[SystemSafety] The bomb again

Nancy Leveson leveson.nancy8 at gmail.com
Wed Oct 2 19:41:46 CEST 2013 

This discussion would be a lot more useful if, as engineers, we commented
on the actual design of the protection against accidental detonation of
atomic bombs and whether that design is or is not flawed. I tried to bring
it up earlier -- it is described in my Safeware book, pages 428-431. As far
as I can determine, there is no way that a crash of an aircraft can lead to
the detonation of a nuclear bomb. In the two crashes we know about, there
was no detonation. Note that the detonation mechanism is kept in an
inoperable state and there must be multiple indications of intent to
detonate as well as the random generation of a unique signal (which has
purposely defined to be of such information complexity that it will not be
randomly generated in any credible environment).

I certainly can be wrong and welcome *engineering" arguments about whether
the protection scheme used is adequate, but not probabilistic statements
that are not founded on the specific design of the device or are based on
political views that have little to do with engineering.

Nancy


On Wed, Oct 2, 2013 at 9:43 AM, Matthew Squair <mattsquair at gmail.com> wrote:

> John,
>
> The current US requirement for nuclear weapons safety during a crash is a
> probabilty of one in a million of a premature nuclear detonation. I guess
> that doesn't really qualify as 'practically nonexistent'.
>
> That being said, the nuclear weapons safety community has spent an awful
> lot of time and money thinking about safety in the wake of such accidents
> as Goldsboro, see their 3I principles for example, and I believe there
> are broader architectural lessons that can be learned and transferred to
> other domains.
>
> See the references in my post for further details.
>
>
> http://criticaluncertainties.com/2010/03/21/lessons-from-nuclear-weapons-safety/
>
> Regards,
>
>
> On Wednesday, 2 October 2013, John Downer wrote:
>
>> Further to earlier discussions on the safety of the bomb (and courtesy of
>> my former colleague Anne Harrington):
>>
>> From the Guardian: "US nearly detonated atomic bomb over North Carolina –
>> secret document"
>>
>> "A secret document, published in declassified form for the first time by
>> the Guardian today, reveals that the US Air Force came dramatically close
>> to detonating an atom bomb over North Carolina that would have been 260
>> times more powerful than the device that devastated Hiroshima.
>>
>> The document, obtained by the investigative journalist Eric Schlosser
>> under the Freedom of Information Act, gives the first conclusive evidence
>> that the US was narrowly spared a disaster of monumental proportions when
>> two Mark 39 hydrogen bombs were accidentally dropped over Goldsboro, North
>> Carolina on 23 January 1961. The bombs fell to earth after a B-52 bomber
>> broke up in mid-air, and one of the devices behaved precisely as a nuclear
>> weapon was designed to behave in warfare: its parachute opened, its trigger
>> mechanisms engaged, and only one low-voltage switch prevented untold
>> carnage."
>>
>>
>> http://www.theguardian.com/world/2013/sep/20/usaf-atomic-bomb-north-carolina-1961
>>
>>
>> For context, here's the official government assessment from 1960: "Stay
>> Safe, Stay Strong: The Facts about Nuclear Weapons"
>> http://archive.org/details/StaySafe1960
>>
>> My favorite bit is at minute 20:00:
>>
>> So how safe is a nuclear bomber coming in for a crash landing?
>> "...the possibility of an accidental nuclear explosion is so small as to
>> be practically nonexistent...you and your family may live in peace, free
>> from the fear of nuclear accidents"
>>
>>
>>
>>
>> ---------
>>   Dr. John Downer
>> SPAIS; University of Bristol.
>>
>>
>>
>>
>>
>>
>>
>
> --
> *Matthew Squair*
> MIEAust CPEng
>
> Mob: +61 488770655
> Email: MattSquair at gmail.com
> Website: www.criticaluncertainties.com <http://criticaluncertainties.com/>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>
>


-- 
Prof. Nancy Leveson
Aeronautics and Astronautics and Engineering Systems
MIT, Room 33-334
77 Massachusetts Ave.
Cambridge, MA 02142

Telephone: 617-258-0505
Email: leveson at mit.edu
URL: http://sunnyday.mit.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20131002/8ccf9253/attachment.html>

More information about the systemsafety mailing list