Jump to content

Blue Origin Thread (merged)

Aethon

By Aethon
in Science & Spaceflight

 Share

Recommended Posts

Ignath

Ignath

Posted
Posted
And now everyone will probably blame the supplier because "OMG PART BROKE AT 20% CERTIFIED LOAD".

So when a company or government "CERTIFIES" something to a certain level and it doesn't function appropriately, fails at less than HALF the "CERTIFIED" load it was meant to carry...less than 1/4 the load as a matter of fact; who should be held responsible?

Definition of certified (relevant definition BOLDED):

cer·ti·fy

ˈsərdəˌfī/

verb

past tense: certified; past participle: certified

1. attest or confirm in a formal statement.

"the profits for the year had been certified by the auditors"

synonyms: verify, guarantee, attest, validate, confirm, substantiate, endorse, vouch for, testify to; More

2. officially recognize (someone or something) as possessing certain qualifications or meeting certain standards.

"a certified scuba instructor"

synonyms: accredit, recognize, license, authorize, approve, warrant

"a certified hospital"

3. officially declare insane.

Elon Musk is correct in stating that:

1. He would not out the company that made the struts (why ruin someone else's business; the aerospace industry probably already knows who these guys are)

2. SpaceX would not be using the company again for struts

3. SpaceX would no longer rely on certification by any of their vendors, but instead do their own in-house testing

In these circumstances, some (albeit a small amount) of blame could be placed on SpaceX for not testing a CERTIFIED strut on their own; but what company expects something like this to happen when the part has been deemed safe to upwards of five times the load?

Link to comment
Share on other sites
YNM

YNM

Posted
Posted
And now everyone will probably blame the supplier because "OMG PART BROKE AT 20% CERTIFIED LOAD".

"Found lying by the side of the road" ;)?...

Now we know why the devs put that description in-game (I mean, uh, maybe it's real) ?

Link to comment
Share on other sites
Gargamel

Gargamel

Posted
Posted
And now everyone will probably blame the supplier because "OMG PART BROKE AT 20% CERTIFIED LOAD".

It wasn't just that one. They tested a large number of struts to failure and found quite a few failed well below certified rating. That is on the supplier. They have even stated they will be switching suppliers because of this.

Link to comment
Share on other sites
Streetwind

Streetwind

Posted
Posted

For reference, here's a picture of the struts holding the helium pressure vessel, one of which is suspected to have failed (likely at the bolt):

741dc2bcf5762a48.jpg

Note: the image is of an earlier flight. CRS-7 did not have a camera in the 2nd stage LOX tank. Which is a shame - how much easier would the investigation have been!

Link to comment
Share on other sites
Dkmdlb

Dkmdlb

Posted
Posted
And now everyone will probably blame the supplier because "OMG PART BROKE AT 20% CERTIFIED LOAD".

Who else would we blame? And why not them? Their struts didn't perform as they promised they would.

Link to comment
Share on other sites
pincushionman

pincushionman

Posted
Posted

Certification is a tricky issue in the aerospace industry. I'm dealing with it right now at my company. But I can't make an opinion on this since I have no idea how they were certified in the first place. Was it by analysis, or by test? Similarity to previous design? A failure at 1/4 the design load sounds fishy to me - yes, the design could be flawed, but with that kind of discrepancy it's not out of the question that the load requirements weren't properly defined (there may be more to it than just the number of pounds), and no parties - including SpaceX and any relevant regulators - properly vetted that information.

Link to comment
Share on other sites
TythosEternal

TythosEternal

Posted
Posted

I am very interesting by the counterexample this case poses to Rule #8 of Kelly Johnson's 14 Rules of Management:

http://lockheedmartin.com/us/aeronautics/skunkworks/14rules.html

Specifically,

Push more basic inspection responsibility back to subcontractors and vendors. Don't duplicate so much inspection.

I am tempted to go with Johnson over Musk here. Following every failed component with a change to your process in which you now inspect said component means that, sooner or later, you will be inspecting everything, trusting nobody, and needlessly repeating a lot of effort. It's a nasty downward spiral in which you end up spending more resources repeating verification, validation, and accreditation efforts after each stage of acquisition and integration than you do on engineering the actual systems (and if you think that's an exaggeration, you haven't worked for a big aerospace company lately).

This is exactly the kind of balance statistical mitigation is meant to address. You don't repeat every inspection of every part until there's a zero percent chance of failure, because then you go broke. You VV&A enough to give you a failure probability within your tolerances, with the understanding that, yes, sometimes things go wrong and you should plan accordingly. The only alternative is to manufacture everything in-house, which we know has been a long-term guiding objective of Musk's anyways.

Link to comment
Share on other sites
codepoet

codepoet

Posted
Posted (edited)

Well relying of a supplier's certification has bitten SpaceX, so I can understand Musk being unwilling to continue along that path. The position this puts him in is that he wants to have struts that be can rely upon at the cheapest price. There are two approaches to this:

1) Buy them in and test them all (If he was willing to accept a failure rate then he could instead test some, but not all).

2) Make them in house (and test them as part of that process).

It seems either way, if he wants to be sure the struts will not break then he needs to test them. Whether they are manufactured in-house or outsourced is a function of the costs involved.

Edited by codepoet
Link to comment
Share on other sites
J.Random

J.Random

Posted
Posted
Who else would we blame? And why not them? Their struts didn't perform as they promised they would.

Here's a funny idea: unless we know exactly how it was certified, what reliability margins QA has provided, how it was supposed to be used and how it was used, we wouldn't blame anyone.

After testing THOUSANDS of struts, SpaceX has found several which didn't meet the specs. Were specs clear? What the test looked like? No idea. They've said something along the lines of "the material grain was different in flawed struts", which may suggest that the production process has something to do with it (as in, the first strut made every day tends to be flawed because the equipment didn't heat enough yet, or the blank isn't ready when it's out of storage, or there's a material impurity in some conditions - there may be dozens of other reasons) - which means that yes, there's a flaw which wasn't known until this failure. We simply don't know.

What I know is that there's such concept as "redundancy" for these cases. Just think about it: Falcon can lose an engine and get to orbit, but just one strut snapped and what's left can't hold helium tank in place? It looks like some freak accident to me. Strut supplier may need to improve manufacturing and QA process. SpaceX may need to redesign the inner support structures for their rockets. Either way, we don't know the whole story. Even this conclusion they've made is preliminary. And there's certainly no point in blaming anyone.

Link to comment
Share on other sites
Layereddiagram

Layereddiagram

Posted
Posted

So this is like the best way it could have failed right? This is a flawed part that another company made that didn't even have any design problems.

Not a massively flawed part/design made by Spacex that would give the rest of the world the impression that they can't do their job.

Unless I don't understand how this works.

Link to comment
Share on other sites
Silver_Swift

Silver_Swift

Posted
Posted
So this is like the best way it could have failed right? This is a flawed part that another company made that didn't even have any design problems.

Not a massively flawed part/design made by Spacex that would give the rest of the world the impression that they can't do their job.

Unless I don't understand how this works.

Define "the rest of the world". Because I very much doubt the average person is going to hear about the exact causes of the failure, all that will stick is "a rocket made by spaceX exploded".

I do agree that for people involved in the industry this will move some of the blame away from SpaceX, which is probably very relevant for them.

Link to comment
Share on other sites
Albert VDS

Albert VDS

Posted
Posted
Here's a funny idea: unless we know exactly how it was certified, what reliability margins QA has provided, how it was supposed to be used and how it was used, we wouldn't blame anyone.

After testing THOUSANDS of struts, SpaceX has found several which didn't meet the specs. Were specs clear? What the test looked like? No idea. They've said something along the lines of "the material grain was different in flawed struts", which may suggest that the production process has something to do with it (as in, the first strut made every day tends to be flawed because the equipment didn't heat enough yet, or the blank isn't ready when it's out of storage, or there's a material impurity in some conditions - there may be dozens of other reasons) - which means that yes, there's a flaw which wasn't known until this failure. We simply don't know.

What I know is that there's such concept as "redundancy" for these cases. Just think about it: Falcon can lose an engine and get to orbit, but just one strut snapped and what's left can't hold helium tank in place? It looks like some freak accident to me. Strut supplier may need to improve manufacturing and QA process. SpaceX may need to redesign the inner support structures for their rockets. Either way, we don't know the whole story. Even this conclusion they've made is preliminary. And there's certainly no point in blaming anyone.

Why would you need to redesign a rocket if you are buying certified struts that will never reach their max load?

Basically what you are saying is that a company, who certified* a product that broke at 1/5th of it's max load, can't be blamed?

* attest or confirm in a formal statement.

Or to put it this way:

If you buy a, let's say, washing machine and use it as intended.

The washing machine company guarantees that it will work for at least 10 years.

It breaks at 2 years, do you hold the washing machine company accountable?

Link to comment
Share on other sites
Dkmdlb

Dkmdlb

Posted
Posted
Here's a funny idea: unless we know exactly how it was certified, what reliability margins QA has provided, how it was supposed to be used and how it was used, we wouldn't blame anyone.

If we're assuming the things Musk said were true, then we should blame the supplier. If there was confusion about the spec, or other mitigating issues, then it's not so clear, but if the company certified them for a certain pull strength and the struts don't meet that pull strength, then it's their fault.

Link to comment
Share on other sites
J.Random

J.Random

Posted
Posted
If you buy a, let's say, washing machine and use it as intended.

The washing machine company guarantees that it will work for at least 10 years.

It breaks at 2 years, do you hold the washing machine company accountable?

If this washing machine is business-critical for me, I'll have at least three of them: active, standby and spare. Whenever one breaks, standby becomes active, spare is installed instead of broken machine, and the broken one is replaced by vendor through RMA, free of charge, and becomes new spare.

Link to comment
Share on other sites
Albert VDS

Albert VDS

Posted
Posted

Well this washing machine can't be replaced by a spare because it's already in an active building, there is no way of getting it out, and if the washing machine breaks the whole building explodes.

Link to comment
Share on other sites
Jouni

Jouni

Posted
Posted

Blame is an interesting concept. When something goes wrong, the most important thing is to find a scapegoat, who may or may not be guilty. Then we can have our revenge on the scapegoat, regardless of whether it helps to avoid similar problems in the future or not. After all, nobody really cares if the problems recur or not, as long as we can satisfy our bloodlust.

Link to comment
Share on other sites
Jouni

Jouni

Posted
Posted
I'm confused by your comment because it doesn't seem to at all reflect what is happening in this case.

I assume that you replied to me.

In air crash investigations (which are quite similar to this case), the investigators are usually interested in finding the cause of the accident and preventing future accidents. Blame and liability are left to lawyers and other bloodthirsty savages, who are more concerned about revenge and/or profit than about preventing disasters.

The key issue is that everyone has something to hide. We all make mistakes. It's impossible to do things consistently by the book. We're humans, not machines. When the investigation is about assigning blame, everyone's primary incentive is to cover their backs. People avoid telling telling the whole truth, and they often choose to lie. Evidence gets destroyed. Instead of actively trying to solve the problem, people just wait passively until the inconvenient investigation ends.

In every kind of investigation, you ultimately have to choose whether it's more important to punish the guilty or to avoid future incidents. It's impossible to have both.

Link to comment
Share on other sites
softweir

softweir

Posted
Posted
If this washing machine is business-critical for me, I'll have at least three of them: active, standby and spare. Whenever one breaks, standby becomes active, spare is installed instead of broken machine, and the broken one is replaced by vendor through RMA, free of charge, and becomes new spare.

If replace all the struts in a rocket with three dishwashers each, then that rocket can't fly. Too heavy!

Or am I misunderstanding? ;)

Link to comment
Share on other sites
J.Random

J.Random

Posted
Posted
Well this washing machine can't be replaced by a spare because it's already in an active building, there is no way of getting it out, and if the washing machine breaks the whole building explodes.

And that's exactly what I was taking about: in this case, it becomes a single point of failure, and if you want proper reliability, you have to redesign. Thank you for proving my point.

I think all of KSP players share in that particular pain.

Except those of us who use KJR.

Link to comment
Share on other sites
Rakaydos

Rakaydos

Posted
Posted
And that's exactly what I was taking about: in this case, it becomes a single point of failure, and if you want proper reliability, you have to redesign. Thank you for proving my point.

Except those of us who use KJR.

And if your leg breaks walking down the street, you wont be able to walk anymore. better bring a set of crutches everywhere... just in case.

Seriously, it had a 500% saftey margin. Failure is inconcevable.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...