Jump to content

STS Shuttle discussion thread


GoSlash27

Recommended Posts

2 minutes ago, Starman4308 said:

It's a difference in magnitude, of reasonable risk.

Commercial airplanes are extremely well-understood, and can be extensively tested. Each new model of aircraft flies a large number of times before ever being allowed to carry passengers, with the individual airframes likely flown several times before carrying passengers to boot. Commercial airflight has been pushed to the point where it is reasonable to forgo abort modes that do not rely on survival of the airframe. Spaceflight, however, is at the point where a long, successful production run is the number of times a commercial airliner has to fly just to get certified.

In the future, maybe space travel will get to the point where it's safe to put people on board and just expect it to work, but right now I would call space travel insufficiently developed to forgo abort procedures for the entire mission.

It's kind of a straw argument to equate forgoing *some* abort modes with forgoing *all* abort modes. The shuttle had some abort modes, but it also had some phases of the mission where there really was no practical abort mode. But that's nothing new, really. For instance, what was the "abort mode" if something had gone wrong with the lunar lander ascent?

I'm just saying that once a targeted level of risk mitigation has been agreed upon, an abort mode is not the only way of achieving that goal.

Link to comment
Share on other sites

14 minutes ago, mikegarrison said:

It's kind of a straw argument to equate forgoing *some* abort modes with forgoing *all* abort modes. The shuttle had some abort modes, but it also had some phases of the mission where there really was no practical abort mode. But that's nothing new, really. For instance, what was the "abort mode" if something had gone wrong with the lunar lander ascent?

I'm just saying that once a targeted level of risk mitigation has been agreed upon, an abort mode is not the only way of achieving that goal.

If something had gone wrong with ascent, astronauts died, which is why the ascent stage was made as stupidly simple as possible. The risk of that happening was minimized by very robust design and extensive inspections. That works for a relatively small ascent vehicle, not so much for a massive launch vehicle, where there is no practical and economic way to make it simple.

The Space Shuttle, unlike many other manned programs, had a severe lack of abort modes through many of the riskiest parts of the mission. The Shuttle's abort modes mostly covered failure of SSMEs, ignoring other major components such as SRBs and the ET. Even post-Challenger, most of the improvements to abort coverage amounted to "okay, well if 2-3 SSMEs go out, we can ditch the ET and bail out; it's risky, but less risky than ditching".

While a lot of what you say is true in theory, in practice as applied to the Space Shuttle, it's a weak argument.

EDIT: And yes, for similar reasons, I'd criticize Gemini (ejection seats, really?), Vostok, and Vokshod.

Edited by Starman4308
Link to comment
Share on other sites

19 minutes ago, mikegarrison said:

I know it's not exactly the same, but commercial airplanes do not have ejection systems or otherwise any way to survive a mishap on the airplane unless it actually reaches the ground structurally intact enough to escape from.

Right and there are many more examples. The Concorde essentially had no abort system once airspeed reached 180 m/s it was committed to fly. But more specifically to your point there were a bunch of very popular aircraft that crashed just after takeoff because of combinations of bad weather and bad engines or other problems, and it was realized that there was no way to safely take-off if more than two issues are a problem, one being the weather. So sensors were placed around airports to detect windsheer. Your car doesn't have an abort system either, if you are driving down the road and a patch of Ice is on a bridge,  you go to fast,  . . . . . . .there are no ejector seats in cars. Your motor boat does not have an abort mode, that is really something about reading the conditions (seamanship), if there is a huge log in front of your boat and you don't see it, that's it, over the bow you go.

All of these have one thing in common, don't launch a mission when conditions are bad. Around here they have a call 'shelter in place' and that means if you are not in immediate danger, stay where you are at, its safer than traveling.

The issue with challenger was just that. But in the case of Columbia that abort mode really would have not helped them, because they had to know the shuttle was critically damaged to abort. They did not. I think we should worry less about abort modes and focus on under what circumstances abort mode would be more important than other safety issues.

Link to comment
Share on other sites

On 1/17/2018 at 11:43 AM, DerekL1963 said:

The key safety problem with the Shuttle wasn't it's design, low margin high performance vehicles are always risky.  It wasn't directly people, engineers or management.  It was a culture that encouraged myopia and the belief that since they'd gotten away with it so far, they would continue to do so into the future.

 

The Rogers Commission Report touches on this in several places (obviously), but a couple of those are worth highlighting:

On page 156 of the report, where they discuss their reliability program and how that was supposed to be monitoring trend data, they note that process problems were emerging with the SRBs as the shuttle program matured:

Quote

A series of changes to Solid Rocket Booster processing procedures at Kennedy may be significant: on-site O-ring inspections were discontinued; O-ring leak check stabilization pressure on the field joint was increased to 200 pound per square inch from 100, sometimes blowing holes through the protective putty; the patterns for positioning the putty were changed; the putty type was changed; re-use of motor segment casings increased; and a new government contractor began management of Solid Rocket Booster assembly. One of these developments or a combination of them was probably the cause of the higher anomaly rate. The safety, reliability and quality assurance program should have tracked and discovered the reason for the increasing erosion and blow-by.

And the table below, copied from page 65 of the report: Note that on STS 51-L, in addition to the significantly colder joint temperatures (the impact on the O-rings of which the report discusses in great detail elsewhere) both segments of the SRB, above and below the blow-by, were re-used segments. In other incidents, only one or none of the segments had been previously used.

e136e0ab75197a8636132a52fcc741fd.png

Link to comment
Share on other sites

1 hour ago, PakledHostage said:

And the table below, copied from page 65 of the report: Note that on STS 51-L, in addition to the significantly colder joint temperatures (the impact on the O-rings of which the report discusses in great detail elsewhere) both segments of the SRB, above and below the blow-by, were re-used segments. In other incidents, only one or none of the segments had been previously used.


That's not that the able says.  41-C and 51-C also show that both segments had been reused.

Link to comment
Share on other sites

2 hours ago, DerekL1963 said:


That's not that the able says.  41-C and 51-C also show that both segments had been reused.

Oh, sorry, you're right... I mis-read it. I guess the 1/2 for STS-51-L means that one of the segments had been reused twice while the other one had been re-used once?

Link to comment
Share on other sites

52 minutes ago, PakledHostage said:

Oh, sorry, you're right... I mis-read it. I guess the 1/2 for STS-51-L means that one of the segments had been reused twice while the other one had been re-used once?

That's how I read it, given they seem to use "none" for "no previous use".

Link to comment
Share on other sites

On 1/17/2018 at 7:44 PM, mikegarrison said:

It's kind of a straw argument to equate forgoing *some* abort modes with forgoing *all* abort modes. The shuttle had some abort modes, but it also had some phases of the mission where there really was no practical abort mode. But that's nothing new, really. For instance, what was the "abort mode" if something had gone wrong with the lunar lander ascent?

I'm just saying that once a targeted level of risk mitigation has been agreed upon, an abort mode is not the only way of achieving that goal.

From what I've heard, some of the "shuttle abort modes" were never successfully performed in the simulator.  Even if you had an available abort mode, it doesn't mean that your chances of survival were all that high.  In case anyone missed it, the procedure for an issue with the lunar ascent (one of the most likely points of failure IMHO) was to bang on the motor until it worked (see quote and followup to "this is how we repair Russian space station" in another thread).

Just because you have other dangerous parts, it isn't a great idea to make ascent (and decent) any less safe.  They are the most dangerous parts of any mission.

Link to comment
Share on other sites

On 1/17/2018 at 6:56 PM, Starman4308 said:

The Space Shuttle, unlike many other manned programs, had a severe lack of abort modes through many of the riskiest parts of the mission. The Shuttle's abort modes mostly covered failure of SSMEs, ignoring other major components such as SRBs and the ET. Even post-Challenger, most of the improvements to abort coverage amounted to "okay, well if 2-3 SSMEs go out, we can ditch the ET and bail out; it's risky, but less risky than ditching".

While a lot of what you say is true in theory, in practice as applied to the Space Shuttle, it's a weak argument.

EDIT: And yes, for similar reasons, I'd criticize Gemini (ejection seats, really?), Vostok, and Vokshod.

All of this, and more. Abort modes are just part of the vehicle and mission design parameters when designing a launcher that is as safe as possible. Ideally, the vehicle should be designed so that nothing can fail. That's usually not possible, so then you look at ways that vehicles can be prevented from killing people in the event of a failure, or redundancy, or simplicity, or (in the worst case) abort modes that can save the crew even while the vehicle is lost.

 There are going to be some parts of the mission that are extremely risky (no workarounds or aborts possible), but you try to minimize having to do that. There are some risks that cannot be foreseen until they happen, but when they do you redesign as necessary to eliminate them.

 The problem with the STS orbiter/ stack layout is that none of these considerations were accounted for in the original design. If anything went wrong with the SRBs at any point, the crew would die. If a single SSME malfunctioned at any point during much of the flight, the crew would die. If the vehicle caught fire on the pad, the crew would die. If anything substantial came loose and fell off... well, the crew might not die, but they were certainly at grave risk of dying. If something got bent or structurally weakened, the crew would die. An so on, and so on.

 NASA did their best to keep the shuttle fleet running perfectly as best they could and tried to dial in as much safety as was feasible in the aftermath of fatalities, but there was only so much that could be done because the STS was not *designed* with safety in mind from the outset.

Best,
-Slashy

 

Link to comment
Share on other sites

On 1/17/2018 at 4:56 PM, Starman4308 said:

And yes, for similar reasons, I'd criticize Gemini

Aside: in all fairness to Gemini, ejection seats would possibly work until they were high enough to abort with the upper stage/SM, or at least separate the capsule and have a chance to deploy the chutes...

Link to comment
Share on other sites

4 hours ago, GoSlash27 said:

All of this, and more. Abort modes are just part of the vehicle and mission design parameters when designing a launcher that is as safe as possible.

As safe as possible.  Which isn't always very safe when you're operating a high performance/low margin vehicle.
 

4 hours ago, GoSlash27 said:

The problem with the STS orbiter/ stack layout is that none of these considerations were accounted for in the original design.


As they say - [[Citation Needed]].  "Does not meet Slashy's unreasonable and idiosyncratic definition of a safe vehicle" does not mean they didn't consider the risks and decide they were acceptable.

 

4 hours ago, GoSlash27 said:

there was only so much that could be done because the STS was not *designed* with safety in mind from the outset.


No vehicle of land, sea, air, or space is designed with safety in mind from the outset, at least not with your narrow definition thereof.  Shuttle, like everything else, was designed to be as safe as possible within the myriad of constraints on the vehicle.

Give it a rest already, you're sounding like a broken record here.

Link to comment
Share on other sites

http://www.spacesafetymagazine.com/space-disasters/challenger-disaster/nixon-administration-shuttle-safety/

^ Just to show that my definition of safety is neither "idiosyncratic" nor "unreasonable". I'm not the first person to point all this out.

2 hours ago, DerekL1963 said:

Give it a rest already, you're sounding like a broken record here.

Nope.

Best,
-Slashy

Edited by GoSlash27
Link to comment
Share on other sites

2 hours ago, DerekL1963 said:

No vehicle of land, sea, air, or space is designed with safety in mind from the outset, at least not with your narrow definition thereof.  Shuttle, like everything else, was designed to be as safe as possible within the myriad of constraints on the vehicle.

In contrary, the regulations for safety for all kind of vehicles are very strict and becoming ever stricter. That includes all stages of the life cycle from design (call me if you need examples :-)), construction, traffic regulations, equipment of the vehicles, the infrastructure, regular checks and part exchange, licensing and renewing etc. Valid for cars, trains, ships, aircraft, cable cars, pick other ...

I remember that people were wondering that the shuttle was designed without a crew abort system, i also remember that such designs were discussed but not implemented, i assume because of weight. @GoSlash27 has a valid point, i think.

Edited by Green Baron
Link to comment
Share on other sites

I am also with Slashy. 

Yes, some risks you just have to suck up. There are failure modes you just can't prepare against. If the LM ascent stage springs a leak on the lunar surface there's just no way back from that. You can't pack additional fuel tanks when the margins are that fine. You design the LM so it's as reliable as possible and that's that.

But some risks you don't have to just suck up. 

Was there an unavoidable need for cargo and crew to be on the craft following maturation of rendezvous technology? No.

Was putting an orbiter on the side of a fuel tank that had to be insulated with foam the only way to put crew and or cargo in space? No.

Were solid rocket boosters the only choice? No.

Would a different architecture have allowed full abort capability for the duration of ascent? Yes.

Would the airforce have bought in to a conventional rocket family without crippling it with barely-acheivable design requirements? Most likely.

Shuttle was a bad design forced to work until it didn't. This isn't just in hindsight - there were articles at the time criticising the choices that were being made. There's no reason except for flawed design goals that NASA's post-Saturn vehicle(s) couldn't have had the reliability record of ATLAS at a fraction of the cost of shuttle.

Link to comment
Share on other sites

2 hours ago, Green Baron said:

I remember that people were wondering that the shuttle was designed without a crew abort system, i also remember that such designs were discussed but not implemented, i assume because of weight. @GoSlash27 has a valid point, i think.

As I said the other day, there is a fairly broad discussion about safety considerations in Chapter IX of the Rogers Commission Report. 

 

On 17/01/2018 at 2:26 PM, PakledHostage said:

The report also contains lots more information about the considerations that went into the abort modes and crew escape systems in Chapter IX - "Other Safety Considerations", starting on Page 179, but I don't have time to summarize them all here. Feel free to read through that chapter yourself, though.

Edit: 

I should add that it is often said that the aviation regulations are written in blood. That is probably true of other safety regulations as well - regulations get written because  somebody died. 

Sometimes the mistakes that lead to those regulations are head slappers, like the 1956 mid air collision of two airliners over the Grand Canyon that lead to the Federal Aviation Act in 1958. Other mistakes are more subtle, like pilots grabbing the wrong lever at the wrong time and causing a crash, leading to regulations like FAR 25.781 that mandates cockpit control knob shapes to standardize tactile cues to help avoid such errors. 

Anyway, the point is that we learn from our mistakes and try to do things better in the future. There is no point being sanctimonious. I can say with certainty that the people who designed the Space Shuttle weren't reckless yahoos; they were "rocket scientists". Hindsight has shown that they made mistakes, but they almost certainly did the best job that they could at the time, within the constraints that they were under. This generation's job is to learn from the mistakes of that earlier generation and try to do a better job next time, but even this generation will make mistakes.

 

Edited by PakledHostage
Link to comment
Share on other sites

3 hours ago, GoSlash27 said:

http://www.spacesafetymagazine.com/space-disasters/challenger-disaster/nixon-administration-shuttle-safety/

^ Just to show that my definition of safety is neither "idiosyncratic" nor "unreasonable". I'm not the first person to point all this out.

Note: Just to point out that this was the same administration whose OMB elected to employ the SRB over LFR of the design that destroyed the challenger.
Note: Same administration of Watergate and Ellsberg breakin.

Not exactly credible.

From that report

Quote

After the Challenger accident the Rogers and Payne Commissions in 1986 indicated that the Shuttle needed to be replaced by a new vehicle in, at most, 15 years or, as simple math would indicate, it should have been replaced by 2001. Yet the Shuttle fleet flew through 2012. Thus risk assessment problems that came during the start of the program continued in the years that followed. In this regard the safety failures can be seen as that of “national space leadership” of the White House, OMB, Congress, and NASA. http://www.spacesafetymagazine.com/space-disasters/challenger-disaster/nixon-administration-shuttle-safety/

So if we go by that logic, full replacement of shuttle would have occurred in by 2001, at then end of the ISS, certainly . . . . but it did not occur. A couple of points here the shuttle program when it was initiated was not designed to go until 2011. more like 2001. This is just evidence of the Beaurocracies limited ability to respond to problems.
 

Quote

The thousands of ceramic tiles that constitute the thermal protection system for the Space Shuttle is contra-indicated in terms of operational schedule, safety, performance, and resiliency. Today’s metallic thermal systems are better in terms of performance, operational efficiency, and costs. In short, conventional rockets with capsules might have served immediate needs, allowing an additional 10 years to develop a shuttle with a much improved and cost efficient thermal control system, making it cheaper, better, and safer. http://www.spacesafetymagazine.com/space-disasters/challenger-disaster/nixon-administration-shuttle-safety/

And if you read the other risk report, if they had replaced the tiles and reworked the hull a bit, they would have had an evolved shuttle.

However, neither replacement or evolution occurred again that is the problem, from a safety standpoint far more important than where you put an escape capsule.

Quote

The Shuttle has played a seminal role in American space enterprise and certainly has aided the cause of international cooperation in the construction of the International Space Station. It has also provided valuable experience both positive and negative. The design of future space systems will likely involve greater use of robotics, more innovation from the private sector, and more international cooperation. One can only hope that a focus on upfront safety design will be the fourth element.

Despite its limitations, it is certain that the Space Shuttle is one of the iconic space vehicles of all time and its place in history is secure.http://www.spacesafetymagazine.com/space-disasters/challenger-disaster/nixon-administration-shuttle-safety/

No doubt.

 

Edited by PB666
Link to comment
Share on other sites

5 hours ago, PakledHostage said:

Anyway, the point is that we learn from our mistakes and try to do things better in the future. There is no point being sanctimonious. I can say with certainty that the people who designed the Space Shuttle weren't reckless yahoos; they were "rocket scientists". Hindsight has shown that they made mistakes, but they almost certainly did the best job that they could at the time, within the constraints that they were under. This generation's job is to learn from the mistakes of that earlier generation and try to do a better job next time, but even this generation will make mistakes.

PakledHostage,
 The rocket scientists did an amazing job with the Shuttle, but they're not the ones who created the problems. It was the politicians and administrators who dictated the mission and layout.

And to be clear, this isn't about being sanctimonious. We all have the benefit of hindsight. It's just being honest about the strengths and weaknesses of the program.

Best,
-Slashy

Link to comment
Share on other sites

20 minutes ago, PB666 said:

The question is how many engines would the shuttle have needed to avoid the scenario altogether. Maybe 5.

To maintain an abort to orbit due to engine failures via just a longer burn of fewer engines? No idea.

 

 

Link to comment
Share on other sites

  • 1 month later...

A lot of interesting information through the whole thread, despite the discussion becoming a "bit heated" later on :) I just wanted to say thanks to all of you involved, I really learnt a lot, and discovered some points of view that did not occur to me before. I'll probably link this topic in the Shuttle Challenge, maybe some of the shuttle enthusiasts over there would be interested in all this.

Michal.don

Link to comment
Share on other sites

This thread is quite old. Please consider starting a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...