HUNTSVILLE, Ala. — To try to figure out what caused the fiery disintegration of shuttle Columbia, NASA has turned to an investigative tool it first used after the 1967 launchpad fire that killed three Apollo 1 astronauts.
It’s called a “fault-tree analysis” and, in essence, it sets up a procedure for investigators to look at each piece of hardware and ask what would happen to a spacecraft if that part failed.
Since the Apollo days, it has become the agency’s means for trying to predict failures before they happen and for performing autopsies on missions that end in disaster. It sets up a process of elimination that, for a clearer focus, likens a spaceship to a tree and all of its thousands of critical parts to branches.
“It’s important to understand that the first step in any investigation is to develop a fault tree,” shuttle-program manager Ron Dittemore said Thursday. “It includes every possible cause, no matter how remote. We systematically close out each branch of the tree, so at the end you’ve left no stone unturned.”
In theory, such an approach can enable engineers to find flaws that had not even been suspected at the outset. In this case, NASA investigators are trying to “work backward” from temperature increases recorded by monitors in Columbia’s left wheel well and fuselage just before it disintegrated, Dittemore said.
Dittemore said that similar analysis is being reapplied to what happened when a breakaway piece of fuel-tank insulation slammed into Columbia’s thermal tiles 82 seconds after its Jan. 16 liftoff. Previous modelings concluded that the foam probably did “inconsequential” damage.
The fault-tree approach was devised by rocket scientists, but it’s widely used by a variety of engineers.
According to a recent history written by a Boeing Co. engineer, the method was first developed more than four decades ago for the Air Force’s Minuteman missile. But nuclear-power designers also employed it — fault-tree analysis was used to investigate the Three Mile Island plant accident in 1979 — and engineers today rely on the tool to improve everything from torpedoes to trains.
While the method can troubleshoot sophisticated machines that are still on the design table and unravel the mystery of mechanical disasters, the essence of fault-tree analysis is performed in everyday life.
People are using primitive fault-tree analysis to decide whether to cross a busy street or carry an umbrella on a cloudy day.
“You decide what actions to take in the face of uncertainty,” said Nozer D. Singpurwalla, director of the Institute for Reliability and Risk Analysis at George Washington University. “Should you carry an umbrella or not?”
But when it comes to complex machinery like that at a petroleum refinery, or even a new generation of school bus powered by compressed natural gas, engineers must consider hundreds or thousands of individual components.
They ask whether the failure of one piece will cause another and ultimately destroy an entire system.
“You ask three questions,” said Mohammed Modarres, professor of reliability engineering and director at the University of Maryland Center For Technology Risk Studies. “What can go wrong that puts something in the path of danger? How frequently will this happen? If it happens, what will be the consequences?”
To answer such questions requires manufacturing data, performance histories and expert guidance — all of which are used to find the risk in using a particular component.
The goal is to pinpoint the parts most in need of redesign to protect lives, improve efficiency and, sometimes, save money.
Modarres said he recently concluded an analysis of natural-gas-powered school buses to be used in California. The vehicles will be equipped with tanks holding fuel at the very high pressure of 3,000 pounds per square inch.
Each pipe and fitting must be looked at for its potential to leak, either as a result of a manufacturing flaw or accident, and for whether a particular type of leak will result in fire or explosion.
Modarres said NASA in the early 1990s completed a massive fault-tree analysis for the shuttle program, which was done as a result of the loss of Challenger. To determine what destroyed Columbia, NASA engineers are resurrecting that analysis to trace along the branches of components linked to the spacecraft’s left wing and side.
That approach, proceeding from the tips of the branches to the base of the trunk, goes under another polysyllabic reference: Probabilistic Research Analysis.
But Dittemore described its hoped-for outcome more simply. “We’re still looking,” he told reporters, “for the missing link.”
