Normal Accident Theory is the central argument of the sociologist Charles Perrow’s 1984 book “Normal Accidents: Living with High-Risk Technologies.” Perrow studied catastrophes in high-risk systems, beginning with the 1979 Three Mile Island nuclear accident, and concluded that some failures are not rare aberrations to be engineered away but an inherent property of the systems themselves. In such systems a serious accident is, in his sense, normal: not frequent, but to be expected as a structural feature rather than a surprise.
Perrow’s framework rests on two dimensions of a system’s design. The first is whether its parts interact in linear, predictable ways or in complex ways, where components affect one another through unfamiliar, unplanned, and often invisible paths. The second is coupling: whether the system is loosely coupled, with slack and buffers that let operators slow down and recover, or tightly coupled, where processes are time-dependent, invariant, and have little give. Systems that are both highly complex and tightly coupled are the dangerous combination.
In such systems, the publisher’s description of the book summarizes, “the conventional engineering approach to ensuring safety, building in more warnings and safeguards, fails because systems complexity makes failures inevitable.” Complex interactions make it impossible for designers and operators to anticipate every way components can combine, and tight coupling means that once an unexpected interaction begins, there is no time and no slack to intervene before small faults cascade into disaster. Worse, added safety devices increase complexity, sometimes introducing new failure modes of their own.
Perrow offered a framework rather than a single fix. By “recognizing two dimensions of risk, complex versus linear interactions, and tight versus loose coupling,” as the publisher puts it, the book gives “a powerful framework for analyzing risks and the organizations that insist we run them.” His point was partly political: for some technologies the inevitability of catastrophic accidents should weigh on whether society chooses to run them at all, not only on how carefully they are operated.
The theory has been influential well beyond nuclear plants, including in computing. Modern distributed systems are textbook examples of complexity and tight coupling, where automated controls interact in ways no one fully foresees and failures propagate faster than humans can respond. Normal Accident Theory provides a sober counterweight to the assumption that enough redundancy and enough safeguards can make any system safe, and it sits alongside James Reason’s Swiss Cheese Model as a foundational idea in how engineers reason about the limits of reliability.