
So in the light of some technical failures last year, I recently had a discussion about engineering endeavours throughout human history. An interesting recent adventure is the revival of rocketry. Naturally the question 'what are we still doing wrong after 60 yrs of experience with this technology?' arises.

Machines become ever more complex and thus more complicated to handle and control. I however discard the 'argument' that we will at some point hit rock bottom because we're not able to grasp the ever-increasing complexity of technology. Humans are able to handle much, much more, at least that's what I believe in my naivety.

So my question is: What are the major (engineering) difficulties that prevent us from building airplane-safe space-rocketry of accident rates of $\sim 2-4 \cdot 10^{-6}$ (see here) per launch?

P.S. Yes, I have researched other similar questions like this one, but the simple reason "the technology is still in it's infancy" or #RocketsAreTricky is not enough for me. I'm able to understand the hard, nerdy reasons, so give me those please if you have them.

  • $\begingroup$ Interesting source of statistics here (I'm surprised at the wide variety of causes that are mentioned): quora.com/What-are-the-major-causes-of-rocket-failures $\endgroup$
    $\begingroup$ I wonder what the airplane accident rate for supersonic aircraft is (per hour of supersonic flight time or similar) $\endgroup$ Commented Jan 7, 2016 at 0:57
    $\begingroup$ #RocketsAreExpensive. "If a chance of failure of an element of a system is one in a million, in a system of a million elements something WILL fail." -- Stanislaw Lem. This shortcoming is overcame in most commercial systems by lots of redundancy and safety features. In rockets that means more payload mass, and that costs a lot. The fact that most things fail very explosively doesn't help... you won't switch to a redundant engine if whole bottom of the rocket got blown up. $\endgroup$
    $\begingroup$ If we could pinpoint one, or a dozen primary causes of rocket failures, we'd long have airplane-safe rocketry. The problem is there is no single or a dozen such causes - there are literally thousands. And while the case is similar with airplanes, a single faulty gasket won't turn a Jumbo-Jet into a ball of flame. It will be able to extinguish a flaming engine and reach the airport on the remaining ones - because the process is far less energetic and the dry mass allowance much higher, allowing for such redundancy. "How much is 2+2. No '4' answers please." $\endgroup$
    $\begingroup$ As a programmer I find it far more astonishing that we have >50% success rate at all. $\endgroup$ Commented Jan 7, 2016 at 21:42

It's unusual for the same fault to cause more than one rocket launch to fail. Flaws are found and corrected, and launchers get more reliable.

In all our history, there have been something like 5000 orbital launches. Each one of those was an opportunity for things to go wrong, for a flaw to be exposed and eventually corrected.

Today, airlines fly 90,000 flights per day. Over the last 50 years, we've had more plane crashes than orbital launches. The industries of aircraft development and operation have simply had far more chances to learn.

Rocket builders and operators are learning plenty fast, though. The Atlas series has had 120 launches with only one partial failure since 1991, for instance -- just about as close to a perfect record as that small a sample size can get.

(In other words, "the technology is still in its infancy" -- the same answer you saw and didn't like on a previous similar question.)

    $\begingroup$ @AtmosphericPrisonEscape: I'd say that impression is wrong. There is a huge difference between putting knowledge on paper, and reality. There is so much we don't know, and you don't know what you don't know until you know it (:p). You may think something is going to work perfectly, until it doesn't (e.g. Apollo 1), or things aren't designed for the "edge case", such as a stupid piece of foam falling off and hitting the wing. That was never the intended design, but it happened in reality. That is why practice is key. $\endgroup$
    $\begingroup$ Depends on your definitions. The basic engineering might be sound, but maybe it's possible to plug a sensor in backwards -- is that an engineering failure or an assembly failure? Someone might miss an item on a launch checklist -- is that human error or is the checklist too long because not enough things are automated? #RocketsAreTricky -- they are very complex machines and as @kim holder's answer points out, they generally don't have as much safety margin as airplanes do because they need every bit of performance they can get. $\endgroup$ Commented Jan 6, 2016 at 20:45
    $\begingroup$ "the most fragile parts in any construction should be known at the time of designing it" - only if your design is entirely conservative and includes nothing new. The reverse of this is very apparent from SpaceX: they're trying to do something entirely new, and therefore have a lot of unexpected failures. $\endgroup$
    $\begingroup$ With rockets, it costs a lot to fail and learn your lesson and to get back on your feet. As a software developer, practice is cheap, I have a staging network to test on as well as a variety of test suites to simulate everything thrown at my work as if it was in production. With rockets, you don't have this level or ease of testing. The stakes are far higher and mistakes more costly and hard to recover from. $\endgroup$ Commented Jan 7, 2016 at 16:24
    $\begingroup$ @fractalspawn: “In theory, theory and practice are the same. In practice, they are not.” $\endgroup$
Just another analogy to maybe help explain why #EverythingIsTrickyNotJustRockets (in addition to the great answers already here).

Take Formula 1 racing. It's a sport with some extremely complex machines, built to the very edge of engineering and manufacturing capabilities to give as much performance as possible. Just like rockets. Others have mentioned airplanes, but those are generally built to be safe and comfortable, too. F1 cars just have the imperatives of "win race" and "try to not kill driver". Again, much like rockets.

There's plenty of experience with race cars. F1 cars as we see them today (rear-mounted engine, monocoque chassis) have a lineage back to the 1960s, and cars in general have of course been around much longer. And there's a lot more F1 racing than rocket launches, so there's more practice as well.

Even so, take a look at any race from last year's season. For instance, the Malaysian Grand Prix:

Of 20 cars, 5 failed to complete the race. And none of this was due to plain ol' collisions. One car spun off the track, so you could call that driver error, rather than #RacecarsAreTricky, but the remaining 4 were all due to technical issues. Specifically: Brake failure, turbo failure, power unit failure, and fuel system failure.

So, at best, that's still a failure rate of 20%.

That's a pretty common failure rate in a Formula 1 race. There're always cars that break down during races. And they're just cars! Yes, they're advanced and insanely complex cars, but things like brakes, fuel systems, turbos - those are all things that regular, everyday cars have too. We know these systems well; the F1 versions are just the very best that money can buy. And yet they fail.

Compare that to rockets, which have nothing in common with everyday vehicles, and where there's just nowhere near the same amount of practice to begin with.

Now, if we have a hard time making a car go reliably around a squiggly circle for a few hours, it's amazing that we're able to make rockets at all.

To respond to your earlier comment:

I was under the impression, that the most fragile parts in any construction should be known at the time of designing it, thus the question of project success would boil down to material and engineering quality. Is that impression totally wrong?

Alright, let's say you build a liquid fuel rocket. You know exactly how much thrust it'll produce, and you make the structure strong enough to withstand more than that. Good safety margin. You use the best materials and all that. It's all completely by the book.

Then you ignite it. Inertia keeps the rocket on the ground at first, with the engines pushing hard against their support struts, so the struts flex a little. They have to: They can't be infinitely strong. But you've accounted for that, so it's fine.

Fuel combustion is almost perfect. Almost. You simply cannot guarantee that it's 100% perfect, because it's a chaotic, violent chemical reaction. However, it's well within tolerance, and the rocket takes off beautifully. Just as planned.

But that tiny bit of combustion instability causes some vibration. The vibration makes the engine supports flex a tiny bit more. Nothing to be alarmed about, they're built for it. If they weren't, they'd snap instead of flex.

But when they flex, the fuel line to the engine also gets compressed and stretched too. This changes the flow rate of the fuel, which changes engine pressure, and, in turn, thrust.

So now, your engine's initial combustion instability has has caused more instability, and more vibration. The engine starts to vibrate more. It doesn't (yet) flame out or explode or anything, but it's not producing a stable amount of thrust. Engine supports and fuel lines flex more and more, making the problem worse and worse.

Sooner or later the struts or fuel lines flex too much, and, in technical terms, rocket goes boom. Or maybe you've accounted for a lot of vibration in the struts, but the entire body of the rocket starts shaking and bending like a pool noodle from all this vibration, so it snaps in two, and... rocket goes boom. Or a million other things could break as the vibrations grow and grow. Maybe the engines just experience fuel starvation, flame out, and the whole thing falls to the ground (and goes boom).

This type of situation is called a pogo oscillation, and it famously plagued the Saturn V rocket for quite some time. It's something that any large rocket has to deal with. And ways have indeed been found to deal with it. But before it was first experienced, who would have thought of it? You'd pretty much have to experience a failure first. And then you can fix it.

In the end, your design will contain assumptions. Assumption like "thrust is X". True - until the vibrations started. After that, you might as well assume that "thrust is infinite", but then you'd have to make the struts infinitely strong (good luck with that). Or maybe you have an assumption like "liquid fuel settles at the bottom of the tank". That's true if there's gravity (and the rocket is upright). It's true if there no gravity, but the rocket is accelerating. But it's not true in microgravity with no acceleration. There, the fuel sloshes around, which can causes problems all on its own, besides the fuel not being near the pump intake. Of course, you've already thought of this, so you add ullage motors to add a bit of acceleration, and make the fuel settle again.

Except now, of course, you've actually just strapped another set of rockets to your rocket, and you have new problems and assumptions to deal with, because #RocketsAreTricky.

Your comment was itself based on an assumption: That it's possible to know everything.

Edit: As Michael Kjörling adds in the comments, Apollo 13 experienced pogo oscillations on launch. Even though the engineers knew of the phenomenon at this point, they were still surprised by the oscillations, because "they were amplified by an unexpected interaction with turbopump cavitation." That's the sort of complexity you have to figure out.

That article is worth a read, but its references are even more interesting. It cites an aerospace industry publication, that just happens to contain the aptly named article: That's why they call it rocket science, which also attempts to answer the question: "Why is it so hard to launch a rocket into space with absolute assurance of success?". Pretty much exactly the thing you're looking for! Among other things, it offers this quote:

Launch system designers base their designs on the best data available—but sometimes, the best data are just good estimates. True measurements of the launch environment can only be obtained in flight, and that’s hardly an option at the design stage.

  • $\begingroup$ Sounds like the F1 development folks need to take some lessons from aerospace companies! (Obvious "Rocketdyne Formula 1" joke left as an exercise for the reader.) $\endgroup$ Commented Jan 7, 2016 at 1:57
    $\begingroup$ @MasonWheeler Turbo is short for turbocharger and you can buy an everyday car with one. Just you need to spend a little more. en.wikipedia.org/wiki/Turbocharged_petrol_engines $\endgroup$
    $\begingroup$ The example of pogo oscillations is interesting, given that Apollo 13 suffered from exactly that problem during launch. Unrelated to their later problems, I might add... $\endgroup$
    $\begingroup$ The Tacoma Narrows Bridge Disaster is another good example. One might think that after 5000 years, we'd have figured out how to build a bridge. The guy who designed the bridge had developed a new mathematical modeling technique for suspension bridges that allowed him to model all known forces and tensions much more precisely and accurately than ever before. (Or model them at all, actually, before that, suspension bridges had included a lot of guessing and rule-of-thumbing.) This allowed him to build much sleeker, lighter, thinner bridges. So thin, in fact, that they experienced a new $\endgroup$ Commented Jan 9, 2016 at 7:27
    $\begingroup$ … force that his theory didn't account for, simply because it had never been experienced at a bridge before: aerodynamic lift. The bridge deck was so thin that it started acting as an airfoil. The theory did account for wind, but only for sideways forces of the wind hitting the side of the deck, not for upward or downward forces of the deck acting as an airfoil. $\endgroup$ Commented Jan 9, 2016 at 7:30

The main problem is that in order to have enough thrust to get a rocket out of the atmosphere and up to orbital velocity, 85% to 90% of the rocket has to be fuel. So you have a controlled explosion, essentially, in which thousands of pounds of fuel is combusting each second and the force of that is being directed out of nozzles, pushing a rocket upwards with forces of several gravities, through supersonic winds, and you have to make the structure and engines that support all those forces as light as possible.

This is a good overview on the topic by astronaut Don Pettit:

Even very minor failures can cause payload to fail to reach orbit or the loss of the vehicle, because there is so little margin for error. A part slightly out of place in a supersonic wind will make the whole structure unstable, which quickly makes things much worse until the vehicle tumbles. Fuel that burns with even slight unevenness will cause vibrations that cause other things to fail, which then cause more things to fail and soon something explodes. An engine that takes even a few seconds too long to light means the vehicle doesn't attain the speed to reach orbit. The slightest flaw in structures that have to withstand extreme pressures, extreme temperatures, severe vibrations and multiple gravities can become worse very quickly again leading to explosions.

    $\begingroup$ The video you linked is a nice one, but the talk and your answer essentially doesn't go beyond "#RocketsAreDifficult". This is exactly the type of answer that I've discouraged, as I'm perfectly aware of those things. Russell's answer goes more into the direction of answering the engineering details. $\endgroup$ Commented Jan 6, 2016 at 20:03
  • $\begingroup$ Seriously, both answers are right and they go hand in hand. Rockets aren't yet as reliable as they could be because the technology isn't totally mature yet; orbital rockets won't ever be as reliable as airplanes because #RocketsAreTricky. $\endgroup$ Commented Jan 6, 2016 at 20:50
  • 2
    $\begingroup$ @AtmosphericPrisonEscape 'nerdier' answers to this question would have to get very long and pull in a lot of math even to list the different design issues, longer than the SE format is designed for. The challenges touched on here affect all aspects of rocket design, and Russell's and 1337joe's answers point out how engineering design processes operate. To be more specific we need a question about a much narrower part of the design process, the stresses on different rocket systems, or the processes of rocket construction, preparation, and launch, comparisons of different design solutions... $\endgroup$
  • $\begingroup$ @AtmosphericPrisonEscape : this answer is more of a #HighEnergyEngineeringIsDifficult one. And it's a perfectly valid point. Gunpowder was known for a quite a number of centuries before we got to the milestone of reliable automatic weapons (in the 20th). We first induced fusion in the 1950s - about the same time scale you refer to in your question - yet we still don't have controlled, productive fusion plants in early 2016. $\endgroup$
The biggest thing keeping us from having airplane-level accident rates is the lack of airplane-level flight rate. Not recovering/reusing flown rockets doesn't help either.

To date SpaceX has launched 25 rockets in 9 years (according to spacexstats) to orbit, with the most per year being 7 in 2015. Every flight has been a completely new vehicle, and there have been incremental upgrades to the design over time so it's not like they've even got 25 launches of flight data on the same hardware. Also, until the last flight they didn't get the flight hardware back so they couldn't analyze the flown rockets for potential issues.

For comparison, Boeing has delivered over 350 787-series airplanes in 4 years (wikipedia) and has hundreds of flights per day, all of which are recovered and serviced so wear and stress are very well understood. Beyond that, they had over 8 months of full-up flight testing before the first delivery, which isn't a luxury available to a rocket company that's not able to recover its rockets.

    $\begingroup$ An interesting example is Soyuz (the whole R7 family) which had something like 1700 flights IIRC over many decades. And I think it has a significantly better success ratio than most, no? Would love to see someone pull the numbers. $\endgroup$
  • $\begingroup$ The R7 family does have an impressive history (capped out at 60 rockets produced per year in the 80s according to wikipedia, 17 launches last year), but they've still had a mission failure on a Progress launch last year and a couple of failures to reach orbit in 2011 (along with a couple partial failures between those). en.wikipedia.org/wiki/… $\endgroup$
  • $\begingroup$ So on the wikipage linked by 1337joe this would be 84 launches in 2010-2014 with 2.5 failures, while the .5 was the famous misplacement of Galileo satellites. I'd say then 2 in 84 makes a failure rate of 2.4%, which is pretty impressive, I think. As this technology is fairly old and thus evolved, this would give weight to the point @Russell Borogrove made, given recent failure rates of ~20%. $\endgroup$ Commented Jan 6, 2016 at 19:06
    $\begingroup$ You should maintain a distinction between a Soyuz launcher failure and a Fregat upper stage, Soyuz spacecraft, or Progress spacecraft failure. The launcher itself (boosters + 1st and 2nd stages) is exceedingly reliable. $\endgroup$ Commented Jan 6, 2016 at 20:38
  • 1
    $\begingroup$ Interesting article about the simplicity of the Soyuz launcher design: medium.com/this-is-rocket-science/… $\endgroup$
Safety margins.

A rocket built with the sort of safety margins that are normal practice in aircraft would be too heavy to reach orbit. Not only do you build your aircraft reliable but you build it so that when something goes wrong you still get your airplane back.

You are barreling down the runway and just pulled the stick back when one of your engines goes south. What do you do? If the runway is long, land and stop. If it's short, firewall the rest and promptly get your plane back on the ground.

You have just cleared the launch gantry and one of your engines goes south. What do you do? Fly the rocket over empty space, separate the payload section if it can be recovered and push the big red button.

Instead of comparing lost aircraft to lost rockets you need to compare a wide variety of minor aircraft failings to lost rockets.

  • $\begingroup$ This! Due to the nature of the rocket equation (exponential fuel requirements), weight is everything. The design tradeoffs between safety and cost are pushed as close to the low-cost side as possible, while being safe enough. With unlimited funds, your rocket can be made as reliable as you want. Small data point: billions were put into Saturn V development. None ever failed (although some F-1 engines went south in-flight, but the thing went to orbit nevertheless). $\endgroup$
  • $\begingroup$ @Jens I don't think even infinite money could overcome the brutality of the rocket equation. Some failure modes can be overcome but you simply can't provide enough redundancy for the more serious ones. $\endgroup$ Commented Jan 8, 2016 at 21:33

If such a complex system like a multi stage rocket should have a very low accident rate of 2 to 4 per million, it must be built from very reliable parts. But if there are some thousands of parts, each one should have a reliability of less than 1 failure per billion. But it is impossible to proof such low failure rates by testing. If you do one test per minute during the full year, you would need more than 1900 years for a billion of tests.


