Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

Commercial Crew Transportation Capability (CCtCap) SpaceX and Boeing Developments

This site may earn commission on affiliate links.
#721
Doug_G said:
Hmm... that is concerning.

I suppose if the root cause was also the timer anomaly, resulting in the thrusters being used outside their design envelope, then it may not be a big problem. But Boeing will have to prove that, and demonstrate an adequate safety margin for crewed operations. Clearly if the thrusters are not working to spec it could represent a significant threat to the crew and the ISS.
Click to expand...

Sure, but is also seems there is a lack of duty cycle/ operation limit safe guards on the thrusters. Run to failure, but only with an override.
Along with the lack of rationality check for alignment to mission parameters (you can't get there from here).
 
#723
e-FTW said:
Oh man, this is not getting any better on the Boeing side of the house. Hope the review of SpaceX’s in-flight abort goes well. This program need two to tango, but someone needs to start the dance. Soon!
Click to expand...

The way things are going, it’ll be SpaceX with the Russians as backup. In fact that is the current state of affairs since NASA just bought another Soyuz seat.
 
#724
mongo said:
Sure, but is also seems there is a lack of duty cycle/ operation limit safe guards on the thrusters. Run to failure, but only with an override.
Along with the lack of rationality check for alignment to mission parameters (you can't get there from here).
Click to expand...

Indeed. If I were designing such a system I would be like a kid in a candy store looking at all the ways you could combine sensor data for intelligent lockouts and reporting. But the way Boeing builds things they outsource so much that there are limited capabilities for such integration. Elon does it right. All design and almost all manufacturing in house with cross team communication to the extent that a manufacturing technician can suggest improvements to design engineers. It is a messy organization but it produces results.
 
  • Like
Reactions: mongo and MP3Mike
#726
Cosmacelf said:
Issues with their system:

How did the clock get into the wrong state?

Why does the system only rely on the clock? Why didn't the software check other parameters like altitude before autonomously making important decisions? Why isn't the software written with defensive principles where you never rely on a single, or even double parameter? This is the same problem Boeing had with the 737 Max - making an important control decision based on ONE sensor. That problem killed hundreds of people.

Why doesn't their system report on the state of the software via telemetry?

Why did they lose telemetry (SpaceX never manages to)?

I could go on but you get the point.
Click to expand...
I'm not an aerospace engineer or a rocket scientist ... but ... from what I've read it looks like the upper stage / capsule used the wrong time for its "mission time" (the time interval after launch). I saw some speculation that the time delta was suspiciously close to the delta between the time the rocket went "internal" to the actual launch (11 minutes?). You can easily see how this could happen but why it wasn't caught in testing is beyond me!

As for double/multiple parameters, altitude, etc., where do you stop? At some point the software has to go with what it thinks is the current state. Given multiple conflicting inputs, which one do you (the software) believe???

IMHO, the problem with the MAX boils down to having the MCAS trigger repeatedly. That drove the stabilizers to an uncontrollable nose-down configuration over time. Imagine that autosteer was always on in your Model 3 and there's a defect in the car's steering sensor. Autosteer wants to curve to the right but the sensor, erroneously, says the steering wheel is turned to the left. The car autosteers too far to the right so you grab the wheel and steer to the left ... your action temporarily disengages autosteer but it reengages and increasingly applies to-the-right steering over and over again without limit. Eventually, you'll lose control and go off the road.
 
#727
FoverM said:
I'm not an aerospace engineer or a rocket scientist ... but ... from what I've read it looks like the upper stage / capsule used the wrong time for its "mission time" (the time interval after launch). I saw some speculation that the time delta was suspiciously close to the delta between the time the rocket went "internal" to the actual launch (11 minutes?). You can easily see how this could happen but why it wasn't caught in testing is beyond me!

As for double/multiple parameters, altitude, etc., where do you stop? At some point the software has to go with what it thinks is the current state. Given multiple conflicting inputs, which one do you (the software) believe???

IMHO, the problem with the MAX boils down to having the MCAS trigger repeatedly. That drove the stabilizers to an uncontrollable nose-down configuration over time. Imagine that autosteer was always on in your Model 3 and there's a defect in the car's steering sensor. Autosteer wants to curve to the right but the sensor, erroneously, says the steering wheel is turned to the left. The car autosteers too far to the right so you grab the wheel and steer to the left ... your action temporarily disengages autosteer but it reengages and increasingly applies to-the-right steering over and over again without limit. Eventually, you'll lose control and go off the road.
Click to expand...

At what point do you stop??? When it makes sense to stop. You can't anticipate every problem, but you can do checks in your software for many things. It's called defensive programming. Just because you can't make it bullet proof doesn't mean you shouldn't try to make it more resilient. And I said, you can also do other things like report back via telemetry the software state.

MCAS had a whole bunch of problems, not the least of which was that it took control of the plane based on a single sensor. That's blatantly unsafe. MCAS also wasn't well documented. Pilots somehow flew in planes without knowing anything about it. At the root, engineering was relegated to a back seat while sales and marketing concerns drove the product design. That might work for making soda pop, but is disastrous for making planes, as I hope Boeing has relearned. I'm glad they finally fired the CEO, it was overdue.
 
  • Like
Reactions: WentOffGrid, Doug_G and EVCollies
#729
FoverM said:
I'm not an aerospace engineer or a rocket scientist ... but ... from what I've read it looks like the upper stage / capsule used the wrong time for its "mission time" (the time interval after launch). I saw some speculation that the time delta was suspiciously close to the delta between the time the rocket went "internal" to the actual launch (11 minutes?). You can easily see how this could happen but why it wasn't caught in testing is beyond me!

As for double/multiple parameters, altitude, etc., where do you stop? At some point the software has to go with what it thinks is the current state. Given multiple conflicting inputs, which one do you (the software) believe???

IMHO, the problem with the MAX boils down to having the MCAS trigger repeatedly. That drove the stabilizers to an uncontrollable nose-down configuration over time. Imagine that autosteer was always on in your Model 3 and there's a defect in the car's steering sensor. Autosteer wants to curve to the right but the sensor, erroneously, says the steering wheel is turned to the left. The car autosteers too far to the right so you grab the wheel and steer to the left ... your action temporarily disengages autosteer but it reengages and increasingly applies to-the-right steering over and over again without limit. Eventually, you'll lose control and go off the road.
Click to expand...
It was 11 hours, not minutes. Boeing’s Starliner capsule lands after missing rendezvous with space station – Spaceflight Now
Happily, that level of mistiming didn't trigger the abort system.

The system should check that the initial time is valid. There is some window of mission time when the value gets transfered, and 11 hours late is right out. They could also correlate mission time with velocity and position data. At a human level, there was no visiblity to the operators regarding this critical mission parameter nor conflict.
 
  • Informative
Reactions: SmartElectric
#731
FoverM said:
I'm not an aerospace engineer or a rocket scientist ... but ... from what I've read it looks like the upper stage / capsule used the wrong time for its "mission time" (the time interval after launch). I saw some speculation that the time delta was suspiciously close to the delta between the time the rocket went "internal" to the actual launch (11 minutes?). You can easily see how this could happen but why it wasn't caught in testing is beyond me!

As for double/multiple parameters, altitude, etc., where do you stop? At some point the software has to go with what it thinks is the current state. Given multiple conflicting inputs, which one do you (the software) believe???

IMHO, the problem with the MAX boils down to having the MCAS trigger repeatedly. That drove the stabilizers to an uncontrollable nose-down configuration over time. Imagine that autosteer was always on in your Model 3 and there's a defect in the car's steering sensor. Autosteer wants to curve to the right but the sensor, erroneously, says the steering wheel is turned to the left. The car autosteers too far to the right so you grab the wheel and steer to the left ... your action temporarily disengages autosteer but it reengages and increasingly applies to-the-right steering over and over again without limit. Eventually, you'll lose control and go off the road.
Click to expand...

Except that in the 737 they do have the ability to turn off the auto-trim. That is the normal process by which to deal with a runaway trim on any plane with automatic altitude control.
 
#732
The "Stab Trim Cut out" doesn't just cut the auto-trim (speed trim) but whole power of the trim's electric-motor. +And very out of trim condition (with over speed); 737's manual trim is impossible heavy to move by human.

Nice to know that Boeing's solution for both avionics mishaps is good old human intervention, I hope Boeing gives right advises tools and training, for that, ohh wait...

You need Right Stuff for keeping those clowns and monkeys in check.
kaksimarjaa.jpg
 
#736
Cosmacelf said:
So the accountants think it more likely than not for a do over.

$410M - geez, Boeing. It would cost SpaceX probably a fifth of that at most.
Click to expand...

Maybe get that clock right next time, eh?

I wonder if this might make that the most expensive clock in the history of humanity. Even more than Big Ben(*).


(*) I'm being completely flip and sarcastic. The smark aleck in me couldn't resist. Just too easy.
 
  • Funny
Reactions: Cosmacelf, e-FTW and Grendal
#737
As Elon recently said in the 4Q19 CC, you can't just snap your fingers and hire great engineers. They just don't make them that fast. There is a limited supply of them. I suspect the underlying reason why SpaceX can do things no one else can is that they have a lock on a vast number of talented engineers. Boeing Space probably suffered from a brain drain. I mean, why would a talented engineer chose to work at Boeing rather than SpaceX?
 
#738
Cosmacelf said:
As Elon recently said in the 4Q19 CC, you can't just snap your fingers and hire great engineers. They just don't make them that fast. There is a limited supply of them. I suspect the underlying reason why SpaceX can do things no one else can is that they have a lock on a vast number of talented engineers. Boeing Space probably suffered from a brain drain. I mean, why would a talented engineer chose to work at Boeing rather than SpaceX?
Click to expand...
Job security? Pension plan? Proximity to where you want to live?

But yeah am with you: I have long said that while the execs at the traditional contractors where laughing and pointing at SpaceX, the smart folks would have been updating their resume and sending it over to Hawthorne.
 
#739
GAO report on Commercial Crew (this was pre-In-Flight Abort):

Full report: https://www.gao.gov/assets/710/704121.pdf

Key takeaways (my emphasis):
NASA will have fewer astronauts on the ISS in 2020 unless the Boeing and SpaceX spacecraft are ready to fly missions, but significant work remains for both. NASA has few back-up options if delays continue and will have only one astronaut on the U.S. side by April 2020. Most of this astronaut’s time will be spent on maintenance activities rather than on research and development.
To fly as soon as possible, NASA has been planning to complete its reviews of the contractors’ systems under aggressive time frames. This approach is risky because it assumes the contractors will complete multiple activities on time. Boeing and SpaceX must conduct additional test flights, train astronauts, and get a license from the Federal Aviation Administration (FAA).
FAA licenses cover the contractors’ launch and reentry activities. FAA may grant waivers for changes to the license that do not jeopardize public safety. For example, FAA may grant waivers for changes in launch trajectory. NASA needs to know when such changes have been made in case they affect the crew. While NASA and FAA have coordinated on launch licensing for years, they have not yet decided how they will communicate about waivers. As a result, NASA may not have all the information it needs for launch decisions.
Click to expand...
 
Last edited:
  • Informative
Reactions: SmartElectric and Grendal
You must log in or register to reply here.

Similar threads

TMC Staff
  • Article
Blog SpaceX Set to Launch Humans into Space on Wednesday
Replies
7
Views
5K
SpaceX
kula guy
K
TMC Staff
  • Article
Blog NASA Names Astronauts for Commercial Crew Flights
Replies
0
Views
2K
SpaceX
TMC Staff
TMC Staff
TSemi
Tesla has a ‘Heavy Trucking’ division and it named Jerome Guillen as President
Replies
2
Views
2K
Semi
TSemi
TSemi
ecarfan
NASA orders SpaceX to examine changing to Inconel tanks from carbon fiber
Replies
46
Views
8K
SpaceX
mongo
M
Grendal
Falcon Heavy - 7&8 Reuse - Elon's Roadster Demo - LC-39A
Replies
647
Views
48K
SpaceX
ecarfan
ecarfan
Top
Back
Blog
New
Forum list
Marketplace
Menu