|Posted on Sep 11, 2009 01:25:27 PM | Wayne Hale | 24 Comments ||
I have been pondering the Augustine report (at least the executive summary) which has been released. There are a couple of sentences up front that have been on my mind:
“Human safety can never be absolutely assured, but throughout this report, it is treated as a sine qua non. It is not discussed in extensive detail because any concepts falling short in human safety have simply been eliminated from consideration.” As panel members commented (more than once) during the public sessions, ‘we assume NASA will build safe systems’.
I’m not a Latin scholar so I had to look it up. Sine qua non means the something or someone indispensible. So safety is indispensible. I’d agree with that. As a matter of fact, I have spent my entire career based on making spaceflight as safe as possible while still actually flying.
Actually, the assumption that NASA will build safe systems is poorly demonstrated by our history. Our failures are painful to enumerate. Early after the Columbia accident, we engaged Dr. Charles Perrow of Yale University to talk to us about his book (and theory) titled “Normal Accidents”. In summary, Dr. Perrow believes that accidents are unavoidable in complex systems. Very depressing to read. Nothing you can do will ultimately prevent a fatal flaw from surfacing and causing catastrophe. Life is hard and then you die. Not very motivational, but perhaps true. So all of us who listened to Dr. Perrow determined to prove him wrong.
In any event, safety in space flight is a relative term. A launch vehicle with a 98% success record is considered very safe, but you would never put your children on a school bus that only had a 98% chance of getting them safely to school. It is a high risk, low safety margin endeavor. Probabilistic Risk Analysis has made great strides in recent years but the only statistic I put any faith in is the demonstrated one. The shuttle has failed 2 times in 125 flights. That is not good enough.
Six years after the loss of Columbia, I’m not sure that we can make a spacecraft safe, but I have empirical evidence that proves beyond a shadow of a doubt that we can make it expensive. The cynical part of me says that is what we do at NASA: demand extraordinary proof that things are safe. ‘Proof’ means a series of tests -a large enough number of tests to be ‘statistically significant’- and/or very complex analysis which examines every facet of each part of a system in detail to demonstrate that in the worst possible set of circumstances the system will perform as required. Trouble is, there is no end to imaginative tests, and there is always something else to throw into the analysis. And it all must be extensively peer reviewed, debated at length, documented to the nth degree, briefed to multiple layers of management, and signed off by virtually everybody in
This is a very expensive process.
History indicates that attention to safety doesn’t seem to last. Sooner or later the people charged with making a system safe retire or die off, the bean counters get their knives out and the organization gets trimmed in the name of efficiency and cost savings, and somewhere along the way an invisible line is crossed. And Dr. Perrow is proved right again.
Not to be too depressed, but these report’s two sentences on safety are counterbalanced by many more sentences describing how space systems must be made cheaper and should accomplish its goals sooner. ‘Faster, better, cheaper’ was the rallying cry of management over a decade ago. The wags soon added ‘pick any two’. My experience has been that a project manager is lucky to get two, and many projects end with having failed on all three counts.
I found another Latin phrase which may apply here, from Horace: Splendide mendax. It means ‘splendidly untrue’. Safety at low cost, that is.
So as we look to the future, it is going to take a great deal of careful management to ensure that commercially provided crew transportation systems are adequately safe and yet not drive the cost (and schedule) through the roof. This balance is not easy to accomplish. Careful and thoughtful management attention will be required. No doubt you will hear some debate about this topic in days to come.
Which brings me back to sine qua non. About a year after the loss of Columbia, NASA had a conference on risk and exploration. A number of folks who do dangerous exploratory work talked with the NASA leadership about these issues. Probably the most memorable thought of the whole conference came from James Cameron. After almost two days of people repeating the phrase “safety first, safety is the most important thing”, Mr. Cameron made this observation: “While safety is very important and must be considered at all times, in exploration safety is not actually the most important thing. In exploration, the most important thing is to go.”
If I were writing the report, it would echo those words. Actual exploration is not safe. Actual exploration does not take place on powerpoint slides. Actual exploration takes courage. Actual exploration take action. Actual exploration requires going.
Actually going is sine non qua.
Tags : Risk, cost, exploration, safety, spaceflight