Hacker News new | ask | show | jobs
by mehrdadn 2913 days ago
> The night before the launch, Ebeling and four other engineers had tried to stop the launch. Their managers and NASA overruled them. That night, he told his wife, "It's going to blow up."

This sent chills down my spine... the world just shouldn't be like this.
3 comments
T-hawk 2913 days ago
One important piece of data to correlate with that: how many times previously had engineers issued similar warnings for launches that then proceeded fine?

Warning fatigue is a thing and reasonable to wonder whether that happened at all here.

link
InclinedPlane 2912 days ago
It was a specific warning about the vulnerability of the O-ring seals in low temperatures (precisely the mechanism of failure that doomed the Challenger). It was an unusual, specific, and high profile warning which was effectively overruled by NASA management. The guidance was to avoid launching in such low temperatures, the response was: "My God, Thiokol. When do you want me to launch? Next April?" That from Lawrence Mulloy at NASA MSFC. This is a pretty clearcut case and nothing like "warning fatigue".
link
T-hawk 2912 days ago
The question isn't whether O-rings had ever been warned about before; it's whether and how often there were ever any warnings of equal specificity and high profile to this one. "Go fever" accumulates from overriding previous warnings that didn't materialize as a threat.
link
nashashmi 2912 days ago
Maybe it wasn't warning fatigue then. It might be overthinking fatigue. I guess missions have gotten delayed before for so many reasons and this time they just got tired of "doing it again."
link
InclinedPlane 2912 days ago
This is a well studied problem, it wasn't overthinking, it was "go fever", specifically in the form of "Normalization of Deviance" [1].

Morton-Thiokol and NASA set criteria for safety margins on the Shuttle system. And the Shuttle kept on violating those safety margins again and again. Instead of grounding the fleet or studying the problem further or attempting to ameliorate the problem the safety margins were loosened, deviance was normalized, unsafe operations were normalized. And those who called out the legitimate safety problems with the Shuttle were harassed and derided because their views differed from the orthodoxy (that a Shuttle loss was a 1 in 100,000 probability) and got in the way of their goals (the high flight rate of dozens of launches per year that were necessary for the Shuttle system to meet its promises).

Later analysis of the Shuttle system [2] has indicated several other potential key failure modes that could have caused a loss of vehicle and crew, especially during the early flights. Not just the SRBs and the thermal protection system (the weaknesses which doomed Challenger and Columbia) but other systems such as the APUs, SSMEs, flight software, etc. led to a risk of catastrophic loss as high as 1 in 10 during the first several years of flights, 1 in 20 around the Challenger disaster period, 1 in 50 during the return to flight period after Challenger, and about 1.1-1.3% during the post-Columbia period.

1: https://en.wikibooks.org/wiki/Professionalism/Diane_Vaughan_...

2: https://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/201100...

link
Gibbon1 2912 days ago
> that a Shuttle loss was a 1 in 100,000 probability

I'm not sure how anyone could say that with a straight face.

Serious events happen with commercial aircraft at a rate of about 1 in 1M. Figure that a rocket is inherently 100X more dangerous. And that the lack of repetitive experience with rockets bumps the risk another 1:100. Meaning you build a lot of aircraft and fly them all the time you get good at knowing where the design holes are. Also consider that each serious failure when mitigated improves the odds of the rest of the fleet. You don't get that when you're only flying a dozen flights a year.

Est risk: 1X10-6 X 100 X 100 gives 1% chance of loss.

Notable the Apollo program flew 15 flights 3 had serious failures[1][2] and 1 near loss event (Apollo 13). For consideration the Saturn V was a well tested conservative design which the Shuttle was not.

[1] Apollo 6 and 13 had early engine shut downs due to failures of the S-II engines.

[2] Apollo 12 lightning strike took out the command module computer.

link
InclinedPlane 2912 days ago
The '80s in particular were a time of greater trust in government and greater mass conformity in popular culture. The media by and large did not challenge these absurd estimates, nor did schools, nor did, largely, the public. At the time NASA was near the peak of its reputation. It had achieved the moon landing, it was the middle of the Cold War were NASA's achievements were an important battleground, and so on. Overall the tendency was to simply defer to NASA's judgment.

There was also a bit of self-delusion going on. The Shuttle system was, by design, the backbone of spaceflight (manned and unmanned) in the US at the time. On the one hand you could believe that the Shuttle system was a modern miracle, fully capable of achieving (or nearly so) its design promises of cheap and ubiquitous spaceflight, ushering in a new space age, including the launch and assembly of a next generation space station in the near future, and possibly including the realization of manned missions to Mars within the next decade or two. The competing view, that the Shuttle was a risky launch system that could never achieve its design promises even within an order of magnitude, was a vastly depressing (though in retrospect realistic) one. Holding that view meant that we would have to go back to the drawing board and spend maybe another decade building a new launch system that would reset us back to the way things were in the 1960s, and then we'd have to slowly crawl our way toward incremental progress. That was a very difficult truth to accept, ironically more difficult the more you were invested in space exploration.

Sometimes reality is a tough pill to swallow.

link
TheOtherHobbes 2912 days ago
A much more rigorous analysis was done for the Shuttle program, and the estimate of the risk of vehicle loss turned out to be very close to reality.

There was some coverage of the relatively high risk values in the popular science press well before Challenger happened.

link
mehrdadn 2913 days ago
Yeah, very true. I did wonder about that a bit, and also how dire the previous warnings were, if any. "It's going to blow up" sounds like something that a good engineer shouldn't be saying very often about successful flights.
link
londons_explore 2913 days ago
In some working environments issuing a warning is enough to get you off the hook for something going wrong, so it might be that nearly every flight had a warning so the engineers were never responsible...
link
freeopinion 2912 days ago
These were not throw away warnings. These were fervent efforts to stop the launch. This wasn't somebody trying to protect their job. This was somebody risking their job.
link
deelowe 2913 days ago
Look up Bob Ebeling. He definitely knew it wouldn't survive.
link
BrandonMarc 2906 days ago
Texas A&M's engineering program has a required course called Engineering Ethics. A portion of the course is devoted to analyzing the Challenger disaster.

During a late-night teleconference the night before the launch, the engineers pleaded with their managers not to launch. One decision maker was told, "Take off your engineering hat and put on your management hat," and he reluctantly changed his mind (a decision he has regretted for decades, of course).

It's also telling that, after the decision was made to approve the launch, none of the engineers agreed to sign off.

https://www.engineering.com/Blogs/tabid/3207/ArticleID/170/c...

link
CloudNetworking 2912 days ago
It's amazing how I've never heard of this story before and how much I've heard about Gagarin's friend knowingly dying to save Gagarin's life...
link