|
Eager Space | Videos | All Video Text | Support | Community | About |
|---|
This is the first of two videos talking about abort modes in reusable vehicles. I had originally planned on covering both the shuttle and starship together but I kept finding more shuttle information and it made more sense as a separate video.
The Space Shuttle was a very different vehicle from the ones that came before, and with those unique capabilities came some unique challenges in keeping the astronauts safe.
Early US crewed programs used modified ballistic missiles and those missiles had an unfortunate tendency to blow up, and so NASA designed escape systems that would attempt to save the crew members in such a case.
Mercury used a capsule with an escape tower on top of it that could pull the capsule free from the launch vehicle and out of danger. That's a redstone suborbital launch on the left and an Atlas orbital launch on the right.
Gemini went a different direction and used ejection seats.
The reason is that NASA originally wanted to move away from the downsides of splashdowns for Gemini - splashdowns take recovery fleets, they have weather requirements, and capsules can sink.
They instead worked on a concept based on a glider known as the "Rogallo wing" which would inflate and allow the capsule to glide to a touchdown on land. The picture on the right shows one of the test vehicles on display at the Udvar-Hazy center at Dulles airport in Virginia.
With that design, ejection seats would work as backup both on ascent and during the last stages of landing.
Because of development issues, the wing was delayed to later Gemini missions and ultimately cancelled.
Apollo went back to the escape tower approach.
The space shuttle was a very different bird - the orbiter was much, much larger than capsules - and it therefore required a different approach.
Here we have our space shuttle stack.
In a normal mission, both the solid rocket boosters and the three main engines are ignited on the launch pad. The solids burn for about 2 minutes, and the main engines burn for a little more than 8 minutes.
At that point, we reach Main Engine Cut Off, or MECO, and we're in orbit, with a little help from the orbital maneuvering system engines.
The ascent aborts are all about what happens when something doesn't go quite right. The first thing to note is that there is no abort if the solid rocket boosters fail.
The aborts are all based on one or more main engines failing or underperforming, and the options depend upon when the engine failures happen. The abort options and timings also depend upon the destination of the shuttle and the amount of payload it is carrying. The chart that I'm showing is from STS-116, which was a mission to the international space station.
We'll start by looking at the cases where a single engine fails, starting at the end of the launch and working our way back.
If the engine failure happens after about 6.5 minutes, there is no abort required. The remaining engines will burn longer and the mission proceeds normally.
If the engine failure happens from 4.5 minutes to 6.5 minutes, the orbiter can not generate enough speed to get into the desired orbit but it can get into a temporary orbit, so the Abort To Orbit - or ATO - abort option is used. This option allows time to decide what to do.
If the orbit is close to the desired - or nominal - orbit, the Orbital Maneuvering System engines can be used to raise the orbit to the nominal orbit, or at least one that is good enough for the goals of the mission.
If continuing the mission is not possible, the flight is converted to the Abort Once Around - or AOA - option. The shuttle gets into orbit and then reenters before completing an entire orbit. Depending on the orbit that the shuttle was aiming for, they would land at Edwards Air Force base in california, Holloman air force base in new Mexico, or back at the launch site in florida.
If the engine fails from 2.5 minutes to 4.5 minutes, the shuttle cannot generate enough speed to reach orbit, so the transoceanic abort landing - or TAL - option is chosen. Depending on the orbital inclination of the mission, different landing sites were used.
A mission to Hubble would be to 28.5 degrees of inclination, so their TAL landing site would be Banjul International Airport in Gambia.
STS-116 was to the international space station at 51.6 degrees of inclination, so their prime TAL landing site was Zaragosa Air Force Base in Spain, with possible backup sites in France, Spain, and Morocco, and the capability to land at other emergency landing sites.
A TAL profile simply goes from the ascent into orbit directly into the reentry and landing.
TAL aborts can also be used for systems failures unrelated to engines, such as propellant leaks, cabin leaks, or cooling issues.
If an engine fails in the first 2.5 minutes of flight, there isn't enough energy to do a TAL abort, so the return to launch site - or RTLS - option is chosen.
Getting back to the launch site is complicated. The orbiter is currently moving away from the launch site, so it will need to perform a powered pitcharound with the engines running so it is pointing back towards the launch site to kill the velocity away from the launch. Then it will perform a powered pitch down to get the nose at the proper angle for gliding.
At that point - in the highlighted box - the shuttle needs to be at the proper altitude, the proper velocity, the proper angle and be pointed at the proper direction. The main engines can then be shut off, the orbiter detached from the external tank, and the glide to the runway started.
To make it even more complicated, it's not safe to separate from the external tank if the external tank has more than 2% of its fuel remaining, so it must also use up its fuel before it reaches that point. That may require it to do a maneuver called "lofting", where it flies a high flight path to waste fuel.
It's not clear how feasible RTLS was. In 1980, STS-1 commander John Young said, "RTLS requires continuous miracles interspersed with acts of God to be successful". RTLS was improved after that, but it still remained iffy.
With two engines out, we are into what are known as contingency aborts. Quoting the NASA documentation, "Contingency abort procedures are executed when multiple main engines fail or suffer a performance degradation that results in the loss of all other intact abort options.
There are both nominal and transoceanic abort landing options, but their timelines have shrunk because of the reduction in thrust and there is no longer an Abort to orbit option as the shuttle cannot generate enough speed to make it to orbit.
DRP stands for Droop Guidance. There is a requirement that the shuttle stay above 265,000 feet (80 km) when travelling at high speeds to keep the external tank from overheating, and if the computers predict this will happen, they will enter droop guidance. The computer will rotate the shuttle into the "stand on the tail" attitude to minimize the sink rate. In this specific case, TAL should be achievable, but droop guidance may be enabled at other times.
If both engines fail before 5.5 minutes, we will enter ECAL or BDA abort. ECAL stands for "Eastern Coast of North America", and basically is a series of airports where a shuttle might be able to land. Because this flight is to the ISS, the ground path of the flight is up the eastern seaboard and therefore ECAL is the contingency option of choice; if the launch was more to the east, an abort to Bermuda (or BDA) would be the only option. If this situation is detected, the software will command an unguided 45 degree yaw (turn) in the direction of the landing sites; this is intended to make it easier for the shuttle to reach the landing site. The nose will be pointed up to prevent the vehicle from sinking too quickly.
The crew will then consult their documentation to choose an appropriate ECAL site.
Finally, if two engines fail in the first two minutes, RTLS will be initiated immediately after the solid rocket boosters separate and will proceed in the same manner as 1 engine out.
Finally, we reach the 3 engines out aborts. These are the most speculative and depend significantly on exactly when the failure happens, what the payload is, etc.
There are small nominal, Transoceanic abort landing, and ECAL/BDA options if the failures occur after 6 minutes.
Just before that we have what is known as a black zone.
The NASA documentation says, "Black zones are regions along the ascent trajectory that may not be survivable".
Black zones exist when one of the following is true:
Airspeed is too fast for the flight control system to stay in control
G loads are high enough to break up the orbiter
Three engines fail when the SRBs are firing. This may lead to failure at the external tank and SRB attach points, poor separation dynamics (the ET may hit the orbiter), or a center of gravity beyond limits that makes the orbiter uncontrollable.
Dynamic pressure during coast is too high for the reaction control system to deal with.
Control surface forces exceed their maximum or the wing or tail become too hot.
You can read all of those as "the orbiter loses control and breaks apart"
This first black zone is because the orbiter dives after the loss of engine thrust and is going too fast to level out.
Interestingly, there is a section before this where ECAL/BDA may be possible as there is less speed and therefore the speed when leveling out is acceptable.
There is a black zone in the first 2 minutes if all three main engines fail, as none of the RTLS maneuvers can be accomplished. Further, there are black zones if the remaining engines fail during RTLS for the same reason.
That covers all of the ascent aborts.
There are other flight rules that may lead to an abort; these happen when a system fails that would compromise the mission. These rules are designed to get the orbiter on the ground as quickly and safely as possible.
If the orbital maneuvering system - the two small engines above the main engines - cannot function, orbit cannot be achieved, so a TAL abrot will be used
If the auxiliary power units or hydraulics are failing, either RTLS or TAL will be chosen based on getting the orbiter back as soon as possible.
If there is a cabin leak, if the cryogenics are failing, or ig the freon cooling is failing, the same rule applies.
If the two main electric busses are failing, the rules say to do RTLS but my guess is that it's either RTLS or TAL
Finally, if one of the windows breaks, reentry is no longer possible so RTLS is the only option.
Let's talk about reentry.
Nearly all of reentry is a black zone; there is no abort possible if something goes wrong.
Originally, Columbia had ejection seats for the commander and pilot, but that was only a solution for two astronauts and they took those out after the first few flights.
After challenger, nasa added a bail out option. If you get to 50,000 feet in control and you are more than about 55 nautical miles from the landing site, you won't make it and you can bail out. Or if you get there but there's another reason to think you can't land, you can bail out.
On this chart, the red box shows the time you have to prepare to bail out by flattening out the glide and turning on the autopilot. And the green shows the 90 seconds you have to get out.
Here's a simplified sequence:
At 50,000 feet, call for bailout, flatten out the glide with wings level at 185-190 knots and engage the autopilot.
At 40,000 feet, the cabin is vented to equalize pressure so the hatch can opened
At 30,000 feet, the side hatch is jettisoned and the crew exits the vehicle.
There is a problem bailing out as the astronauts will hit the orbiter wing if they simply jump out; NASA therefore developed an extendable pole to guide the astronauts down low enough to miss the wing.
The history of aborts on the shuttle is thankfully short. STS-51F launched in 1985, and 5 minutes and 33 seconds into the flight, two temperature sensors in the center engine failed, leading to the shutdown of that engine. The shuttle performed an abort to orbit at a lower-than-planned orbital altitude, but luckily the flight was a SpaceLab mission and did not require a specific orbit.
There were no other aborts during the shuttle program, though there were a few close calls. But that's a subject for another video.
I have a few references to share for those who want to dig deeper.
The intact ascent aborts workbook and the contingency aborts workbook were used to train shuttle astronauts in abort procedures
The Crew escape systems workbook was used to train astronauts how to use the escape systems, including the bailout procedure.
