Testing is one way to prevent catastrophe, but sometimes catastrophes happen anyway. It’s often interesting to look at other industries to see how they handle contingency planning.
Earlier this week, a SpaceX Falcon 9 rocket launched the first scheduled resupply mission to the International Space Station. The launch was mostly successful, although one engine malfunctioned which resulted in a small of explosion of debris from the rocket. While the internal computer made corrections and was able to deliver its primary payload to the right orbit (the ISS resupply inside the Dragon capsule), it failed to deliver its secondary payload to the right orbit (a small satellite from ORBCOMM).
Rocket launch failures happen somewhat frequently, and some of history’s worst rocket accidents have happened either on the launch pad or during launch. That’s why it’s very important that man rated rockets (those intended to carry human beings) include some kind of escape method. SpaceX is working on one such system as part of man rating the Dragon capsule, but it won’t be fully tested until 2014 (and the Dragon won’t carry humans until at least 2015).
So how does a launch escape system work? Well, it depends on the type of rocket and when the accident happens. For the Mercury and Apollo programs, a large solid rocket motor was attached to the top of the space capsule that would carry it away from the rocket below. The capsule could then deploy parachutes and safely fall back to earth. While this has never been required for an American launch, the Soyuz rocket uses a similar system which was successfully deployed when a fire broke out during the countdown for Soyuz mission T-10-1.
The SpaceX Dragon will use a very similar system, although the launch escape rockets will be built in to the Dragon capsule itself. SpaceX’s system will use a newly designed version of their Draco attitude control thruster rockets called SuperDraco. In the event of a rocket malfunction, the SuperDracos will push the Dragon capsule off the rocket to safety.
So what can we learn from this? First of all, problems happen despite massive efforts to prevent them. One of the Merlin rockets in the Falcon 9 that launched this week failed. Despite that fact, the systems were able to complete the launch with the remaining engines and accomplish the primary mission.
Secondly, even really good systems need escape routes when failures happen. SpaceX is investing almost a billion dollars in making the Falcon 9 and the Dragon capsule rated for humans. As part of that, they’re building newer and more robust systems to help pilot human beings away from catastrophe should an accident happen.
The investment we make in these systems may seem excessive, but they’re essential for protecting human lives and ensuring the success of missions. Software testing may seem mundane in comparison, but remember that all of these fancy systems are powered by software. And that software needs its own rigorous contingency planning, failure analysis and testing.
At the end of the day, bugs happen. And when they do, it’s nice to have a solid rocket engine carry you to safety over the horizon.