Like many of my generation, the loss of the Challenger space shuttle and its crew on this day in 1986 was a defining moment in our childhoods. Of course, for many of my American peers, the shock was amplified because the presence of Christa McAuliffe, the first teacher in space, meant that they were watching the launch live in their classrooms.
But even as a twelve-year-old living in Ireland, I can remember exactly where I was when I heard the radio bulletin announcing the tragedy and experienced the sharp pang of dismay and loss. I followed news reports of the Rogers commission as it investigated the disaster, and cheered when, two-and-a-half years later, the Discoveryresumed shuttle operations.
Like most people, I assumed that NASA and the U.S. government would never repeat any of the mistakes that had been revealed as leading to the deaths of seven astronauts. But I was wrong, as the break up of the Columbia on re-entry and the loss of its crew would prove in 2003.
As IEEE Spectrum reported in the wake of the disaster, many improvements were made in the wake of Challenger’s destruction, including redesigns of the infamous O-rings that allowed errant rocket exhaust to ignite the shuttle’s external fuel tank and an attempt to put risk management on a firmer statistical footing. [You can read Spectrum's 1989 investigative report on the Challenger disaster here.] And NASA assured us that management failures, which had led the agency to ignore repeated warning signs that the solid-fuel booster O-ring design was flawed, had been corrected.
In 2002, while covering the space beat for Spectrum, I met with NASA’s then-chief administrator Sean O’Keefe in the agency's Washington D.C. headquarters. At the time, questions were being raised about NASA’s attitude to safety in its collaboration with Russian space program. O’Keefe assured me that NASA’s safety culture was strong, that managers kept a copy of the report of Rogers commission in their desks to make sure they kept its lessons to heart.
O’Keefe was sincere. I have no doubt that many people kept a copy of the Rogers report close to hand, and that these people had dedicated themselves to ensuring that none of the mistakes detailed within would be repeated.
Yet they failed. And this is the final, painful, lesson of Challenger: You can utterly and sincerely think you’ve made all the fixes you need to, to the point where you get start getting quite exasperated if people ask you if you’ve fixed things and just how you fixed them (witness NASA’s defensiveness on safety issues during the 1990s). And yet, you can leave things undone, with the added danger of harboring a false sense of security.
The Rogers commission, like all thorough accidents reports, examined both the proximate cause of the loss of the Challenger—the O-ring burn-through—and the wider systematic problems that contributed to that failure. At the next level, the Rogers commission determined that the flawed decision to launch the shuttle on that bitterly cold January day 3 decades ago was the result of miscommunication and more damningly:
“...a conflict between engineering data and management judgments, and a NASA management structure that permitted internal flight safety problems to bypass key Shuttle managers.”
But the commission didn’t stop there. They looked at the entire shuttle program and how NASA came to operate a balky and expensive spacecraft that lacked some of the basic safety features of the agency’s earlier spacecraft, such as a launch escape tower or ejection seats. And there they found fundamental issues with how the shuttle program had been developed and funded from the very beginning:
“From the inception of the Shuttle, NASA had been advertising a vehicle that would make space operations ‘routine and economical.’ The greater the annual number of flights, the greater the degree of routinization and economy, so heavy emphasis was placed on the schedule. However, the attempt to build up to 24 missions a year brought a number of difficulties...”
So how did the same agency that pulled off the Moon landings with such elan devolve to such a state? Because its funding was now being drip-fed to it by Congress on an annual basis. Consequently, engineering decisions were made that increased overall costs in exchange for short-term savings to keep the program more or less within budget year-by-year.
Even the basic design of the shuttle represented an attempt to please as many people as possible. For example, its distinctive large wings were to give the spacecraft enough cross-range capability that it could take off, quickly perform a task in space, and return to its launch site after a single orbit. This capability was added to facilitate certain types of military missions in an attempt to get the Department of Defense to pony up funds. In the end, the shuttle never actually performed a mission that needed that amount of cross-range capability, but it was stuck with the wings.
No matter how much NASA changed things internally in the wake of the Challenger disaster, it was left with the basic problem of trying to do too much with too little, with governmental funding mechanisms that favored short-term solutions. And it was still left with the shuttle, which many in NASA were now even more emotionally committed to. Yet this was a vehicle that, in 2007, was described by the then-chief administrator of NASA, Michael D. Griffin, as a dead end in comparison with the Apollo-era approach to spaceflight:
“The Shuttle offers truly stunning capability, greater than anything we will see for a long time, but the expense of owning and operating it, or any similar system, is simply too great. Any new system, to be successful, must offer a much, much lower fixed cost of ownership. The Space Shuttle was designed to be cost effective at a weekly flight rate, a goal that was never credible… Most of the next 15 years will be spent re-creating capabilities we once had, and discarded.”
In the end, the pressures that fostered the kind of flawed thinking that crippled NASA’s safety culture prior to the launch of the Challenger never went away after its destruction. And so perhaps we should not be surprised that that thinking crept back in (or never truly went away).
When the Columbia was destroyed on February 1st 2003, the Columbia Accident Investigation Board (CAIB) once again set about examining both the proximate and systematic causes of the death of seven astronauts and the loss of a space shuttle. The proximate causes were different—a piece of insulating foam piercing one of those large shuttle wings—but the systematic causes of flawed management, a dysfunctional safety culture, and poor governmental funding and oversight—were dreadfully familiar. In fact, an entire chapter of the CAIB’s report is devoted to the parallels between the Challenger and Columbia disasters:
“Connecting the parts of NASAʼs organizational system and drawing the parallels with Challenger demonstrate three things. First, despite all the post-Challenger changes at NASA and the agencyʼs notable achievements since, the causes of the institutional failure responsible for Challenger have not been fixed. Second, the Board strongly believes that if these persistent, systemic flaws are not resolved, the scene is set for another accident. Therefore, the recommendations for change are not only for fixing the Shuttleʼs technical system, but also for fixing each part of the organizational system that produced Columbiaʼs failure. Third, the Boardʼs focus on the context in which decision making occurred does not mean that individuals are not responsible and accountable. To the contrary, individuals always must assume responsibility for their actions. What it does mean is that NASAʼs problems cannot be solved simply by retirements, resignations, or transferring personnel.”
Fortunately, the shuttle has been retired. But the U.S. Congress has not gotten better at sensible funding mechanisms for complex engineering projects—indeed, the current partisan dysfunction and tendency toward financial brinkmanship would suggest the opposite. And so NASA, as it seeks a way forward in the 21st century, must consciously find ways to resist the pressures that inevitable arise from such mediocre governance and always be asking itself one last question: “We think we’ve fixed things—but how do we really know?”