How are spacecraft parts both extremely fragile and able to stand up to tremendous stress?


The other day I was watching a documentary about Mars rovers, and at one point a story was told about a computer on the rover that almost had to be completely thrown out because someone dropped a tool on a table next to it. Not on it, next to it. This same rover also was planned to land by a literal freefall; crash landing onto airbags. And that’s not even covering vibrations and G-forces experienced during the launch and reaching escape velocity.

I’ve heard similar anecdotes about the fragility of spacecraft. Apollo astronauts being nervous that a stray floating object or foot may unintentionally rip through the thin bulkheads of the lunar lander. The Hubble space telescope returning unclear and almost unusable pictures due to an imperfection in the mirror 1/50th the thickness of a human hair, etc.

How can NASA and other space agencies be confident that these occasionally microscopic imperfections that can result in catastrophic consequences will not happen during what must be extreme stresses experienced during launch, travel, or re-entry/landing?



EDIT: Thank you for all the responses, but I think that some of you are misunderstanding the question. Im not asking why spacecraft parts are made out of lightweight materials and therefore are naturally more fragile than more durable ones. Im also not asking why they need to be 100% sure that the part remains operational.

I’m asking why they can be confident that parts which have such a low potential threshold for failure can be trusted to remain operational through the stresses of flight.

In: 3487

What you’re illustrating here is the absolute insane levels of planning an engineering that go into every single tiny aspect of space flight. Testing and simulating every little aspect of the mission allows for a very high degree of understanding of the tolerances necessary to complete a mission. But, at the end of the day, things can always go wrong oh, there’s always the possibility that somebody made a mistake somewhere. That’s why there’s always such a large celebration in the mission control room when major milestones have been reached: the anxiety everyone had knowing the thousands of things that could go wrong.

Computer was probably not fully assembled, and was missing the covers or the padding that will protect it during actual flight and landing.

Takeoff is indeed very bumpy, but mostly predictable, and they do make sure there are absolutely no lose objects bouncing around the cabin. One they are in orbit, lot of things get take out, unfolded, clipped into place, etc.

Hubble mirror is glass or metal, vibration will not do anything to it as long as it is attached with soft padding.

It’s not that the tool damaged the computer, but the tool violated the pedigree for the computer. Since the pedigree is required to launch the computer, it would have been very expensive to disassemble the computer, test every part, and assemble it to be **sure** that no damage had occurred. To be 99.9% sure that nothing bad could have happened isn’t sure enough to pass launch criteria.

The Hubble mirror is an interesting example. The mirror was made extremely precisely, albeit wrong. That allowed it to be corrected for later. There was a plan to test the Hubble mirror, but the schedule was compressed. Then the Challenger Disaster delayed the launch many months, but NASA didn’t want to spend the money on the Hubble test, because they were worried about their budget because of the disaster.

>he other day I was watching a documentary about Mars rovers, and at one point a story was told about a computer on the rover that almost had to be completely thrown out because someone dropped a tool on a table next to it. Not on it, next to it. This same rover also was planned to land by a literal freefall; crash landing onto airbags. And that’s not even covering vibrations and G-forces experienced during the launch and reaching escape velocity.

Lets talk about where it is used and what happens if there is a flaw that needs fixed. If this is your home computer, it is actually pretty easy to get a technician there to fix it. If it goes to mars, there is no way to get a ‘fix’ to that device.

That is the first issue – we cannot simply fix it if it breaks. The second is cost.

Lets assume another situation – a one time available use on earth vs mars. Same issue of no-technician being able to fix it. I it costs $100 to get it there on earth, it may not be as big of an issue to send another. If it costs 2 billion and 8 months to get it another planet, it is no so easy to simply send another one to replace it.

So with Space hardware, the lack of servicability coupled to the extreme costs and time delays to get items to the location make it all the more important they are perfect or at least as perfect as we can make them.

The last part is we may design items to withstand specific forces, but we don’t want to expose them to these forces without reason. The windows on your home are impact resistant. We don’t regularly hit them with a hammer to check. Same idea here.

With that computer, it may cost $25,000 to replace it on earth with one that didn’t have that issue occur. On a 2 billion dollar mission where failure is extremely expensive, it can be worth it to replace the item rather than risk an extremely unlikely failure.

>I’ve heard similar anecdotes about the fragility of spacecraft.

This is also somewhat true.

Spacecraft have huge weight limits given the energy required to lift something into space. We simply cannot armor something like a battleship.

The second item is energy. We are used to thinking about impacts in earth terms, with wind resistance. In space, the speed differentials can be huge. We are talking about speeds in the thousands and tens of thousands of miles an hour. 200km is 17,000mph orbital velocity

Imagine a baseball sized object coming at your spacecraft with a differential speed of 2000 mph. It is this huge energy level based on speed that makes even small low mass items dangerous to spacecraft.

In earth terms, imaging dropping a bowling ball on a piece of plywood from waist height. Will it punch through? Now image a bullet from a gun. Will it punch through? In space, the bullet analogy is actually pretty good. A typical handgun shoots a bullet around 800mph. A hunting rifle – around 2000mph.

That is the power of speed.

If you’ve heard of “military-grade” as a descriptor of things, there is also Space-class. I used to work at a lab that did destructive physical analysis (I was an IT guy, not on the testing floor). But some products had to pass mil-spec, but another set of products had to be space class, so a group of parts would be tested for things like acid bath, thermal shock (dry ice, basically, followed by heat), die shear (being hit). The parts would be graded after the test and the rest of the lot would be assumed to have the same tolerances.

You’re brain can’t handle being hit very well. Luckily, it rides around inside a cushioned cage. Most space equipment is sort of the same way: sensitive bits crammed into a durable package.

More importantly… putting stuff in space is REALLY expensive. Any minor mishap on the ground is a big deal because you want to know 100% that it didn’t cause some problem that you can’t see but nonetheless makes it not work after you spend $100 million putting it in space and out of reach of people that can fix it.

The Hubble mirror was not a minor imperfection, it was a serious flaw because the lens system used for measuring the mirror surface was built incorrectly. They ended up polishing the mirror to the wrong shape. “1/50 the thickness of a human hair” is about 2 microns, which is a HUGE error for a telescope mirror. Even an amateur Newtonian telescope you can buy for <$500 is polished to better than 0.2 micron accuracy.

Anyway, spacecraft parts do need to be extremely lightweight and still survive launch. This is achieved through extensive analysis and testing. Everything is modeled in the computer to predict the stresses and make sure it can survive the expected environment. Then every component & sub-system is tested on a vibration table, and in thermal-vacuum chambers, etc. Then the entire spacecraft is put through the same tests. Even something as large as the Space Shuttle was put on a vibration test stand and [shaken](

Also, heritage is very important in the space industry. We try to use components and designs that have flown successfully before, because we know they work. We keep track of every component and assess its heritage; if any component is identified as a new design that hasn’t flown before, it will be replaced with something that HAS flown, or will undergo extra scrutiny.

>Apollo astronauts being nervous that a stray floating object or foot may unintentionally rip through the thin bulkheads of the lunar lander

I don’t think that was ever a concern. What they may have worried about was tearing off the thermal protection, which was a thin reflective film, like a mylar balloon. The bulkheads and structural components of the lander were quite durable.

It’s not that they are fragile it’s that they are designed and tested based on certain assumptions. If those assumptions are violated then it ‘might’ not work. When you are putting things in space you don’t want to leave it at night.

You can think of this very similarly to the [egg drop challenge]( In the video I linked, he drops an egg off of a bridge and it survives just fine — but dropping the egg by itself certainly would have broken it. Hell, I bet you dropping something close enough to the egg sitting on a table by itself might cause some hairline cracks.

Fundamentally, you are right: spacecraft are very, very fragile systems. However, they can be carefully designed to be *extremely* resistant to certain kinds of dangers. Let’s use the egg again — ever tried breaking an egg by squeezing it uniformly? Even though it’s very fragile overall, the egg can still resist massive distributed pressures because of its unique properties.

This is what makes designing spacecraft really hard. We take a whole bunch of things that are very fragile but also very powerful in some regard, and we have to find a way to strap them all together so that we exploit their strengths and protect their weaknesses. This is why you see spacecraft getting tested so much; we are checking every conceivable possibility and failure mode to make sure we understand how they behave. This is how we can be (reasonably) confident that everything will work in flight — we’ve tested our design to ensure that those vulnerabilities are properly protected.

(The slightly less ELI5 answer is that we’re never *fully* confident in these things, and usually choose to report them terms of probabilities and standard deviations. At some point in the lifetime of a program, everyone gets together and decides just how stringent the requirements need to be. This informs what is considered an acceptable level of risk, and further dictates how much modeling, simulation, and [FMEA]( is required.)

To keep it eli5, it’s the way stresses are applied. If you take a human and drop them on their head, they will sustain more damage than if you drop them on their feet. Why? Because of the way the forces are applied and transmitted through a structure. In test and development often components are not final torqued or fitted to their final structure, making them more susceptible to damage and appear fragile. Once they are in their final configuration they often are as robust as you are accustomed to. Another human body analogy, why are organs so weak and damagable when the human body is known to be very resilient? If a surgeon opens you up to “service” or “repair” you wouldn’t you be more susceptible to disease or injury? But once you are in your “flight configuration” i.e. closed up and recovered after post op medication your body is more resilient to the expected environment and stresses such as tripping and falling down, or scrapes.

The Apollo example is one that my above explanation doesn’t cover as well, but it is actually a very simple one. Because you can tell a human to not be a big dummy and kick the spacecraft. Why design for a situation when you can actually completely control whether that “load” of a foot gets applied or not? For the random object ripping through though, that is a probability game. You can look into MMOD probability curves to see how you can guesstimate chance of impact for a given area. This is well outside of an eli5 though. It boils down to humans think about what can go wrong and you can’t guarantee an outlier object moving fast enough won’t rip through your multi layer insulation.

>I’m asking why they can be confident that parts which have such a low potential threshold for failure can be trusted to remain operational through the stresses of flight.

They perform an insane amount of engineering analysis, simulation and testing to validate that the systems will operate in the conditions they’re designed for, with very narrow safety margins. Which is why spaceflight is such a difficult and expensive endeavor, they must anticipate and account for ANY contingencies in the design or the mission will fail.

People talking tolerances and certifications are more correct, but I think this answer will be more intuitive.

Grab two ends of a piece of paper. Without bending or twisting the paper, just keeping it as a flat plane, try to pull the paper apart. It’s very hard. Yet you can effortlessly roll the paper into a tube if you apply much less force to it just along a different direction.

A aluminum can can hold a great deal of pressure inside of it. You can tear the metal it’s made out of with your hands.

Being strong one way wont necessarily mean strength in another way.

Keep in mind also that many things are extremely strong *in one specific way.* Bridge cables can hold up hundreds of tons but can be bent with a finger. Foils and plating can withstand thousands of degrees of heat but be soft enough to scrape with a fingernail. The list goes on.

And since spacecraft tend to spend their time… in space… you don’t have to design for generic atmospheric survivability as much.

They survive launch because they’re carefully packed and padded and not allowed to move. Fairings keep the wind and air from hitting them, bracing prevents knocks and shocks and sharp collisions.

> I’m asking why they can be confident that parts which have such a low potential threshold for failure can be trusted to remain operational through the stresses of flight.

The parts are designed and tested to handle that specific condition.

They aren’t tested to handle other conditions. Particularly in combination. So while we can intuitively say “It’s probably fine”, the work to be *sure* it’s fine is significantly greater.

This is also why there tend to be so many duplicate copies of things. If you subject your thing to the simulated flight stress, you know it can survive that… once. You don’t want to use that part though, because you’re not sure it can survive it twice — you’ve not tested that.


Incidentally, the same thing applies on the ground. I’ve done some work with lighting truss that was bolted together. If we dropped a bolt more than IIRC three feet onto the ground, it had to be thrown away. Obviously, the bolt is still probably-fine, but we’re talking about flying truss over people. The bolts aren’t tested and rated for being dropped and then used, so we don’t risk it.

… even if that means saying that a bolt that can handle 12,000lb of tension is incapable of surviving a four foot fall.

Strict auditing. The tool being dropped in your question probably made no difference. But if you’ve got a million pieces, each with a mistake that “probably” won’t make a difference, it becomes very likely that a few things are wrong. The best way to avoid it is by being very strict with processes.

The cost of remaking 10% of the pieces over silly mistakes is less than the cost of blowing 100% of it up.

Some good answers already, but worth remembering that things are designed for specific loads in specific directions during specific modes of operation.

For example: solar panels are designed to withstand large accelerations and vibrations when safely wrapped up during launch, but would be shredded by those same forces when deployed, or when being tested on Earth.

Generally speaking, spacecraft parts will be in an extremely well-defined environment – parts that need to be made strong can be made VERY strong in the direction where strength is important. Parts that can be made weak can be made VERY weak. Damage usually comes when it comes from an unexpected direction and weak parts are overpowered.

How many atmospheres can the ship withstand?

I get what you’re saying. I actually used to test rocket parts for a living for many years. I worked on dozens of launches. Maybe over a hundred.

You essentially design the part, build one for the rocket and one for testing. You test the one for the rocket in as close to operational conditions as you can and you test the other one to its design limits, which is far greater than what it has to do in space. We actually test them until they break usually.

It is insane how much care we take in handling parts for how much load these parts see in flight.

I don’t work there anymore, I just kind of take pictures now.