Explainer: What engineers need to learn from common failures

When a catastrophic structural failure occurs, there may first seem to be an obvious single reason for it, such as a flood or a fire, but the root cause can often be a combination of factors that may have taken effect years earlier.

The civil engineering sector has a responsibility to learn from such disasters when they occur and, if necessary, change its practices accordingly.

The partial collapse of the Ronan Point tower block in London in 1968 after a minor gas explosion prompted changes to building codes, for instance. And the 2001 terrorist attacks on New York’s World Trade Center altered how fire resistance and occupant evacuation are addressed in the design of tall buildings.  

Despite these examples, engineers have generally been slow to apply the key lessons offered by cases of catastrophic failure to their own projects. That was the view of Dame Judith Hackitt when she completed her independent review of building regulations and fire safety after the 2017 Grenfell Tower disaster in London. 

In her concluding report, Building a Safer Future, she stated: “This is most definitely not just a question of the specification of cladding systems, but of an industry that has not reflected and learnt for itself.”

Dame Judith added that the key factors behind the failure of the regulatory system covering high-rise and complex buildings included “ignorance, indifference, lack of clarity on roles and responsibilities, and inadequate regulatory oversight and enforcement tools”. 

In 2018, the ICE published In Plain Sight, a report recommending how the institution and the wider infrastructure sector should review incidents such as the Grenfell Tower disaster and disseminate lessons from these to share knowledge and, ultimately, improve public safety. An important part of this is to explore how and why failures have occurred and identify the most common causes. 

Engineers involved in infrastructure projects often don’t expect the worst to happen. They assume that a catastrophic failure will have resulted from a combination of unlikely factors that could never be repeated. But, if the causes of such disasters are analysed properly, it is usually possible to understand how these could recur in future projects – even those that seem entirely unrelated. 

This is equally true of minor incidents and near misses, which obviously don’t receive as much exposure but offer plenty of useful information. In the drive to find better ways of working throughout the industry and protect people’s health and safety, it’s important to learn from all such cases.

Access to information about serious infrastructure failures is often restricted until formal investigations and legal processes have taken place. This can hinder the prompt dissemination of knowledge. 

Consider the partial cave-in of the railway tunnel at Gerrards Cross, Buckinghamshire, in 2005, for example. Details of a 2010 Health and Safety Executive report on this incident weren’t made public until 2023.  

While such an incident may attract immediate media coverage, this will usually focus on the human and financial cost, instead of providing any useful technical analysis. 

Still, that’s not always the case. Investigations into the 2018 Florida International University (FIU) pedestrian bridge collapse were reported more quickly, for instance, enabling lessons to be shared in good time. 

If the sector is to better understand common modes of structural failure, it needs prompt access to the findings of expert analysis. 

An important resource for engineers to learn about disasters, near misses and their causes is Collaborative Reporting for Safer Structures UK (CROSS). This is a system, co-founded by the ICE in 1976, that “allows professionals working in the built environment to report on fire and structural safety issues. These are then published anonymously to share lessons, create positive change and improve safety.”

Research into the causes of major structural failures indicate that there are some common factors that have contributed to many ostensibly dissimilar incidents. These include: 

• The incorrect or misleading classification of a structure
• Calculation errors at the design stage
• Inadequate design checks
• Indifference to key warning signs 

These factors contributed to the FIU bridge collapse, the Gerrards Cross tunnel cave-in and the failure of the auxiliary spillway on the Toddbrook Reservoir dam, Derbyshire, in 2019. 

The fact that the same factors play a part in many incidents suggests that civil engineers should learn from each case and use this knowledge to improve processes at all stages of the projects they work on.

Here we look at these three projects in closer detail.

In 2018, a cable-stayed footbridge under construction at Florida International University (FIU) in Sweetwater, Miami, collapsed on to a busy multi-lane highway, killing six people and injuring 10.

Errors

• Design classification/failure mechanism: the structural importance of key nodal sections in a “rare” single-plane reinforced-concrete truss bridge was not appreciated.
• Design: the load-bearing capacity of a critical node was overestimated.
• Checking: reviews failed to pick up the nodal miscalculation.
• Warning signs: cracks appeared around the node, but no remedial action was taken.

In 2005, a tunnel being constructed to enable a supermarket to be built over the main line near Gerrards Cross railway station partially collapsed while being backfilled. No one was harmed in the incident, but train services on the line were halted for seven weeks.

Errors

• Design classification/failure mechanism: a “sensitive” proprietary soil-arch system was incorrectly classed as “presenting no significant risk”, causing the backfilling sequence to become open to change.
• Design: the backfill application method changed in a way that made it incompatible with the original arch design.
• Checking: the effects of the change in the backfill application method were not reviewed.
• Warning signs: arch panels exhibited large deflections, yet no remedial action was taken.

In 2019, the newer of the two spillways at Toddbrook Reservoir was damaged during severe rainstorms, causing the rapid erosion of the underlying dam shoulder. Fearing that the damaged structure would fail entirely and cause a catastrophic flood, 1,500 people living downstream from the reservoir at the town of Whaley Bridge evacuated their homes. 

Errors

• Design classification/failure mechanism: a risk-based classification of the reservoir was based on its proximity to a population centre rather than the condition of its dam, leading to a general lack of appreciation of the importance of maintenance.
• Design: a faulty connection between the concrete auxiliary spillway (built in 1970) and the earth dam (1840) enabled water to undermine the spillway.
• Checking: the risk posed by the spillway’s thin concrete slabs – with insufficient reinforcement and weak connection details, compared with the industry standard – remained unidentified for 50 years.
• Warning signs: cracks and leaks were observed, but their causes were not investigated before the incident.

Research into structural failures suggests that many incidents would have been averted if effective measures had been in place to identify risks and remedy errors in good time. 

The Swiss cheese model proposed by James Reason, emeritus professor of psychology at the University of Manchester, is important in this respect. It can be used to illustrate how flaws in different parts of a complex system can combine to disastrous effect.  

The model depicts various lines of defence against an incident as slices of Swiss cheese, with their weaknesses presented as holes. An oversight, error or other event may allow a threat to pass through a hole in one layer. If any of the subsequent slices don’t have a hole aligned with the one in that first line of defence, the incident is averted. By contrast, a clear pathway through all of the slices means that every line has been breached, resulting in an incident. 

The Swiss cheese model shows that failures are usually caused not by one flaw but a combination of weaknesses throughout a system. Some of these may be obvious and some may become apparent only after an incident. 

You can find out more about this topic from the ICE’s CPD modules on risk management and the Swiss cheese model.

Explainer: Risk and the Swiss Cheese model

Tech Talk podcast: How to apply the Swiss Cheese model