A few years ago, I had the good fortune to be accepted as a consultant on Kelly Space and Technology’s Space Transportation Architecture Study team for NASA. Challenger was long behind us, and Columbia and SpaceShipOne were yet to happen. My assignment was to develop recommendations as to how any new NASA space vehicle development could be used to facilitate a commercial space industry, specifically from the standpoint of crew and passenger safety and system reliability, which, we must admit, are crucial to both.
Given that NASA now is planning to develop a new space vehicle, and several firms are working toward vehicles for sub-orbital passenger flights, it seems a good time to revisit some of my thoughts and conclusions from that earlier study.
I recall being brought to a stop by NASA’s reliability requirements. The exact values are n ot important, but what stopped me was that the probability of loss of crew was lower than the probability of loss of vehicle. On first blush this made sense. We value the crew more than the vehicle. Hence we want them to have greater chance of survival. Nothing can be more obvious. But something below the surface unsettled me and I spent some time thinking about it.
My first realization was that having a lower probability on loss of crew than for loss of vehicle meant that NASA was, for all intents and purposes, mandating escape systems. That’s the only way that the crew can survive when the vehicle doesn’t. This approach to crew safety is perfectly legitimate and comes with decades of aerospace convention and experience to recommend it. But even aside from the fact that escape systems are nearly impossible to implement in most spaceflight regimes, it struck me as a counterproductive approach.
I am not one to glibly compare the operation of space vehicles to the operation of airliners. The fact is that space vehicle environments are more diverse and severe than anything an airliner will ever see, and performance requirements are significantly higher. Materials and systems are generally stressed closer to their limits, and some technologies are just plain not there. This makes airline-style operations problematic at best.
I felt that there were some lessons to be learned, however.
For a variety of reasons, it is impractical to equip airline passengers with parachutes and ejection seats. The industry realized this early on. The alternative strategy was to design the aircraft so that it would survive events that might kill passengers, or design it to at least remain intact long enough to allow the aircraft to get back down to the ground and allow an evacuation.
The result of this approach has been increasingly safe and reliable aircraft. The dependence on aircraft reliability, or at least survivability, yielded better aircraft.
Conversely, back in the aerospace world, it is also likely true that a reliance on escape systems yielded better escape systems, although I have no expertise in that area. But this is a “safety trap.” I argued that designing for safety is not the same as designing better vehicles. The acceptability of escape systems, however real or mythical they were, let us lower the bar on better vehicles too easily. And it’s the better vehicles, I argued, that both NASA and the industry needed.
We needed better vehicles because it is the vehicle reliability that makes or breaks the program.
For commercial operations, escape systems complicate processing flows and impose significant weight and cost penalties. On the government side, each use of an escape system will set off a significant — and justified — inquisition. Vehicles will be grounded and programs will be stopped. A graceful fallback onto backup systems or design margins is much preferred in both situations.
More importantly, however, we need the better-vehicle strategy so that we can more clearly focus our technology developments and design approaches. This is how we will make real progress. This is how the airliner industry drove forward to where it is today, and this is how we can drive our industry forward — not through better escape systems.
My recommendations then still seem applicable today. I did not preclude the need for escape systems. But I did recommend that NASA re think its loss of crew and loss of vehicle requirements.
I suggested that we should determine an acceptable probability for loss of crew or passengers — and there are several precedents out there — and set the loss of vehicle probability at that level or lower. I then identified tools and design approaches to adopt and adapt from our brethren in the commercial airline world to see if we can make our vehicles better in a logical fashion.
I would stand by this approach today as well. Escape systems are a dead end for space vehicle development, and we should not assume their necessity. We should instead challenge ourselves to design away the need for them. If we cannot meet our loss of vehicle goals for some phase of flight, then certainly escape systems are in order. But we need to at least try.
Paul Birkeland is a commercial space consultant in Seattle, WA.
