Thursday, November 24, 2016

Think Negative

I was reading Artillery Through the Ages: A Short Illustrated History of Cannon, Emphasizing Types Used in America by Albert Manucy, when I came across the following passage.

There is one apocryphal tale, however, about an experiment with chain shot as anti-personnel missiles: instead of charging a single cannon with the two balls, two guns were used, side by side. The ball in one gun was chained to the ball in the other. The projectiles were to fly forth, stretching the long chain between them, mowing down a sizeable segment of the enemy. Instead, the chain wrapped the gun crews in a murderous embrace; one gun had fired late.

Whether the story is true or not, it teaches an important lesson. When designing a system, don't just think about the happy path. Make sure you think about all of the ways that things could go wrong, or risk being wrapped in the "murderous embrace" of your own design. (This is also known as being "hoist by one's own petard," a rather antiquated phrase, also explained in colorful detail in Artillery Through the Ages.)