NASA Advisers Say SpaceX Rocket Technology Could Put Lives at Risk

[workshop35]

Fueling with crew onboard is FAR more dangerous than approaching a fueled vehicle, thats crazy

 

[Aireoth]

There were multiple investigations into why Challenger failed. The potential issues with the SRB joint that ended up failing had been declared an acceptable flight risk during production (partially because some information was withheld by the manufacturer), eventual SRB upgrades were planned to further mitigate the risks. When NASA gave the go to launch Challenger that day they believed they were operating within their safety margins even with the low temperatures that morning.

The Shuttle was an inherently dangerous vehicle forced upon NASA by political forces during the post-Apollo era.



SpaceX has abort options for the crew on the pad and during the ascent. The abort procedure for Shuttle crews on the pad and during most of the ascent was to kiss your ass goodbye...

This complaining about fueling sounds like desperation. NASA is rapidly losing justification for spending billions of dollars on the Space Launch System now that SpaceX has demonstrated reusable heavy lift.

Your excuse for NASA still makes little sense. Again, if you can nullify the marginal frequency by just loading after fueling, why not?

It's rocket fuel, if there is a spark during fueling, your dead.

 

[NoOther]

Fueling with crew onboard is FAR more dangerous than approaching a fueled vehicle, thats crazy

Why? So it is better for them to fuel the rocket, board the crew, and whilst boarding the crew continue to top of the tanks with superchilled oxygen? That seems like a far more dangerous proposition. At least if the crew is boarded first and secured, then the LES can activate safely and remove them from the situation. If something happens while they board, then they are not secured and may be injured.

Again this is a case of NASA being too risk adverse to try newer processes that are safer and more efficient than ones that have come before. The shuttle never had an escape system and it was constantly being fueled while crew was being loaded. Topping off tanks is still a fueling procedure.

Your excuse for NASA still makes little sense. Again, if you can nullify the marginal frequency by just loading after fueling, why not?

It's rocket fuel, if there is a spark during fueling, your dead.

Because it isn't as simple as that. The fuel needs to be super-chilled in order to achieve its effectiveness. If you fuel before you load, the fuel warms up too quickly and loses its effectiveness. Even the shuttle had these problems. The shuttle was constantly being topped off while astronauts were loaded. This is even more dangerous since something could happen while they are being loaded and you are topping off tanks.

 

[hexamon]

When SpaceX say's fuel and go is safer there is a good reason to believe them. They have an absolutely massive advantage no one else has, they can inspect their landed stages. Everyone else has to simulate things and guess at what is happening during an actual launch. SpaceX can inspect their already flown rockets and see exactly what happened. Their block 5 rocket that is launching soon has a bunch of changes that are the result of things they have learned from that.

 

[kju1]

Fueling with crew onboard is FAR more dangerous than approaching a fueled vehicle, thats crazy

No its not. The risk of an explosion is exactly the same with or without the crew on board.

 

[workshop35]

Why? So it is better for them to fuel the rocket, board the crew, and whilst boarding the crew continue to top of the tanks with superchilled oxygen? That seems like a far more dangerous proposition. At least if the crew is boarded first and secured, then the LES can activate safely and remove them from the situation. If something happens while they board, then they are not secured and may be injured.

Again this is a case of NASA being too risk adverse to try newer processes that are safer and more efficient than ones that have come before. The shuttle never had an escape system and it was constantly being fueled while crew was being loaded. Topping off tanks is still a fueling procedure.



Because it isn't as simple as that. The fuel needs to be super-chilled in order to achieve its effectiveness. If you fuel before you load, the fuel warms up too quickly and loses its effectiveness. Even the shuttle had these problems. The shuttle was constantly being topped off while astronauts were loaded. This is even more dangerous since something could happen while they are being loaded and you are topping off tanks.

The crew abort system is meant as an emergency measure. It's meant to mitigate a risk that has been identified to make the process acceptable. This process is the launch of the vehicle where you can't do anything else to improve the odds of survival in case of an accident. What if the abort system fails? What is the crew is so adversely affected by the g-forces that they cannot attempt another launch? All of this other risk is negated by simply waiting to board until the fuel system has reached a stable state. You can armchair engineer this all you want but it flies in the face of 50+ years of tried and true procedure.

 

[workshop35]

No its not. The risk of an explosion is exactly the same with or without the crew on board.

The time when the vehicle is fueling is a much more critical point than when it is already filled. If you're going to have a failure, you will most likely have it when the transfer is occurring.. Once the system is full and stable its in a safer state.

 

[kju1]

The crew abort system is meant as an emergency measure. It's meant to mitigate a risk that has been identified to make the process acceptable. This process is the launch of the vehicle where you can't do anything else to improve the odds of survival in case of an accident. What if the abort system fails? What is the crew is so adversely affected by the g-forces that they cannot attempt another launch? All of this other risk is negated by simply waiting to board until the fuel system has reached a stable state. You can armchair engineer this all you want but it flies in the face of 50+ years of tried and true procedure.

Because thats the way we have always done it is a merit less argument. The fact remains: the risk of an explosion is identical in both scenarios.

Also you basically just made the argument that airbags are worthless in cars because they might fail.

The time when the vehicle is fueling is a much more critical point than when it is already filled. If you're going to have a failure, you will most likely have it when the transfer is occurring.. Once the system is full and stable its in a safer state.

You missed my point. The fueling procedure is identical with and without crew. Ergo the same risk of explosion. The only difference is will it involve people on board or not. It is NOT inherently more risky to put people on board. People on board does not change the odds of an explosion. All it does is increase the damage in the event of an explosion.

 

[workshop35]

Because thats the way we have always done it is a merit less argument. The fact remains: the risk of an explosion is identical in both scenarios.

Also you basically just made the argument that airbags are worthless in cars because they might fail.

youre not understanding what I wrote and have obviously never done a risk analysis. You can't compare a rocket launch to driving a car. If your airbag doesn't deploy, you might die but people have survived crashes before every car had one. When's the last time you saw an astronaut survive a launch failure? they're not even on the same level of risk.

"the way we have always done it" has merit in this case because these things have blown up in the past, and very recently. And a cryogenic fuel system is at its most unstable point while it is initially fueling. It will most likely expose any failure points while the transfer is happening.

 

[NoOther]

The time when the vehicle is fueling is a much more critical point than when it is already filled. If you're going to have a failure, you will most likely have it when the transfer is occurring.. Once the system is full and stable its in a safer state.

Except when you are continuing to top it off while crew is boarding.

The crew abort system is meant as an emergency measure. It's meant to mitigate a risk that has been identified to make the process acceptable. This process is the launch of the vehicle where you can't do anything else to improve the odds of survival in case of an accident. What if the abort system fails? What is the crew is so adversely affected by the g-forces that they cannot attempt another launch? All of this other risk is negated by simply waiting to board until the fuel system has reached a stable state. You can armchair engineer this all you want but it flies in the face of 50+ years of tried and true procedure.

Umm what? That statement makes zero sense. Again, you aren't actually researching or listening to the reasons behind the change. They have been pointed out numerous times. The risk is marginal, especially compared to the risks that would be incurred by loading the crew first and then continually topping off the fuel while they are boarding. Why is that somehow much safer? You really are making no sense, you are too attached to the risk adverse cutlure of NASA where you can't comprehend the added measures that have come since. The multiple safety measures that are included in the SpaceX launch systems are far more than NASA had before. Yet you want to argue over the fuelling which is a marginal risk?

 

[workshop35]

Except when you are continuing to top it off while crew is boarding.



Umm what? That statement makes zero sense. Again, you aren't actually researching or listening to the reasons behind the change. They have been pointed out numerous times. The risk is marginal, especially compared to the risks that would be incurred by loading the crew first and then continually topping off the fuel while they are boarding. Why is that somehow much safer? You really are making no sense, you are too attached to the risk adverse cutlure of NASA where you can't comprehend the added measures that have come since. The multiple safety measures that are included in the SpaceX launch systems are far more than NASA had before. Yet you want to argue over the fuelling which is a marginal risk?

There's not anything more I can say about this since you obviously have never been exposed to any of this other than reading about it on a screen.

 

[NoOther]

There's not anything more I can say about this since you obviously have never been exposed to any of this other than reading about it on a screen.

Right, that is why I know a lot of the details involved, especially why they are doing this and you can only keep recanting the same mantra. Because no advancements can happen in 50 years to improve safety, like the numerous extra safety measures that are included in SpaceX launches that were not included in NASA launches previously. Or the more detailed analysis that SpaceX has done with NASA over their launch procedures?

How is it that I can provide details and information, but somehow I obviously have never been exposed to any of it? While you provide zero details except for the same comment over and over again, and yet somehow you are the authority? Please.

 

[BSmith]

Ok, I did not read all the posts, because it became quite apparent I was going to have too many quotes to respond to. So, nutshell time!

Isn't SpaceX developing that escape pod that's quick enough that even if the whole thing blows up anywhere during fueling and liftoff it can still get everyone to safety?

The acceleration to safely move a pod away from a launch pad explosion, at the time of the explosion, would crush the occupants due to the g-forces invloved.

"NASA Advisers Say SpaceX Rocket Technology Could Put Their Jobs at Risk"

You do realize NASA contracts with SpaceX for launches too?

Right, and which rocket is the one that doesn't pose any risk?
The space shuttle that only blew up twice in its service life thanks to some incredible luck?

The space shuttle accidents were both due to poor design choices, not procedural choices. They were also compounded by pressure to launch or lose more funding from Congress. it was not a pleasant time to be at NASA.

You could certainly say that, and many did after Challenger. And then Columbia happened. Since nobody lost their job either time there's no real evidence that they did learn their lesson. (That is to say, they might have, but we haven't got evidence of it yet.)

After Challenger, the shuttles solid rocket boosters were redesigned to prevent the issue from happening again. They also changed procedures for launch day to hold off if there was any appearance of ice on the external rockets or tank.

After Columbia, they changed the adhesive for the tiles, and they instituted a manual inspection routine before re-entry burn to see if any tiles are damaged.


NASA never lost a life to a purely procedural error and that is what they are talking about here. A procedural advisory.

 

[Derfnofred]

The fact that none of us actually have hard data (or if we do probably not privy to share it) and are trying to make black and white value judgments says more about us than the back and forth between NASA and SpaceX. The issue is obviously grey and risk factor calculations in this realm have historically been pretty speculative. So, there's merit to both the argument that NASA is being too risk averse AND that it has good reason to be so.

My uncle did quite a lot of imaging/flow visualization of the last few shuttle launches to give a clearer picture of the vortexes being shed during max Q WRT Columbia. (And a lot of other really cool flow vis stuff, but that's at least one test germane to the conversation)

 

[NoOther]

NASA never lost a life to a purely procedural error and that is what they are talking about here. A procedural advisory.

After Challenger, the shuttles solid rocket boosters were redesigned to prevent the issue from happening again. They also changed procedures for launch day to hold off if there was any appearance of ice on the external rockets or tank.

After Columbia, they changed the adhesive for the tiles, and they instituted a manual inspection routine before re-entry burn to see if any tiles are damaged.

So let me dissect this for a second... How is adding an inspection of the boosters (procedure) not something added because of a procedural error (not inspecting)? Those two don't seem to go together...

The acceleration to safely move a pod away from a launch pad explosion, at the time of the explosion, would crush the occupants due to the g-forces invloved.

Also I am curious, this system was already tested and information gathered which showed the crew would be in good health following the procedure.

 

[KedsDead]

I have not read all the posts here, but I would like to point something out. Putting gasoline in your car, puts not only your life at risk but the other around you as well. I think that NASA stating that fueling the rocket while it is ready for launch is risky, is just a scare tactic.

Its a risk vs reward system.

 

[BSmith]

So let me dissect this for a second... How is adding an inspection of the boosters (procedure) not something added because of a procedural error (not inspecting)? Those two don't seem to go together...

I was careful to they had not lost a life purely due to a procedural error. In other words, no death has been directly attributable to a procedure not being followed at the time of the death. It does not mean procedures have not been changed due to any given circumstance which dictated a need for that change.

By the way, there was an inspection of the boosters, but it was not in depth enough to catch the problem. A procedure short-coming, but the real problem was the design of the boosters which allowed the problem to exist in the first place.

Does that clear it up?

 

[NoOther]

I was careful to they had not lost a life purely due to a procedural error. In other words, no death has been directly attributable to a procedure not being followed at the time of the death. It does not mean procedures have not been changed due to any given circumstance which dictated a need for that change.

By the way, there was an inspection of the boosters, but it was not in depth enough to catch the problem. A procedure short-coming, but the real problem was the design of the boosters which allowed the problem to exist in the first place.

Does that clear it up?

No, it doesn't because you are merely splitting hairs at this point. If the crew are loaded after the initial fueling, then they have to top off the tanks and it explodes, is that not the same as if they load the crew first, then fuel and it explodes? In either case you still need to load fuel. In the second case the crew is already secured and abort procedures in place, in the former, the crew may not be reasonably secured and abort may be unsuccessful.

 

[BSmith]

I never said a word about the procedure advisory. I do not know if NASA is right or wrong and did not give it much thought. I was responding to several posts which also did not say much about the advisory either. You pulled two of my responses, to two different posts, and then posed a question about conflict. I responded.

Where did I say anything about the advisory itself?

 

[NoOther]

I never said a word about the procedure advisory. I do not know if NASA is right or wrong and did not give it much thought. I was responding to several posts which also did not say much about the advisory either. You pulled two of my responses, to two different posts, and then posed a question about conflict. I responded.

Where did I say anything about the advisory itself?

Your two responses were related to one another. They both talked about procedure, it wasn't like I took 2 unrelated topics. You absolutely mentioned advisory in your post:

NASA never lost a life to a purely procedural error and that is what they are talking about here. A procedural advisory.

Your comments were clearly directed at procedure, which is what is in question here about the SpaceX. The main topic is about SpaceX and their procedures and the safety of them. You are saying that NASA has not lost anyone due to procedure, but mention procedures that were put in place because people were lost... I have no idea why you are trying to back away from your implications here.

 

[BSmith]

I made no comment, at all, on the validity or lack of, of the advisory.

NASA has not lost anyone where the loss could be attributed to being 100% procedure based. I stand by that.

It still does not mean procedures are not altered where they can be improved upon. NASA also made procedure changes when no one was hurt either. It is the nature of the beast.

If SpaceX determines NASA's advisory is applicable, then they will probably implement it, but no one here can make that decision or even advocate for or against it.

 

[MixManSC]

Yes I do realize that NASA contracts with SpaceX... I also realize that mostly government funded institutions will viciously fight to keep their government funding coming in. Private enterprise has nearly always proven to be far better and far more efficient at business than government since private enterprise is for profit while more often than not, govt is for milking the govt purse as much as possible. Additionally, in most anything has to be a point at which safety and the costs or problems with implementing safety outweigh the risks. We can make cars that are near impossible to be killed in no matter what type of crash but at what cost? You would be driving an armored tank that gets .2 miles per gallon with a top speed of 30 miles per hour. Risk versus reward. Its clearly obvious that strapping yourself onto the tip of a truly massive tube of highly explosive fuel has some risk. Fueling the rocket before the crew is onboard or not has the same risk of explosion. If it explodes, its likely that people will die regardless so I guess it comes down to how many people, who, and when to put their lives at risk. I know some here are posting like it but I'm thinking there are probably not any rocket scientists on here. Is it possible that the design of the Falcon 9 sitting around fueled when it does not need to be has some sort of risk of those who are crawling all over it up to the last minute has some sort of risk as well? What about that risk to those workers lives? Or should millions of dollars of more safeguards and advisories be invested to help assure that too? Risk/Reward How far is too far? I dont think anyone here is likely qualified to really make that determination either way. I know I'm not. So I'll stick by my original comment...

 

[travm]

We should ask the Russians, I think they have more experience with pad explosions.

 

[BSmith]

Yes I do realize that NASA contracts with SpaceX... I also realize that mostly government funded institutions will viciously fight to keep their government funding coming in. Private enterprise has nearly always proven to be far better and far more efficient at business than government since private enterprise is for profit while more often than not, govt is for milking the govt purse as much as possible. Additionally, in most anything has to be a point at which safety and the costs or problems with implementing safety outweigh the risks. We can make cars that are near impossible to be killed in no matter what type of crash but at what cost? You would be driving an armored tank that gets .2 miles per gallon with a top speed of 30 miles per hour. Risk versus reward. Its clearly obvious that strapping yourself onto the tip of a truly massive tube of highly explosive fuel has some risk. Fueling the rocket before the crew is onboard or not has the same risk of explosion. If it explodes, its likely that people will die regardless so I guess it comes down to how many people, who, and when to put their lives at risk. I know some here are posting like it but I'm thinking there are probably not any rocket scientists on here. Is it possible that the design of the Falcon 9 sitting around fueled when it does not need to be has some sort of risk of those who are crawling all over it up to the last minute has some sort of risk as well? What about that risk to those workers lives? Or should millions of dollars of more safeguards and advisories be invested to help assure that too? Risk/Reward How far is too far? I dont think anyone here is likely qualified to really make that determination either way. I know I'm not. So I'll stick by my original comment...

I think you are over reaching a bit. The advisory NASA issued appears to focus on procedural changes, not design changes. So I am going to disregard the comments about the cost of safety as procedural changes seldom cost much at all, in the overall scheme of things.

I do agree that no one on this board appears to be qualified to make the determination as to whether or not the advisory is a good or bad idea. Like I said, if SpaceX determines it to be of value, I am sure they will consider it and do what is best for the program. At least, I hope that would be the case.

Afterall, NASA does have much more experience launching people into space than SpaceX does. That alone should be enough to respect the opinion of the agency.

 

[M76]

The space shuttle accidents were both due to poor design choices, not procedural choices. They were also compounded by pressure to launch or lose more funding from Congress. it was not a pleasant time to be at NASA.
.

Deciding to launch despite the temperature being far bellow the safe operating range? That's not a design choice.

 

[BSmith]

Deciding to launch despite the temperature being far bellow the safe operating range? That's not a design choice.

And it was not the only reason for the failure. The failure started with the design and mechanical implementation. The manufacturer was required to change the seal material in order to remove a cancer causing agent (working from memory on this...it might have been an EPA requirement to reduce hazardous waste) from the manufacturing process. The new seal material was not as good as the original. The mechanical design should have been changed to reflect the new seal material parameters. It was not.

EDIT: Forgot to add. NASA was not notified of the seal material change. The manufacturer made that decision on their own. Although they were forced to do so.

 

[Aireoth]

This seems so stupid, yeah, NASA made an oops, frankly given the risks of space flight it is amazing more people did not die. The point is to learn from those disasters, not ignore sound reasoning because its current year and someone else.

 

[workshop35]

Deciding to launch despite the temperature being far bellow the safe operating range? That's not a design choice.

Thats why we always did a hot fire and cold fire on all SRB's. Tough way to learn that lesson though.

 

[M76]

This seems so stupid, yeah, NASA made an oops, frankly given the risks of space flight it is amazing more people did not die. The point is to learn from those disasters, not ignore sound reasoning because its current year and someone else.

Well if there was an alternative better way sure. But where is it? At this point they're just professional naysayers.

What's the bigger risk? Fueling the vessel with the crew onboard during which a containment failure can result in them being in danger.
OR
Fuel the vessel with nobody there, keep it supercooled for who knows how long until the crew and support personnel arrive, board, and everything is double checked during which time not just the crew is in danger but every other support personnel also? It might not even be possible without major redesigning to fuel before boarding.
So this is a non starter. As it is both financially and technically unfeasible at this point.

Hey we built a house from wood! OH great, but what if it catches fire? Oh no let's tear it down, because nobody has thought of that before!

 

[M76]

And it was not the only reason for the failure. The failure started with the design and mechanical implementation. The manufacturer was required to change the seal material in order to remove a cancer causing agent (working from memory on this...it might have been an EPA requirement to reduce hazardous waste) from the manufacturing process. The new seal material was not as good as the original. The mechanical design should have been changed to reflect the new seal material parameters. It was not.

EDIT: Forgot to add. NASA was not notified of the seal material change. The manufacturer made that decision on their own. Although they were forced to do so.

They were aware of the inherent dangers of the design and still decided to do over a hundred manned launches. So they're not exactly in a position to give advice about what is an acceptable risk.

 

[BSmith]

The design was acceptable, before the manufacturer changed the seal material. Even with the seal material change, the booster still met the parameters required, but with less tolerance. After Challenger it was discovered the SRB booster casings were out of round and had expanded, due to previous use. Experimental data suggested the o-ring material restoration from deformation could have taken up to 500ms, or more, which could have promoted joint failure due to the vibrations between the joint faces.

I stand by my opinion NASA has never lost someone to a purely procedural error. All three failures (Apollo 1, Challenger, and Columbia) which resulted in the deaths of the astronauts had a basis in mechanical failures or mechanical deficiencies. Procedures were not violated. Even the decision to lauch Challenger went through all the proper procedures. I am not saying they were right or wrong in the decision to launch. If you want my opinion, then yes, I think they were wrong, but that is just one item in a whole list of things that went wrong with Challenger that day.

Here is the conclusion reached from the Congressional report of the accident.

In view of the findings, the Commission concluded that the cause of the Challenger accident was the failure of the pressure seal in the aft field joint of the right Solid Rocket Motor. The failure was due to a faulty design unacceptably sensitive to a number of factors. These factors were the effects of temperature, physical dimensions, the character of materials, the effects of reusability, processing, and the reaction of the joint to dynamic loading.

They have history/documentation with manned launches SpaceX does not have yet. They are one of the few entities who are qualified to give advice in this matter. SpaceX will decide if the advice is sound or not.