← Back to context

Comment by Mikhail_K

6 days ago

> Challenger: no gasses were supposed to make it past the o-rings no matter what,

> but when it became clear that gasses were escaping and the o-rings were being

> damaged, there was a push to suggest that it's an acceptable level.

Interestingly, the article<https://docs.google.com/document/d/1ddi792xdfNXcBwF8qpDUxmZz...> by heat shield expert and Shuttle astronaut Charles Camarda, the former Director of Engineering at Johnson Space Center, asserts that it was *not* the O-rings:

"The Challenger accident was not caused by O-rings or temperature on the day of launch; it was caused by a deviant joint design which opened instead of closed when loaded. It was caused by mistaking analytical adequacy of a simplified test for physical understanding of the system. The solution, post Challenger, was the structural redesign of the SRB field joint and the use of the exact same O-rings."

I find that highly surprising, because "it was the O-rings" explanation seems universally believed and sanctified by no lesser authority than the Nobel prize laureate Richard Feynman.

27 comments

Mikhail_K

Reply
mikkupikku  6 days ago

It's the same explaination. When the SRB joints flexxed the o-rings were meant to stay in place, but the joints were defective and NASA knew the o-rings were moving. However NASA also believed the o-rings could still take the abuse, because although they were moving they were getting shoved deeper into the joint, in a way that wasn't intended but was nonetheless at least marginally effective at stopping exhaust blow-by shortly after it began. But when the o-rings were cold and stiff... they didn't move the same way, exhaust blew by them longer and cut right through. At that point the SRB turns into a cutting torch (the SRBs didn't actually explode until after the shuttle broke up and range safety sent the signal to kill the boosters.

  • Mikhail_K  5 days ago

    > However NASA also believed the o-rings could still take the abuse, because

    > although they were moving they were getting shoved deeper into the joint,

    Why would they be "shoved deeper," when the problem is that the joint opens wider under load?

    • anonymars  5 days ago

      See here: https://www.researchgate.net/profile/Scott-Post/publication/...

      What would happen "normally" (i.e. the normalization of deviance) was that the rotation (from the SRB joints bowing--essentially "ballooning") would create a gap, and the O-rings would get blown into that gap and ultimately seal in there

      With Challenger, it was too cold, so the O-ring rubber was not malleable enough to seal into that space (like the O-ring towards the right of the diagram), so the hot gases were allowed to blow by and erode the O-ring. If they had sealed in (like the one on the left) it would have just taken the pressure but not worn away

      1 reply →

    • LorenPechtel  5 days ago

      Two directions.

      Let's examine a slice of the booster. Going vertically you have one segment, then the joint, then the next segment. The O-rings were in that joint and had some ability to move horizontally.

      As designed the joint would always be in compression, the O-rings sandwiched between two big pieces of metal. If they moved horizontally in the space they had it made no difference, their job was simply to keep the 1000psi inside the booster inside it. Going inward there was a layer of putty that could stand up to the heat but was useless for sealing.

      Unfortunately, when the engines lit the whole booster stack twanged a few inches. A joint meant to always be in compression was suddenly for a moment in tension--the two pieces of metal moved slightly apart--gas could now go above/below the ring. If the rings were pliable enough they got slammed against the outside of their groove where the pressure against the joint stopped the escape of gas--examination of the boosters showed blow-by but it cut off soon enough that the mass of metal was enough to absorb enough heat to avoid catastrophe.

      But that night was very cold. And it was very calm--the boil-off from the LOX tank was simply dumped overboard and the booster that failed was downwind. The point of maximum chilling was between the booster and the tank, the lowest segment joint got the worst of it. And that's where it failed.

      When the stack twanged the ring didn't slam against the outside quite fast enough--some exhaust leaked past and tore up the ring. But the gas still had to go out the joint--and the shuttle fuel used aluminum. The ring wasn't sealing the joint but enough aluminum solidified out against the still-cold metal of the joint that it sealed the gap and Challenger roared into the sky. But as it went faster and faster the vibrations grew stronger--and eventually the really sloppy weld let go. Even that didn't doom the mission, there was enough fuel to tolerate the pressure loss. But the leak was pointing at a strut and the tank with a whole bunch of LH2 in it. Neither was designed to stand up to that.

      There was also a second failure that got little attention: the putty. As intended, it should have covered the entire gap, the force would have been evenly applied and it probably would have made it. But the putty was spread and the segments placed together--in atmosphere. Air was trapped and compressed--and the putty gave way letting it out. What had been an even layer now had holes in wherever the weakest spots were--and that concentrated the escaping gas from the booster. And why wasn't that caught? Because in the static testing someone had gone inside and made sure the putty job was good. Easy enough in a booster laying on it's side, but the Shuttle was stacked vertically.

inaros  6 days ago

>>I find that highly surprising, because "it was the O-rings" explanation seems universally believed and sanctified by no lesser authority than the Nobel prize laureate Richard Feynman.

Essentially you are mischaracterizing what Feynman did or say, although this is also Feynman fault :-), by doing the famous public demonstration, with the ice water in a glass [2], although even there he only said it has "significance to the problem...". In other words, we should not simplify, even for the general public, what are complex subtle engineering issues. This is also the reason why current AI, will fail spectacularly, but I digress...

Feynman documented the joint rotation problem in his written Appendix F, but his televised demonstration became the explanation...[3]

Camarda is correct here. There was a fundamentally flawed field joint design, meaning the tang-and-clevis joint opened under combustion pressure instead of closing. This meant the O-rings were being asked to chase a widening gap something the O-ring manufacturer explicitly told Thiokol O-rings were never designed to do. Joint rotation was known as early as 1977, a full nine years before the disaster.

The cold temperature made things worse by stiffening the rubber so it could not chase the gap as quickly, but O-ring erosion and blow-by were occurring on flights in warm weather too and nearly every flight in 1985 showed damage.

The proof is how they fixed. NASA redesigned the joint metal structure with a capture feature to prevent rotation, added a third O-ring for redundancy, and installed heaters but kept the exact same Viton rubber. If the O-rings were the real problem, you would change the O-rings. They did not need to.

The report [1] is public for everybody to read...but not from the NASA page... who funnily enough has a block on the link from their own page, so I had to find an alternative link...

[1] - https://www.govinfo.gov/content/pkg/GPO-CRPT-99hrpt1016/pdf/...

[2] - https://youtu.be/6TInWPDJhjU

[3] - https://calteches.library.caltech.edu/3570/1/Feynman.pdf

  • LorenPechtel  5 days ago

    Yeah--people don't get it that while it was the failure of the O-rings that doomed that flight that they failed because they were subjected to forces they were never designed to take. The fact that they got that many flights before it blew actually says they were doing an admirable job of covering up the design flaw.

rob74  6 days ago

Without being too familiar with the subject - another commenter referred to the "swiss cheese model": the O-ring design, the temperature etc. weren't the single cause, they were contributing factors, and the more contributing factors you eliminate, the more certain you can be that you won't have a repeat accident. AFAIK there weren't any more Shuttle launches at such low temperatures after that anymore either?

  • pfdietz  6 days ago

    That's right, the accident launch was by far the coldest. They also added joint heaters.

oritron  5 days ago

My recollection is that a rocket design was scaled up from one that worked, by people who didn't consider how an o-ring should be loaded in order to function properly. They inadvertently changed the design rather than simply scale it. I don't think Feynman got this wrong either. His demo was because the justifications for flight were based on the fact that failure had a temperature correlation, and they had a model representing how damaged the o-rings would be.

The o-ring failure was a measurable consequence of the joint design failure. The data behind the model didn't go down to temperatures as low as that at Challenger's launch date.

For more inappropriate extrapolation to justify a decision: the data for the heat shield tile loss model was based on much less damage than sustained by Columbia (3 orders of magnitude IIRC).

Now they are looking at the same style of fallacy and don't even have a model based on damage sustained in flights.

Another parallel I haven't seen discussed here yet, though I haven't read all comments: I recall Feynman feeling like he was on the investigation panel as a prop, that the intention of the investigation was to clear NASA of any wrongdoing. They used a model, considered risks, etc. Feynman recognized the need for a clear and powerful visual to cut through an information dump and pull it to front page news. The invitation of Camarda to a presentation with a pre-determined conclusion has the same feeling. I don't know what Camarda can do to put it on a (non-HN) front page today.

pdonis  3 days ago

> "it was the O-rings" explanation seems universally believed and sanctified by no lesser authority than the Nobel prize laureate Richard Feynman.

If you read Feynman's account in the book What Do You Care What Other People Think?, you'll see that he realized afterwards that he was prompted to make the demonstration he made at a NASA press conference--putting a piece of O-ring material in a glass of ice water, clamped with a C-clamp, and then taking it out and releasing the clamp to show that the material did not spring back--to get public attention focused on problems with the joint in a way that could not be ignored. But, as has been pointed out downthread, when the joint was redesigned, the new design did not change the O-rings at all. So the specific issue that was shown in Feynman's demonstration was not the issue that actually needed to be fixed. It was just a convenient way to show the public that there were problems with the joint, with a simple demonstration that everyone could understand. Trying to show the actual problem--that the entire joint design was fundamentally flawed and needed to be changed--would not have worked in a context like that.

voidUpdate  6 days ago

Using the same o-rings afterwards is surprising, I've heard that the manufacturer was surprised that they were being used for that purpose because they weren't rated for that.

Also I'm not sure the assertion is correct. If the sealant and O-Rings were adequate, the joint would not have failed. It was suboptimal, and increased risk, sure, but it in itself wasn't the reason for the accident. It was the joint and the o-rings in combination. The holes in the swiss cheese model lined up that day, and a lot of small problems combined into one big problem

  • sidewndr46  6 days ago

    Surprised? One of the engineers was literally on the phone with NASA the morning of the disaster begging them not to launch. He was overruled by management.

  • Mikhail_K  6 days ago

    > If the sealant and O-Rings were adequate, the joint would not have failed.

    That assertion requires some reasoning and evidence to back it.

    • voidUpdate  6 days ago

      The sealant and O-rings were meant to keep the hot gasses inside. Simply making a joint slightly wiggly will not keep hot gasses inside. The hot gasses did not stay inside. The sealant and O-rings did not succeed in keeping the hot gasses inside (evidence: Challenger). They were not adequate

      4 replies →

nritchie  5 days ago

Both things can be true. A better O-ring with the same joint might have prevented the disaster. A better designed joint with the same O-ring might also. Feynman knew that a little theater would go a long way. The O-ring explanation, albeit a partial explanation, made for good theater.