O L Leigh
Established Member
Sort of. With the microwave oven, you get a very clear warning if you've put metal in it by mistake in the form of arcing, and it can usually be turned off (by simply opening the door) well before it has chance to cause any actual damage. Though it wouldn't totally surprise me if some more advanced microwaves had some means of detecting arcing and automatically shutting off if it happens, or that some might have some form of fire/overheat detection in case you overcook something to the point of it catching fire.
The most dangerous risk a microwave would pose to someone if misused, though, would be quite literally to cook them alive if it were to be operated with the door open. Fortunately, literally every model has a feature preventing that from happening.
Agreed. But that wasn't really my point. Like you with your crashable uncrashable car, I was merely illustrating the point that things need to be operated within their design capabilities if they are to safely work as intended.
That's a bit more like the analogy of having a feature whereby a train's brakes can be disabled without as a minimum any warning or notification that this is the case and the only visible evidence of it being a small isolating cock hidden well below platform level.
I'm not going to let this pass because even a casual reading of the RAIB shows that there are systems in place to give warning but that, in this instance at least, the novel design of the BPIC together with weaknesses in the old coupling procedure meant that they were missed. These are failings that I cannot deny, but what I will deny is that this one incident undermines the principle of the two-pipe brake system or it's inherent safety. Recommendations and learning points have come out from the investigation and will be applied to prevent any repeat, but I will state again that the two-pipe braking system is inherently safe, as the paucity of similar incidents should illustrate.
But the point I replied to regarding keying in in two places on a Voyager is an utterly ridiculous piece of design. That would be like, for instance, if you had a television set and you turned it on on the front panel, using the on button on the remote would cause it to fail and require repair. That would be ridiculous.
Not really, no. Having two keys in is more akin to plugging your TV into one socket and then simultaneously plugging it into a second. You're not merely switching the train on but rather instating a power supply.
In summary, there are some dangerous failure modes you can't design out of a product (e.g. a car that you can't crash - but they *are* working on that!) - but if there is one that you can, you really should, regardless of whether it's for professional or personal use.
Do we really want to go into the "how" right now...? You say that it can be designed out. Perhaps you'd like to have a go.
Well, er, it does. The railway was very, very lucky on a number of counts, and the incident caused nothing but embarrassment. But had it collided with another train, potentially a packed commuter DMU or EMU at that time of day, it could have killed people. That is surely a strong parallel.
The scope for potential loss of life is no way to draw a parallel. You're trying to compare a multi-national knowingly allowing people to use a product that it was aware was subject to safety concerns that it had not yet addressed to a procedural failure that allowed an honest-to-goodness mistake to occur. Chalk and cheese, mate.