ABSTRACT
These ‘defences-in-depth’ make complex technological systems, such as nuclear power plants and transport systems, largely proof against single failures, either human or technical. But no defence is perfect. Each one contains weaknesses, flaws and gaps, or is liable to absences. Bad events happen when these holes or weaknesses ‘line up’ to permit a trajectory of accident opportunity to bring hazards into damaging contact with people and/or assets. This concatenation of failures is represented diagrammatically by the Swiss cheese model (Figure 1.1) – to be reconsidered later.
