Back to the Blog

The first part in a three-part series of the unarchival of my old VASTS papers.

Introduction

The Challenger space shuttle, one of only two of NASA’s shuttles to be destroyed in flight, began as a structural prototype optimized for weight by Rockwell International (later The Boeing Co.) (“Challenger (STA-099, OV-99) Background,” n.d.). At the time, NASA sought a lighter orbiter for increased launch efficiency. Although STA-099 (later known as Challenger) began as a testable model, instead of modifying the Enterprise, NASA converted the Challenger into another orbiter vehicle to have two operational orbiter vehicles (the Columbia and the Challenger). After awarding a contract to convert the STA-099 into a Orbital Vehicle (OV-99) on 1/29/79, the STA-099 was returned to Rockwell on 11/7/79 for conversion. After its construction in 10/23/81, it flew its first flight(STS-6) on 4/4/83 and completed nine missions before its tenth and final flight—51-L.

On 1/28/1986, the Challenger exploded on live television killing five NASA astronauts and two payload specialists, including the school teacher Christa McAuliffe. Due to the high public interest, striking deaths, and controversy surrounding the decisions surrounding the failure, the Challenger disaster has gained infamy in the engineering community (Seton Hall University, n.d.). After six days of delays, the rocket was scheduled for an early morning launch on 1/28/86.

• 58.788 seconds into the flight, puffs of smoke were detected on the right solid rocket booster on the aft field joint. The source of this smoke? A small flame.

• 59.262 seconds, the flame evolved into a plume and a pressure differential was detected between both boosters. As the flame grew, it was deflected aft-ward weakening the strut between the right solid rocket booster and the external tank.

• 72.20 seconds, the lower strut failed and allowed the right solid rocket booster to hinge on the upper attachment strut.

• 73 seconds after lift-off, the Challenger was enveloped in an explosion caused by improper sealing of the O-ring and the subsequent escaping of gasses eroding the O-ring (National Aeronautics and Space Administration, 2005).

Solid Rocket Boosters(SRB), O-rings, and their subsequent failure

Attached to the main External Tank (Orange) are two solid-propellant rocket boosters. They amount for 80% of total thrust for liftoff; with the remainder sourced from the shuttle itself. Two minutes after liftoff, after the SRB’s have depleted their fuel, the boosters are separated, and the orbiter continues under its own thrust. The SRB consists of a nose cone, a Solid Rocket Motor, and nozzle assembly.

Morton-Thiokol is responsible for the Solid Rocket Motor. The Solid Rocket Motor is made of 11 individual sections each about 12 feet in diameter. When assembled, they stand 116 feet long. Each section is attached to the next through a series of tang-and-clevis joints with 177 pins around the circumference of the joint (National Aeronautics and Space Administration, 1986). The recovered Solid Boosters displayed no evidence of major flames such as molten metal upon any substance recovered. Instead, the Booster displayed characteristics of a rapid tensile overload leading to complete bending failure due to this overload (National Aeronautics and Space Administration, 1986). The Tang-and-Clevis joints were sealed with two rubber O-rings produced by Morton Thiokol. The joint relies on compression during assembly to maintain a seal. To ensure the sealing action of the O-ring, a Zinc Chromate putty was also applied to the rubber. If the combustible gasses were to displace the putty, the putty would act like a piston and compress the air in front of the primary O-ring forcing it into the joint. But, for this process to occur, the sealing must occur early on in the flight. As pressure loads are added to the joint, the gap between the tang and clevis increases, thereby increasing the risk of the combustion gasses blowing past both the O-rings and destroying the seals (National Aeronautics and Space Administration, 1986). The O-rings were therefore classified as a Criticality 1 feature of the SRB design; if the O-rings failed it would definitely result in the loss of life or vehicle (Seton Hall University, n.d.).

In November 1981, an examination of the booster field joint found that the O-rings eroded during flight. Even though the joint was sealed, the escaping gasses still eroded the O-ring. After the shuttle flight 51-C on January 24, 1985, engineers at Thiokol found soot and grease on the casing, attributed to gas blow-by. Forcing Thiokol to study the durability of their O-rings at lower temperatures (Texas A&M University, n.d.). Due to the low projected temperatures on the launch date, Alan McDonald and his engineers at Thiokol sought to explain the weaknesses of the O-rings to NASA management. The engineers argued that the upcoming launch would have the lowest temperature ever. The lowest temperature ever launched was 53°F and the lowest temperature tested was 40°F. The projected temperature at launch was 26°F.

Because the temperature that day was lower than any other previous temperature, the Thiokol representatives argued that the temperature was too low for launch. The manager of Thiokol’s SRB project argued against his engineers and referred to Joe Kilminster, a manager with an engineering background. Eventually Mason, a senior executive at Thiokol, told the engineers to “Take off your engineering hat and put on your management hat” (Texas A&M University, n.d.).

The failure of Thiokol management to recognize the qualms of the engineers with the integrity of the O-rings goes against the Rules of Practice 1a, 1e, 3a, and Professional Obligations 1a, 2b (National Society of Professional Engineers, 2018). There are two main digressions from the Code of Ethics that the management is subject to:

• Dismissing the concerns of engineers.
• Offering their own claims as fact.

The actions of Mason and Mulloy display a case of management holding their opinions higher than those of the engineers. The engineers stuck to the Code of Ethics by elevating their concerns to the proper authorities (NASA). It is therefore the fault of the management for failing to acknowledge the concerns of the engineers and pushing the launch anyway. Additionally, the management was subject to external political and economical pressures to give the “go-ahead” for the launch. Being subject to these pressures forced them to overlook their own engineers and offer their own evaluations to the NASA management. These errors are among the most prominent made by the Marshall-Thiokol management.

Group Think Decision Making

The destruction of the Challenger on January 28, 1986 surprised and devastated the American nation. Sending Christa McAuliffe into space was highly publicized and was planned to be a tenet of Ronald Reagan’s upcoming speech. The Public was accustomed to routine launches and successes from NASA and the its failure left a mark on the program. Despite the advice from Thiokol engineers against the launching of the Challenger, many members of management overlooked the recommendations of Thiokol engineers ultimately leading to the failure of the Challenger. The deviation from the normally “high-standard” decision making process by NASA was a primary factor in NASA’s failure.

The Rogers Commission, in their report, found that there was “a serious flaw in the decision making[sic] process”, launch constraints were waived at “the expense of flight safety”, and Marshall management failed to properly communicate serious problems (Seton Hall University, n.d.). These problems were only compounded by internal NASA strains. During this period, NASA faced competition from the European Space Agency forcing NASA to maintain a high tempo in their shuttle launches. The cost for the increased number of shuttle launches was safety; they “resorted to means that were less safe” instead of altering goals and exercising caution. The crux of this problem was the approval of the O-ring despite knowledge that it may fail. Even though there were written objections against O-rings as early as 1977 and O-rings were recognized as a Criticality 1 feature, NASA defined the risk of O-ring failure as “acceptable” and “unavoidable” and proceeded with the launching of the Challenger. This decision-making process was in direct contrast to that process expressed during the Apollo program where even the scent of danger would result in disapproval from NASA management. The entire decision-making structure at Thiokol and NASA at the time was very vulnerable to Groupthink, a concurrence-seeking tendency.

References

Challenger (STA-099, OV-99) Background. (n.d.). Retrieved December 28, 2018, from https://web.archive.org/web/20090203035705/ http://www-pao.ksc.nasa.gov/shuttle/resources/orbiters/Challenger.html

National Aeronautics and Space Agency. (2005). Nasa-STS-51L Mission Profile. Retrieved December 28, 2018 from https://www.nasa.gov/mission_pages/shuttle/shuttlemissions/archives/sts-51L.html

National Aeronautics and Space Agency. (1986). Report of the Presidential Commission on the Space Shuttle Challenger Accident. Retrieved on December 28, 2018 from https://spaceflight.nasa.gov/outreach/SignificantIncidents/assets/rogers_commission_report.pdf

National Society of Professional Engineers. (2018). Code of Ethics for Engineers. Retrieved December 28, 2018 from https://www.nspe.org/sites/default/files/resources/pdfs/Ethics/CodeofEthics/NSPECodeofEthicsforEngineers.pdf

Seton Hall University. (n.d.). The Space Shuttle Challenger Disaster: A Study in Organizational Ethics. Retrieved December 28, 2018 from http://pirate.shu.edu/%7Emckenndo/pdfs/The%20Space% 20Shuttle%20Challenger%20Disaster.pdf

Texas A&M University. (n.d.). Engineering Ethics: The Space Shuttle Challenger Disaster. Retrieved December 28, 2018 from http://ethics.tamu.edu/wp- content/uploads/sites/7/2017/04/Shuttle.pdf

Em Griffin. (1997). A First Look at Communication Theory (Chapter 18) (3rd ed.). McGraw Hill.