top of page
  • Writer's pictureSi Shen

Premortems in engineering design

Imagine the scenario - the structure we designed and constructed has now collapsed – now what could be the reason why it has failed? How extensive could the loss of lives and financial impact be? Could we have reasonably done something to prevent it from happening in the first place? This line of thought is called the ‘premortem’. It is an extremely useful management tool that can be equally applied to the way of us approaching engineering issues from the perspective of risk.

1) What could be the cause of the collapse?

The very first principle of Eurocode (and all design codes around the world to this effect) is to prevent failure. It lays out a number of failure modes that should be considered by engineers. Thinking about potential weak points of the structure helps the engineer improve the overall robustness at a system level. For example, there is no point in having a high-spec flashy phone if the battery runs out every ten minutes; there is no point in having perfectly intact columns if the whole building falls over; the basement will not be waterproof if all membranes are of perfect quality but joints are not properly sealed up. It is usually prudent to improve the robustness of the weak link should any be identified.

2) How severe/extensive could the impact be? As a bit of an extreme comparison, if we were to compare the failure of a wind farm turbine against the failure of a nuclear power station, it is obvious that the latter has millions fold higher negative impact both in terms of magnitude and extent, and therefore requires much higher robustness and rigor in the design and execution. In other words, the more severe the consequence, the less risk appetite there is. If we were to narrow down the scope to just a single structure, the following principles apply:

  • Always design a structure with sufficient redundancy in capacity or alternative load paths. This prevents chain reactions and progressive collapse, whereby a minor and local failure could lead to a global disaster.

  • An element that leads to higher level of impact should be designed to have higher robustness. This is why we see codes mandatorily require links for columns whereas not for slabs – failure in columns leads to a much higher loss.

3) Have we done all we reasonably could to prevent it from happening in the first place?

This can be understood as a ‘no-regret’ analysis. Imagine we are sitting in a hearing post the disaster being questioned what we had done prior to the event to prevent it from happening in the first place. Can we place our hand on the heart and say yes? Have we approached the engineering solutions with the risks born in mind all along? Bear in mind the trick though – answering this question could trick us into overthinking the mitigations. In hind sight, there are always something that could have been done to prevent the disaster from happening, but disastrous events have so many possibilities and ramifications that we can not possibly prevent them all. There is an imaginary point on the curve, beyond which further mitigation measures becomes uneconomical to tackle the extremely low residual likelihood of disasters. In some tricky cases, a cost-benefit analysis may be needed to help the decision-making.

35 views0 comments

Recent Posts

See All


bottom of page