I will be the first to applaud if SpaceX achieves this goal. I am certain that they want to achieve this goal. But when you look at previous launch vehicles from existing agencies that had over 100 launches, their launch failure rate vary from 1.4% (the Space Shuttle) to 14% (US Atlas) with the Russian Soyuz and European Ariane both coming in somewhere around 5%. SpaceX would have to improve on existing rocket designs by several orders of magnitude just to get to a pretty crappy safety record.
So far SpaceX has had 8 launches with 5 consecutive successes. The initial failures were clearly part of the learning process. But their current string of successes does not provide any statistical evidence that they will prove to be safer in the long run than even the worst major rocket program. Sure they plan to be safe. But safety is based on seeing what happens, not what they planned to have happen.
In this light it is worth reviewing http://science.ksc.nasa.gov/shuttle/missions/51-l/docs/roger... to see how safe people thought that the Space Shuttle would be. Initial estimates of the safety of a launch went from 1/100 to 1/100,000 with the riskier estimates coming from lower level engineers and the safer ones coming from upper management. Whenever you see numbers in the press, it is guaranteed that they represent the view from the top. We should therefore assume that they will prove to be shockingly optimistic until there is concrete data.
First, the Falcon 9 so far has a 100% success rate. The rocket engines are designed to be able to handle having a stainless steel nut pass through the fuel lines without shutting down. More so the vehicle is designed to be able to withstand an engine exploding, even at launch, without damaging the other engines and without preventing the launcher from reaching orbit. And the vehicle has already demonstrated the ability to safely abort on the pad after all the engines have been started.
Second, the launch escape system for the Dragon will be far more capable than anything that's been developed before. Instead of using a separate, heavy solid fueled tractor rocket like Apollo or Soyuz an integrated liquid fueled rocket system will be used. This will provide full escape coverage from the launch pad all the way to orbit, which no manned launcher in history has had. Additionally, the escape rocket will have a high level of redundancy.
Third, the advanced thermal protective system, simple capsule design, and robust drogue and parachute system make atmospheric reentry a lot less risky than, say, the space shuttle or even Soyuz capsules.
Fourth, before a human ever gets in a SpaceX capsule the launch escape system will already have been demonstrated on unmanned launches. By then the confidence in the system should be enormously high.
It's always possible to miscalculate or ignore risk, but SpaceX is doing a tremendous job to increase the reliability of their launcher and to make their manned capsule fundamentally safe by design.
Lets not forget that the two shuttle accidents were as much about a human factors failure, as a systems failure. Make no mistake about it, If a company like SpaceX ever got complacent about safety, it is game over. They will not get a second chance. Remember McDonald-Douglas, and how many DC-10 accidents, that basically forced the company out of the airliner business.
The Launch Escape System on a Soyuz capsule has been used once, in 1983 http://en.wikipedia.org/wiki/Soyuz_T-10-1
Of course if an organization ever gets complacent about safety then things can go downhill, but in the case of SpaceX they have a fundamentally more robust vehicle design, a system with more and safer abort scenarios, and every possible reason to maintain a high degree of vigilance about safety (if for no other reason than their company's image and financial bottom line).
I do agree that design decisions like side-by-side staging of SRBs wasn't the safest choice. Safer abort scenarios is definitely a feature of Dragon.
Good design does magically appear as time goes by but is a result of a sound design and testing process. Fortunately, I am sure SpaceX is aware of this so they will most likely get a much better track record than the space shuttle.
The 1980s ushered in a new era of twin engined widebody aircraft and the phasing out of the flight engineer. These two trijets were consequently a difficult sell, although the MD-11 was competitive with the 747 briefly in the early to mid 90s.
That said, today both planes are (literally) perfectly safe.
The DC-10s problems all stemmed from a bad cargo door latch design combined with insufficient redundancy in its hydraulics.
That is absolutely incredible. Gives new meaning to the phrase "over-engineered" (and not in a bad way).
Do you know off the top of your head what's the failure rate for a generic launch? How much is it saying that the Falcon is at 100% so far?
It looks like the Apollo system had good abort coverage. http://en.wikipedia.org/wiki/Apollo_abort_modes
The shuttle could not pass the tests that SpaceX will demonstrate. Post-Challenger, it was substantially improved, but still had survivability gaps and questions whether the some of the abort modes were truly survivable (especially under the more severe conditions). http://en.wikipedia.org/wiki/Space_Shuttle_abort_modes#Post-...
The best the astronauts could do on the launch pad was a "zip line" escape http://americandigest.org/mt-archives/american_studies/how_t... (with scary pictures: http://www.collectspace.com/ubb/Forum30/HTML/001111.html).
While the SRBs were burning, the shuttle could not abort at all. This is the ascent period when the Challenger was lost.
After the SRBs detached, there were several options to abort, all of them assuming the shuttle was mostly functional. For the first four shuttle launches, the shuttle had ejection seats so the astronauts (two, anyway :-O) could escape a crippled shuttle. http://en.wikipedia.org/wiki/Space_Shuttle_abort_modes
Elon Musk: There must be some ability to experiment to advance the state of the art. In the early days of aviation there was a great deal of experimentation and a high death rate. We don't want that — the public would not be accepting — but by the same token we can't have a situation where no deaths are ever allowed, because that would put innovation in a coffin too.
This claim revolves more around the fact that the rocket can do a powered abort at any time, I think. It's purely liquid fueled, with full ability to shut off and restart the engines. They're also designing the capsule to land on rockets, meaning it won't need to aim at a runway or water - any flat area will do.
Until you have actual experience with the weird stuff that goes wrong in the field, you do not really know what is going to go wrong. And the more complicated the system is, the more true this fact is.
Incidentally I had the opportunity at one point to ask the first software developer ever hired at SpaceX whether he would trust his own software. His answer was enlightening, I wouldn't want to put my life in the hands of someone who trusted his own software, so I'm going to say no.
There is always SOMETHING that can go wrong. You want the person who created your safety system to be a paranoid freak. And you have to pray that they didn't miss something. You hope and pray for the best, but until you have actual data, you don't know how it is going to turn out.
Here's how the Falcon 9 + manned Dragon would abort: the capsule would separate from the launcher as the escape rockets fired, meanwhile the launcher's engines would be shut down (cutting off thrust). The capsule would then coast through the atmosphere until it slowed down then deploy its parachutes when it had slowed down enough and float to the surface.
Here's one abort mode for the space Shuttle: the Shuttle continues to fly until the SRBs have burned out (there's little choice about that) and jettisoned, then the orbiter rotates 180 degrees so that it is thrusting against its direction of travel, the SSMEs continue to run until the forward momentum is cancelled and the vehicle is headed back toward the launch site, then the SSMEs are shut down and the ET jettisoned, the orbiter then glides to an unpowered landing at the KSC landing strip.
Or, how about this one: if the Shuttle's SSMEs cut out during flight then the orbiter rides along until the SRBs burn out, then they and the ET are jettisoned, the orbiter glides a bit until it slows down, then a hatch is opened and a rail is extended out of the hatch, the crew then individually bail out of the vehicle as it is traveling several hundred mph by sliding along the rail (which allows them to avoid hitting the wing) and deploy their individual parachutes, they land in the ocean and are recovered by a search-and-rescue team.
That's complicated, the Dragon/Falcon is utter simplicity.
Given that the shuttle's SRBs were "once they start, they don't stop until they're empty", sometimes more complicated is a good thing.
> Until you have actual experience with the weird stuff that goes wrong in the field, you do not really know what is going to go wrong. And the more complicated the system is, the more true this fact is.
I'm fairly certain SpaceX has been employing people with actual experience.
> Incidentally I had the opportunity at one point to ask the first software developer ever hired at SpaceX whether he would trust his own software. His answer was enlightening, I wouldn't want to put my life in the hands of someone who trusted his own software, so I'm going to say no.
That's why they probably have more than one developer plus QA team.
> There is always SOMETHING that can go wrong. You want the person who created your safety system to be a paranoid freak. And you have to pray that they didn't miss something. You hope and pray for the best, but until you have actual data, you don't know how it is going to turn out.
True, certainly, but the same argument can be used on cars. Things still go wrong, but we can also safely say they're safer than a car from the 1970s.
Yet even with cars, even with the fact that they have experienced designers, when you build a new car model and put it out, you don't always get it right. You don't know what you did wrong. Which is why we regularly see safety recalls issued on cars - even from the best companies - for everything from software updates to changing the floor mat.
Until you see a model in use in the real world you simply don't know. Even if you have experience on a related model, there is the possibility of something new going wrong. Something you would have never thought of. Like the gas pedal getting stuck on a floor mat.
You take into account everything you know about. You run every feasible test that you think is useful. You run tests in simulators, on isolated components, on the whole model. You review and double review your work. You set up safety checklists to verify everything on the spot. But until you actually see the accident data, you don't really know whether you missed something important.
This is true for cars. It is true for airplanes. It is true for rockets. But the critical differences are that rockets are inherently more dangerous, it isn't feasible to do the same number of tests on them, and we don't get nearly as much accident data.
You have to options:
Option 1: Ride in a car with a single button labeled "press to start engines, you will not be able to stop until they run out of fuel". This car has been driven about a hundred times.
Option 2: Ride in a car with a "start engine" button and a "stop engine" button, plus a throttle. This car has been driven several times plus extensive testing on the ground.
"Option 2 is a safer setup" seems like a fair statement.
I like that. There are a million ways you can answer a given interview question that will cost you the job, but there are also a few ways you can make me end an interview and make you an offer on the spot. Under the right circumstances, that answer would be one of those.
And you have to pray that they didn't miss something.
I don't have to do any such thing.
Source? If you're talking about F1-003, you're incorrect. If you're talking about something else, I'm interested.
And yes, I had remembered it wrong from when I watched it a few weeks ago. I remembered the bit about dropping below sea level pressure, but not the rest of the cascade.
A great lesson for software devs.
But I've since learned that it is true in areas far from software.
Well... Considering its predecessor, the shuttle, was one of the least safe rockets ever designed, it's not very hard to improve upon. Use multiple engines, avoid solid rockets (at least the ones that cannot be throttled down), mount your heatshield where nothing crashes on it, keep it simple...
According to http://www.futurepundit.com/archives/000940.html as of 2003, the space shuttle had the best safety record of any rocket design that had been flown to space at least 100x.
That fact would argue strongly against your claim.
First point: When looking at safety we care about injuries and deaths, not the launch failure rate. A broken parked car might not be reliable but it certainly is safe. Don’t confuse reliability and safety.
The two are certainly related – but not one and the same. The biggest problem with the Space Shuttle, for example, is that there is no plan B (most of the time). If you have a launch abort system you can decrease the reliability of your rocket (and thus change the failure rate for the worse) while still being just as safe.
Second point: It just makes no sense to compare manned and unmanned launch systems. Bringing Atlas and Ariane in the mix just makes no sense at all. You can’t meaningfully compare the safety between those launch systems and the Shuttle, if only because it’s impossible for humans to be injured or killed in those rockets.
On a deaths per humans brought to space metric the Shuttle is a horrible performer and very unsafe.
That said, we currently have little reliability data on various SpaceX technologies, and no safety data at all. They are doing everything they should do to make those numbers good, but until those numbers come in we won't know what to think of them.
SpaceX claims their transport is cheaper but they have not claimed it is safer. If they are really aiming for the human transportation business I wonder if the true cost of their rocket ships will be much more on par with existing vehicles. I'm sure they have taken advantage of some optimizations and efficiencies in new technologies and materials. But I also believe one of the reasons the other rockets are so much more expensive is not because they are relying on old technology, but having to satisfy much more stringent government regulations regarding safety, testing, and quality control. The ATLAS V has had 100% Mission Success and that does not come cheaply.
So yes, he is claiming it is the safest, and I think he has good reason to, as your sibling comments explain.
If you read some of the Congressional debate on the commercial crew program you will see that some people question whether or not a commercial enterprise will put the safety of the crew ahead of their own profits, and even the survival of their own company. Their argument is that only a government agency with a mandate for safety can be assured of making that choice even when that results in escalating costs.
It was pointed out in counter arguments that the Challenger blew up in part because NASA launched it over the objections of the commercial provider of the solid rocket boosters.
My personal bias is that while we lost a lot of people doing barnstorming stunts in Aviation, their willingness to put their life on the line allowed things to happen faster than they might otherwise. I am not sure if I could objectively reason to that bias though. I did get a chance to talk to the folks at Scale Composites just after they did their X-prize winning flight and they felt that they were over regulated in the name of crew safety. Nobody objected to regulations to protect the safety of the people down range or nearby, it was constraints on the crew that chafed. A tech remarked that he would not be surprised if they were asked to put an ADA compliant bathroom in Spaceship One at the next review.
Historical safety is indicative of actual safety but not definitive, and not all you should be interested in. The shuttle was almost certainly less safe than its statistics indicate. If every launch delay of more than one day were considered a failure the shuttle's success rate would be very poor indeed.
Another question is how safety statistics are calculated. E.g. The overall safety of cars, measured by deaths per passenger mile, say, reflects many things, not just the engineering of cars themselves (in like manner, NASA's cautious use of the shuttle did much to ameliorate its excessively fraught design). On the other hand, crash safety ratings are prospective -- a five star crash rating won't save you colliding with a semi trailer, driving off a cliff, or into a lake, or having an accident at 120mph, or having your fuel tank explode.
There was an interesting discussion of actual car safety per model in the New Yorker a few years back, with the Toyota Avalon on top, and the VW Jetta second. Who drives a car and how it is driven turn out to be more important than crumple zones.
1. Exploded 25 seconds after launch, rocket parts are still washing ashore
2. Successful transition to second stage, but didn't deploy its payload properly. 1st stage has not been recovered
3. 1st stage engine was 'more efficient than expected' and continued to burn after separation of 2nd, bumping into it. I got to see a video of this at a conference, very sad. But impressive that the 1st stage was able to generate thrust (pressure in its fuel tank was rediculously low). Mostly I was relieved because my satellite was almost on that launch, and now still has a chance of going up.
I wouldn't consider a launch delay/abort a failure in any sense, especially not due to design or related to safety. Every rocket is designed to work within certain parameters, and when those aren't satisfied, the launch is aborted. This can be due to weather (completely out of human control) or malfunction (not the designer's fault). In the case of a design error, operators usually don't know what faults to look for, and then there is a failure.
You bring up an important distinction, though. There is a difference between the safety of a design, and the safety record of its implementations. In the quote in question, Musk promises it will be the "safest rocket ever designed" which doesn't mean that he's promising the safest record, or that it will have the same 100% success rate as other rockets, but that it will be designed to be safe for the astronauts. Already it has a safer design than the shuttle, since it is using liquid rather than solid fuel. That means a launch can be aborted mid-flight, and the crew brought down safely somehow. The shuttle required a man on the ground to be ready to hit a 'kill' switch.
Edit: turns out that the top comment here wasn't actually quoting anything when he put "safest rocket ever designed" in quotes. Musk said "safest, most advanced crew vehicle ever flown," which I suppose could be interpreted as a promise about its as-flown safety record. I still don't see the harm in him saying that, since he's also said that he accepts a non-zero risk of casualties. It's not like the families of dead astronauts are going to sue him over this quote.
I'm not affiliated with SpaceX, nor trying to be a fanboi, but I believe you are distorting things.
 Which did earn them a lot of criticism from the industry, actually
And other than the ones that exploded, NASA never lost a shuttle.
Either world view relies on
"Just trust me, I know"
"The numbers never lie"
Would be potentially problematic.
This debate has been going on for centuries.
Of course rockets are single use. Most rocket designs will never fly even half the number of test program flights a commercial airliner has to undergo. The cost would be (hohoho) astronomical.
A lot of the reliability estimates of spacecraft are really high speculative, and that's a very polite euphemism. I know personally a few people at Nasa involved in human spaceflight, and they say, in unguarded moments at the end of a long day, things like 'well... what the hell does 'man rated' actually mean anyway? does anyone know?'. No one does. Obviously to say 'it will be 99.9% reliable' is very odd - who is going to pay for the several thousand tests required to make a statement like that with any confidence? So yes, take all talk of safety, especially quantitatively, with a pinch of salt.
Interestingly the Skylon (reusable) Spaceplane is down to be qualified to the same standards as a commercial airliner. That might yield some data.
Could you imagine if airplanes were single use? There would no way Southwest could achieve a 45-minute turnaround time
And reliability numbers for man rated parts don't come out of nowhere. They come from extensive simulations and tests, which are then extrapolated. It's not the same guarantee as running thousands of end-to-end missions, but it's better than you imply.
This is the sort of thing where you need to be careful with what you infer, the the sort of thing that often causes engineers to be overconfident in performance and reliability estimates.In reality, they're doing some very initial experiments in vertical landing with a view towards exploring reusability. That is different to your implication that reusability is a done deal.
> They come from extensive simulations and tests, which are then extrapolated. It's not the same guarantee as running thousands of end-to-end missions, but it's better than you imply.
And that's the problem. Notice you're talking about man rated 'parts' and I'm very deliberately not. Many of the mission failures or anomalies in launch vehicles so far have come from parts that work fine on the bench as individual subsystems. It's the lack of full-scale, realistic tests of complete systems that cause problems. There's just not the money for it nowadays. For example, Orion's crew vehicle had budgeted 2 aeroplane parachute drop tests. Apollo's landing module had over 230. Interestingly, they recorded anomalies on over 210 of those.
As for simulations, well one of the catch-phrases in the rocket engine business is 'plumbing never leaks in simulations'.
As for extrapolation, as a datapoint related to a field I have worked in (parachutes for space systems), quite a few of the high profile parachute failures were colloquially summarised as 'they extrapolated without a license'. All the Mars landers the USA have landed so far have used disc-gap-band parachutes of the same design and size that were explored in a set of very expensive and extensive tests performed at high altitudes for the 70s Viking Lander. It's called the 'viking box' and people at JPL know you do not just 'extrapolate' out of it because they've seen what happens when smart, well intentioned engineers do. That's why they called it a box :)
Going back to simulation for a moment, I am familiar with the state of the art of parachute simulation (and fluid-structure interaction simulation in general), and so are they people in charge of the space missions, and that's why they stick to the Viking box. We can barely match that viking data in sims, let alone start wondering out of it into unexplored territory.
Finally a little anecdote from Charles 'Chuck' Lowry, the guy who designed the apollo landing systems, about testing. On Apollo 15 reentry, one of the 3 parachutes failed, the first and only recorded failure of an apollo chute during operations. It was traced back to being because the landing module thrusters had vented their fuel out before landing, but this had ignited on the still hot nozzles on the way out, causing a load of burning fuel to go fly up into the chute and destroy it. Thank god, he said, that it only caught the one and not a second one, else it could have ended very badly.
The parachute system tested perfectly, and the thrusters performed admirably during their entire qualification program and all previous flights. But the combination of these two systems, under real conditions, interacted in such that the consequences were a significant risk to life. 'You ain't tested it till you've tested it', he said.
HN is full of similar examples of outages of things like AWS due to an interaction of failures of parts, systems, and bob the technician not putting the circuit breaks back in exactly the right place after routine maintenance. The space of possible failures rises exponentially with the number of parts, when you consider all the ways they can interact. It's a hard problem to solve and the people at the top are under no illusions about the reliability numbers, they're made for congress and journalists.
I would argue that modern designs that learn from the mistakes of past designs require less testing. Maybe it takes 230 drops to understand the aerodynamics of a falling capsule, but once the knowledge is obtained, it only takes 2 to verify a new capsule works as good as the old one.
So why not simulate leaky plumbing? Computer modeling has come a very long way over time.
'You ain't tested it till you've tested it', he said.... The space of possible failures rises exponentially with the number of parts, when you consider all the ways they can interact.
True, but each new failure requires a series of events more complex than previous failures. You're using a bunch of examples of old failures to imply that new designs will fail in the same way, when the reality is that new designs have the benefit of learning from every single previous failure, and every subsequent failure further increases the reliability of the system.
I'm reminded of Asimov's essay, The Relativity of Wrong. Despite your experience in the field, it seems you're too eager to assume that every new idea can be just as wrong as the previous one. Sure, new space vehicle designs like those from SpaceX may fail in ways we couldn't predict, but that is completely different from saying that they'll be less safe or less reliable than their predecessors, or that they have to fail in all the same ways as their predecessors first in order to prove their success.
Do you have anything to counteract that?
As for the rest, do you have any idea how ridiculous your position is? Based on a misinterpretation of a popular essay about basic science, you conclude that experimental data is less important now than previously. And you're doing this when arguing with an expert in parachute design who is well aware of the current limits of simulations, and several examples of what has happened when actual engineers tried to extrapolate from past designs and models to predict what would happen with a future design.
Furthermore you're doing this with willful ignorance of the fact that every area of technology where people actually achieve high reliability, it is done by people who place a lot of emphasis on actual data from experiment. Simulations are a supplement, not a replacement for that.
Finally your claim, new designs have the benefit of learning from every single previous failure is plain wrong. Anyone who studies this stuff will tell you that people keep making the same types of boneheaded mistakes over and over again. And, people being people, it is hard for us to recognize when we've made that particular type of error again. Therefore we create procedures to automatically catch errors that our organization has proven to have a tendency to make. Those procedures need to include live tests. Furthermore our expectation should be that we will continue to screw up in similar ways to what we have done before, and not that we've learned from the past and now only make more exotic errors.
All of that said, let me repeat. The people working at SpaceX absolutely know this. They seem to be on course to potentially do better than has been done in the past. But until they accumulate an accident record, we won't know how well they've done. (And at this point their designs are in sufficient flux that it will be years before we really can establish a good baseline.)
It seems we were using a different vocabulary and/or arguing along orthogonal axes. My initial impression of your and ballooney's comments was one of excessive pessimism, presumably to temper what you perceived as excessive optimism.
I'm just an interested layman trying to keep people from giving up on the idea of eventually sending people to Mars, because darn it, I really want to go ;), and I'm willing to accept "extensively simulated and unit tested with a few successful integration/flight tests" as good enough for me.
You're not even close! There is no value in nebulous hand-waving statements about 'a long way'- what does that even mean? Did you not read the rest of my message which had very specific examples of how simulation isn't there yet?
And as for simulating combustion (when fuel leaks onto a hot pipe, say), academia are only just scratching the surface of simulating things like combustion instability in very toy problems, where they deliberately induce some perturbation x on a flow y and sample they system at some frequency that will just about tell them if there's a limit cycle going on. This is still so far away from actually being able to simulate a burning rocket engine properly.
Now of course I must encourage you to stop being so literal. It's not like rocket engineers say 'oh no you can't do simulation with rocket engines, because you can't model leaks properly'. That's preposterous and you're the first person I've ever come across who has inferred it so. What it means is that real actual hardware is very much not like a computer program where you can test something against all inputs and be deterministic about how it will respond because a computer is a comparatively simple, discrete thing. It's a vastly different problem to simulate a rocket engine. This saying speaks to the fact that you can't simulate every paramater of something like a rocket engine - it's just not computationally feasible, and there are plenty of people working on these problems who are familiar with the state of the art of estimation techniques too. It's hard regardless. Oh what I wouldn't give for a real world version of Haskell's QuickCheck!
Here's the thing about simulation. It's not, as you might imagine it is, a little local copy of the universe in your pc where you just arrange all the bits at t0 and say 'ok go!' and come back and see that it's worked so your design is fine. Instead you the engineer make the rules and propagate the system through your rules for a bit. If you haven't thought of a scenario, it's unlikely that your simulation will be able to show it. There are not a whole bunch of hidden states.
Now you can do universe-in-your-pc type simulation which produces very realistic looking results, but to simulate something as complicated as a rocket in flight would probably take longer than the age of the universe per second. And there are still lots of assumptions there.
> You're using a bunch of examples of old failures to imply that new designs will fail in the same way, when the reality is that new designs have the benefit of learning from every single previous failure,
This is the sweetest and most endearingly optimistic thing I've read all day. I imagine you ride into work on a unicorn. There's some validity to what you're saying, of course people say 'ok won't try doing it that way' but like with your simulation comment, I think you just don't know the reality of how these things actually work in practice.
I promise you there are still lots of Fuel Slosh Failures (an interaction of the control law and the fluid dynamics of the fuel tank causing the failure of Falcon 1 2nd flight) out there in the wild that you don't pick up till you actually fly the damn thing, despite I'm sure very thorough simulated control systems in computers on the ground by people who have a deep understanding of control theory. Static test fires never picked up the pogo effect ( http://en.wikipedia.org/wiki/Pogo_oscillation ) which blew up a few rockets and caused engine shutdowns in others. None of these are witchcraft, in that engineers perfectly understand them once they've seen them. My point is that you can't come up with them and swat them in advance in every case because there are just too many possible ways things can perniciously interact to cause you problems.
Likewise, 'every single previous failure' is not that many in rocketry, because there have not been that many rockets. It's not like rocket X blew up because it's failure mode Y was The Failure Mode for rocket X. Rocket X probably took with it to the grave several other possible failure modes, it was just failure mode Y that got there first.
The shuttle flew hundreds of time before that bit of foam broke off and put a hole in the wing's leading edge. We might never know that that particular bit of foam was a Loss of Life waiting to happen if something else had blown up the shuttle sooner. I went to the talk, one of the best talks I've seen in the whole of my career in engineering, by one of the lead investigators of the Columbia disaster. He handed around 2 identical bits of foam, about an inch diameter and 2 inches long. They looked a bit like that dense styrofoam you use in roof insulation. Anyway, these were the insulation foam on the shuttle fuel tank. He then showed us a 200,000fps video of their pneumatic cannon firing these samples at a bit of carbon carbon composite of the sort used in the leading edge of the shuttle wing. The first sample collided and then disintegrated into a cloud of dust, leaving the wing edge unharmed. The second sample collided with the wind edge and punched a huge whole straight through. The whole audience gasped. It turns out the 2nd type of foam was 'trivially' different in some small way, that no one thought would be an issue at design time, but that was the composition of the bit of the foam that broke off and put a hole in the shuttle.
Now, that whole audience was an audience of engineers, and we were all shocked. We all knew that if we were asked to simulate it, we'd say 'well, it's a homogenous foam. this kind of density. this kind of young's modulus. this kind of poisson ratio. this kind of hardness. ok that'll do' and simulated with it. But these 2 kinds of foam were basically identical in all these respects, yet their behaviour was vastly and tragically different. Unless you simulate down to the sort of molecular level, simulations just don't show you this stuff.
So I understand as an outsider [I am making an assumption that you are from your understanding, apologies if you are not] why you might think that 'surely' simulation 'should' be able to be good enough 'nowadays' what with Moore's Law and MCMC and so on. But really honestly no, not to the point you're going to catch the kind of outliers that cause problems.
P.S. I'm not arguing either way on whether or not SpaceX will be safer or not than some marker. I'm sure they'll have among the safest launch vehicles ever flown. But my points so far have been 1) Beware people putting numbers or otherwise strong claims on reliability and 2) I've been trying to kick the tyres of the mental tools and reasoning people from a software background bring to bear when trying to understand things like space hardware. There is a lot more to it.
Now this I definitely agree with. I may have misunderstood your initial comment, but I was only trying to argue generally against the idea that Elon Musk is somehow out of line for saying that F9/Dragon will be the "safest, most advanced crew vehicle ever flown" because what else do you expect him to say? "We'll make it, uh, as safe as we can, I guess. Safety's a difficult concept, and rocket science is hard, y'know?"
You and I both have experience in space hardware (my guess is that you have more experience than I), so we both know how rediculous it is to put a number on things, but in this thread, we were arguing the same position from different directions. You against the sentiment of "of course it will be safe" and me against "they can't possibly know how safe it will be." Does that make sense?
The plan is full reusability, except for a few parts that are lost as each stage separates from the rest, and fuel. There is no plan B. http://www.transterrestrial.com/?p=27574
And re: testing, I misspoke. By "part" I didn't mean component, I meant to say "system" but had in mind testing each part of the mission and contingency plan (in addition to end-to-end tests). I, and the engineers at SpaceX, are aware that most failures come from interactions between systems. And by "extrapolate", I didn't mean extrapolate from one part to the entire system, but from N tests to the N+1th test (because when you test as you fly and fly as you test, the actual mission is just another test).
Also, you conflate 'safety' with 'complete system success.' Apollo 15 had a safe, successful reentry, despite the single parachute failure, because there was designed-in redundancy. You can expect similar from SpaceX.
But you are right in that assigning any sort of reliability number is rediculous. On my project, we have analyzed every possible failure scenario we can think of, and come up with contingency plans on top of contingency plans, until we get to the point where so many things would have to be wrong in order for our plan to be used that it's not worth the effort, and we would think on our feet at that point. But still, nobody has bothered putting out a percentage chance of mission success. And nobody has asked the launch vehicle for a percentage chance of correctly inserting us into our desired orbit.
Actually one of the design goals for SpaceX is to develop reusable rockets. According to Elon in an ideal world, this would reduce the cost of a launch by something like a factor of 100. Elon claims that a realistic target is to reduce it by a factor of 10.
Of course as soon as you design a rocket to be reusable, the task of making sure it is still safe after a dozen or a hundred launches becomes much harder.
But I am not a fan of using as yet unproven superlatives. They will have a failure rate. They will have a fatality rate. The only question is what that rate will be. And right now we have no useful data on that.
This contract amount seems to suggest that SpaceX launches will come in significantly lower than the Shuttle - a very good sign for continued space research.
1) SpaceX employs engineers who worked on the Shuttle, thus getting all of their lessons learned for free.
2) SpaceX gets to use facilities NASA built, like launchpads and testing facilities much more cheaply than if they had to build their own facilities. They tested their heat shields at NASA Ames, for example.
3) Everything is cheaper now. Not just raw materials, but imagine the cost savings when every engineer has a (Shuttle Era) supercomputer on their desk. Testing is dramatically less expensive.
4) Everything is better now. The (NASA developed) heat shields are much higher performance than those available in the Shuttle era. The level of computer control is much more sophisticated. Better technology means you can do more with less.
In short, SpaceX has massive, massive advantages over the original Shuttle team. I would hope that they could do more, more safely, at less cost.
But even if you want to grade on a curve, there's something to be said for appropriate use of what you have. It's easy to argue that the Space Shuttle was not a good design, even given 1970's technology, due to political constraints.
I suppose you could ask, "given both political and technical constraints that NASA was operating under, was it a good design?" but I'm not sure what the goal would be of that question. Is anyone blaming individual engineers for management problems?
No wonder we've been stuck.
Didn't realize beer was such an integral part of space exploration.
Hats off, Elon Musk. Hats. Off.
Personally I'm happy NASA spread the money around. The last thing we need is the government to simply build another Boeing or Lockheed. And by that I mean: if SpaceX has 100% of the market because of NASAs funding, I fully expect them to stop competing on price (at some point).
Probably, although you should keep in mind that SpaceX == Elon Musk, since he plans on retaining a majority share.
If SpaceX has 500 successful launches and one blows up and kills everyone on board, it will be sad, but it wont kill them, it might not even hurt their stock if they couldn't have avoided it.
That is a long way of saying the answer is that they probably won't have an issue if they have done a good job on the engineering and find out quickly the root cause of the accident.
I'm obviously not an astro-physicist, physicist, or even that smart of a guy. I just can't help but think there are more efficient ways to get past 100,000ft without brute forcing the problem with rockets
IIRC, it takes 9 km/s of delta-v to get from ground to LEO. LEO is only orbitting at ~7.7 km/s, though, so you can save at least 1 km/s of fuel.
As others have said, schemes like Stratolaunch or SpaceShipOne also get horizontal velocity from the mothership.
Going by raw math, if the Earth were a perfect magic sphere with no atmosphere, you could attain "orbit" at ground-level by accelerating to 7.90 km/s. Then you could Hohmann to LEO with one 0.06 km/s burn to transfer up and another 0.06 km/s burn to achieve a circular orbit, so that's only 8.02 km/s in an ideal world. [Oh, I forgot that you start with about 0.40 km/s from rotation if you are near the equator.]
Oh, finally found a nice reference, on Wiki: http://en.wikipedia.org/wiki/Low_Earth_orbit#Human_use The delta-v needed to achieve low earth orbit starts around 9.4km/s. Atmospheric and gravity drag associated with launch typically adds 1.5–2.0 km/s to the delta-v launch vehicle required to reach normal LEO orbital velocity of around 7.8 km/s (28,080 km/h). It doesn't break those out, unfortunately.
A rocket that reaches escape velocity from Earth can have zero kinetic energy.
And by argument above, do you mean your paranoid rantings about government takeover of SpaceX? Personally, I'm more worried about corporations having too much influence on the government, not the other way around.
As for your nationalisation examples:
1. The gold confiscation had nothing to do with private companies
2. oil nationalisation didn't take place in America
3. I have no idea what in the 70's you're refering to
4. Bailouts: I'm going to go out on a limb and say that SpaceX will never be so integral to the national economy that it can't fail without taking down the whole system. Nor that Elon Musk will take on so much risk that he is in danger of failing.
And you can't have it both ways, Mr. "However, lazy quips aside, the past is not the future." If that's the position you're going to argue from, then you can defend literally any claim about the future, to the point where effects no longer have causes.
If you really want to learn about how moneyed interests have corrupted the US government, you should read _Republic, Lost_ by Lawrence Lessig http://www.indiebound.org/book/9780446576437
2 - oil nationalisation illustrates the power of the political class over commercial interests globally
3 - Google is your friend
4 - The future size of SpaceX is mostly irrelevant as to whether they fall victim to the whim of a politician's nationalisation decree. The only excuse they need is SpaceX took the cheque and, after all, we know Musk didn't 'build it on his own'.
Your 'moneyed interests' point hints that you may be a partisan leftist? Since they are generally uninterested in discussing the facts we should probably stop here. If you are not a partisan leftist, I suggest you get up to speed on the abuse of political power in the West since FDR's Executive Order 6102.
And no, I'm not a partisan anything. The disproportionate influence of those with power in the US is harmful to the interests of every part of the political spectrum, from left to right (including libertarians). With a government more beholden to the people than those in power we might not have better policies or politicians, but at least it would be 'our' fault. This the basic premise of the book I recommended. Which, by the way, was written by a former fan of Reagan and is non-partisan. Would you be so kind as to link me to specific information that you think is well researched and well written, as I have?
1. Oh, so you're saying that the banks were OK with the fact that Americans were still distrustful of them and keeping their money in gold rather than in banks?
2. Are you saying there's a global political class? Besides, the most recent (partial) nationalisation of an oil company (in Argentina) has what seems like the overwhelming support of the people.
3. You're really not giving me much to go on. All I have is "absurd nationalisations of the 1970s" which I'm now guessing refers to more stuff that happened in other countries, mostly not in "the West."
4. The size of SpaceX relative to our economy is relevant if you're trying to say the bank bailout of GM takeover is the precedent that the government will use. And the gov't didn't take a controlling stake in any of the bailed out banks. <s>But, as you say, the future is not the past, so why bother establishing precedent for something?</s>
> after all, we know Musk didn't 'build it on his own'.
That you have never bothered to find out the context in which Obama said that is very telling. Here it is:
> If you were successful, somebody along the line gave you some help. There was a great teacher somewhere in your life. Somebody helped to create this unbelievable American system that we have that allowed you to thrive. Somebody invested in roads and bridges. If you’ve got a business. you didn’t build that. Somebody else made that happen. The Internet didn’t get invented on its own. Government research created the Internet so that all the companies could make money off the Internet.
So, in the sentences before what gets quoted, Obama is talking about "this unbelievable American system" that includes roads and bridges. And it's true that if you built a business, it's likely you did not build the roads or bridges we have today. So, isn't it reasonable to assume that Obama's 'that' referred to those same roads and bridges? Especially when his next point is that government research created the internet. If he really meant to say "you didn't build your business" wouldn't it have been a non-sequiter? And the gov't created the internet "so that all the companies could make money off the internet"
And you can't tell me that SpaceX, of all companies, hasn't benefitted from US infrastructure. They employ former gov't engineers, they transport their rockets between LA, Texas, Marshall Islands, and Florida using roads, bridges, and ports. Paypal wouldn't have existed without the internet. Even if Musk earned his money some other way, SpaceX uses the internet and its technologies extensively. I'm sure most of their employees went to public schools at some point. They're using NASA's launch facilities at Cape Canaveral.
> The point is, is that when we succeed, we succeed because of our individual initiative, but also because we do things together. There are some things, just like fighting fires, we don’t do on our own. I mean, imagine if everybody had their own fire service. That would be a hard way to organize fighting fires.
Pro tip: when someone says "the point is" what usually follows is their point. And in his main point, Obama acknowledges that success is partly due to intrinsic aspects of the individual. And he's not proposing that the government do everything, he's proposing that the government do things like provide fire fighting services. The thing is, those still have to be paid for, which is why he gave that speech asking corporations to pay more taxes.
Here is the same explanation delivered with more humor: http://bit.ly/P2kMWC
If you're still not convinced, what would it take?
 Source of transcipt: http://abcn.ws/MrrLdi
 And there's no question that Elon Musk received help. One example: he was strapped for cash at one point recently and borrowed money from friends (had plenty of assets, not enough liquid assets)
 And even a libertarian would have to agree that the government should do that. Along with national defence, it is a public good http://en.wikipedia.org/wiki/Public_good
 Whether that is the best way to pay for things is a separate debate I'm not interested in having here.
There are practical non-rocket ideas, though, such as the Verne Gun: http://nextbigfuture.com/2010/03/150-kiloton-nuclear-verne-g...
You can be a great deal farther away from the Earth than orbital altitudes, but if you're not actually orbiting, you're going to fall directly toward the surface.
So, make them properly reusable (not just rebuildable, not just reusable only say 5 times, able to turn around and fly again within a week) and you will change everything.
To my knowledge there's only sat launcher in the world that's working towards this, (the Skylon Space Plane) but that's probably 10 years and a few billion dollars away.
I don't know how reusable SpaceX's grasshopper efforts will be (as I intimated above there's reusable and then there's reusable). But I watch with fascination!
Theoretically they should be able to get things in orbit very cheaply compared to rockets. So far those technologies have not worked in practice.
But in space launch, the laws of engineering have tended to be more important. A very reliable reusable rocket is probably going to be a better investment of the marginal dollar than any kind of air launch.
(Unless you are going all the way to things like Stratolaunch, which is riding SpaceX's rocket reliability. The mothership ought to be quite reusable, but building the biggest wing ever in history is going to be a tall engineering order. It remains to be seen which way wins out in the end.)
There's been almost no news since last year, and they weren't included in this round of funding.
I feel that a lot of design overhead is put into making a shuttle or space station safe and livable for humans. Why not focus on the main mission: to conduct research experiments.
I know there is the romantic idea of human space travel, but if it's not ready yet, why not invest more in autonomous systems and more advanced robotics for the sake of conducting the actual mission and sparing the lives of some truly brilliant and extraordinary people (potential astronauts).
We can no doubt learn the secrets of the Universe through robots, and we very much should do so. But there is more to the Universe than just studying it. We should touch it. Play in it. Live in it.
I'll elaborate. There is tremendous risk involved in sending people to space, I'm sure those who sign up for it understand and accept that, but it's a tragedy when it goes wrong given the caliber of people who end up dying. The overhead in designing for human needs (oxygen, water, food, waste facilities, etc) seems like a waste of time and engineering effort until we can better guarantee their safety. Of course I think the time will come when it becomes as safe and accessible as a trip on a 747, but I think an effort in purely autonomous systems that parallels the efforts being done on manned space technology should be considered to serve as a supplemental aid to further space research - a lot of which, I'm sure, would end up contributing to that dream of reaching the stars.
Personally I think that engineering even safer manned spaceflight systems is a good idea and a very worthy goal but I think if our choice was to explore the Solar System with a vehicle no safer than the Soyuz or to stay at home the choice has to be to explore, every time.
The risk factor involved in manned space missions versus a trip to the grocery store has got to be huge orders of magnitude in difference. This is an unfair, and frankly, useless comparison.
>if our choice was to explore the Solar System with a vehicle no safer than the Soyuz or to stay at home the choice has to be to explore, every time.
This is where I can't agree. You have to define "explore" - i.e. the particular objective of that flight on a case by case basis - and ask if it really warrants sending a human being up to do that job. Yes? Then by all means. Do it. No? Then find a safer alternative that accomplishes the same goal and that sheds the challenges of keeping a human being alive in a truly hostile and unforgiving environment. Also, I wouldn't consider sending an autonomous vehicle out to explore as "staying at home".
I get the emotional appeal... I just don't think it's rational for every case unless we really need a human's capabilities in space.
Whether it seems nice or not, one of the experiments being conducted by humans in space is the effects of being in space for a prolonged amount of time on human beings.
Oh I wish they hadn't said that, they said the same thing about the Titanic.
It's a very dangerous attitude, to claim a priori that your design is safer. The Titanic was so safe that it was not necessary to carry enough life boats for all the passengers. That's how safe it was. Once your focus is on the incredible confidence you have in the safety of your design, it's not on actual safety anymore, it's on making bold and confident advertising claims. It's hubris and there's a long history of what follows from it.
Prior to the Titanic sinking, most ships didn't carry enough lifeboats for the passengers on board. This is was because the SOP was to ferry passengers to nearby boats if a ship was in trouble.
Now, the problem with the Titanic was that there were elements of hubris in the first sailing, and probably recklessness on that part of the captain. Like any big disaster, it was a cascading failure. But they didn't underquip it with lifeboats because they thought it wouldn't sink. They underequipped it because that's what was the norm at the time.
Probably the thing that changed the most with the Titanic sinking was the fact that plenty of important people went down with the ship, plus the sheer number of people lost.
They are not claiming to be designing a rocket that cannot fail, but rather one that fails safe (though low failure rate is undoubtedly a high priority for them.)
I do not see how such an attitude could possibly be a liability. What is preferable?
Edit: I'm trying to understand your point of view. Is your issue that the are trying to make it the safest, or that they said that they are trying to make it the safest?
The article doesn't say they are trying to make it the safest and it doesn't say they said they are trying to make it the safest.
The article says it will be the safest, even though it hasn't even been tested in flight.
"SpaceX, along with our partners at NASA, will continue to push the boundaries of space technology to develop the safest, most advanced crew vehicle ever flown."
That reads to me as "We are working hard with the goal of making it the safest." They haven't done it yet, but they are stating what they hope to do.
Anyway, I think you are looking at this too hard.
This article is not just the unqualified opinion of the blog SpaceFlight Now, the article is a word for word printing of the following official Space-X corporate Press Release, exactly as quoted. It is an official claim by the company.
This is from a company that has faced criticism from prominent figures that safety would be an issue simply because they were not NASA. It only makes sense that they would place a high emphasis on safety in their public relations in light of that.
Not to mention this is coming from a company who's president said just a few days ago, "In the early days of aviation there was a great deal of experimentation and a high death rate. We don't want that — the public would not be accepting — but by the same token we can't have a situation where no deaths are ever allowed, because that would put innovation in a coffin too."
This simply is not a company that is taking the safety of their craft for granted.
I still don't understand what you think their attitude towards safety should be.
Maybe they should release an app that puts some filters on your photographs.
It is a brave man that gets in to bed with the government thinking he can withstand the intolerable pressure they can bring, if they decide, to bend his will.
How likely do you really think that is?
Surely, it is for the oracles to strike a claim on future events, but when you consider gold confiscation in the 1930s, oil nationalisation in the 1950s, the absurd nationalisations of the 1970s, and the crony-saving bail outs of the 'Too Big to Fails' in recent years, it is obvious, I would think, that politicians are happy to corrupt the free market when it benefits their short term interests.
Individual contractors, however, can and do get hired by the government, but it depends on the NASA center. Most of the people at Goddard are actually contractors, not government employees, I believe.
Probably not zero, if you are genuinely interested. However, lazy quips aside, the past is not the future.