Related: Gregg Easterbrook's article "Beam Me Out Of This Death Trap, Scotty" [1] is long but remarkably prescient, having been written a year before the first shuttle flight. It goes into the dangers of the tiles, how the costs would spiral, the danger of relying on a single launch vehicle, the benefits of disposable rockets, and other warnings that ended up being right.
The article talks about how unlikely the shuttle was to achieve the expected 500 flights, and would more likely only have 200 flights. (Real number: 135)
Some of the quotes from the article are scary in retrospect:
Quote: "Here's the plan. Suppose one of the solid-fueled boosters fails. The plan is, you die."
Another quote: "When Columbia's tiles started popping off in a stiff breeze, it occurred to engineers that ice chunks from the tank would crash into the tiles during the sonic chaos of launch: Goodbye, Columbia."
Remember, this article is from 1980, before the shuttle launched.
Not only did Gregg Easterbrook's article describe the dangers that would eventually lead to the demise of the Challenger and the Columbia, but he also mentions a third failure mode: the Space Shuttle Main Engines.
Could easily have failed catastrophically and taken out a third Shuttle. Instead, all the failures of the SSME turned out to be survivable. We just got really lucky.
> NASA was claiming that the engines were in the regular range of engineering, but they're not; the engines had many difficulties that the guys at JPL told me about. (I found out later that the people who worked on the engines always had their fingers crossed on each flight, and the moment they saw the Shuttle explode, they were all sure it was the engines. But of course, the TV replay showed a flame coming out of one of the solid rocket boosters.)
Gregg Easterbrook wrote the following about simulated shuttle landings:
> They've never flounced like a twig on the crazy rapids of "bias"--the bland physics term for unexplained variations in the earth's gravitational and magnetic fields.
I can't make heads or tails out of it -- I can't find any reference to such a phenomenon called "bias" and I don't see how gravitational field variations (I assume he means the ones caused by uneven density) could have any effect at their minuscule amplitude. Is this a result of some misunderstanding or am I missing something?
Interestingly, a thorough risk assessment of the Shuttle was done much later by NASA (near the end of the program) and it concluded that the risk of losing a Shuttle in the pre-Challenger era to be much higher than 1 in 100, closer to 1 in 10. Many people look at Challenger and Columbia as instances where the Shuttle program hit a patch of bad luck. In reality the Shuttle program has been extraordinarily lucky, there were many other close calls, some not well publicized, that came within a hair's breadth of causing loss of crew and vehicle (STS-1, STS-8, STS-9, STS-27 being examples of such). It was always a tricky bird to fly, and in the early days there were about half a dozen different things that could kill it outright with a shockingly high probability (not just the SRBs or foam/ice strikes on the TPS, also the APUs (which caught fire and exploded on one flight), the computer (which was completely inoperable just before landing on another flight), the SSMEs (which came close to causing loss of the orbiter once or twice), and other components). Over time some of the systems were improved to such a degree that they were no longer serious risks, but the whole system was so complicated and there were so many elements of risk that even at the end of the program many substantial risks still remained.
The last sentence from this piece is just beautiful, it has become my personal motto:
For a successful technology, reality must take precedence over public relations, for nature cannot be fooled.
It captures in a capsule form the reasons for a huge fraction of all the big engineering catastrophes, maybe even most of them. For everyone interested in similar case studies, and in reliability from a wide engineering perspective, I strongly recommend the book "Design Paradigms: Case Histories of Error and Judgment in Engineering" by Henry Petroski.
That is ridiculous. Let's say DWave was even better in what it actually produced, but even worse in its PR: it creates a true quantum cumputer proof of concept.
But it is even worse at public relations and EVERYONE thinks that it is a scam with rigged demos. It has no credibility.
Now I ask you: in this thought experiment, is nature going to fund your quantum company, because you actually kicked nature's ass and proved a true quantum computer in concept?
No. You have to actually maintain real credibility, much as the space program did.
Nature can't be fooled, but Nature also doesn't fund shit. Whether the government, VC's, or the people, only people fund people.
There were 135[1] Space Shuttle missions with 2 resulting in human casualties (Challenger and Columbia disasters).
Thus, a failure with loss of vehicle and of human life of 1.48 in 100.
The estimates range from roughly 1 in 100 to 1 in 100,000. The higher figures come from the working engineers, and the very low figures from management.
The reality was even more dangerous than the engineers had predicted, and far more dangerous than management had.
One of the major problems with the shuttle is that the design of the Space Shuttle meant that a loss of mission pretty much also meant the loss of the crew as well. A 1 in 70 accident rate is not nearly as big a deal if there's a 90%+ chance of the crew surviving the accident. (I just pulled the 90% number out of the air -- I've never seen any actual estimates for the effectiveness of launch escape systems in the event of accidents. In practice the success rate has been 1/1.)
I would suspect the engineering estimate had one or at most two sig figs, which isn't bad compared to results. I'm sure the management estimate had six sig figures of course.
This is an absolute classic of engineering literature. The last sentence, perhaps deservedly, gets most of the glory, but the whole piece should be under every engineer's and every manager's fingers.
I constantly see the dynamic observed in the first paragraph, and it would seem that the question "What is the cause of management's fantastic faith in the machinery?" is eternal.
I think management's big problem is that they are often confused by the difference between what they need and what they have. Of course I've spent a lot of my career working for venture capital-based startups where this problem might naturally be more prevalent.
For anyone else interested in how the organizational incentives and
institutional culture at NASA helped to set the stage for the
Challenger disaster, I highly recommend The Challenger Launch
Decision[1] by Diane Vaughan.
From the New York Times review[2]:
In "The Challenger Launch Decision" Diane Vaughan, a sociologist at
Boston College, takes up where the Rogers Commission and Claus Jensen
leave off. She finds the traditional explanation of the accident --
"amorally calculating managers intentionally violating rules" -- to
be profoundly unsatisfactory. Why, she asks, would they knowingly
indulge such a risk when the future of the space program, to say
nothing of the lives of the astronauts, hung in the balance?
"It defied my understanding," she says.
Even with Feynman's carefully reasoned essay, the next shuttle disaster was a mirror of the first: chunks of foam falling of each flight, careful monitoring but no serious action until the foam resulted in a loss of a vehicle.
The first loss was after careful monitoring of near-burn throughs of the SRB o-rings on many flights, but no decisive action.
It really astounded me when I learned no shuttle was inspected for damage while in orbit until after the loss of the Columbia.
The shuttle was an experimental vehicle. It was their job to gather as much data as possible on it. With that, the foam problem would have become evident long before the deaths of the Columbia crew.
I think root problem is that shuttle was starting and landing with people. They should use it just for cargo, second rocket with Apollo should have transport people from/to orbit.
They stuck out where they could be struck by stuff. They precluded the capsule eject system. They cost Shuttle tons of fuel. For a system used in only one part it's flight regime.
Why _why_ did Shuttle have wings? The Air Force insisted. So they could launch Shuttle into polar orbit from Vandenberg. Shuttle would need the wings to come _back_ to Vandenberg.
Then the Air Force withdrew from the program. Too late to get rid of the terrible wings, however.
In case you missed it Discovery Channel aired a pretty interesting Challenger docu(drama?) in November. The show portrayed Dr. Feynman's path to reaching these conclusions. Pretty interesting and disturbing at the same time.
[+] [-] kens|12 years ago|reply
The article talks about how unlikely the shuttle was to achieve the expected 500 flights, and would more likely only have 200 flights. (Real number: 135)
Some of the quotes from the article are scary in retrospect:
Quote: "Here's the plan. Suppose one of the solid-fueled boosters fails. The plan is, you die."
Another quote: "When Columbia's tiles started popping off in a stiff breeze, it occurred to engineers that ice chunks from the tank would crash into the tiles during the sonic chaos of launch: Goodbye, Columbia."
Remember, this article is from 1980, before the shuttle launched.
[1] http://www.washingtonmonthly.com/features/2001/8004.easterbr...
[+] [-] tanzam75|12 years ago|reply
Could easily have failed catastrophically and taken out a third Shuttle. Instead, all the failures of the SSME turned out to be survivable. We just got really lucky.
From "Mr. Feynman Goes to Washington": http://calteches.library.caltech.edu/3570/
> NASA was claiming that the engines were in the regular range of engineering, but they're not; the engines had many difficulties that the guys at JPL told me about. (I found out later that the people who worked on the engines always had their fingers crossed on each flight, and the moment they saw the Shuttle explode, they were all sure it was the engines. But of course, the TV replay showed a flame coming out of one of the solid rocket boosters.)
[+] [-] robryk|12 years ago|reply
> They've never flounced like a twig on the crazy rapids of "bias"--the bland physics term for unexplained variations in the earth's gravitational and magnetic fields.
I can't make heads or tails out of it -- I can't find any reference to such a phenomenon called "bias" and I don't see how gravitational field variations (I assume he means the ones caused by uneven density) could have any effect at their minuscule amplitude. Is this a result of some misunderstanding or am I missing something?
[+] [-] guard-of-terra|12 years ago|reply
I mean, Soviet space program of the time had neither financing nor time not priority outlined in the article.
Going to hit Wikipedia.
[+] [-] InclinedPlane|12 years ago|reply
[+] [-] stiff|12 years ago|reply
For a successful technology, reality must take precedence over public relations, for nature cannot be fooled.
It captures in a capsule form the reasons for a huge fraction of all the big engineering catastrophes, maybe even most of them. For everyone interested in similar case studies, and in reliability from a wide engineering perspective, I strongly recommend the book "Design Paradigms: Case Histories of Error and Judgment in Engineering" by Henry Petroski.
[+] [-] marze|12 years ago|reply
We've had three meltdowns in 40 years, about one per 13 years so far. Have we been lucky? Or have we been unlucky? Time will tell.
[+] [-] logicallee|12 years ago|reply
But it is even worse at public relations and EVERYONE thinks that it is a scam with rigged demos. It has no credibility.
Now I ask you: in this thought experiment, is nature going to fund your quantum company, because you actually kicked nature's ass and proved a true quantum computer in concept?
No. You have to actually maintain real credibility, much as the space program did.
Nature can't be fooled, but Nature also doesn't fund shit. Whether the government, VC's, or the people, only people fund people.
Credibility is super important!
[+] [-] treblig|12 years ago|reply
Thus, a failure with loss of vehicle and of human life of 1.48 in 100.
The estimates range from roughly 1 in 100 to 1 in 100,000. The higher figures come from the working engineers, and the very low figures from management.
The reality was even more dangerous than the engineers had predicted, and far more dangerous than management had.
[1] http://en.wikipedia.org/wiki/List_of_space_shuttle_missions
[+] [-] curtis|12 years ago|reply
[+] [-] jessriedel|12 years ago|reply
[+] [-] fnordfnordfnord|12 years ago|reply
[+] [-] VLM|12 years ago|reply
[+] [-] pjmorris|12 years ago|reply
I constantly see the dynamic observed in the first paragraph, and it would seem that the question "What is the cause of management's fantastic faith in the machinery?" is eternal.
[+] [-] curtis|12 years ago|reply
[+] [-] dmfdmf|12 years ago|reply
https://en.wikipedia.org/wiki/Ariane_5#Notable_launches
[+] [-] alexhutcheson|12 years ago|reply
From the New York Times review[2]:
In "The Challenger Launch Decision" Diane Vaughan, a sociologist at Boston College, takes up where the Rogers Commission and Claus Jensen leave off. She finds the traditional explanation of the accident -- "amorally calculating managers intentionally violating rules" -- to be profoundly unsatisfactory. Why, she asks, would they knowingly indulge such a risk when the future of the space program, to say nothing of the lives of the astronauts, hung in the balance? "It defied my understanding," she says.
[1] https://www.goodreads.com/book/show/995029.The_Challenger_La...
[2] http://www.nytimes.com/books/97/04/13/nnp/19074.html
[+] [-] marze|12 years ago|reply
The first loss was after careful monitoring of near-burn throughs of the SRB o-rings on many flights, but no decisive action.
[+] [-] rbanffy|12 years ago|reply
The shuttle was an experimental vehicle. It was their job to gather as much data as possible on it. With that, the foam problem would have become evident long before the deaths of the Columbia crew.
[+] [-] altero|12 years ago|reply
[+] [-] bdunbar|12 years ago|reply
They stuck out where they could be struck by stuff. They precluded the capsule eject system. They cost Shuttle tons of fuel. For a system used in only one part it's flight regime.
Why _why_ did Shuttle have wings? The Air Force insisted. So they could launch Shuttle into polar orbit from Vandenberg. Shuttle would need the wings to come _back_ to Vandenberg.
Then the Air Force withdrew from the program. Too late to get rid of the terrible wings, however.
[+] [-] benmorris|12 years ago|reply
http://www.discovery.com/tv-shows/the-challenger-disaster/ch...