One of the many problems facing the aeronautical engineer is to make a vehicle, the reliability of which is tolerable, from an assembly of bits and pieces which, individually, are more or less unreliable. The practical answer has been to duplicate, triplicate, and generally to multiply the items about which doubt is felt.
This approach to reliability (and hence to safety) finds its way into codes of airworthiness, either as straightforward demands for duplication, or as requirements that no single failure should cause trouble.
On the whole these intuitive assessments of the probability of failure, and the design consequences in terms of duplication, seem to have been sound. It is, however, as well to examine the problems numerically, if we can. Possibly no very clear and decisive answers will emerge, but a little light may be shed on the paths we seek to follow.