[reidacdc]

Thanks for the link to the paper, it clears up some issues I thought I might have had. It's nice to see an appreciation that some of the systems for which we require safety are "intractable" in the sense they describe, that is, not amenable to decomposition into parts where rules can be applied in isolation.

My favorite safety book, Charles Perrow's "Normal Accidents", is sort of about that too, although it's not at all prescriptive.

The concern I thought I might have had, from the Safety4Sea article, is that it wasn't clear to me how you distinguish "the system working correctly" (normal work leads to a result with no adverse events) from "the system being lucky" (normal work is blind to some risks which arise rarely, and didn't arise this time). The paper looks like it's much clearer on "Safety II" being about understanding what went right, which is very reassuring.