

Richard P. Feynman's reports - Aarvay
http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/rogers-commission/Appendix-F.txt

======
PaulHoule
The official predicated catastrophic failure rate for the Shuttle has been
about 3% per launch from the time that the design was finalized. Various
upgrades to improve safety haven't changed this number, since the "unknown
unknowns" the dominant failure mode.

This failure rate, of course, was close to what we observed in experience.

What's funny about this is they were planning about 50 launches a year at the
beginning, which, if they believed their own numbers, would have mean the loss
of a vehicle and crew every year, and the complete destruction (or
replacement?) of the Shuttle fleet on the time scale of five years or so.

The first failure (much like Three Mile Island) could be dismissed as a fluke,
a problem which could be fixed. The second failure (like Fukushima)
represented a typical failur e mode -- there was a lot of hand-wringing over
the ceramic tiles on the first few shuttle flights, and after a few flights
without a disaster, NASA assumed there was nothing to worry about, and that
was wrong. The shuttle program was ended because there's no way to make the
ceramic tiles safe.

Now, Fukushima is an extreme case of a failure -- it was probably the worst
built nuclear power plant in the most dangerous location, but it represents
the most likely LWR failure mode: not a stuck valve or simple operator error,
but a major catastrophe that prevents cooling of the core and spent fuel.
Unlike the shuttle, we can make that a lot less likely.

~~~
rbanffy
> The shuttle program was ended because there's no way to make the ceramic
> tiles safe.

Well... You could go the Buran route and put the engines on the booster. Then
you could put the shuttle on the top of the booster and keep it safe from
falling foam, with the added benefit of having some extra cargo space.

The VAB would have to go through some refurbishing.

~~~
PaulHoule
There's a lot of great technology from the Shuttle, such as the avionics and
the engines, that could be worth reusing. A lot of research work was done on
Shuttle derivatives in the 1980's, but nobody was interested in making the
investment to retrofit the VAB and the launchpad.

That, of course, is one of the great challenges of making improved launch
vehicles. You ~might~ be able to lower the operations cost by investing in
research and a new design, but the cost of the research is guaranteed to be
high.

Falling foam is the threat to the tiles that everyone is thinking of (because
it's happened), but it's not the only thing that can damage them. The tiles
also have the big problem that they're expensive to maintain.

There are many alternative concepts for heat protection for re-entry, but
there's no interest in making expensive research investments in something that
could fail. Manned spaceflight is going back to 60's era ablators because we
know they work.

~~~
rbanffy
To be sincere, the idea of sending a 737-sized reusable spacecraft to LEO when
it usually lands empty is not practical.

You could send the the payload up on non-reusable vehicles and, after a couple
trips, send a reentry vehicle to bring down anything that still can be reused.

------
thirsteh
"Only realistic flight schedules should be proposed—schedules that have a
reasonable chance of being met. If in this way the government would not
support NASA, then so be it. NASA owes it to the citizens from whom it asks
support to be frank, honest, and informative, so that these citizens can make
the wisest decisions for the use of their limited resources. For a successful
technology, reality must take precedence over public relations, for Nature
cannot be fooled."

Great guy. Also: <http://www.haveabit.com/feynman/14002>

~~~
Aarvay
He's the most influential person!

~~~
cema
Influential on scientists and engineers. Not sufficiently influential on
bureaucrats and managers.

------
pdx

        There is not enough room in the memory of the main line computers
        for all the programs of ascent, descent, and payload programs in
        flight, so the memory is loaded about four time from tapes, by the
        astronauts.

------
boredguy8

      There are perpetual requests for changes as new payloads and new demands 
      and modifications are suggested by the users. Changes are expensive because 
      they require extensive testing. The proper way to save money is to curtail 
      the number of requested changes, not the quality of testing for each.
    

Preach it.

~~~
pjscott
Streamlining the testing process is also a good option.

------
andrewljohnson
It must have been great to be the software team when this report hit. It's the
only part of the engineering Feynman thinks is really good:

"To summarize then, the computer software checking system and attitude is of
the highest quality."

And this is a good example of Conway's Law too, that software grows to
resemble its organization. You can imagine that the software team at NASA
during this time was the very bleeding edge of software - it was a somewhat
new field, and they were doing the most dangerous stuff. I bet they recruited
bright people, and those people's only assumption was that failure was not an
option. They were probably used to their software failing all the time - they
planend for the worst, and expected the worst, and had no preconceptions about
their own abilities.

Compare that to the hardware side of things, probably filled with old-school
aviation engineers who had been around the world a few times. The managers
making the 1 in 100 calculations were probably hardware guys in the past too,
because there weren't too many 45 year old programmers when this report came
out.

And so they go in, with experience that says airplanes don't crash very much,
and a space shuttle is just a big airplane. Cue the bureaucrats with their
deadlines and budgets, and mix that with the arrogance of once-technical
aviation engineer managers, and a 3% failure rate still sounds pretty rosy.

------
keithpeter
"When playing Russian roulette the fact that the first shot got off safely is
little comfort for the next."

Love the quote, and something to bear in mind when evaluating less drastic
forms of hazard. Anyone care to comment on Tufte's take on the graphics used
by the Thiokol engineers? See

<http://www.asktog.com/books/challengerExerpt.html>

