Why industrial disasters occur and how they can be avoided
Our 2023 Sir Donald Hibberd Lecturer, Professor Jackson Nickerson, discusses business implementation pitfalls that can lead to systemic failures — and catastrophe.
On July 6, 2013, shortly after 1:15 in the morning, a 73-car train was accelerating downhill into Lac-Mégantic, a small town in the Quebec province of Canada.
The train was carrying only one commodity, which is among the heaviest and most hazardous of freight — Bakken crude oil.
The train thundered and squealed as it reached the sharp curve in the centre of town going 60 miles per hour. The curve’s speed limit was 10 miles per hour.
Moments later, after an explosive sound that didn’t seem to end, the town was ablaze, with 47 souls dead, and an environmental nightmare the contaminated land and lake.
Canada’s worst train catastrophe in more than a century had just unfolded.
Blame was cast on the engineer and the small railroad company that owned the train. Yet, no person or corporation was ever found guilty in any litigation.
Perhaps this catastrophe was a singular accident? But then again, perhaps not.
Over the next two years, oil train disasters became a regular occurrence in North America. Why?
My colleagues and I think we have a new explanation, not only for these train disasters but for almost every industrial catastrophe we have studied.
How changes make systems more fragile
Our theory explains why these catastrophes occur, and leads to practical methods for reducing the likelihood of their occurrence.
Whether we are analysing trains or planes, ships or space shuttles, oil platforms or chemical plants, mining or software, each of these industries and the firms that operate within them can be described as complex socio-technical systems.
To understand such systems, consider the metaphor of the human body, which is a complex system comprising many subsystems.
Imagine a sudden shock to the body when you realise that you need to sprint to catch a tram on Elizabeth Street.
The sprint triggers responses in various subsystems like breathing deeply and perspiration that bring the body back into an equilibrium after exertion.
The technical word for this property is homeostasis, which is the ability of a system to return to a desired equilibrium after experiencing a shock.
Like the human body, socio-technical systems are designed to maintain homeostasis in response to shocks. Yet, industrial systems differ from human bodies in one very important way.
Managers and operators often have reasons to make changes to one or more subsystems. Sometimes these changes are innovations expected to improve subsystem functionality or performance. Other times, the changes cut costs, to do more with less.
And, in yet other instances, the subsystem is not working properly. But current performance is not poor, so why try to fix what isn’t broken?
Unfortunately, and all too often, a change in one subsystem — or the failure to fix what isn’t working properly — is not assessed for its potential to narrow the homeostasis of other subsystems.
Thus, a change in one subsystem can cause the entire system to become fragile.
As this fragility drift grows worse, a shock that might have been easily handled by the system now becomes the source of a catastrophe.
To illustrate fragility drift, let’s go back to Lac-Mégantic.
In 2012, the year before the accident, the oil industry launched an innovation that could fill many oil tank cars with Bakken crude simultaneously. Overnight, the amount of oil transported by trains increased by a factor of 13!
Also, instead of just a few oil cars in a 1- to 2-mile-long train, now the entire train was dedicated to oil — what is called a unit train.
This change in one subsystem, the parallel loading of oil tank cars, created fragility drift for other transportation subsystems and the entire system.
Rails were not maintained or updated for carrying long, heavy unit trains.
Routing software was not adapted to choose track routes that could support long, heavy unit trains.
Safety processes for parking trains on the track were not adapted to account for long, heavy unit trains.
Operational, managerial, regulatory, and safety policies were not adapted to account for long, heavy unit trains.
In essence, this innovation narrowed the homeostasis of the system. And no one knew it. A system failure was just a matter of time, waiting for the wrong kind of shock to come along.
How to avoid fragility drift
While we could not ever predict the Lac-Mégantic catastrophe, our theory might have predicted that fragility drift was occurring. It was substantial, and a disaster was waiting just down the track.
So far, I have talked about industrial catastrophes in which people and property are harmed.
Yet, fragility drift can lead to the collapse of business operations like the shutting down of Southwest Airlines in the United States over the busy Christmas holidays, just a few months ago.
In sum, fragility drift is an important consideration for almost any kind of implementation efforts. As a leader, you may be wondering what you can do to avoid fragility drift.
Our research offers two innovations that potentially can reduce the likelihood of fragility drift.
First, we have developed a system analysis tool that can help managers and operators be aware of the homeostatic relationships between subsystems. If these linkages are known, then fragility drift may be easier to prevent.
Second, we have designed a new kind of organisational structure to ensure that the right kind of homeostatic analysis is undertaken before changing a subsystem. This organisational design is cost-effective and superior to other approaches currently in use.
To conclude, industrial catastrophes create substantial implementation risk for many firms.
A quick accounting of the people, property, and profits lost in the Lac-Mégantic Catastrophe, the Moura Mine Tragedy here in Australia, or the Deepwater Horizon Disaster in the Gulf of Mexico should provide enough motivation for every board of directors to care about preventing fragility drift.
Will the innovations I described eliminate industrial catastrophes? Probably not. Nonetheless, they may offer a pathway to reduce their likelihood, which can benefit us all.
Professor Jackson Nickerson is a former NASA engineer, entrepreneur and award-winning scholar on strategic management, leadership and organisational change from Olin Business School, Washington University in Saint Louis. This year, he was named our Sir Donald Hibberd Lecturer and taught MBA students a subject on strategy implementation.
The Sir Donald Hibberd Lectureship was established in 1984 to celebrate the legacy of one of Australia's most significant nation builders, and inspire others to follow in his footsteps.
To find out more about studying at Melbourne Business School, visit our Degree Programs and Short Courses pages, or learn about our range of services For Organisations.