Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Odd topic for a computer centered forum - but worth discussing a bit. The computer hook relates to what could have been monitored, detected, and reac- ted to in computer time; but not in human time. I base this discussion on long-ago experience in writing about solid propellant rockets, plus Sunday's TV & radio news. 1. Solid propellants burn at a surface. If they are designed to burn at one end, they are called "cigarette burning." If they are designed to burn through a hole in the middle, they are not. The prepared hunk of propellant is called a "grain." 2. Cigarette burning produces roughly constant propelling force throughout the burn. Chunks of loose propellant (cylinders, spheres, etc.) produce more thrust at the beginning, less at the end, as the surface area of the grains is reduced/consumed. 3. The hole in the center of a grain can be tailored in shape to affect burn characteristics just about any way the engineer wants. In addition, "inhibi- tors" can be put on the grain to further control its burn characteristics. 4. In most boosters the grain fills the container, except for the hole in the center, and a space near the nozzle. An ignitor (actually, another small rocket) is usually at the end opposite the nozzle. 5. Remember, the grain burns at the surface. A crack in the grain provides another surface to burn. If the grain separates from the casing, the exterior of the grain provides another burning surface. If the grain is sectional, i.e. too large to build as one unit, the ends of the sections can provide burning surfaces. Naturally, it is the engineer's job to control and prevent these undesirable burning surfaces, and to produce the thrust profile required for the task at hand. (tutorial ends, speculation begins) It is my understanding that "SRBs" were built in 6 sections, and assembled on-site. Nose, 4 grain sections (not necessarily identical, the hole can be tapered), and tail. I also understand that the casing sections were "bolted" together (probably a fairly complex bolting system); and were considered to be quite safe & reliable. The casings were recovered after a launch, refurb- ished, reloaded, & re-used. Recently released film, computer-enhanced offline, after the accident, show that the right hand SRB had a plume coming out the side, in a location that appeared to me to be about where the joint between the 3rd and 4th grain/ casing sections would be - but, depending on the actual design, could have been further aft, near the end of the grain, towards the nozzle. If this was a casing/grain burn-through, the mildest result would be assymetric thrust. *This should have been immediately detectable by the guidance system's reaction in attempting to maintain the desired trajectory.* If similar per- terbations occurred in wind shears, etc., it might not be recognizable as abnormal. Another result could be that the errant jet impinged on the main fuel tank, heating, penetrating, and igniting the fuel load. (It might be able to ignite it without penetrating the tank structure.) *This should be quickly detec- table by excursions in tank pressure.* Reaction times, even of computers, might not be fast enough to make any difference in the outcome. I believe that both of the above could have been detected with instrumentation that was certainly on board. Additional (or existing?) instrumentation could detect temperature changes in SRB and fuel tank skins, torques on SRB mounts, abnormal "seismic" vibrations within the SRB structure, abnormal "plumes", etc. It is so easy to second-guess. I am sure the engineers concerned are casti- gating themselves for what they failed to forsee, for what they concluded was trivial, for what now seems eminently clear to them. I wish they would quit it. The whole program is so full of checks and balances that only a Higher Power could add more. From "MTM's" description of the safety system, it seems a miracle that it was possible to destroy the SRBs under normal circumstances, much less in the middle of disaster. The astronauts participated in the design and manufacturing process - they were ready to go. We have lost seven of our best and brightest. But perhaps we are seven closer to whatever is out there in space, waiting for us to get on with it, get out there, fulfill our dreams. ---------------------------------------------------------------------------- Peter: this is too long, but I had to write it, tell someone. I went into space in the '50s, with Heinlein and Bonestell. The Challenger Seven must not be regarded as sacrifices on the altar of science - they were just seven of us who went a little closer to the edge of knowledge than the rest of us dare. The human/computer symbiosis will get us out there eventually, and the Challenger Seven will have helped every one who follows them. - Mike
First, I assume that everyone knows that no atomic explosion would
occur under any circumstances. Nor any fallout.
That only leaves the actual radioactive fuel itself. Plutonium's
danger, for a constant mass, depends upon the size of the particles.
The worse thing that can happen is for dust size particles to be
inhaled. Large chunks would be a local danger, but one easily
handled. Note that if the launch was from the Cape, then it would
eventually settle into the ocean. This would aid considerably in
dispersing it to extremely low concentrations. Finally, remember that
the Soviets lost a satellite powered by radioactives over Canada.
While the Canadians were not happy, and took clean up measures, the
real problem was getting the Soviets to pony up for the cleanup costs.
From: James.Tomayko@a.sei.cmu.edu
.... Therefore, aside from several hundred pounds of plutonium ...
Are you sure about your numbers? Hundreds of pounds of pure
plutonium? The cost would be outrageous. Moreover, this implies a
total mass would be thousands of pounds, if not tons (since the
plutonium would be diluted to a lower concentration and sufficient
shielding for the electronics would have to be provided). Maybe you
mean a fuel assembly massing hundreds of pounds? If so, then the
actual mass of Plutonium would be a small fraction of the total mass.
Jim
One aspect of the SRB self-destruct mechanism which has bothered me the most is the fact that a single action will destroy BOTH SRB's (and perhaps the external tank as well?). It is clear that recovery of the intact casings would have been invaluable in the NASA investigation. News reports tell us that one of the SRB's was headed on a dangerous course toward popluated areas and had to be destroyed. Fair enough. But why destroy the other one unless and until it was also proved necessary?? Thinking about this further reveals it may not be that simple. First of all, I can imagine scenarios in which both SRB's would need to be destroyed as quickly as possible, especially in the early phases of the launch. You would certainly want to have a mechanism for doing this as exists now. On the other hand, last Tuesday's events show that it would be very valuable to be able to destroy them individually as well. This would imply modifying the hardware/software such that each SRB responded to two sets of tones: a common set for both and an individual set. Perhaps a simpler scheme would be to simply have two different frequencies which could be used simultaneously or separately. Those of us discussing this were momentarily satsified until somebody asked, "Yes, but how do you tell which SRB is which??!" In this case, it was reasonably easy to answer that question when they emerged from the fireball, but this might not always be the case. Furthermore, it's not clear that the task would be any easier when watching them on a radar screen. (What does the Range Safety Officer use?) This difficulty can presumably be overcome by electronic equipment on each SRB that would tag its radar image in some fashion. I'm wondering if this is a case of "good hindsight", or if there are other considerations we didn't think of. Clive
> [FROM THE SUMMARY OF DISASTERS in RISKS-2.1:]
>
> - Quebec election prediction gave loser big win [1981] (SEN 10 2, p. 25-26)
Election monitoring software for two television networks was faulty: votes
were being attributed to the wrong candidates. Names were being kept
in alphabetical order while votes were kept in decreasing order.
This is a language related bug: the contractor was IP Sharp and the
software was programmed in APL — the informations ended up in distinct
vectors, with one being mistakenly kept sorted.
Jean-Francois Lamy
Department of Computer Science, University of Toronto,
Departement d'informatique et de recherche operationnelle, U. de Montreal.
CSNet: lamy@toronto.csnet
UUCP: {utzoo,ihnp4,decwrl,uw-beaver}!utcsri!utai!lamy
CDN: lamy@iro.udem.cdn (lamy%iro.udem.cdn@ubc.csnet)
[FOR THE RECORD, HERE WAS THE ORIGINAL PARAGRAPH from Software
Engineering Notes, from a review by PGN of John Shore's "The
Sachertorte Algorithm and Other Antidotes to Computer Anxiety",
vol 10 no 2, pp. 25-26, April 1985.]
The chapter on Myths of Correctness brings us the tale of the 1981
provincial election in Quebec, Canada. One station's computer had been
misprogrammed, and it announced that the overwhelming underdog Union
Nationale had won 19 out of 49 races. Their announcers somehow even managed
to come up with erudite analyses explaining why this amazing upset had
occurred. It was not until twenty minutes after the other station had
declared that the Parti Quebecois and the Liberal Party had totally
dominated the election that the first station realized that there had been a
colossal mistake somewhere! [PGN]
Please report problems with the web pages to the maintainer