survived several launches - that proved it can do
| it.
|
| Exactly, that's my point. I didn't realize that (this present
| catastrophe notwithstanding) that carbon fiber could even
| begin to have such compressive strength. How is the fiber
| formed in such a way to maintain that strength?
| jackmott42 wrote:
| align layers of fibers in different directions and you can
| get strength in different directions. But it is tricky! The
| glue holding the metal end caps to the carbon tube is also
| a possible failure point. Imagine a metal ring slid over a
| carbon tube held on with glue. If pressure deforms the
| metal differently than the carbon, you get a gap at the
| interface and BOOM
|
| or if sea water degrades the glue, or if the carbon fiber
| degrades after each trip and eventually isn't strong enough
| any more, etc.
| Alupis wrote:
| A point raised by James Cameron (and others) was the
| titanium bands mated to the carbon fiber hull. Apparently
| in the material science community, that's a huge no-no,
| and a well known one to boot. Galvanic corrosion or
| something like that...
| Alupis wrote:
| James Cameron gave an interview where he claimed the carbon
| fiber hull concept was tested by a team competing to get down
| to Challenger Deep at the same time his team was - and the
| concept failed in testing. He also claimed many within the
| deep submersible community wrote letters to OceanGate warning
| them their plan was flawed and would result in catastrophic
| loss.
|
| Specifically, the failure mode was delamination.
|
| I can't vouch for how credible this all is - but, given how
| much disregard the OceanGate team had for safety, it doesn't
| seem too far fetched.
|
| https://www.youtube.com/watch?v=e9YB31ElEFQ
| cbzoiav wrote:
| Challenger Deep is exponentially more difficult than this -
| 10km Vs 4km so over double the pressure.
|
| While it may still be an entirely unsuitable material for
| 4km, not being suitable for 10km doesn't prove that.
| hn_throwaway_99 wrote:
| That was a great interview IMO, thanks for posting. I think
| some people might find it hard to both convey sympathy and
| compassion for the deceased and their families as well as
| being adamant that the submersible design was nuts
| (especially since the man primarily responsible died), but
| I think Cameron in particular did that very well.
| distrill wrote:
| i think we found out when it imploded
| [deleted]
| AdamJacobMuller wrote:
| As far as I'm aware, and please correct me if I'm wrong, they
| had never dove to this depth before.
|
| So, sure, it was launched before and recovered, but it never
| experienced the same conditions which caused the failure.
| mjb wrote:
| They did: http://web.archive.org/web/20200814020351/https:/
| /www.oceang...
|
| (At least twice, and probably more times).
| larrywright wrote:
| I saw someone on Twitter suggest that this was probably
| WHY it failed this time. Each dive would weaken it.
| sitic wrote:
| Apparently it's at least 13 dives since 2021:
| https://www.geekwire.com/2022/beyond-the-titanic-
| oceangates-...
| [deleted]
| ineedasername wrote:
| >Whether it can do it reliably / survive fatigue accross
| repeated cycles is a different question. Imagine we'll find
| out as the investigation progresses.
|
| Seems like we already found out the answer is "no". The
| overall ship design failed.
| jfk13 wrote:
| We already found out, I think.
| someweirdperson wrote:
| Maybe some orcas played with it.
| advael wrote:
| What a profoundly stupid take by a profoundly irresponsible
| company. This is a great example of why you should consider
| anything a company says about itself to be marketing, and treat
| it with commensurate skepticism.
|
| "We're so innovative we don't have time for safety regulations" -
| An idiot, destined to harm someone unless pure dumb luck causes
| their company to fail first
| aleph_minus_one wrote:
| Rather: for every customer who slightly informs himself, it
| should be insanely obvious that signing up might be quite
| dangerous (with a risk that is likely very hard to actually
| measure - this is a huge red flag for any risk-averse person).
|
| So if you neverthess sign up, you are _very_ aware that things
| might go insanely wrong (and there is actually a _very
| realistic_ probability of dying). So you really know what you
| are up to.
| advael wrote:
| The linked article is very clearly an attempt to persuade its
| reader that the lack of classing (IE verification of safety
| by an external auditor) is less of an issue than they might
| otherwise think. Your advice to a reader of this article is
| rational here, but I think it's worth also pointing out that
| the article is meant to persuade said reader to not think
| that way
| aleph_minus_one wrote:
| Perhaps this might be a cultural issue (I am not a US-
| American citizen), but to me your quote
|
| > "We're so innovative we don't have time for safety
| regulations"
|
| reads like "to offer an innovative service which would
| otherwise not possible, we exchanged known risks (what
| safety regulations are for to capture and mitigate) for
| much more unknown risks".
|
| As I wrote: "risks that are likely very hard to actually
| measure are a huge red flag for any risk-averse person"
| (and most people are risk-averse), so every customer should
| be perfectly aware for what he signs up.
|
| This is like a financial adviser who offers a highly
| innovative finance product with a risk profile that is hard
| to measure because of its novelty, which the advisor
| clearly tells. There _do_ exist customers for which such a
| product is a good choice (say risk-affine, novelty-seeking
| ones), but such customers are perfectly aware what they are
| up to.
| AlbertCory wrote:
| > We're so innovative
|
| what I'm wondering is: what's the incentive to be "innovative"
| in the first place? Unless "innovation" is an end in itself.
|
| Is there some great unmet need to send people to extreme
| depths, especially when unmanned probes can do most necessar
| work nowadays?
| qayxc wrote:
| > Is there some great unmet need to send people to extreme
| depths, especially when unmanned probes can do most necessar
| work nowadays?
|
| Two reasons: 1) they had plenty of paying customers, so there
| was a demand
|
| 2) the CEO wanted to be remembered as an innovator, views
| this as being an explorer, and wanted to inspire people (he
| said so in interviews)
| c-hendricks wrote:
| > "I'd like to be remembered as an innovator," Rush said in
| the 2-year-old YouTube interview. "I think it was Gen.
| MacArthur said, 'You're remembered for the rules you
| break.' And, you know, I've broken some rules to make this.
| I think I've broken them with logic and good engineering
| behind me, the carbon fiber and titanium -- there's a rule
| you don't do that. Well, I did."
|
| And see what happens?
| advael wrote:
| The only "unmet needs" such an endeavor need care about is
| convincing a deep-pocketed investor
| AlbertCory wrote:
| Exactly. One could make the same claim about space tourism,
| but that one has _some_ rational justification at least. I
| don 't see a great benefit in having cheaper deep-water
| subs.
| tspike wrote:
| What's the rational justification for space tourism?
| blamazon wrote:
| Related reading - "Vigor's Black Box Theory" [1]
|
| [1]: https://www.usps.org/durham/Bullhorns/vigor.htm
| rossjudson wrote:
| Interesting. I'd say that for systems, defense-in-depth usually
| relies on various forms of maintenance, and consistent effort
| to maintain functional parity in redundancies. In other words,
| just _having_ a redundancy or secondary system is not enough.
| There 's a lot of care and feeding when a secondary uses a
| _different method_ of achieving the same ends as the primary.
| That requires effort -- which is all too often skipped or falls
| out of common knowledge.
| [deleted]
| lsy wrote:
| What strikes me is that this all sounds like bluster and
| prevarication around safety, rather than a situation where the
| safety has actually been thought through. This blog post also
| doesn't have any kind of links or references to any more in-depth
| discussion and ultimately seems even on the surface as though it
| would fall apart under scrutiny. For instance it's quite obvious
| that the reason the majority of accidents are the result of
| operator error is because mechanical failures are rare precisely
| due to classing and other forms of regulation. It does very
| little good to have "high-level operational safety" if the vessel
| you are in catastrophically implodes due to mechanical failure.
___________________________________________________________________
(page generated 2023-06-23 23:00 UTC)