Wednesday, March 24, 2004

THE SPACE SHUTTLE - A Perfect Safety Record But Not for NASA

The Space Shuttles are remarkable vehicles. They carry a crew of astronauts and cargo into outer space, orbit the earth on virtually any axis, deliver supplies and personnel to the International Space Station and return everyone safely to earth. That is how they were designed and built and that is what they do time after time without a hitch related to the Orbiter.

There has not been one injury or death associated with any Space Shuttle flight that was related to a sudden, unknown, inexplicable failure of the Space Shuttle hardware, not one!

But two shuttles have crashed killing all aboard. One the Challenger whose precious cargo of Astronauts and a teacher blew up before our very eyes and those of their loved ones on launch and the second, the Columbia, that disintegrated on re-entry again before our very eyes and those of the loved ones of all aboard. After the Challenger disaster, NASA publicly wrung its hands, President Reagan kissed and hugged the families of the victims and an investigation revealed that the O-rings used in the solid rocket boosters allowed hot exhaust gases to leak and explode. Was that the first time such a leak occurred because of failed O-rings? Of course not! It turned out that NASA knew for years that the O-rings would allow exhaust to leak especially when temperatures were cool enough for the elasticity of the O-rings to be compromised. Contractors warned NASA repeatedly that the O-rings were potentially a recipe for disaster and the very morning of the explosion contractors expressed reservations about the launch because the temperature at Cape Canaveral was well below that required to compromise elasticity. NASA launched anyway and the rest is history.

The Blue Ribbon panel that investigated excoriated NASA pointing out serious safety flaws in its procedures, its launch risk analysis, its decision-making and its interface with contractors. NASA promised to correct these deficiencies so that the lessons learned at the expense of those magnificent men and women would prevent any future Space Shuttle disaster. The O-rings were redesigned as was the receptacle for them and there has not been a failure of the O-rings since.

Every high school student knows a simple formula. Force equals mass times acceleration squared. Every high school student knows that if you take something very light but you accelerate it to very high velocity its impact can be very severe indeed. It will do lots of damage to anything it hits if the velocity is high enough. After the Challenger disaster, NASA purchased redesigned and lighter external fuel tanks. These tanks are those large orange devices attached to the shuttle and they provide fuel for the liquid fueled main shuttle engines. The solid rocket boosters, the ones with the O-rings strap onto the sides and are jettisoned soon after launch, recovered and reused.

These lighter tanks have foam on the outside to insulate them and keep the liquid oxygen inside from evaporating. During many of the launches prior to the Columbia accident pieces of the foam were seen and photographed coming off the tanks and striking the shuttles during launch. Contractors and engineers at NASA discussed the possibility that this material could one day damage the Shuttle and cause a disaster. What did NASA do? Nothing! Some of the most sophisticated engineers in history neglected to rely on the simple mathematical formula they learned in high school. Even a piece of foam if accelerated to a high enough velocity could penetrate the very vulnerable heat dissipating tiles or brittle carbon fiber structure of the Shuttle and make a safe re-entry impossible.

With that actual knowledge NASA launched and launched Shuttles watching the foam strike the Orbiter and took no steps even to photograph the Shuttle in orbit to see if damage was done. Knowing that the formula was a guarantee of disaster waiting to happen, NASA provided the Shuttle Astronauts with no means to repair the damage that NASA knew would one day occur.

Seven magnificent men and women died for no reason at all. NASA publicly wrung its hands and President Bush consoled the families, hugged them as they cried and promised an investigation.

The Blue Ribbon Commission determined that a piece or pieces of foam broke away from the main fuel tank and struck the Shuttle’s wing damaging it. Warnings by contractors were ignored and the crew was not advised of the risk. No steps were taken to assess the risk and no consideration was given to using another Shuttle to make a rescue. Instead NASA decided to engage in a crapshoot like it did with the Challenger and with the same result.

The NASA Administrator quipped about the scientists who knew it was the foam that caused the damage and belittled them in public. The investigating panel spent tens of millions to tell us what any youngster could plainly see on the launch video, the foam striking the Orbiter as it accelerated towards outer space. Test were conducted by firing foam at an exemplar Shuttle wing which blasted a hole in it more than enough to cause the break-up during re-entry.

When questioned why a fix was not available to the Astronauts in space, NASA agreed that the technology had been considered for at least a decade and was never implemented for Shuttle safety. The conclusion was that the Columbia accident was caused by flaws in NASA procedures, inappropriate risk analysis, failed launch safety procedures and decision making and ineffective interface with its contractors. In short, the same reasons for the Challenger disaster.

Recently NASA discovered that actuators for the speed brakes had been misassembled. A failure of any one of those actuators could have spelled disaster for the shuttle. While NASA cannot be expected to examine every part to make certain it is assembled correctly, this finding underscores the historical failure of NASA to ensure its contractors have inspection programs in place to assure the utmost quality control as well as its repeated failure to insist on redundancy and fail-safe design principles that prevent single point failures. There has been an aircraft design requirement in existence for fifty years to prevent the loss of an aircraft due to the failure of a single actuator.

What the recent revelation points up is that nothing has changed at NASA and if it doesn't change soon, there will be another shuttle disaster.

Aircraft and spacecraft never fail without telegraphing that risk years in advance and well before anyone is hurt. It takes people to fix them before they kill someone or worse kill someone again. Safety is no accident and the failure of NASA to fix the main fuel tank foam migration during launch after it was first observed years before the Columbia crashed and to equip its crews with repair kits in space is unforgivable.

A dire prediction follows. The nations of the world have allowed mountains of space debris to orbit the earth. It varies in size from the very large measured in thousands of pounds to the very smallest of bolts, hand tools and pieces of metal and composites. They orbit the earth at 17,000 miles an hour. If one of those pieces, even the smallest of them, were to strike a Space Shuttle or even the International Space Station, there will be another disaster. Steps must immediately be taken to control space debris, to collect it, return it to earth and prevent its being deposited like so much garbage in the spacefill of mother earth. The alternative to the most aggressive effort at eliminating this ever-growing risk will be loss of life.

NASA’s list of accomplishments is long and distinguished. It has put men on the Moon, visited Mars, provide images of the universe that were unimaginable. It has developed aircraft shapes that are faster, higher flying, more fuel efficient and safer. It has contributed to man’s body of knowledge of flight and space immeasurably. But there is something wrong at NASA. Perhaps it’s lack of personal accountability; maybe it’s lacking judgment about priority in funding due to recent reductions in funding. Maybe it has too much on its plate. Maybe it has become too big administratively and not lean enough to do its job effectively and more important safely.

There will always be risk when men test the outer limits of technology. That is expected and the risk assumed. When technology is proven and the hardware works, only men and women can fail to ensure the safety of other men and women. NASA must pay more than lip service to this, its most important obligation.


October 1, 2003; Revised March 24, 2004
For further comment contact, contact Arthur Alan Wolk, aviation attorney and pilot at 215-545-4220.