In many ways, this is an update of the Titanic story of technological hubris, with the twist that the man who was right, who fought hard to prevent what he foresaw, who was briefly relieved when his dire predictions seemed to be wrong, was still dogged by the event for the rest of his life.
We don't know how those who were on the wrong side of the issue coped, and they should not be pressured to make public anything beyond what the inquiry required, but it seems plausible to me that those who could persuade themselves that they made the right decision, given the circumstances and despite the outcome, probably fared best. That is usually the case.
Edward Tufte tried to suggest that Boisjoly could have presented his case more effectively. Tufte may have been thinking purely pedagogically, but regardless, the implied criticism was unjustified, as Boisjoly's point should have been clear to anyone familiar with the issue, and in fact it was clear to quite a few, though unfortunately not to the few who mattered, and I doubt that, for them, a different presentation would have made a difference.
We can't always be right, and we can't all be heroes, but I hope we can all avoid being the person who said to Boisjoly, when it appeared that Boisjoly's testimony might be fatal to Morton Thiokol, that he would leave his children for Boisjoly to raise if he lost his job.
In my technical writing class in university, we briefly analyzed the Challenger disaster. We came to the same conclusion, that the communication was ineffective and could have been done better. There were a lot of failures that led to the message not being conveyed appropriately. One in particular that sticks out in my mind is a conference call with one of NASA's subcontractors where an executive put NASA on hold, and polled all the engineers and asked if they thought the launch should continue, and every single one of them said no. The executive said yes to NASA.
The standard procedure invented by management(mostly as a 'cya' tactic) is this. They can never be wrong. Like never. Your bosses are never wrong. No matter how effectively you communicate with them to convince them to arrive at different decisions.
From Shuttle disasters to Diesel scandals to Data breaches.
The obvious solution to this is by blaming engineers. Engineers must try harder. If the management still doesn't agree, well then you are not trying hard enough. Remember the rule, they are never wrong, if you fail to convince them its your mistake because you didn't convince them otherwise.
Hence a 'Communication problem'. Which implies management is mostly innocent, and engineering didn't do its job well enough.
This absurd rule exists for a simple reason.
Who is supposed to audit these disasters and arrive at a root cause?
Which is where "managing up" comes in. Want your manager to change their mind and do the right thing? Find a way to package the right thing so they can do it without having to admit they were wrong.
(Yes I know, it's awful that people have to do this, in a perfect world things like this would be unnecessary, etc. When you find a perfect world, call me, I would like to buy some real estate.)
>>Find a way to package the right thing so they can do it without having to admit they were wrong.
Please note that this scenario would arise only after the disaster happens. These people have to make a decision before that. There is no concept of a blame before a disaster, only accountability. For a simple reason that it has not happened yet.
Now if a room full of engineers said NO in consensus, and you still go ahead and say YES. Then you either know something they don't which in case you must mention what that information is, and get it reviewed from those engineers who don't have that information. Then vote again, make the YES/NO decision appropriately. Repeat until there is consensus between both you and them. If not take complete responsibility for making that decision, because only you know why you are making that decision.
Decisions this crucial are not left to gut feeling and Rambo level on-the-field thinking. There is a reason you have a panel of experts/engineers sitting.
You don't make any decisions in reality. You only iterate the process of arriving at YES/NO once all the data and scenarios are reviewed.
Situations like these happens when managers/administrators think they are kings with veto to override decisions at whim.
Even at the very highest levels. Including that of Prime Ministers and Presidents, governments are largely run by expert panels and commissions, with politicians only give policy directions. And manage things based on recommendations.
Just to play Devil's advocate: The answer a bunch of engineers will give to "is it safe to launch?" is always some variant of "no, not completely".
The executive needs to be able to determine if the current "no" is "more no" than the usual "no". That might not exactly be straightforward depending on how dysfunctional the relationship between management and engineers had become.
These were engineers, not lawyers. Engineers understand what an acceptable margin of error or failure is, and whether that line has been crossed. In this case, they answered "no" because they felt the defined threshold for safety of the O rings had been exceeded, and the risk was now unacceptable.
In contrast, lawyers freely play with words as if they have no meaning, because they will claim, "In our legal system, justice is the responsibility of the jury. We lawyers merely serve as opposing advocates. Thus we are obliged to confuse and mislead the jury toward our desired ends, using whatever verbiage / argument best serves our client."
When they see the actual engineers' answers of "NO" on the traceability report, then NASA would have stopped right there as a blocker and push hard.
Having execs make engineering safety critical decisions is a way to kill people. And hopefully now NASA forces this on all their contraters and internal staff.
> When they see the actual engineers' answers of "NO" on the traceability report, then NASA would have stopped right there as a blocker and push hard.
This is completely unsupported by the extensive investigation and reports of the catastrophe. NASA simply would not accept NO, and all evidence available says they would have found a way to justify ignoring any weather + seals evidence that would have stopped the launch.
Consider anther point if view: This engineering firm has taken hundreds of millions of dollars from NASA, and are now guaranteeing to a man that their product is dangerous and unsuitable for its task.
Were the safe conditions for use specified in the contract? Or was the breakdown in communication long before the launch day? NASA expecting an all weather booster, and the engineering firm producing a booster which would be unsafe in freezing conditions?
Though if all space missions had been postponed until we reached certainty of a risk zero, we would still be talking about walking on the moon one day today.
What do you consider the primary technological hubris of Titanic?
To be clearer - the hubris of Titanic wasn't technological, it was operational - it was going too fast, in an ice field, with a lack of lookouts - beyond this, it didnt reduce speed after ice was spotted.
Yes, there were issues, damage to such a small portion of the ship (less than 1/3) shouldn't have caused it to sink (I'll note, many other ships had similar or worse flaws than Titanic did).
The lifeboats on the other hand (as most commonly cited) are not a real issue - Titanic started launching boats about 25 min after it struck the iceberg, which is about how long a damage survey would take. It had not launched all 20 boats by the time the forward list became so great that they were unable to launch more - this doesn't even touch the multitudes below decks, many of whom didnt speak english, or were unable to be moved up to the boat deck in a timely enough fashion.
I'd also like to share something I dug up from the internet[1]:
"As far as I can determine, Titanic is the single example of a passenger ship that sank with decks level. It was probably the only time in history when lifeboats could be launched from both sides simultaneously. The Andrea Doria sinking is a more typical event. In that case, half of the lifeboats were rendered useless by the cant of the decks. Given the testimony that Titanic was "lolling" as it foundered (listing from side to side), it is highly probable that carrying sufficient lifeboats would have raised the center of gravity sufficiently to have caused a permanent list early in the evening. In other words, the weight of those extra boats might have created a situation in which they could not have been used, anyway.
And, it is conveniently overlooked that from the moment when launching boats became necessary until the moment when it became impossible was not long enough to launch the 24 boats the ship carried. If it had carried more boats, they could not have been filled and launched properly. This is not to say that some people might not have used the un-launched boats to survive--just to point out that more lifeboats was not the answer to saving everyone aboard Titanic.
The only way to save everyone on any passenger ship is to not let it sink. That's the key, not lifeboats.
White Star and the British Board of Trade had an embarassing situation on their hands. They had lost the world's largest ship...not to mention some 1,500 irreplaceable souls. They needed an issue to divert public attention from the real problems behind Titanic's foundering. For instance the lack of lookout, the speed, and the fact that the ship was already well into the ice when it struck. Why wasn't the conduct of the voyage changed at 10:00 p.m. instead of after the accident? Or, what was wrong with the design of the ship that allowed damage to the bow to ultimately claim the whole ship? These issues go to the heart of the matter, but public attention was easily diverted by the lifeboat issue. It was a diversion that worked so well that the lack of lifeboats has become almost the only safety issue ever discussed."
Nice write-up of the factors that contributed to the rapid sinking here: http://writing.engr.psu.edu/uer/bassett.html I'll leave it to others to decide whether the design decision to leave the water-tight compartments with non-watertight gaps at the top constitutes 'hubris'.
The fragility of the steel is a very valid point, however by the standards of the day, Titanic had high quality steel - so while relevant, any ship of the time, would have had the same issue.
I am however quite skeptical of the claim in that link that Titanic would have remained afloat for 6 hours had there been not watertight compartments - various marine architects have done simulations and have determined that the ship would have capsized or rolled over onto its side well before that point - beyond that, the ship would have lost lighting between 45 min, and one hour after collision, creating a panic situation as well.
Why? Bunker fires were common on coal fired ships, as was dealing with them by shovelling coal into the furnace, or venting steam. It's an interesting snippet, but doesn't seem very compelling that it was a cause. I didn't watch the actual documentary, so only have the piece you linked to go on.
Even on a ship like the Titanic, it's not like the only way to slow down is to stop burning coal. They could have vented steam instead of using it for propulsion - that is always an option.
From a documentary on channel 4 about this, the risk was more to run out of coal before arriving as the fire would have been ongoing since the departure and been quite big.
That may well be, but it turns out they launched with substandard steel and an uncontrollable fire burning a huge amount of coal. Now that is technological hubris!
Reminds me of (the portrayal at least in the movie) the NTSB investigation in to the US Airways flight that landed in the Hudson. The board's claim, based on simulations, was that it would have been possible to make it to a nearby airport (Teterboro?) and land safely. But their simulations failed to take in to account the altitude lost while the crew determined what was going on and what course to take. A convenient miss in that each simulator pilot instantly made the turn after the bird strikes knowing full well what happened and where they were going to go.
Here's a nice 20-minute summary of the management problems leading up to the Titanic disaster. The information is taken from the book "Project Management Blunders: Lessons from the Project that Built, Launched, and Sunk Titantic".
>>I doubt that, for them, a different presentation would have made a difference.
Indeed.
From the article.
"I am appalled," said NASA's George Hardy, according to Boisjoly and our other source in the room. "I am appalled by your recommendation."
Another shuttle program manager, Lawrence Mulloy, didn't hide his disdain. "My God, Thiokol," he said. "When do you want me to launch — next April?"
They told us that the NASA pressure caused Thiokol managers to "put their management hats on," as one source told us. They overruled Boisjoly and the other engineers and told NASA to go ahead and launch.
> I hope we can all avoid being the person who said to Boisjoly, when it appeared that Boisjoly's testimony might be fatal to Morton Thiokol, that he would leave his children for Boisjoly to raise if he lost his job.
That's the tribal impulse right there. The one that says: screw the rest of the world, what matters is us and our in-group. Circle the wagons. Be a team player. Prize loyalty.
Maybe the type of person who bends this way has something valuable to contribute during their time on this earth, but often I struggle to see just what that might be.
We don't know how those who were on the wrong side of the issue coped, and they should not be pressured to make public anything beyond what the inquiry required, but it seems plausible to me that those who could persuade themselves that they made the right decision, given the circumstances and despite the outcome, probably fared best. That is usually the case.
Edward Tufte tried to suggest that Boisjoly could have presented his case more effectively. Tufte may have been thinking purely pedagogically, but regardless, the implied criticism was unjustified, as Boisjoly's point should have been clear to anyone familiar with the issue, and in fact it was clear to quite a few, though unfortunately not to the few who mattered, and I doubt that, for them, a different presentation would have made a difference.
We can't always be right, and we can't all be heroes, but I hope we can all avoid being the person who said to Boisjoly, when it appeared that Boisjoly's testimony might be fatal to Morton Thiokol, that he would leave his children for Boisjoly to raise if he lost his job.