I remember from the sixties that one of the earliest manned orbital flights landed miles and miles from its intended spot. It turned out to be software: an engineer had used 365 days per year for the astronomical year, not 365.25 which is correct and hence the need for "leap years" in our calendars.
The topic was "disasters in electrical engineering", but I offer up this example of an avoidable "multi-disciplinary" disaster.
A simple short-circuit, an oxygen-enriched environment, and a spam-in-a-can capsule (that required tools to open -- from the outside) spelled doom for NASA's Apollo I astronauts Grissom, White, and Chaffee, in what should have been a routine training drill.
Periodically I reread the words of Gene Kranz (Apollo program's Dir. of Flight Operations) for inspiration and guidance. According to wikipedia, Kranz spoke these words on the Monday following the accident.
"The Kranz Dictum" should be required reading for all engineering students and especially engineering-MBA candidates. Please read the full text on wikipedia or elsewhere:
"Spaceflight will never tolerate carelessness, incapacity, and neglect. Somewhere, somehow, we screwed up. It could have been in design, build, or test. Whatever it was, we should have caught it. We were too gung ho about the schedule and we locked out all of the problems we saw each day in our work...
...we will never again compromise our responsibilities. Every time we walk into Mission Control we will know what we stand for.
Competent means we will never take anything for granted. We will never be found short in our knowledge and in our skills. Mission Control will be perfect. When you leave this meeting today you will go to your office and the first thing you will do there is to write 'Tough and Competent' on your blackboards. It will never be erased. Each day when you enter the room these words will remind you of the price paid by Grissom, White, and Chaffee. These words are the price of admission to the ranks of Mission Control."
Sorry, there's no happy ending to my comment. Challenger, followed by Columbia proved that we often fail to learn from our past mistakes.
When I was in high school, a close friend and I worked on stage lighting. For the time we had a pretty nice system--36 50 amp dimmers, with a very nice patch panel. The AC feed was 3 phase 208V, with each phase 4-0 cable, with and even bigger neutral (750 MCM, as I remember). So lots of current available.
My friend needed to wire a rental fixture with one of the 3-pin stage plugs, but got the ground and hot leads reversed. He clamped the fixture to one of the pipes used for stage lamps, plugged the patch cable into a 6 kW test circuit, and flipped the breaker. Because the pipe was well grounded, as was the fixture, we now had a dead short from a very low impedance source to ground. I'm pretty sure the 20 amp breaker for that circuit had it's "breaking current" exceeded--this is where the current through the breaker is so high that the contacts weld together before the breaker can open. Instead, the 50 amp breaker on the test circuit opened after about 2 seconds.
Meanwhile, the huge current caused the entire building to shake at 60 Hz. I was about 200 feet away in the booth at the rear of the auditorium. I heard this very loud hum, followed by a loud "thunk". Fortunately no one was hurt, nor anything damaged (other than that one 20 amp breaker, possibly).
So no scars, but a fun story to tell:)
No infinite forces here. What actually happened was that the original design called for a 40' threaded rod, from which two separate catwalks would hang. But the folks actually building the thing balked at the impracticality of that plan, so they proposed an alternative: two 20' rods, one from the ceiling to the higher catwalk, and one from that catwalk to the lower one. They got that ECO all the way through the approval process: the designer signed off, the builder, the inspector...the problem is, hanging the 2nd catwalk off the 1st one puts twice the force on the upper catwalk's washer/nut (the weight of the upper catwalk plus the weight of the lower, plus the 2nd set of 20' rods!). Obviously a bad idea, but it almost worked -- it was strong enough to hold the catwalks, but when the revelers packed the lower catwalk, that's when it all became too much.
Apollo13: The oxygen tank explosion was root-caused to damage caused by ground crew connecting the tank to incorrect supply-voltage (~100V) rather than 28V. Apparently there were devices using the same power connectors for different voltages; they should have used different connectors or keying to prevent this.
When I was a young engineer, an electrician was changing a 220 overhead power connector. He thought he'd give the new engineer a few words of wisdom. "Electricity that goes across your heart is what will kill you, so keep one hand in your pocket when you are about to cut something." To show me, he put one hand in his pocket, then cut the wires with his other, upon which a large spark shot out.
"Hey Bob, I thought you shut off circuit 5!" He yelled at his assistant. "Oh, I thought you said 3!"
He made his point a bit better than he had intended to.
The DoD published a very good document called the "Joint Software Systems Safety Engineering Handbook". It is easy to find via Google search and is a good reference for anyone doing embedded systems development. Appendix F is titled "Lessons Learned" and includes short case studies of some absolutely stunning engineering errors such as "Operator’s Choice of Weapon Release Overridden by Software Control".
Before i was an engineer, i worked summers for a small TV cable outfit. We had a small bucket truck with no outriggers on it. I had to take a 1/4 " steel stranded wire up our cable pole and attach it, right next to a power company pole ~ 4700V feeding a small town.
i had helmet on and gloves and the bucket controls had rubber caps. i was VERY careful on the way up. That wire was buried 10 feet deep in the ground a couple thousand feet away. Evidently i wasnt so careful on the way down. Next thing i knew i was curled up in the bottom of the bucket and could smell something like burning hair.
When i finally was brave enough to raise my had to the controls and get down, i asked if i still had my hair or eyebrows:) What i did have were 3 or 4 pinhole cauterizatiions on my finger tips of one hand (the hand on the controls). My gloves had cracks in the them, the bucket control had cracks in them: the voltage jumped from dust covered tires to ground....very close call:( my supervisor at the time joked i just got my batteries charged:( Besides the burning smell all i remember is a feeling like someone hitting the back of my neck REALLY hard !
NASA's Orion Flight Software Production Systems Manager Darrel G. Raines joins Planet Analog Editor Steve Taranovich and Embedded.com Editor Max Maxfield to talk about embedded flight software used in Orion Spacecraft, part of NASA's Mars mission. Live radio show and live chat. Get your questions ready.
Brought to you by