Our book club is reading Colossus, Michael Hiltzil. There is great quote early in the book, when the Imperial Valley in California was being developed by private interests.
There's a great quote from an effort in 1922 to dam and divert the Colorado River using a simple method of blasting canyon walls to form a dam.
A rock filled structure might be cheaper, [but] we can not be sure that this will be the case. If some unforeseen difficulties .. should be encountered, its expense might be greater than that of a concrete structure.
What finally tipped the scale against the rock dam was...
We can not be sure it would entirely safe.
When there is a discussion about "long tails," and the lack of knowledge and its impact on a project, there must be clarity around the very notion of Unknown Unknowns.
Unknown Unknowns must be isolated from the process. Put outside the "project," to have minimal or no impact on the outcomes. Since by their definition that are "unknown," if you let them on to the project, you'll be assuming risk that has Unknown Unknown probabilities of occurrence and Unknown Unknown consequences.
Why would anyone do this on purpose?
If you don't ask what don't we know about, and what are we going to do about these unknowns, when they become known. The simple answer - and the best answer - is to bound the project to operate within the Knows. That is isolate the boundaries of the project to the known probabilistic risk.
Then have the project adopt a behaviour in the presence of risk outside the Known - Unknown Unknowns, that is "fail safe." That is, the project must operate in such a way that it "fails to safety."
