[Gibbon1]

There was a problem with GM ignition switches. The detent was too short and so it was possible for it to accidentally be switched to off. Bunch of people died as a result. Three problems. Power steering and brakes no longer work. Two the anti-theft device can lock the steering wheel. Third the airbags are disabled. It's a classic systems interaction issue. And is exactly the thing that shows up as the design processes becomes Balkanized.

[magduf]

I remember that one; that was absolutely criminal because they were informed there was a problem, and refused to do a recall because it would cost money. Instead, they quietly changed the ignition switch to fix the design defect, but without changing the part number or informing anyone.

And, as you pointed out, it was a systems interaction problem. Losing power steering at speed isn't great, but it's recoverable (maybe less so if you're weak and you're driving some big stupid SUV, rather than a small economy car), and losing power brakes is also bad but recoverable because you have enough vacuum in the system to do a full stop (but only 1 usually), but tie them together, at speed, and also (worst of all) lock the steering wheel, and you have a recipe for disaster. This is far, far, far worse than losing your power steering assist at parking-lot speeds.

[bumby]

What you bring up in terms of cascading failures is termed the "swiss cheese model"[1]

This is the traditional way to deal with system hazards. What has been talked about is the need for changing the way we think about software failures on safety critical systems, distinct from traditional failure mode approaches.

"The result is that software-related accidents involve a new type of accident, which can be called a component interaction accident: None of the components fail (all satisfy their specified requirements) but the problems arise from dysfunctional interactions among the components."[2]

[1] https://en.wikipedia.org/wiki/Swiss_cheese_model

[2] https://dspace.mit.edu/handle/1721.1/58930