...Some further random thoughts on lessons that may or may not be being learned ...
Frangible I do agree in principal about what you wrote above, but I still have seen no facts in this event that support a "lesson learned"
I might add that I have seen cases where the assumptions of redundancy were faulted by latency e.g. a completely missing layer of prevention because it was either incorrectly installed or failed for in a hidden manner.
This kind of fault stacking often is missed in the original design/certifcation assumption because it is assumed to be 90% reliable when in fact there is no maintenance or quality control approach that verifies or ensures the assumption.
I still await any facts of what really happened in this event