Book Review: Safe is Not An Option

safe_not_optionSafe is Not an Option: Overcoming the Futile Obsession with Getting Everyone Back Alive that is Killing Our Expansion into Space
By Rand Simberg
Interglobal Media LLC

On May 26, 1865, Captain J. C. Mason pushed off from a dock in Vicksburg, Miss., and steered the steam-powered paddle wheeler SS Sultana north along the rain-swollen Mississippi River. The Sultana’s decks groaned from the weight of more than 2,500 passengers and crew members.

At 2 a.m. the following morning, the ship’s boilers exploded north of Memphis. As many as 1,800 people died in the explosion and fire or drowned in the fast flowing river. The majority of the dead were Union soldiers recently released from a pair of hellish Confederate prison camps. Their ticket home had become a death warrant.

So, what caused the accident? The usual suspects: expedience and greed. Rather than spend three days replacing a defective boiler, workers spent a day installing an inadequate patch. The captain then crammed more than 2,400 passengers aboard a ship designed to carry 376 customers. The combination proved deadly.

The overloaded, doomed SS Sultana hours before it exploded on the Mississippi River. (Credit: Library of Congress)
The doomed SS Sultana hours before it exploded on the Mississippi River. (Credit: Library of Congress)

Rand Simberg briefly mentions the worst disaster in U.S. maritime history in his book, “Safe is Not an Option.” But, he doesn’t criticize anyone involved for betraying America’s brave soldiers by putting greed above safety. Nor does he attack them for ignoring basic safety regulations.

Instead, he views the casualties as the result of operating still raw technologies that can only be advanced through the inevitable failures and the deaths that result. The important thing was to look past the carnage and persevere.

“But, we didn’t end steamships, or shut down the railroads, because they were too valuable, too important. Most judged the risks worth the payoff, and those who didn’t led poorer, if safer lives,” he writes. “As design, materials and maintenance improved, the rate of boiler and firebox incidents was reduced. The numbers dropped dramatically in the twentieth century with the advent of the American Society of Mechanical Engineers (ASME) code for the design of boilers and pressure vessels in 1915, spurred by the spectacular explosion of a shoe factory in Massachusetts in 1905 that leveled the building and killed dozens.”

The theme of civilians as cannon fodder for technological progress runs through the book. Some readers might find the author’s apparent lack of empathy for the victims disturbing. But, like it or not, this is an approach we cannot ignore today.

The United States is about to embark upon a period of trial-and-error in the emerging space tourism market. Well-heeled tourists will be flying on first-generation space vehicles that are largely unregulated by the federal government. They will be required to acknowledge the risks they are taking before climbing aboard. In some states, they will have to sign away most of their rights to sue if the company has a bad day.

Simberg agrees with this approach. His book is a call for America to take greater risks — and absorb more casualties — in the exploration and settlement of space. He believes the U.S. government is far too cautious in trying to get every astronaut back from space alive. The approach prohibits experimentation with new technologies that will make space travel both routine and affordable.

The eventual goal is to reach the point where there are hundreds and then thousands of human spaceflights every year. A single accident will be seen as a tragedy, not a national calamity, in an otherwise safe industry. Space travel of the future will be similar to general aviation today.

The trick, of course, is getting from here to there. The question is how willing people will be to serve as guinea pigs for these new systems. How much death will the public tolerate along the way? Is space exploration and settlement ultimately worth the risk?

Simberg believes it is worth it. And he some good points. He correctly points out that while NASA’s commercial crew program is being subjected to a rigorous certification process that was not done for the space shuttle. He also says that looser government oversight can lead to innovations by the private sector.

Simberg also makes a strong case that the U.S. government should not come in with rigorous safety regulations for the new generation of suborbital crewed vehicles until after there is sufficient flight experience upon which to base them.

However, there is a lack of balance in the book. The positive role of government regulations — and the tooth and nail opposition to most of them –are largely overlooked. History has proven that both technological evolution and mandatory regulations are required to improve safety and to protect the public.

At the time the Sultana exploded, railroads were both unsafe and largely unregulated. It took another quarter century of pressure by the public and railroad workers before Congress began passing even the most rudimentary safety regulations. Once it did, safety improved and the number of deaths declined even as railroads rapidly expanded their operations. More people were able to live longer and more exciting lives.

The railroad owners fought regulations every step of the way, even as the number of accidents and the body count rose ever higher. It was more profitable for them to not comply with proposed regulations. In their view, the expense was not worth it. This pattern has been repeated in almost every industry.

While Simberg largely forgives the private sector’s greed, he does not spare the U.S. government. The author is highly critical of NASA for being both too cautious today, as opposed to the risk-taking organization that landed men on the moon in 1969. At the same time, he turns a harsh spotlight on the agency’s broken safety culture that led to the loss of 14 astronauts aboard Columbia and Challenger.

The criticism is fair enough. But, it’s also very easy to make. NASA is a big, fat target. It operates openly. All of NASA’s human spaceflight failures have been the subjects of public investigations that spared few from criticism. Investigations into private-sector failures are often not as rigorous or public.

Contrast Simberg’s attitude toward NASA with his kid-glove treatment of the private sector. The Sultana case is not the only tragedy where Simberg glosses over the inability of commercial companies to operate safely and competently.

On July 26, 2007, a nitrous oxide tank exploded three seconds into a 15-second cold flow test at the Mojave Air and Space Port. Three Scaled Composites engineers died, with three others were hospitalized with serious injuries. They had been testing a system designed for eventual use aboard Virgin Galactic’s SpaceShipTwo suborbital tourism vehicle.

Remains of Scaled Composites test stand after a nitrous oxide explosion in July 2007.
Remains of Scaled Composites test stand after a nitrous oxide explosion in July 2007.

Scaled Composites had allowed 11 employees to stand around the test stand instead of clearing the area, which is routinely done for tests. Experts in the industry that I’ve talked to were shocked by the lack of safety precautions.

Scaled maintained there was no way to know that nitrous oxide could suddenly explode they way it did, a claim that has been convincingly refuted by an investigation by an outside group of experts that cited numerous such incidents in the decades that preceded the accident.

Simberg says nothing about the failures and incompetence that led to the tragedy. The needless deaths of three engineers in a supposedly routine test years before the spaceship ever flew simply doesn’t support his pro-business views.

The author does mention the cold-flow accident once, but almost as an aside. He then goes on to make a rather bold claim about the safety of SpaceShipTwo.

“So is an[other] explosion of the propulsion system likely? Probably not, but it’s a bad thing if it happens, with potential loss of vehicle and all aboard,” he writes.

How did Simberg reach such a conclusion? He doesn’t say. He gives no reasons, nor does he cite any experts to support his view. He doesn’t explain the cause of the accident, nor does he delve into the inherent dangers of nitrous oxide, or what has been done to mitigate them over the past seven years.

Simberg believes commercial space companies have an extra incentive to operate safely that the government lacks. If private companies fail, they will be quickly out of customers and business, in that order. By contrast, the government is bailed out by taxpayers.

Although not supported by the Scaled accident, the argument has a certain logic to it. Private suborbital companies, for example, will make money on the willingness of people to risk their necks for the adventure of flying to space. The market is thrill seekers, not people try to go from one point to another in a quicker way.

In the past, new forms of transportation — railroad, steamships and aircraft — were able to mature alongside existing transportation systems and gradually acquire greater shares of already lucrative point-to-point markets. By contrast, nobody really needs to go on a suborbital joyride.

A high-profile accident — say, with an explosion shown millions of times on the air and online — could easily collapse the market. If enough customers cancel their flights, companies could have a difficult time staying in business. It might not matter that companies have vastly different suborbital vehicles; the knowledge that the industry is largely unregulated could destroy any public confidence in it.

That being said, how big are the differences between private companies and government agencies? Are they not both susceptible to the same types of pressures that have led to so many tragedies in the past?

Absolutely. Let’s compare the Sultana and Challenger accidents. Aside from the private-government divide, the situations faced by Capt. Mason and NASA manager Lawrence Mulloy were not all that different.

Both had schedules to keep. Both wanted to avoid costly delays. Each man convinced himself he could safety operate his vehicle despite the risks. And both were both tragically wrong.

Nobody could ask Capt. Mason what he was thinking; he went down with his ship. We do know what Mulloy said when faced with two Morton Thiokol engineers who pleaded with him not to launch Challenger is the frigid weather forecast for the next day.

The space shuttle Challenger explodes. (Credit: NASA)
The space shuttle Challenger explodes. (Credit: NASA)

“My God, Thiokol. When do you want me to launch? Next April?” Mulloy yelled. The engineers refused to back down, but Mulloy’s anger was enough for their managers to overrule them and approve the launch. The rest is tragedy.

The book’s focus on excessive safety regulations also ignores a much larger point: the failure of the commercial NewSpace industry to deliver on its many extravagant promises. A decade after SpaceShipOne flew the first commercial missions into space, the number of suborbital space tourists remains at zero. Zilch. Nada. Rien de tout. Not a one.

Who’s fault is that? Certainly not NASA’s. Or the FAA’s. In fact, the lack of regulations in the suborbital market is largely along the lines of what Simberg advocates. Given the opportunity to prove itself, NewSpace hasn’t been able to take advantage of it yet.

The FAA has extended its “moratorium” on regulations due to the lack of progress. Now, there is an effort by the FAA to begin imposing some basic safety regulations when the moratorium expires in 2015 rather than extending it another eight years as the industry wants to do. The agency is worried that one bad operator could ruin it for everyone.

Despite its flaws, “Safe is Not an Option,” is an important book that raises a lot of important questions at a time when space travel is beginning a transition to a new era. It is worth a read, even if you disagree with a number of the author’s conclusions.

  • disqusser10157

    It has long seemed strange to me that the market for dirigibles collapsed when the Hindenburg exploded. 35 of 97 people on board died. Compare that to pretty much any airliner crash. It is particularly odd that the U.S. didn’t take over the market, since it was the only country with access to large amounts of helium.

    It is likewise surprising that many other disasters DIDN’T have a bigger impact on their industries – such as the Sultana explosion. Would that we could have an appropriately balanced response to all such disasters.

  • ‮‮‮

    Publicity factor. It was commented in real time and filmed, which was unusual for the time, plus it’s a horrible fiery explosion unlike most disasters of that time. Also I don’t think anybody was really ready for this, airships were considered as a safe and luxurious way to travel.

    Similarily, in 60s and 70s we were crashing rockets one after another, and toady a single crash can make a bad name for a company because existing rockets have remarkable safety records and everybody is expecting the same from any new technology.

  • patb2009

    The Hindenburg exploded in 37, which was two years after the DC-3 had been introduced. The Zeppelin was a slow passage and vulnerable to weather. The DC-3 was fast and able to get around weather. Within a few years, not only the Zeppelin would prove to be vulnerable to fixed wing aircraft but the Battleship would show that it’s days were limited.

  • Thanks. A well written, even-handed review.

    Bob Clark

  • Tom Billings

    The reviewer ignores 3 basics about regulation early in a transport industry’s initial growth.

    1.) Too much of an early regulatory regime is likely to be useless for actual safety improvement, because the data from hundreds to thousands of flights is not available. Only when that background of data is available can regulators make regulations that ensure safe operations at economical flight rates. Once a year flights are inherently dangerous.

    2.) Early over-regulation is very likely to deeply inhibit the high flight rates that will keep launch crews well-practiced and thus safer in launch operations, while they provide the necessary data for ensuring useful regulations.

    3.) An acceptance of early over-regulation provides opportunities for political intervention to:

    A.) Inhibit progress disruptive to current monopolies whose political cronies can influence regulation.

    B. ) Slow the pace of development to exclude an industry troubling to a bureaucracy that has a 40 years history of knowing their paycheck depends *not* on competent technical development, but instead depends on not embarrassing their political patrons in Congress.

  • ThomasLMatula

    Yes, but also remember that Germany was the only one building and operating passenger airships and like the Concorde it was mostly used as a tool for national prestige. But just as with the Concorde the large amount of negative PR from losing it was enough to have the regime stop flights to avoid more bad PR. As a result the highly successful Graf Zeppelin was grounded the next day and although Germany did go ahead to finish the Graf Zeppelin II it was still doing test flights when the war started. And of course after the war airship service was a moot point as a result of the huge leap forward in passenger airliners and airline infrastructure.

  • patb2009

    I don’t know, The British program was cancelled after the R-101 crash and loss of interest in the R-100. The Advent of the war cut off helium supplies to Germany and the American program had troubles with crashes of several ships. Fundamentally, airships are large and fragile.

  • Paul451

    It has long seemed strange to me that the market for dirigibles collapsed when the Hindenburg exploded.

    It didn’t, it was already collapsing. The Hindenburg disaster was the most visible of a number of major airship accidents around that time. British R101, USS Akron, etc. There were a series of major crashes over the 1920s and ’30s which one-by-one took out each major nation’s airship program. (In the case of R101, quite literally killing off the program.) Hindenburg was just the last in that sequence, killing Germany’s program. (Only the US Navy persisted with limited use of blimps until the modern re-emergence.)

  • Douglas Messier

    What about George Neild’s point that spaceflight isn’t exactly new, that we learned plenty of lessons, and that without some basic safety regulations the field is open to everyone no matter how craven or incompetent?

  • Vultur

    I think the cost of entry is rather too high for the field to be THAT open.

  • Rpga

    You avoided what may have been Simberg’s key point in the book – that over-regulation early in an industry paradoxically leads to worse overall safety. To capture a mass market you have to appeal to people who are not thrill seekers or do not have gain overwhelming value from using your product. That drives innovation towards safety and I think that is what the historical record reflects with every form of transportation. Sure, regulation and mass markets tend to co-develop, but that does not suggest a causal link in the direction you suggest. If anything it seems more likely that market saturation drives rent-seeking erection of barriers to entry.

  • Douglas Messier

    As I mentioned in the review, I thought the author made a strong case for not over-regulating the suborbital space industry until you have some data on how these vehicles perform.

    However, the reality is that manufacturers have been dragged kicking and screaming toward making safety improvements. I believe that has been especially true in transportation. Decades went by before basic railroad safety regulations were put into place. Automobiles used to be a lot less safe as well.

    One of the issues with commercial spaceflight is assuming that intent to operate safely (so we don’t kill people and destroy our reputation and our revenue generating vehicles) doesn’t automatically translate into the ability to do so. You can talk about putting safety first and foremost, but if there are deadlines to be met and limits on the funds you have available, you can end up taking shortcuts.

  • Rand Simberg

    Many of the things that FAA is already doing in launch licensing with regard to public safety already minimize the risk of that. “Craven or incompetent” companies are unlikely to get licenses.

  • MikeR

    Spaceflight isn’t new, but there haven’t been that many manned flights. There were more manned airplace flights within a couple of years after Kitty Hawk than all of spaceflights put together (about 300). Just look at what the various space companies use for fuel, and types of engines, design of ships – all over the place. Can you suggest some “basic safety regulations” that would actually make sense?
    The FAA has some sensible rules for protecting everyone else from your spaceship. Aside from that, I really think that the field should be treated for now like trips to Mt. Everest, or like test pilots when I was a kid – only do it if you are willing to risk your life.

  • Railroads and automobiles were mature, indispensable technologies before any serious attempt was made to regulate them. I’d love to see human spaceflight get to the “mature, indispensable” stage before we start making safety judgments, instead of having it strangled in its infancy.

    You’re making the mistake of assuming that commercial space ventures are already going concerns, callously wringing every penny of profit out of routine operations. That’s obviously not what’s happening. One fatal accident in the first ten flights will likely ruin any of these companies, and that’s going to bake in vastly more efficient safety than a government regulatory agency could ever possibly hope to achieve. Today, there is simply no profit motive to skimping on safety. After 500 flights, come back and we’ll talk.

    But to me, the even more important point here is that NASA itself is way, way, way too risk-averse–and a profit motive for a government agency is a bit of an oxymoron. It’s perfectly fine for NASA to specify reasonable safety systems for human exploration that can’t be handled privately. But if you’re going to insist on a <5% chance of a fatal accident while trying to establish a lunar colony or a conduct a manned Mars mission, you're not ever going to have a lunar colony or a maned Mars mission. That's not a matter of greed, or callousness, or institutional complacency. It's simply a matter of courage. I'm pretty sure the astronauts have plenty of it, and are willing to risk their lives doing something that they think is important and love doing. Is it too much to ask that the bureaucrats have enough courage at least to risk their jobs pushing the paper that's necessary to make the missions happen?

  • Douglas Messier

    The FAA regulations are designed to protect the uninvolved public. Having seen some test flights up here in Mojave, I would say that the uninvolved public is pretty well protected. As long as they launch these things over areas where rattlesnakes or fish outnumber members of the public.

  • Douglas Messier

    >”You’re making the mistake of assuming that commercial space ventures are
    already going concerns, callously wringing every penny of profit out of
    routine operations.”

    Nope. Don’t put words in my mouth.

    As for railroad safety, it took decades of pressure to force the federal government to do anything. Railroading was especially deadly to the workers; second only to coal mining.

    I doubt this was simply a matter of the geniuses in Congress waiting until the tech matured enough and the railroads graciously agreeing to go along with it. There were many more factors at work there.

    Again, as I said, the author made a strong case for not overloading new systems with heavy regulation until flights occur and you have some data upon which to base them. On the other hand, spaceflight is hardly a new thing.

    “Today, there is simply no profit motive to skimping on safety.”

    Ha! As if that was the only consideration.