I was visiting farmers reviewing plans for the next crop year. I'd just arrived and the farmer says do you mind if we watch the Challenger launch before starting? It's got that teacher going up in space. I told him that my high school government teacher had been one of the ten finalists so I took a pretty keen interest myself.
I can remember the numbness I felt in his living room as we watched the Challenger explode. It's something once viewed that you can't unsee. Words fail you in trying to explain it.
I had no idea at the time that there were five engineers who tried valiantly to stop the launch because of the cold weather and failed.
> The night before the launch, Ebeling and four other engineers had tried to stop the launch. Their managers and NASA overruled them. That night, he told his wife, "It's going to blow up."
This sent chills down my spine... the world just shouldn't be like this.
One important piece of data to correlate with that: how many times previously had engineers issued similar warnings for launches that then proceeded fine?
Warning fatigue is a thing and reasonable to wonder whether that happened at all here.
It was a specific warning about the vulnerability of the O-ring seals in low temperatures (precisely the mechanism of failure that doomed the Challenger). It was an unusual, specific, and high profile warning which was effectively overruled by NASA management. The guidance was to avoid launching in such low temperatures, the response was: "My God, Thiokol. When do you want me to launch? Next April?" That from Lawrence Mulloy at NASA MSFC. This is a pretty clearcut case and nothing like "warning fatigue".
The question isn't whether O-rings had ever been warned about before; it's whether and how often there were ever any warnings of equal specificity and high profile to this one. "Go fever" accumulates from overriding previous warnings that didn't materialize as a threat.
Maybe it wasn't warning fatigue then. It might be overthinking fatigue. I guess missions have gotten delayed before for so many reasons and this time they just got tired of "doing it again."
This is a well studied problem, it wasn't overthinking, it was "go fever", specifically in the form of "Normalization of Deviance" [1].
Morton-Thiokol and NASA set criteria for safety margins on the Shuttle system. And the Shuttle kept on violating those safety margins again and again. Instead of grounding the fleet or studying the problem further or attempting to ameliorate the problem the safety margins were loosened, deviance was normalized, unsafe operations were normalized. And those who called out the legitimate safety problems with the Shuttle were harassed and derided because their views differed from the orthodoxy (that a Shuttle loss was a 1 in 100,000 probability) and got in the way of their goals (the high flight rate of dozens of launches per year that were necessary for the Shuttle system to meet its promises).
Later analysis of the Shuttle system [2] has indicated several other potential key failure modes that could have caused a loss of vehicle and crew, especially during the early flights. Not just the SRBs and the thermal protection system (the weaknesses which doomed Challenger and Columbia) but other systems such as the APUs, SSMEs, flight software, etc. led to a risk of catastrophic loss as high as 1 in 10 during the first several years of flights, 1 in 20 around the Challenger disaster period, 1 in 50 during the return to flight period after Challenger, and about 1.1-1.3% during the post-Columbia period.
> that a Shuttle loss was a 1 in 100,000 probability
I'm not sure how anyone could say that with a straight face.
Serious events happen with commercial aircraft at a rate of about 1 in 1M. Figure that a rocket is inherently 100X more dangerous. And that the lack of repetitive experience with rockets bumps the risk another 1:100. Meaning you build a lot of aircraft and fly them all the time you get good at knowing where the design holes are. Also consider that each serious failure when mitigated improves the odds of the rest of the fleet. You don't get that when you're only flying a dozen flights a year.
Est risk: 1X10-6 X 100 X 100 gives 1% chance of loss.
Notable the Apollo program flew 15 flights 3 had serious failures[1][2] and 1 near loss event (Apollo 13). For consideration the Saturn V was a well tested conservative design which the Shuttle was not.
[1] Apollo 6 and 13 had early engine shut downs due to failures of the S-II engines.
[2] Apollo 12 lightning strike took out the command module computer.
The '80s in particular were a time of greater trust in government and greater mass conformity in popular culture. The media by and large did not challenge these absurd estimates, nor did schools, nor did, largely, the public. At the time NASA was near the peak of its reputation. It had achieved the moon landing, it was the middle of the Cold War were NASA's achievements were an important battleground, and so on. Overall the tendency was to simply defer to NASA's judgment.
There was also a bit of self-delusion going on. The Shuttle system was, by design, the backbone of spaceflight (manned and unmanned) in the US at the time. On the one hand you could believe that the Shuttle system was a modern miracle, fully capable of achieving (or nearly so) its design promises of cheap and ubiquitous spaceflight, ushering in a new space age, including the launch and assembly of a next generation space station in the near future, and possibly including the realization of manned missions to Mars within the next decade or two. The competing view, that the Shuttle was a risky launch system that could never achieve its design promises even within an order of magnitude, was a vastly depressing (though in retrospect realistic) one. Holding that view meant that we would have to go back to the drawing board and spend maybe another decade building a new launch system that would reset us back to the way things were in the 1960s, and then we'd have to slowly crawl our way toward incremental progress. That was a very difficult truth to accept, ironically more difficult the more you were invested in space exploration.
What I think is interesting is how you could judge the success of the Apollo missions. One one hand they succeeded if your willing to ignore the Apollo 1 fire. But as I referenced the four critical failures. I think sober hindsight paints a picture of luck on the ragged edge.
One thing though I I think one needs to be aware of how risk gets amortized over time. Airliners are in heavy service and so the catastrophes due to design and operation holes is atomized over a lot of flights, where the shuttle never really was ever anything more than a few prototypes. Consider Boeing's first three 787's. Boeing planned to sell those but they've been written off. One can guess why.
Yeah, very true. I did wonder about that a bit, and also how dire the previous warnings were, if any. "It's going to blow up" sounds like something that a good engineer shouldn't be saying very often about successful flights.
In some working environments issuing a warning is enough to get you off the hook for something going wrong, so it might be that nearly every flight had a warning so the engineers were never responsible...
These were not throw away warnings. These were fervent efforts to stop the launch. This wasn't somebody trying to protect their job. This was somebody risking their job.
Texas A&M's engineering program has a required course called Engineering Ethics. A portion of the course is devoted to analyzing the Challenger disaster.
During a late-night teleconference the night before the launch, the engineers pleaded with their managers not to launch. One decision maker was told, "Take off your engineering hat and put on your management hat," and he reluctantly changed his mind (a decision he has regretted for decades, of course).
It's also telling that, after the decision was made to approve the launch, none of the engineers agreed to sign off.
I was in the third grade when this happened. My elementary school was (un)fortunate enough to carry the launch live, so I watched it happen with a room full of my 8 and 9 year old peers.
Like you, I can remember the numbness I felt in the classroom as we watched the explosion. And, I will never forget the look on my teacher's face as she shut off the television.
> You may not know it, but you carry some of his words with you in your own earthly exploration, printed in every U.S. passport.
This whole article was fantastic, but this was the coolest part for me. To learn that his quote is on every passport. I've never read the quotes on my passport before, but now I have.
I agree. It's on the biometric passports but not the previous generation, on p28 (and is abbreviated from the full quote printed in the article):
"Every generation has the obligation to free men's minds for a look at new worlds ... to look out from a higher plateau than the last generation." --Ellison S. Onizuka
The background on that page is a palm tree and a silhouette that might be Diamond Head, but the facing page is a space scene (not to scale) with an earthrise over the moon and a satellite.
Primarily the feedback loop of cable companies "having to" carry ESPN/ESPN2/etc at vastly higher rates than any other network on television, resulting in the ability to bid up TV rights for all major sporting events. As long as the rights are expensive, the network will be expensive, and vice versa.
I generally enjoy sports, but don't care about the endless commentary and talk shows that populate ESPN 24/7, nor do I like the fact that their properties drive up everyone's cable bill by $20-$30 per month, an order of magnitude more than any other network.
It's one of the primary reasons I don't have pay TV; I wish I could allocate my pay TV dollars to the programming I find more valuable.
I personally found the writing somewhat overwrought, despite thinking it's a story worth telling and feeling respect for the astronaut involved and sympathy for his family. I wouldn't call it good writing. But I'm not a US American, so maybe it's a cultural difference.
"the solid rocket boosters ignited and somewhere in the right booster, a 0.280-inch-wide O-ring failed due to the cold."
The 'solid rocket boosters' being constructed in segments because they had to be transported by rail from Utah. They had to be constructed in that state as part of the deal to get the politicians to vote in the finances.
I think that's an oversimplification of a complicated issue. It's certainly possible that the NASA administrator chose to go with Morton Thiokol to keep congressmen from Utah happy, but as far as I know there's no proof that there was any "deal", and there's plenty of technical reasons to go with a segmented design (although there's tradeoffs).
One of the bidders on the contract actually wanted to make a monolithic SRB, but that brings a new set of problems and limitations, especially at large sizes (you can look up the Aerojet 260" for some more info).
The shuttle SRBs were built in 7 segments, some of which were joined together at the factory. The multisegment design was based on the flight-proven Titan SRBs, which supposedly would help with R&D costs. However manufacturing constraints (if the SRB just used the Titan design and scaled it up, they'd need bigger hunks of metal than anyone was casting at the time) and design tweaks led to changes that degraded O-Ring performance and potentially kept both primary and secondary O-rings from being properly seated. There was really a whole confluence of things that went wrong, and a lot of missed opportunities to fix any one of the issues that led to O-ring failure.
Plenty of people still use segmented SRBs today, especially for their modularity. The (first version) of the SLS boosters are based on the shuttle design, with extra segments stuck added on.
I see what you're getting at, but the separate construction and transport was not the issue here. The O ring was a necessary pressure valve, but it failed because the cold made it brittle.
The bigger issue here was the politics between Nasa and it's contractors. The contractors told them that the launch would be dangerous at the temperature, but they were ignored.
Do I understand correctly that you're saying that the O-ring would be necessary even if the SRBs were constructed as a single long tube, instead of segments that are assembled together?
If so, would you mind expanding on that? I was under the impression that the only reason the whole O-ring and caulking of the joints was necessary was the existence of the joints.
Why do you think that? As the person you replied to said, the only reason the O-ring is there at all is to seal the joint between the sections. If the join't didn't exist, there would be no reason at all for there to be a rubber ring embedded in the structure.
Because that spot on the SRB is a flex joint to allow some movement of the nozzle as the engine fires. The joint isn't there because of transportation or other reasons.
I'm no rocket scientist either, but happened to be reading in depth about SRBs in general and Challenger in particular, and my understanding is: the joint in question was a field joint, to be assembled in the field, as opposed to factory joints which were assembled in the factory. The construction of these joints were different (asbestos insulation vs O-rings). The differing design is due to transportation and logistics.
And if the politicians didn't vote to build the SRBs in Utah, then maybe there would be no SRB at all, which is a good method to prevent deaths from SRBs.
Do you have a reference for this? Seems very intriguing to me. To me it seems the last thing you would want, under any circumstances would be to have hot gases coming out anywhere near the hydrogen tank and you'd make every effort to contain any overpressure until it exited beyond the hydrogen tank.
At such projects, everybody is constantly mumbling about what all could go wrong, its just legally relevant background noise- not actually "sticking" out warnings pointing at a particular point of failure.
I'm sorry, You completely mischaracterize what happened that morning. The contractor responsible for the solid rocket booster flat out said "do not fly this love morning". NASA actually went to his supervisor and for his supervisor to sign off on the flight (the particular contractor who refused to sign off said " that was the single smartest decision of his life").
The following is a link to his book, but I actually heard a presentation from him.
You seem to be implying that a root cause of the accident was the political spreading around of construction.
Rockets are incredibly complex machines, you could use this sort of post hoc reasoning to find cause and blame for any anomaly by saying such a part could have been done differently. You couldn't ever use this reasoning to make design decisions that prevented accidents.
I mean, was the alternative to construct them on site? Is that what would have happened if not for the political pressure? It seems likely that they would have been manufactured SOMEWHERE requiring transport, no matter what.
To clarify, there are many places where the boosters could have been manufactured and transported by ship. The shuttle SRB's where manufactured in Utah, where transportation by ship is impractical.
For example, SpaceX builds all their rockets in LA and transports them by truck to the launch site. With their next, bigger, rocket they'll send them by ship.
Blue Origin is planning to build their big rockets in Florida near the launch site.
The post hoc ergo propter hoc going on in this comment and its responses are wild.
The O-ring failed because it was a bad O-ring, and no one in positions that matters appreciated it was a bad O-ring. Politicizing it into a witch hunt to make congress look bad doesn't do anyone favors. It just feeds existing rage.
Didn't the O-ring fail because it was used outside its specifications? My recollection is a bit hazy but it seems that it was more of a political problem than an engineering problem.
To slightly oversimplify, it wasn't beyond spec, the spec for the part just wasn't really defined.
The conversation the night before launch went something like this:
Contractor: "We don't want to launch, we're worried about how the cold will affect the O-ring"
NASA: "Do you have any data showing that the O-rings will fail at 50°F?"
Contractor: "No, but we don't have any data showing that they won't fail at 50°F"
NASA: "We launched when it was cold before and nothing went wrong" (The coldest launch before Challenger was successful, although both of the SRBs had badly charred O-rings)
Contractor: "Once, and there is circumstantial evidence that the O-rings had issues on that launch. (managers kicks engineers out of the room). We're not telling you not to launch."
That said, the hardness of the O-rings wasn't the only issue (at least, by itself it may not have caused the Challenger to explode). There was some putty around the O-rings that had problems. It was known to let water in, and the night before the launch it rained and was cold enough that the water that got in next to the O-rings could've frozen and kept them from maintaining their seal. There were primary and secondary O-rings, but the secondary O-rings didn't really give good redundancy.
There is a book, "Challenger: A Major Malfunction: A True Story of Politics, Greed, and the Wrong Stuff". There is also Feynman's report. Recommended reading!
Segmented SRBs are used on Ariane 5 and Northrop Grumman's upcoming Omega rocket, while Vega, Vega-C, and Ariane 6 will use a single-segment SRB. It's a choice that was dictated by politics for the Shuttle, but it's also a choice that can be made for other reasons, like a smaller composite segment using a cheaper tool (Omega and the Boeing 787 fuselage tube).
In general, "need to be segmented for transport" is not necessarily a political thing. Russians have the Proton rocket which looks as if it had boosters bolted to it, where in fact those are parts of the first stage. I heard recently that the reason for this design is precisely because if those side parts were internal, the rocket wouldn't fit on a railcar.
The story of the Challenger that day is one of the few things that can reliably squeeze a tear or two from me. Interestingly, I've never heard about this part of it, thanks.
Same here. I remember exactly where I was and what I was doing, the smells and sounds, and how my teacher rushed to turn off the television we were all watching the launch on once it was clear what was happening. Kids crying, not understanding what was happening, the feel and look of the carpet, wall decorations, everything. It's the most vivid memory of childhood I have. I don't think I'll ever forget it.
I too remember all those details. I was in third grade, and the whole school was watching together in the auditorium. After the explosion, they just sort of shuffled us back to our classrooms.
> how my teacher rushed to turn off the television we were all watching the launch on once it was clear what was happening
It’s funny, this is what causes trauma... if you interrupt the stress reaction and try to make it go away, you hold onto it. If animals are allowed to go through their full stress cycle, they forget the trauma.
To be fair, they might have feared what more was about to come through that tv set. Or the impending wrath from parents when little Billy can't sleep at night. Was such concerns (parents) a thing in the 80s already?
On Challenger's last day, I had met very early that morning with a couple of angel investors who signed a funding commitment for my first company. Went home, watched Challenger explode. An hour later, angel investors called to say "never mind".
Watching Challenger blow up hurt worse. Especially in following months when failure analysis showed it could have been avoided by launching within the allowable temperature window.
They probably did you a favor by not being forced to deal with them down the road.
Unless you were as an engineer directly on Challenger O-Rings, I don't see any reason why anyone would cancel their financial commitment toward a startup project, because of this obvious tragedy.
I went to Clear Lake from 2001-2004. Lot's of friends with relations to NASA and supporting industries. Sad I can't remember the soccer ball being on display.
The entire story thread was really well done. If anything it’s evidence of NASA’s soul as played out in the people who have built their lives around rocket operations.
> The failure allowed heated, pressurized propellants to leak out onto the external fuel tank, causing catastrophic structural failure. Seventy-three seconds into its 10th flight, the space shuttle Challenger broke apart, killing all seven members of its crew. It was 11:39 a.m.
Sigh. It's perhaps silly of me in an age of Bush, Obama, and Trump, but I'm saddened to see this line repeated yet again, 30 years on. Perhaps Malinowski is just echoing old reporting. But a journalist of her caliber seems likely to have run this by NASA. Which suggests NASA PR is still prioritizing spin over integrity, even all these years later.
For those who haven't seen this line before, the template is "<explosion> <fast> <dead>". As in 'the explosion ripped apart the shuttle faster than the blink of an eye, killing the astronauts'. By such word-smithed sleigh-of-hand, NASA would leave readers with the impression that the crew was killed immediately, a quick non-lingering death, without flat-out lying.
One thing we're sure of is that some of the seven were not killed in the breakup at 11:39. I don't recall whether Onizuka's air pack was one of those found, and found to be manually activated. Nor whether there ended up being any evidence of cabin depressurization. But my understanding is that now, as then, there's no reason to believe that some of the seven didn't survive until cabin ocean impact minutes later.
> On the roof of the launch control tower, the families of the crew desperately searched the twin trails of smoke that twisted skyward for signs of the crew cabin.
:/ Perhaps it doesn't matter. It's not that different a story. And there's the "little white lies are fine" interpretation of integrity. Why shouldn't popular history get a prettified version? And given how NASA is funded, embracing integrity might be quite unhealthy. And yet... I'd have been happier if Malinowski wrote this paragraph a bit differently.
Or, given the overall tone of the piece, she didn't feel it necessary to go into those details. I'm sure there are plenty of other details that also went glossed over. Your own tone implies they're lying for a possibly nefarious reason -- what is it? If I'm right, it might be more accurate to point out how she failed to mention the engineer's warnings to NASA and other supervisors about the high risk of failure of the gasket(s), as that, to me, makes them look markedly worse than the astronauts surviving the breakup.
I'm sure it's harrowing to have 2 and a half minutes to contemplate your inevitable death and try fruitlessly to stop it (and even for us to read about it) but I don't think it's nefarious to leave that bit out so much as some degree of respect to the families.
> your own tone implies they're lying for a possibly nefarious reason
Nefarious? Flagrantly wicked, abominable, impious? No, just PR spin - long-term repeated misrepresentation. Unremarkable in politics. Much less accepted in engineering. The question of "to what standards should NASA PR be held?", is indeed a root issue. For NTSB, it would be shocking. For DHS, unsurprising. NASA struggles to survive in a niche much more like DHS than NTSB. But the question repeatedly asked over the years, both within and without, is whether NASA PR weighs political concerns too heavily - to a degree sometimes simply unnecessary - and engineering/science-style honesty too lightly.
> she didn't feel it necessary to go into those details
My focus is not on the piece in isolation. Though one might object to the piece in isolation reinforcing a widespread misconception. But my sadness stemmed from context. From yet again seeing the same, not "trope"... "spin"? - descriptive devices that have repeatedly been used to mislead people.
"Seventy-three seconds [...] broke apart, killing all seven members of its crew. It was 11:39 a.m." Other versions have had timestamps down to hundredths of a second, as if that somehow mattered. Comments like 'too fast for even the computers to notice', or 'if you blinked, you'd have missed it'. Crew deaths from ocean impact have little more connection with T+74 disassembly, than with T+58 plume. Crew experience has little connection with computer and ground observer experience. But NASA PR repeatedly used these same tricks of phrasing to establish and reinforce a misconception. I was just sad to see them yet again, so many years later.
> failed to mention the engineer's warnings
My focus isn't on what is absent, but on what is present - this familiar structure of misdirection.
> as some degree of respect to the families
It's been thirty years. Is the cost-benefit tradeoff really still in favor of continuing to use this same misleading description?
But here's a more upbeat interpretation: Perhaps the author simply modeled the paragraph on one decades old - it is "pretty" - and didn't run it by anyone. So maybe we're just seeing an unfortunate blast from the NASA PR past, rather than anything contemporary.
People who think of themselves as "hackers" ought to be keenly interested in the entire Shuttle program, especially failure cases, and perhaps even more strongly interested in the human elements related to them.
These things were truly marvels of engineering (in both positive and negative respects). The kinds of thought that goes into these kinds of things, and so many other in the physical engineering world, make "hacking" look trite in many ways.
I can remember the numbness I felt in his living room as we watched the Challenger explode. It's something once viewed that you can't unsee. Words fail you in trying to explain it.
I had no idea at the time that there were five engineers who tried valiantly to stop the launch because of the cold weather and failed.
https://www.npr.org/sections/thetwo-way/2016/01/28/464744781...