As I understand it, on crewed flights of the Falcon 9 the AFTS is somehow integrated with the abort system so that it is impossible for it to detonate without the capsule having a few seconds to get to safety first.
I don't see how this would work for Starship, since it won't have an abort system.
If the booster is still firing, then starship will have to have a greater acceleration than the super heavy booster in order to separate. On F9 Crew this is done by the abort system, which is able to accelerate the crew capsule away at a higher acceleration than the whole F9 stack is experiencing at the time.
The real question here is what happens with a crewed second stage that has a problem with its engines/fuel. We’ve yet to see designs for the crewed interior beyond very conceptual stuff.
This same question was asked in the early years of commercial aviation. In the end, the industry (mostly) settled on aircraft designs that could passively glide reasonably well enough to land (sometimes). But some aircraft, e.g. military jets and Cirrus, came up with different answers (parachutes for the crew and for the whole aircraft, mostly).
We'll see how the commercial spacecraft industry deals with this, but I do think that we are at far too early of a stage to start expecting progress in this area. The first few decades of commercial spaceflight will be dangerous just like the first few decades of commercial aviation, or for that matter the first few centuries of commercial shipping. The answers, varied or uniform, will be interesting and I hope that I'll be around to see them.
I believe that the crewed version is way in the future when operations are much better understood. There’s no chance in hell they’re catching that 2028 window to march.
As ceejayoz said, "Death". The system WillPostForFood mentioned is indeed, as he said, extremely limited.
In the very first missions with only two astronauts, the shuttle had ejection seats. They were removed when more than two people flew at a time, because a) it is not possible to add more, and b) crew ride on two decks, not one.
After the loss of Challenger serious consideration was given to designing some sort of escape capsule for the entire crew, but it was decided that the weight and practicality considerations were not worth it.
The bottom line is that it is impossible to design any practical means of high-speed travel that can cover all eventualities. A century of extensive experience has led to air travel being the safest way to travel on average, but there are still fatalities. Maybe once we have a century of experience with Starship and its descendants we'll be able to say the same about space travel.
> Space Shuttle didn't have an escape system either
To be pedantic, the early flights had ejector seats for the pilot and commander, and the post-Challenger orbiters had a 'fire-pole' bail-out system. These systems could only be used in a very limited set of circumstances.
To compare with other launch methods, you'd need to use the same metric.
IIRC, Soyuz is actually more deadly, but it's been some time since I've seen the stats. Both Soyuz and the Space Shuttle are by far the most deadly form of transportation.
Broadly the same - 7 seats a launch, about 2 failures in about 150 launches, or 14 seat failures in 1000 seat launches. The early launches didn’t have 7 people on but it’s not really relevant.
Worryingly for the shuttle the second failure was well into its lifespan. 5 failures in 50 launches then no failures for 200 more launches is better than 1 failure every 60 launches despite the second being theoretically better from the numbers.
You can either use 14/833 crew positions (individuals flew more than once), or 14/355 actual people who ever flew on the shuttle. You could also use 2/135 missions. I suppose an argument could be made for 2/269 as well if you want to count launch and reentry as separate risk events.
> Imagine explaining to the court that the passengers were blown up by your AI algorithm...
Autonomous flight termination systems are not "AI". It uses an on-board GPS and INS to figure out where the rocket is. It applies a pre-defined set of rules to the state vector and if any one of the rules fail it terminates the flight. You can read more about them here: https://www.gps.gov/cgsic/meetings/2019/valencia.pdf
It's not AI at all. It just has preset border conditions in terms of flight corridor and probably, predicted/calculated impact point if engines go out at that moment, and blows rocket up if they are violated. It's hard logic, comparison of some variables with set thresholds, not some "thinking".
Yes. I'm sure they apply all the mitigations possible.
Worth mentioning that the previous state of the art solution relied on a radio link too. Not sure if it was an implementation where jamming could led to flight termination, or where jamming could lead to failure to terminate a flight. But jamming, and resistance to it, was a concern even before autonomous flight termination.
I'm pretty sure Falcon 9 carrying crew has an AFTS. Challenger was destroyed by an FTS system as well despite having crew on board. I think it's just a risk you have to take to go on a rocket ride.
No. The shuttle broke up when the overall stack became unstable due to the right hand SRB separating because a strut that attached it to the external tank failed (due to a blowtorch effect from a failed O-ring). The Challenger orbiter ended up 'on top' and broke into several chunks - without involvement of any FTS - because of the aerodynamic stress (one of these chunks was the crew compartment). The SRBs were destroyed by their FTS systems, but this was more than 30 seconds after Challenger broke up. The ET simply disintegrated.
[Edit] added emphasis that the orbiter break-up (and destruction) was not due to any FTS.