> Orion utilizes two Vehicle Management Computers, each containing two Flight Control Modules, for a total of four FCMs. But the redundancy goes even deeper: each FCM consists of a self-checking pair of processors.
Who sits down and determines that 8 is the correct number? Why not 4? Or 2? Or 16 or 32?
They probably set an acceptable total loss rate for the mission and worked backwards to determine how many replicas of each system they need to achieve that while minimizing total cost/weight.
So the answer is "some engineers sat down after talking to management".
Eight shall be the number thou shalt count, and the number of the counting shall be eight. Nine shalt thou not count, neither count thou seven, excepting that thou then proceed to eight.
The fault tolerance is mostly focused on background radiation flipping bits. We've got half a century of data on the frequency of those upsets and the extent to which they're correlated under different space conditions for that, not to mention the ability to irradiate prototypes of the flight computer with representative amounts of shielding in ground based facilities...
For issues that have never occurred before, probabilities are the wrong tool. The right thing to do is list all the behaviour the vehicle must never exhibit and think of ways it still might, despite all redundancies -- maybe even despite every single component working as intended.
Lots of mission failures in history were caused by unexpected interactions between fully functional components. Probabilities of failures don't help with that.
And why you test till failure (ideally under real/similar conditions): to surface the failures that have never occurred before, and start collecting data on them.
Once you've lost more than ~2 processors, you're probably into the realm of common mode failures and voting won't save you. At that point, it's entirely possible you're just working with random data coming out of all your processors.
If this is run anything like the CPP, it will underperform both the market and their own benchmarks yet lead to executives awarding themselves huge bonuses.
Over the last decade (and even prior to that) CPPIB has been the best performing fund of its kind. National pension funds have different risk tolerances and investment guidelines that someone's personal portfolio or a family office.
Thanks to CPPIB, Canada does not have have a giant unfunded pension liability (unlike our neighbors to the south). It has been an enormous success story.
Yes, far better than how the UK runs its state pension system.
The Australians seem to have the best model overall though. Mandatory payments in to private investments has made them very wealthy.
The UK system takes the national insurance contributions of workers but doesn’t invest them in anything on behalf of the individual. So despite decades of payments you technically have nothing at the end and survive on the goodwill of the government and current taxpayers. That works right now because of the population pyramid.
>The UK system takes the national insurance contributions of workers but doesn’t invest them in anything on behalf of the individual. So despite decades of payments you technically have nothing at the end and survive on the goodwill of the government and current taxpayers. That works right now because of the population pyramid.
That's how Social Security works in the United States as well.
I believe it’s tied to your earnings in the US though, which it isn’t in the UK.
I also have a number of qualifying years in the UK when I didn’t work, and for decades you could buy a year contribution for about £150. The payout is £12,500 per year.
>That works right now because of the population pyramid.
Is it really a pyramid if the base is less wide than the top? I guess it would be an upside down pyramid, but not very useful for the intended purpose then.
I thought that honour belonged to the NZ super fund with an annualised return of 10% before tax since it's creation in 2003. I couldn't find a comparable figure for the CPPIB, but it looks to be lower.
> Why does it matter if volatility is lower than the market?
Because I can trivially beat the market by ~100% by going long on 3:1 margin.
The volatility is why that's a bad idea. One time out of five, the consequence of that investment strategy is 'The market had a crash and I lose everything'.
'Lol, YOLO' is not a great investment strategy for a well-ran country.
> One time out of five, the consequence of that investment strategy is 'The market had a crash and I lose everything'.
Which is why that strategy doesn't actually beat the market. Keep using it for 30 years and you're bankrupt.
Whereas if you put your money in a major index 30 years ago and left it there, or even 50 or more years ago, what result? Are you even in a bad place if you put all your money into the market in 1926 and left it there for 100 years?
Yes, if a retirement fund had put all their money into a stock index in 1926, it wouldn’t have been able to pay out pensions throughout the 1930s and 1940s and would have been bankrupt before the market eventually recovered.
Going full index is a great strategy for an individual person aged 20-50, but not a strategy for a pension fund which needs to continuously pay out.
During the Great Depression, the stock market stayed below 50% of its peak value for about 20 years. Imagine that the $600 billion turns into $300 billion overnight. It will only last 5-10 years without inflows, but the GDP has also dropped by 40% and inflows have plummeted.
It's still going back to the same assumptions that you're not only timing a depression but also
(a) don't have pre-funding (i.e., millions for an individual at the start of the depression),
(b) don't have CPPIB guardrails and auto-adjustment mechanisms,
(c) and it's not a partial income replacement scheme.
> It will only last 5-10 years without inflows
Without inflows? That's not realistic because people would still be contributing. In fact, CPPIB has triannual resets of contributions and in a recession, they'd up the contribution rate. In a recent actuarial audit, they found that if real returns dropped to 2.5%, then they'd only need to boost contributions from 9% to 11% to keep their 75-year sustainability target.
The advice that you need to taper off your investment portfolio risk as you get older doesn't really apply to people that have a nest egg. I know a lot of people that aren't necessarily living frugally and are told by their financial advisors that they might as well upgrade their cars, travel more, etc. They can cover their costs and don't have net worth > ~$3 million.
I have no idea what you’re talking about at this point. Do you have any interest in understanding why CPPIB invests the way they do and doesn’t seek the highest returns?
> if a retirement fund had put all their money into a stock index in 1926, it wouldn’t have been able to pay out pensions throughout the 1930s and 1940s
Point was that this/your rationale doesn't apply to CPPIB's situation.
Ponzi schemes always make current payments out of current inflows. The first 10 people get paid from the inflows from the next 100 people who get paid from the next 1000 people and so on, until you run out of people to sign up and the last group is left holding the bag. This is how Social Security works in the US because it started out by making payments to people who never paid in and was premised on the early 20th century fertility rate of >3.5 instead of the current ~1.6 to keep the system from collapsing, which is why the "trust fund" is running out of money -- it never had enough to cover future payments to begin with.
Whereas having individual years when the fund pays out more than it collected in interest is not a problem as long as that's not what happens on average.
This youtuber appears to be anti-active management. CPPIB is underperforming their own benchmarks and charging substantial active fees.
> Where 20 years ago the CPPIB had just 150 employees and total costs of $118-million, it now has more than 2,100 employees and total expenses (not including taxes or financing costs) in excess of $6-billion.
But...they don't appear to be terrible v. their peers, but that might be an indictment of pension funds.
"We achieved superior risk-adjusted returns" as an excuse for sovereign fund underperformance is nonsense. PE (depending on how levered it is) inherently has lower volatility than buying public stocks.
If your fund gets consistently lower returns than if you had just stuck everything in a 60/40 portfolio, the whole endeavor has failed.
I really like the ideal of just chucking it all in VTI (or, since it's Canada, some other equivalent). But does it still work at that scale? Or does the fund exert its own gravitational field on the index in question?
The gravitational field of indexes that large is one of the reasons why it works. The stock price of a company will generally increase when it's added to a major index because there are now so many more people trying to buy it as part of the index.
The risk is nominally that if you ever wanted to move a fund that large into some other investments, the act of selling would lower the price of the assets in the fund. But that's what happens no matter what you invest that amount of money in. But then widely distributed whole-market indexes would tend to mitigate that.
The real problem with this is that it disconnects what people invest in from the fundamentals of the companies. Promising companies don't get as much investment if they're not in an index, and mismanaged companies get too much if they are.
> The gravitational field of indexes that large is one of the reasons why it works
I'm confused because my question was whether a sovereign wealth fund could move an index by too much. Not about the issues with index investing (which IMO are mostly overblown).
They've underperformed their risk-adjusted benchmarks.
> But the CPP fund didn’t just underperform the indexes last year. It has done so, on average, ever since it switched to active management. That’s the admission you find buried on page 41 (it was on page 39 last year): since fiscal 2007, “the Fund generated an annualized value added of negative 0.2 per cent.” Compound that 0.2 per cent annual shortfall over 19 years, and it adds up to more than $70-billion in forgone income, on assets that now total $714-billion. [0]
That doesn't follow. The chart is counting the number of acres of land which are used for specific purposes, not the number of cattle being raised on that land. And the category you're counting as "pasture" encompasses rangeland as well, which is used at an extremely low density (often as low as 1 head of cattle per 10 acres).
> To feed a growing population, it is essential that the global agri-food system be managed to efficiently convert crop production into calories for human consumption.
It's really not. Efficiency is the enemy of redundancy. Countries want food security, so they must therefore produce excess calories.
It’s really, really not. Crop land per capita has been going down for decades despite richer diets, and all the biofuels and livestock feed [1]. Let’s not forget that advanced drugs to stop people from overeating the abundant food are a $60 billion and rapidly growing market.
I think it's important to a point, to be pedantic. But yes, global food production is well over the hurdle of production volume to "feed everyone", even for highly redundant crop yields. The remaining challenge is purely logistical and of course combating unchecked profit motive that's become malignant.
Global food production now produces more than enough calories to feed everyone, but still hasn't figured out how to produce enough nutrients to feed everyone.
I'm not really sure that holds. Carb-heavy grains form the bulk of global food production, but meats, legumes, fruits, etc. are still massively overproduced. Of course, I think you get at something very important to recognize which is that modern industrial variants of vegetables/fruits are bred in favor of crop yield, size, shelf-stability and visual appeal/consistency. Many of those contribute to lower nutrient densities.
I don't think it matters as far as getting enough micronutrients is concerned, but speaking from a lot of experience, "heirloom" produce is absolutely superior in terms of texture and flavor. It's not even close. I think we could really stand to put more effort into making robust food supply chains without turning everything into bland mush.
If you ignore waste then it is likely that we also produce enough nutrients. That isn't a useful way to look at it, however, as, just with all things in life, losses are inherit. A 100% efficient system will never exist. Calories, though, we produce enough of even accounting for all the waste.
> So all of a sudden the nice town clinic has $2,500,000 in debt, raise prices accordingly...
From a financial engineering perspective this is wrong.
Both equity and debt have costs of capital. Debtholders expect interest, capital holders expect RoE. The money going to debt interest is money that would previously have gone to equity, but now does not because the equity is replaced with debt.
Crucially, the costs of debt is lower than the cost of equity because of the interest tax shield. Therefore, the vet clinic now requires less revenue to maintain or even increase its return to equity.
Technically true, but RoE expectations from a PE firm are typically a lot higher than from the original owners of a small business.
And the LBO model is much less resilient to economic headwind. Let's assume a 25% EBITDA margin business, with most costs fixed (like the clinic example). Unfortunately revenue drops 20% because of external factors. It would maybe have a tiny profit left, tax would also be tiny and there is no interest to pay. The shareholders receive near zero, absorbing most of the problem for a year waiting for times to get better.
Now the same business, same reported EBITDA, but paying a large interest sum every year to the bank. If revenue drops 20% they can't pay their interest, and banks don't just wait for next year. Now the business has the restructure, agree with the banks what that looks like, or face a bankruptcy risk.
While the new PE shareholder has a better RoE due to leverage in the upside scenario, the business (and the PE) could be completely cooked in a downside scenario. For the PE this is a calculated risk, they optimise the overall portfolio. But for the employees and customers this isn't a great scenario.
> the vet clinic now requires less revenue to maintain or even increase its return to equity
The small-town vet would have probably accepted a lower RoE. More critically, they’d have been more willing to absorb shocks to said RoE than a lender will to their debt payments.
Small businesses are notoriously bad about calculating RoE; bookstores that own a building that would rent for way more than they ever make in a month, etc.
Nice, I like the sodium fast reactor concept. Produces less waste, can be passively cooled when shut down, and doesn't run pressurized so reactor vessel can be thinner.
Sodium leaks can be nasty, but they can be dealt with.
Are there any nuclear alternatives that don't include strapping low grade bombs to the reactor core (PRW/BWR: water separation -> hydrogen + oxygen -> boom, like happened @ Fukushima) or using coolants that instantly start violently combusting when exposed to air or moisture (sodium)?
I love the promise of nuclear energy, and I understand that every single engineering decision has tradeoffs, but these tradeoffs just seem so bad? Are there really no better options?
There have been some sodium cooled designs that have used a closed cycle gas turbine using nitrogen as the working fluid for the secondary circuit, in order to avoid any issues with sodium-water reactions with a traditional steam Rankine secondary circuit.
There are also fast reactor designs using lead as the coolant rather than sodium. These are interesting, but less mature than sodium cooling. Sodium is better from a cooling and pumping perspective though.
A eutectic is an alloy that has a lower melting point than any of its components.
Lead-bismuth eutectic or LBE is a eutectic alloy of lead (44.5 at%) and bismuth (55.5 at%) used as a coolant in some nuclear reactors, and is a proposed coolant for the lead-cooled fast reactor, part of the Generation IV reactor initiative. It has a melting point of 123.5 °C/254.3 °F (pure lead melts at 327 °C/621 °F, pure bismuth at 271 °C/520 °F) and a boiling point of 1,670 °C/3,038 °F.
Yes, some lead cooled reactor designs have used LBE, others pure lead. Though AFAIU so far the only lead cooled reactors that have actually been built and operated in production have used LBE. There is a pure lead cooled reactor under construction that should be started up in a few years if the current schedule holds.
The improvement is more on the fuel cladding for classic pwr or pebble bed reactors... But even without all this, nuclear is one of the safest sources of power on the planet, because we made it so
Nuclear today isn't that much different from steam engine - the fundamentals make it a technology of the past clearly losing to the today's tech, in this case to the massive solar/wind accompanied by the battery storage.
Nuclear will work in space, as it is the only tech feasible beyond the Mars orbit.
May be, may be the fundamentals will be sufficiently, to make it feasible on Earth, different for thorium MSRs and hopefully for fusion (my favorite is fusion driven thorium reactor - no need for fusion breakeven and relatively safe as turning off the fusion, the source of neutrons, stops thorium fission)
Thorium is inefficient. And its related to steam in that steam converts to heat and power. Differentiates considerably on the front end.
Nuclear solar and wind are all natural complements. This stupid this or that argument only empowers old oil and gas tech looking to hold on to the future.
Steam usage is a wonderful invention. It's certainly not a technology of the past. Nuclear will work anywhere you don't want to have oversized transmission network and where weather conditions aren't stellar, unless ren are combined with another firm source like gas/coal/geothermal/hydro
The AGRs are advanced reactors that use an inert coolant, CO2. In fact they have been designed to cool down quicker than any credible loss of coolant. And have been in service since the 70s, with some slated to go on until 2030.
I mean the LWR fleet has proven to be incredibly safe by any objective measure with deaths per TWhr as good or better than wind/solar. The very incident you mentioned had a direct death count of 0 or 1 depending on who you ask. Industrial shit blows up all the time, you just don't hear about it because it's normal and accepted.
What needs to improve about nuclear is our ability to deliver it on time and on budget. Safety is already more than adequate.
That is never going to happen until we are building more of a consistent design. I think every LWR is use today is a custom bespoke piece of equipment.
Yes, standardizing on a handful of designs will help immensely, as well as building two or more reactors on one site to share the overhead costs between units.
For example, building out more AP-1000s is really a no brainer. The first-of-a-kind is always expensive and the AP-1000 was especially so due to many factors. We bore that cost and now we should reap the benefits of Nth of a kind builds.
The International Atomic Energy Agency (IAEA) maintains a database of advanced reactor designs, ARIS [1]. It lists 119 reactors. A lot of them are small modular reactors, and the IAEA has published a book with details about them [2]. Some of these reactors have applied for NRC approval, and you can find an enormous amount of details at the NRC website [3].
To answer your question: numerous reactor designs are very safe.
Let's start with the most techonogically mature: helium cooled gas reactors. Helium is a noble gas, chemically inert, transparent to neutrons (the only substance in the universe to have zero neutron absorption cross-section), and it has a hard-to-believe high heat capacity by mass. The downside is that helium is somewhat expensive and it can leak. China has been operating 2 such reactors for the last 4 years [4]. In the US, there is a reactor design, Xe-100, that is quite similar to the Chinese design. It is quite difficult to come up with a scenario where something bad can happen with such reactors. The only problem is that they are quite expensive to build and operate, compared to water reactors.
There is one design that is very similar to the design of helium-cooled gas reactors, the only difference is that the coolant is not helium, it is a molten salt. In the US, the company Kairos is pursuing NRC approval for their reactor Hermes. The molten salt has lower heat capacity than helium by mass, but much higher by volume. There is no need for pressurization. The salt used here is a mixture of lithium fluoride and beryllium fluoride (FLiBe). Fluorine is an extraordinarily corrosive substance, but exactly because it is so, the salts that it forms are extremely stable. Still, stable or not, they can't match the inertness of helium, so such molten salt reactors are a bit more challenging when it comes to the contact between the coolant and the reactor vessel. However, they are extremely far from being a "low grade bomb". These reactors are almost as safe as they can be, albeit a bit below the inherent safety of helium cooled reactors.
Who sits down and determines that 8 is the correct number? Why not 4? Or 2? Or 16 or 32?
reply