Space rocket tech is decades old. Why do space rockets still fail so often?

Factual Questions
1

Space Rocket technology is hardly new stuff, and yet satellite launches are seen as fairly risky ventures (with a accompanying insurance costs) with hugely expensive satellite rockets often failing to deliver their very expensive cargo by going off course or blowing up, or failing to reach the proper orbital height.

Why is this technology still so hard to master 40 years after the Apollo Missions? It seems like more of crap shoot than it should be at this point.

From 1999 - Rocket Failures Cost United States Billions in Damage to Spy Satellites

Mystery over rocket failure

Rocket Failure Ruins Scientific Mission

Key Indian satellite launch fails

2

Just a speculation, but I don’t think you can measure technological developement just by passage of time. It’s more a matter of how much it’s occurring. Launching a rocket into space may have been happening for over forty years, but how many actual launches have occurred in that time? Probably fewer than ten thousand.

Compare that to computers; another technology that was essentially begun in the 1950’s. Both technologies started at the same time, but computer operations probably reached the 10,000 mark in the mid-sixties. The bugs were worked out (and named along the way) and computers went on to become predictable, stable, cheap, and mass producable.

3

Because it IS rocket science?

The reason has nothing to do with “mastering the technology”. The problem is that even though the technology has been mastered, the engineering tolerances are still very low. Space rockets expel a lot more energy than an aircraft. They are also running at 99.9% power the entire time. Other technology like aircraft and automobiles aren’t being pushed to their maximum every second of opperation.

4

Rocket science, is well, rocket science, after all. One of the problems is that if something goes wrong, you may not be able to examine any of the debris, so you can’t say for certain what happened. You might be able to make an educated guess, but you’ll never be able to say for certain what was the cause. Even if you know what failed, knowing why it failed may escape you, so you can’t be certain any steps you take to fix the problem are the correct ones.

5

In a past life, I spent three years answering variations on this question for the Air Force. Modern boosters are between 95% and 99% reliable, though, which is damned good for something so complicated. I don’t reject your premise, but I think the streak of Titan IV failures will eventually be tracked back to a root cause, and the other failures are unhappy coincidences exacerbated by the US Space Industry’s increasing reliance on PowerPoint engineering. If you don’t want to stick around for my professional (but niche) opinions, about why getting a booster up is so hard, you can get a broader view of the reliability issue from here showing statistics about what systems have failed and when. But one quotation from your OP really rang true for me: “Launching rockets is inherently risky and unforgiving, they say.” Below find my own explanations of exactly how unforgiving a discipline rocket science is, and marvel at how we were ever able to get to the moon.

Solid Boosters

Modern solid motors are fabricated by pouring a thick rubbery mixture into a steel or composite case, curing and drying the mixture, and then attaching a nozzle to the motor case. The mixture’s burn rate has an exponential relationship with (among other things) temperature and pressure, so much effort is spent keeping the surface area inside the burning booster constant and high. Burning from the back end to the front (like a cigarette or candle) is easy but inefficient, so these systems have a star-shaped hole through their centerline that burns and keeps the surface area nearly constant as it erodes away; corners in this star shape cause stress and strain that can aggravate failure modes. The “modern” propellant mixture has proven extremely reliable (better than 99%), but there are still flaws. Poor handling practices can cause cracks in the rubbery walls; the accompanying increase in surface area creates a pressure spike and can burst the motor case. Inspecting 1m-diameter (or larger!) cylinders for these tiny cracks is time-consuming, expensive, and imperfect. Nozzles are made of carbon composites, steel, and other materials blended or glued together, and imperfections in the manufacturing or bonding process can create small hard-to-detect flaws in the nozzle surface. If burning propellant begins to erode the nozzle near these flaws, you get a hole in the nozzle wall (throwing your booster off-course) or the propellant accretes at the flaw site and plugs up the throat of the nozzle (creating a pressure spike, followed by spontaneous self-disassembly of the motor case). The list goes on from there, but the story is almost always the same: a very very small flaw can cause an otherwise-sound design to fail when confronted with the extreme temperatures and pressures associated with rocket propulsion. It’s a controlled explosion, and any loss of control generally results in an uncontrolled explosion.

Liquid Boosters

Liquid boosters blow me away - I can’t figure out why more of them don’t fail! The turbopumps in a liquid engine feed system spin at tens of thousands of RPMs moving horribly corrosive oxidizers and highly explosive fuels past each other at extreme pressures within tiny pipes; giant thin-walled tanks contain the propellants and become structural elements when pressurized; the fuel is run through a thin-walled jacket around the outisde of the rocket nozzle before it’s injected into the thrust chamber – this preheats the fuel, cools down the nozzle, and creates just a little more excitement.

There are thousands of moving parts and dozens of actuators linked together by a control computer that adjusts flow rates up and down each millisecond or so to ensure the reaction doesn’t get out of control. The G-forces caused by liftoff can make the fuel slosh around inside the tanks, so that the control computer is also steering the rocket to keep it on course. Throughout all of this the system is doing complicated differential equations to determine how it’s going to hit a known point in space at a given velocity, and achieve a positional accuracy given in centimeters and a velocity accuracy given in centimeters per second. (The solids have to do this too, but their whole goal is to simply stop the burning when they have enough velocity). Basically, you’ve got a machine that’s at least an order of magnitude larger than your car, moving at speeds five orders of magnitude higher than your car’s top speed, with timing and precision that your car can’t hope to match. Everything is happening so damn fast during a launch – the boost phase on a modern ICBM lasts less than three minutes! Telemetry can help analyze most failures after the fact, but even then it’s rare to be able to say what precisely went wrong, and almost impossible for a rocket’s computerized system to perform the complex system analysis in-flight to correct for trouble. Again, it comes down to a controlled explosion – the rocket wants to fail. It wants to find the quickest way to the lowest energy state possible. The guidance computer is responsible for keeping the hot end down, the pointy end up, and herding dozens of variables into their nominal performance envelopes while dealing with the complex ripple effects of changing those variables.

Basically, everyone in the space industry wants boosters to be more reliable, but there’s no single answer to make that happen. The problems are complex and contradictory and we make progress very slowly because new booster or engine designs are very risky endeavors even for huge companies like Lockheed or Boeing.

6

Amen, and it’s not just the Space Industry.

I would add that while the techology in general may be decades old, key components of it are still evolving. For example, the control systems that Jurph mentioned have come a long way since Apollo, or even the Shuttle. And they still have a ways to go before they have the same reliability and repeatable producability that you’re used to seeing in your automobile.

7

Fundamentally, a rocket is a large, ongoing, somewhat controlled explosion.

Which an Astronaut or satellite sits on top of, & then you pray real hard that the semi-controlled explosion does not become a semi-uncontrolled explosion.

8

Damn, I was going to offer the professional and comprehensive answer to this question, but I see that someone beat me to it. (Jurph, did you work for the RSLP or The Aerospace Corporation?)

Anyway, as previously noted, the reliability of modern rockets is quite good given the number of times an individuals launch system have been operated and likely to get better as time goes on. As an example, the Shuttle SRBs (Solid Rocket Boosters) have made 230 operational flights with only once incidence of catastrophic failure (and that one due to a well-known design flaw that wasn’t rectified because of political and business concerns.) Even after the STS is retired the SRB, in five segment configuration, will live on as the first stage for the Ares booster used to launch the CEV, and will likely demonstrate equal reliability.

Similarly, we regularly fly surplus Minuteman motors in various configurations for satellite launch, target deployment for ABM testing, and suborbital experiments with high reliability despite the age of these assets (30-40 years old, well beyond their original design lifespans). We’ll soon be doing the same with surplus Peacekeeper and Trident C-4 boosters.

Liquid boosters are more complicated and thus prone to hard-to-predict failures (often such failures are the result of systems which operate fine when tested seperately but fail due to influences on each other), but they offer substantially greater performance and greater scaleability on the high end. After going toward increasingly complex designs (culimating in the Shuttle Main Engines, which were stressed to material limits) the philosophy has been to go toward greater simplicity, hence the refined and much simpler J-2X on the Ares I Stage 2, which is a simplified descendent of the J-2 used on the Saturn family of rockets. Liquids are also desirable in terms of a truly reusable (as opposed to refurbishable like the SRB) rocket; the original Shuttle booster(s) were intended to be some configuration of a fly back liquid (kerosene and oxygen most likely) rocket. Similarly, the Zenit boosters used on the Soviet Buran shuttle were liquid, though not in their current design reusable. There were plans to make them winged flyback vehicles but this was abandoned (as with the American STS) due to cost and complexity.

The SpaceX Falcon and Rocketplane Kistler K-1 series of rockets are intended to result in cheap, simple, partially reusable orbital boosters with low launch costs. However, I’ll note that SpaceX’s first launch of the Falcon 1 was a spectucular failure (inappropriate use of aluminum bolts 'cause “they were more expensive than steel bolts” :rolleyes: ) and RK has yet to light a fuse under one if their rockets. All original designs have to go through an expensive, failure-prone teething phase. And the Saturn V, cited by the OP as an example of a historically reliable system, wasn’t failure free by any stretch; it had a number of quirks (including some dramatic “pogoing” on several missions, and at least a couple of examples of turbopump failures) that could have but fortunately did not result in abort or catastrophe. The Apollo program was as much or more fortunate as they were prepared and foresightful.

We’ve collectively built and launched a few thousand orbital rockets; in comparison, we’ve built hundreds of thousands of aircraft and hundreds of millions of automobiles. When we’ve built a few million orbital rockets which are as easy to operate and maintain as a Toyota Camry, then you can question the less than 99.99% reliability.

Stranger

9

heh, Gods I love aero-space engineer speak. “Spontaneous self-disassembly” is just friggin beautiful. I will now use it in a sentence.
“After unsuccessfully traversing a minefield, lokij experienced spontaneous self-disassembly.”

Heh.

10

Nope - my job was to figure out how long modern solid-fuel ICBM boosters could last on deployment without refurbishment. I was in an acquisition billet at Wright-Patterson AFB. My second assignment was space-related (I was part of a weather satellite program office) and then I got out and went civilian. Now I work for the JHU Applied Physics Lab doing performance analysis on ballistic missiles; I spend about one day a week down in D.C. meeting with various DoD folks, mostly Navy. Who do you work with?

Your point about control systems advancing more rapidly than reliability brings up a big point – since modern rocketry began around WWII, we’ve seen some huge leaps in miniaturization and materials technology. The (American) industry has generally chosen to implement new technology with each version increment. The Cold War and ICBM development drove many of the technology gains, so reliability was always a concern that got equal weighting with accuracy and range-payload performance. Soviet/Russian design practice is a little different, and tends to favor redundant subsystems and elegant hardware solutions rather than complex software.

A colleague of mine noted that an Intel i386 was more than capable of doing the guidance and control for a ballistic missile – 25 MHz is faster than the fluctuations that the control system needs to damp, and 4MB of RAM can hold a very precise guidance table. So now we just need high reliability actuators, flawless manufacturing, and perfect control software! :smack:

11

Is it true that Werner Braun stated something to the effect that solid rocket boosters have no place for manned rockets?? (safety issues)

12

Could you give us a ballpark on that figure?

13

Jurph, what do you think of the “big dumb booster” concept? Supposedly both higher reliability and overall lower costs could be achieved by dumbing-down rockets: accepting lower peformance measured in payload fraction of gross launch weight but using simpler, cheaper tech to build the rocket. For example, I’ve read that turbopumps could be taken out altogether and replaced with pressure/gravity feed. This would in turn “solve” the problem of the combustion chamber and nozzles needing regenerative cooling. Use whatever tankage has the lowest overall cost per surface area rather than ultra-thin “foil” tanks, making the tanks heavier but sturdier. People have been proposing stuff like this for decades but it’s never caught on. Is it not as smart as it sounds?

14

But, herein lies two problems. First, when Cold War was at its peak, the DoD saw the benefit of what become MIL-STD-1750 for microprocessors. I think that it was is on the Shuttle. It is slow by today’s standrard, but is is reliable and testable and it contains provisions to help with software test. With the end of the Cold War and the telecom and dotcom booms, nobody wants to build MIL-STD parts and the DoD wants to use all of the sexy new commerical stuff. So, aerospace has taken a step backwards in microprocessor reliability (IMHO).

Second, something similar happened in software development. MIL-STD-2167A is not popular anymore. Everyone wants to use COTS and experience the rapid turnaround times that the telecom industry benefits from. CEOs want to know why the control software cost so much more per line of code than the software that Motorola puts on its cell phones.

So, again IMHO, until these two issues work themselves out (and they will), I don’t think we’ll see major strides in rocket control system reliability.

15

Interesting; I work for a contractor to the Rocket Systems Launch Program, burning up all those solid motor ICBMs you spent so long doing A&S on. Thanks for your work. :wink: And if you’re ever looking for a job out on the West Coast, send me a resume. My officemate would love to have someone do share in some of his performance analysis duties.

It sounds like something von Braun would say, but then, von Braun was a hardcore liquid guy who also boosted for the use of unstable nuclear reactors as an upper stage rocket engine. And while solids were highly unreliable in von Braun’s most fertile days as a rocket designer, we’ve honed the reliability of them from nearly fifty years of solid ICBM booster development. Some of the most historically reliable booster systems in existance are solid motors. (But they can be a bitch to handle–like Jurph says, even a slight crack or case delamination can be fatal–and they don’t offer the performance of a liquid.)

I can’t disagree with the former–COTS has become a four letter word in my dictionary owning to its insistance by business people who wouldn’t know a Thrust Vector Actuator from a dildo–but control system reliability is more than just the sum of components. Individual unit reliability was at a high premium on early electronically-controlled rockets and spacecraft because the technology was inherently unreliable and too bulky to be used redundantly. In contrast, modern digital control systems are several orders of magnitude more compact, and per bitrate more reliable than older technology. Instead of insisting that every single code execution be flawless, we now can afford the performance and redundancy to perform error-checking and diagnostics. That’s not an excuse to release crap code or accept defective hardware, but it gives more leeway in protecting against oversights and errors.

Regarding operating systems and hardware, we can lean on years of wide-use performance and feedback to provide improvement rather than a massive staff of software and system checkers; commercial OSs like VxWorks or massively tested open source systems like NetBSD are highly robust and provide mature starting points for a home-mix specialized OS rather than writing the operating code completely from scratch and going through many major revisions before getting to a reliable, robust system that’ll be obsolete before it ever becomes implemented. (Just try purchasing replacement memory for the AP-101 computers used in the Shuttle, or finding programmers familiar with HAL/S.)

Given that reliable GN&C systems were the bugaboo of ICBM development (there’s a scary story about the MMII guidance system being essentially nonfunctional during the first few months of deployment) and yet today are one of the more reliable systems on a rocket, I’d say that as long as you stay away from the bleeding edge of development, overall operational reliabilty is likely to be higher than legacy systems of decades past, and will only procede to get better still.

Stranger

16

[tongue in cheek]

Is that correct usage? I would think that in that case, it would be a land mind disassembling, not lokij disassembling himself, thus not self-disassembly of any sort, spontaneous or non-spontaneous.

[tongue out of cheek]

17

That’s beautiful. It almost beats the airlines’ classic “landing at sea”.