Safety-critical programmes are typically governed by architectures designed for complicated problems, yet the systems they govern are frequently complex: their safety-relevant behaviours arise from interactions that generate emergent, unpredictable properties. This article examines what happens when such architectures encounter complexity, using the UK’s Ajax armoured vehicle programme as an extended case study. It traces four epistemic pathologies – decontextualised assurance, feedback suppression and the normalisation of deviance, narrative capture through the ecology of action, and contested truth criteria with the marginalisation of experiential knowledge – and introduces the concept of ‘evidence ecology’ as a bridging framework linking safety governance, assurance practice and programme management. The November 2025 recurrence of the same failure pattern demonstrates that the underlying epistemic architecture was not reformed by successive reviews and resets. The analysis derives design principles for complexity-informed epistemic governance transferable across sectors where assurance regimes confront socio-technical complexity.
Raul Leal Ascencio (Fri,) studied this question.