Ask anyone who has owned a contracting company for a long time to share his or her worst nightmare and, inevitably, it finishes with how much profit was eaten up fixing this system or that product. Maybe it was the time and materials to make things right. Perhaps it was the lawyers' fees defending the company in court. Whatever the cost, it probably included increased insurance premiums.

Robert Bean
About five years ago, I and a few of my contracting friends were led to the "fountain of forgiveness" in a great book by Henry Petroski,To Engineer is Human: The Role of Failure in Successful Design.

Designing for failure is about foolproofing or mistake-proofing anything. For us business people in the HVAC design industry, it's about how to keep the dollars in our jeans by anticipating system or product failures which, if left unresolved, lead to customer complaints.

The current scope of our profit aches and pains show up in the American Comfort Surveyâ„¢, published by Decision Analyst in 2000, wherein one in two consumers claimed to be unhappy with their comfort system. Imagine the slow drip of dollars away from the industry coffers as we try to repair, replace, redesign, or over-haul existing stuff - some of it not even one year old.

I think a pivotal moment in designing for failure came from H.F. Levy, P.E. (Life Member ASHRAE), when in 2002 he made this profound statement: "We do not seem to recognize that our real customer is the occupant, not the building. No other industry that I know of gets away with calling a system good and acceptable when only 80 percent of the occupants stop complaining."

What Mr. Levy is referring to is the satisfaction target range provided in ASHRAE Standard 55, "Thermal Environmental Conditions for Human Occupancy." The standard calls for 80 percent "happiness," and yet, according to Decision Analysts, our industry is only hitting 50 percent. This can't be a good thing for us or the industry.

So, where does the designing for failure philosophy fit in? Look at your last hydronics project. Did you make tradeoffs between error prevention, redundancy, and familiarity against functionality and cost? Was the latest and greatest of gadgetry installed because the homeowner saw it on the Web?

From experience, I know that one bad job with all those cost reductions and "newness" always comes back to haunt you or the next service contractor.

Having been through that special field of landmines, I have concluded the key to good design is more about whether the occupant or operator can comprehend the system rather than whether we can understand it; and experience is teaching us, it's a greater challenge to design to what the other person knows, rather than trying to teach them what we know.

For this reason, we are suggesting that it makes far more sense to design hydronic systems that make error and failure irrelevant than to assemble and install something which upon failure makes the system useless or ineffective. This understanding forms the basis for the first law of designing for failure: the "grounded plug approach."

Law No. 1

Think power cords.It is often said the best design is one that is simple, effective, and works so well it requires no instructions. What comes to mind is the grounded power cord in your truck. It is an engineering marvel.

We can describe it with technical words such as voltage, amps, cycles, ohms, temperature, fire ratings, chemical and moisture resistance, and so on, but the greatest feature of a grounded power cord is this: It can only be inserted one way.

We do not need instructions on preparing the cord. We do not need to take a course on how to insert the male end into the female receptacle. The grounded plug makes illegal or improper things impossible.

However, in hydronics most equipment can go in backwards, from circulators to valves. Because it can, it often does!

Figure 1. Simplified boiler room inventory with preventive steps and failure response.

Law No. 2

Imagine what it would be like to be your customer in the future.Pretend it is the year 2020 and you're getting ready to celebrate your 80th birthday. The weather forecaster is blaring that it's -30 degrees F today, but you barely catch it because your hearing was shot a long time ago. The first thing you do is reach for your glasses because you haven't been able to see well for 35 years, and as you stumble out of bed, every joint and muscle aches from years of living the good life.

Unlike other winter mornings, this one is a little different because it is cold inside your home. Something is wrong. You throw on a sweater and your slippers and go check the thermostat (which you can barely read); sure enough it says exactly what you feel. It's time to call a heating technician. If you are lucky, you have a son-in-law who is a contractor. If not, you start looking in the Yellow Pages for someone who knows something about hydronic heating.

We know the numbers of skilled tradespeople are declining. At the same time, the numbers of sophisticated installations are going up. If your system in the year 2020 needs work, what are the odds other systems are needing work? Who becomes a priority - the single mother with two small children or the 80-year-old?

The second law of designing for failure requires designers to engineer systems for people, and therefore to introduce the human element. This forces us to propose radical questions like, "What happens to the resident of Fairweather (now Coldasice), North America, when the heating system crashes? How do we define acceptable failure exposure in terms of health and safety, disruption of service, protection of an asset, probability, and cost?"

I challenge every contractor-designer in North America to put yourself in the shoes of a customer in the year 2020 and ask, "What will it be like owning tomorrow, what I have designed and installed today?"

Law No. 3

Inoculate against failure.Inoculating against failure requires designers to systematically identify, evaluate, prioritize, and document potential points of failure and ask, "What are the consequences to a system or project in a worst-case scenario?"

The inoculation becomes most effective when you have built in temporary or permanent solutions that require low or no skill and, if required, readily available parts. It means establishing some kind of consistency into the systems you design and install.

Every possible combination of equipment and application needs a customized emergency plan; when the right design approach provides a single plan to service all your systems, these customized plans become absolutely unnecessary.

Consistency reduces and contains the number of possible combinations of events leading up to failure. Consistency is easily accomplished by either your own doing or taking advantage of preassembled products available by well-established, reputable companies.

Inoculation plans are living documents. A particular manufacturer may have a run of bad product, which goes unnoticed for years and then suddenly fails. How you respond to the failure becomes part of the emergency response system so when it happens, you can do it quickly and efficiently.

A partial inoculation plan for a boiler room might include an inventory of what is planned, what is currently on site, and response to failure.

Robert Bean, R.E.T., is a Registered Engineering Technologist in the discipline of Building Construction. He provides corporate and technical guidance to North American businesses. For more information, visit

Publication date: 11/08/2004