Failure to Engineering

AERO

Technical Failure Caused Vnukovo Plane Crash

The most likely cause of the Red Wings Tu-204 plane crash on December 29 in Vnukovo is a failure in the reverse system, Kommersant reported. A source in the technical commission involved in the crash investigation said it is the first version of the crash, while independent experts blame the constructive features of the plane and the wind. There have been no official reports yet. The plane crashed during landing, skidded past the landing strip and caught fire. It had taken Russian tourists to the Czech Republic and was returning empty except for eight crew members. Five of them died and three remain hospitalized.

The source told Kommersant that the crew landed the plane at a slightly higher speed – 250 kilometers per hour, instead of normal 225-245 kilomters per hour, and several hundred meters too far. With bad conditions for braking, they were counting on the reverse that creates a backward thrust. However, the reverse failed in both engines, and all attempts to stop the plane failed. Russia’s aviation watchdog Rosaviatsia knew about the problems with that Tu-204 and sent a letter to Vnukovo about possible issues a day before the crash.

Another Red Wings Tu-204 plane rolled off the landing strip in Novosibirsk on December 21. The reverse thrusters did not work in both engines at that time either, but all 60 people on board survived. Famous test-pilot Gennady Skibin told Moskovsky Komsomolets that the tragedy could have been a result of wind shear, when the wind suddenly changed direction and did not allow the pilots to land safely.

Mars Climate Orbiter and Other Unit Conversion Errors!

On September 23, 1999 NASA lost the $125 million Mars Climate Orbiter spacecraft after a 286-day journey to Mars. Miscalculations due to the use of English units instead of metric units apparently sent the craft slowly off course — 60 miles in all. Thrusters used to help point the spacecraft had, over the course of months, been fired incorrectly because data used to control the wheels were calculated in incorrect units. Lockheed Martin, which was performing the calculations, was sending thruster data in English units (pounds) to NASA, while NASA’s navigation team was expecting metric units (Newtons).

On January 26, 2004 at Tokyo Disneyland’s Space Mountain, an axle broke on a roller coaster train mid-ride, causing it to derail. The cause was a part being the wrong size due to a conversion of the master plans in 1995 from English units to Metric units. In 2002, new axles were mistakenly ordered using the pre-1995 English specifications instead of the current Metric specifications.

On 23 July 1983, Air Canada Flight 143 ran completely out of fuel about halfway through its flight from Montreal to Edmonton. Fuel loading was miscalculated through misunderstanding of the recently adopted metric system. For the trip, the pilot calculated a fuel requirement of 22,300 kilograms. There were 7,682 liters already in the tanks.

Space Shuttle Columbia

On February 1, 2003, the Space Shuttle Columbia disintegrated over Texas and into parts of Louisiana during re-entry into the Earth’s atmosphere, resulting in the death of all seven crew members, shortly before it was scheduled to conclude its 28th mission, STS-107.

Image via Wikipedia

The loss of Columbia was a result of damage sustained during launch when a piece of foam insulation broke off the Space Shuttle external tank (the main propellant tank) under the aerodynamic forces of launch. The debris struck the leading edge of the left wing, damaging the Shuttle’s thermal protection system (TPS), which protects it from heat generated with the atmosphere during re-entry. While Columbia was still in orbit, some engineers suspected damage, but NASA managers limited the investigation, on the grounds that little could be done even if problems were found.

NASA’s original Shuttle design specifications stated that the external tank was not to shed foam or other debris; as such, strikes upon the Shuttle itself were safety issues that needed to be resolved before a launch was cleared. Launches were often given the go-ahead as engineers came to see the foam shedding and debris strikes as inevitable and unresolvable, with the rationale that they were either not a threat to safety, or an

acceptable risk.  The majority of Shuttle launches recorded such foam strikes and thermal tile scarring.  During re-entry of STS-107, the damaged area allowed the hot gases to penetrate and destroy the internal wing structure, rapidly causing the in-flight breakup of the vehicle.

Mission STS-107 was the 113th Space Shuttle launch. It was delayed 18 times over the two years from its original launch date of January 11, 2001, to its actual launch date of January 16, 2003. (It was preceded by STS-113.) A launch delay due to cracks in the shuttle’s propellant distribution system occurred one month before a July 19, 2002, launch date. The Columbia Accident Investigation Board (CAIB) determined that this delay had nothing to do with the catastrophic failure six months later.

The Columbia Accident Investigation Board’s recommendations addressed both technical and organizational issues. Space Shuttle flight operations were delayed for two years by the disaster, similar to the Challenger disaster. Construction of the International Space Station was put on hold, and for 29 months the station relied entirely on the Russian Federal Space Agency for resupply until Shuttle flights resumed with STS-114 and 41 months for crew rotation until STS-121.

Soyuz 11

Background

Soyuz 11 was the first successful visit to the world’s first space station, Salyut 1. However the mission ended in disaster when the crew capsule depressurised during preparations for re-entry, killing the three-man crew. This accident resulted in the first and to date only astronaut deaths to occur in space (not in high atmosphere). The cosmonauts aboard Soyuz 11 were Vladislav Volkov, Georgi Dobrovolski and Viktor Patsayev.

The Event

The Space Shuttle Challenger disaster occurred on January 28, 1986, when Space Shuttle Challenger broke apart 73 seconds into its flight, leading to the deaths of its seven crew members. The spacecraft disintegrated over the Atlantic Ocean, off the coast of central Florida, United States at 11:39 a.m. EST (16:39 UTC).

Disintegration of the entire vehicle began after an O-ring seal in its right solid rocket booster (SRB) failed at liftoff. The O-ring failure caused a breach in the SRB joint it sealed, allowing pressurized hot gas from within the solid rocket motor to reach the

outside and impinge upon the adjacent SRB attachment hardware and external fuel tank. This led to the separation of the right-hand SRB’s aft attachment and the structural failure of the external tank. Aerodynamic forces promptly broke up the orbiter.

The crew compartment and many other vehicle fragments were eventually recovered from the ocean floor after a lengthy search and recovery operation. Although the exact timing of the death of the crew is unknown, several crew members are known to have survived the initial breakup of the spacecraft. However the shuttle had no escape system and the astronauts did not survive the impact of the crew compartment with the ocean surface.

The disaster resulted in a 32-month hiatus in the shuttle program and the formation of the Rogers Commission, a special commission appointed by United States President Ronald Reagan to investigate the accident. The Rogers Commission found that NASA’s organizational culture and decision-making processes had been a key contributing factor to the accident. NASA managers had known that contractor Morton Thiokol’s design of the SRBs contained a potentially catastrophic flaw in the O-rings since 1977, but they failed to address it properly. They also disregarded warnings from engineers about the dangers of launching on such a cold day and had failed to adequately report these technical concerns to their superiors. The Rogers Commission offered NASA nine recommendations that were to be implemented before shuttle flights resumed.

Shortly after Soyuz 11 undocked from Salyut 1 and made an initial retro fire, communication was lost with the crew far earlier than normal. The capsule descended and was recovered on June 29, 1971 23:17 GMT. When the hatch was opened it was discovered that the crew was dead.

Root Cause

After an apparently normal re-entry of the capsule of the Soyuz 11 mission, the recovery team opened the capsule to find the crew dead. It quickly became apparent that they had suffocated. The fault was traced to a breathing ventilation valve, located between the orbital module and the descent module, that had been jolted open as the descent module separated from the service module. The two were held together by explosive bolts designed to fire sequentially, but in fact, they fired simultaneously. The force of this caused the internal mechanism of the pressure equalization valve to loosen a seal that was usually discarded later, and normally allowed automatic adjustment of the cabin pressure. The valve opened in space, and the gradual loss of pressure was fatal within seconds. The valve was located beneath the cosmonaut’s couches, and was impossible to locate and block before the air was lost. Flight recorder data from the single cosmonaut outfitted with biomedical sensors showed death occurred within 40 seconds of pressure loss. By 935 seconds after the retrofire, the cabin pressure was zero.

Lessons Learned

The Soyuz spacecraft was extensively redesigned after this incident to carry only two cosmonauts. The extra room meant that the crew could wear space suits during launch and landing. A Soyuz capsule would not hold three cosmonauts again until the Soyuz-T redesign in 1980, which freed enough space for three cosmonauts in lightweight pressure suits to travel in the capsule.

Challenger

Background

Space Shuttle Challenger (NASA Orbiter Vehicle Designation: OV-099) was NASA’s second Space Shuttle orbiter to be put into service, Columbia being the first. Its maiden flight was on April 4, 1983, and it completed nine missions before breaking apart 73 seconds after the launch of its tenth mission, STS-51-L on January 28, 1986, resulting in the death of all seven crew members. The accident led to a two-and-a-half year grounding of the shuttle fleet, with missions resuming in 1988 with the launch of Space Shuttle Discovery on STS-26. Challenger itself was replaced by the Space Shuttle Endeavour, which first launched in 1992.

The Event

The Space Shuttle Challenger disaster occurred on January 28, 1986, when Space Shuttle Challenger broke apart 73 seconds into its flight, leading to the deaths of its seven crew members. The spacecraft disintegrated over the Atlantic Ocean, off the coast of central Florida, United States at 11:39 a.m. EST (16:39 UTC).

Disintegration of the entire vehicle began after an O-ring seal in its right solid rocket booster (SRB) failed at liftoff. The O-ring failure caused a breach in the SRB joint it sealed, allowing pressurized hot gas from within the solid rocket motor to reach the outside and impinge upon the adjacent SRB attachment hardware and external fuel tank. This led to the separation of the right-hand SRB’s aft attachment and the structural failure of the external tank. Aerodynamic forces promptly broke up the orbiter.

The crew compartment and many other vehicle fragments were eventually recovered from the ocean floor after a lengthy search and recovery operation. Although the exact timing of the death of the crew is unknown, several crew members are known to have survived the initial breakup of the spacecraft. However the shuttle had no escape system and the astronauts did not survive the impact of the crew compartment with the ocean surface.

The disaster resulted in a 32-month hiatus in the shuttle program and the formation of the Rogers Commission, a special commission appointed by United States President Ronald Reagan to investigate the accident. The Rogers Commission found that NASA’s organizational culture and decision-making processes had been a key contributing factor to the accident. NASA managers had known that contractor Morton Thiokol’s design of the SRBs contained a potentially catastrophic flaw in the O-rings since 1977, but they failed to address it properly. They also disregarded warnings from engineers about the dangers of launching on such a cold day and had failed to adequately report these technical concerns to their superiors. The Rogers Commission offered NASA nine recommendations that were to be implemented before shuttle flights resumed.

On January 28, 1986, the Space Shuttle Challenger broke apart 73 seconds into its flight, leading to the deaths of its seven crew members. The spacecraft disintegrated over the Atlantic Ocean, off the coast of central Florida, United States at 11:39 a.m. EST.

Disintegration of the entire vehicle began after an O-ring seal in its right solid rocket booster (SRB) failed at liftoff. The O-ring failure caused a breach in the SRB joint it sealed, allowing pressurized hot gas from within the solid rocket motor to reach the outside and impinge upon the adjacent SRB attachment hardware and external fuel tank. This led to the separation of the right-hand SRB’s aft attachment and the structural failure of the external tank. Aerodynamic forces promptly broke up the orbiter.

The crew compartment and many other vehicle fragments were eventually recovered from the ocean floor after a lengthy search and recovery operation. Although the exact timing of the death of the crew is unknown, several crew members are known to have survived the initial breakup of the spacecraft. However the shuttle had no escape system and the astronauts did not survive the impact of the crew compartment with the ocean surface.

The disaster resulted in a 32-month hiatus in the shuttle program and the formation of the Rogers Commission, a special commission appointed by United States President Ronald Reagan to investigate the accident. The Rogers Commission found that NASA’s organizational culture and decision-making processes had been a key contributing factor to the accident. NASA managers had known that contractor Morton Thiokol’s design of the SRBs contained a potentially catastrophic flaw in the O-rings since 1977, but they failed to address it properly. They also disregarded warnings from engineers about the dangers of launching on such a cold day and had failed to adequately report these technical concerns to their superiors. The Rogers Commission offered NASA nine recommendations that were to be implemented before shuttle flights resumed.Root Cause

The loss of the Space Shuttle Challenger was caused by a failure in the joint between the two lower segments of the right Solid Rocket Motor. The specific failure was the destruction of the seals that are intended to prevent hot gases from leaking through the joint during the propellant burn of the rocket motor.

The decision to launch the Challenger was flawed. Those who made that decision were unaware of the recent history of problems concerning the O-rings and the joint and were unaware of the initial written recommendation of the contractor advising against the launch at temperatures below 53 degrees Fahrenheit and the continuing opposition of the engineers at Thiokol after the management reversed its position. They did not have a clear understanding of Rockwell’s concern that it was not safe to launch because of ice on the pad. If the decision makers had known all of the facts, it is highly unlikely that they would have decided to launch 51-L on January 28, 1986.

Time Line

January 28, 1986,11:38:00 a.m. EST. First Shuttle liftoff scheduled from Pad B. Launch set for 3:43 p.m. EST, Jan. 22, slipped to Jan. 23, then Jan. 24, due to delays in mission 61-C. Launch reset for Jan. 25 because of bad weather at transoceanic abort landing (TAL) site in Dakar, Senegal. To utilize Casablanca (not equipped for night landings) as alternate TAL site, T-zero moved to morning liftoff time. Launch postponed a day when launch processing unable to meet new morning liftoff time. Prediction of unacceptable weather at KSC led to launch rescheduled for 9:37 a.m. EST, Jan. 27. Launch delayed 24 hours again when ground servicing equipment hatch closing fixture could not be removed from orbiter hatch. Fixture sawed off and attaching bolt drilled out before closeout completed. During delay, cross winds exceeded return-to-launch-site limits at KSC’s Shuttle Landing Facility. Launch Jan. 28 delayed two hours when hardware interface module in launch processing system, which monitors fire detection system, failed during liquid hydrogen tanking procedures.

Just after liftoff at .678 seconds into the flight, photographic data show a strong puff of gray smoke was spurting from the vicinity of the aft field joint on the right Solid Rocket Booster. Computer graphic analysis of film from pad cameras indicated the initial smoke came from the 270 to 310-degree sector of the circumference of the aft field joint of the right Solid Rocket Booster. This area of the solid booster faces the External Tank. The vaporized material streaming from the joint indicated there was not complete sealing action within the joint.

Eight more distinctive puffs of increasingly blacker smoke were recorded between .836 and 2.500 seconds. The smoke appeared to puff upwards from the joint. While each smoke puff was being left behind by the upward flight of the Shuttle, the next fresh puff could be seen near the level of the joint. The multiple smoke puffs in this sequence

occurred at about four times per second, approximating the frequency of the structural load dynamics and resultant joint flexing. As the Shuttle increased its upward velocity, it flew past the emerging and expanding smoke puffs. The last smoke was seen above the field joint at 2.733 seconds.

The black color and dense composition of the smoke puffs suggest that the grease, joint insulation and rubber O-rings in the joint seal were being burned and eroded by the hot propellant gases.

At approximately 37 seconds, Challenger encountered the first of several high-altitude wind shear conditions, which lasted until about 64 seconds. The wind shear created forces on the vehicle with relatively large fluctuations. These were immediately sensed and countered by the guidance, navigation and control system. The steering system (thrust vector control) of the Solid Rocket Booster responded to all commands and wind shear effects. The wind shear caused the steering system to be more active than on any previous flight.

Both the Shuttle main engines and the solid rockets operated at reduced thrust approaching and passing through the area of maximum dynamic pressure of 720 pounds per square foot. Main engines had been throttled up to 104 percent thrust and the Solid Rocket Boosters were increasing their thrust when the first flickering flame appeared on the right Solid Rocket Booster in the area of the aft field joint. This first very small flame was detected on image enhanced film at 58.788 seconds into the flight. It appeared to originate at about 305 degrees around the booster circumference at or near the aft field joint.

One film frame later from the same camera, the flame was visible without image enhancement. It grew into a continuous, well-defined plume at 59.262 seconds. At about the same time (60 seconds), telemetry showed a pressure differential between the chamber pressures in the right and left boosters. The right booster chamber pressure was lower, confirming the growing leak in the area of the field joint.

As the flame plume increased in size, it was deflected rearward by the aerodynamic slipstream and circumferentially by the protruding structure of the upper ring attaching the booster to the External Tank. These deflections directed the flame plume onto the surface of the External Tank. This sequence of flame spreading is confirmed by analysis of the recovered wreckage. The growing flame also impinged on the strut attaching the Solid Rocket Booster to the External Tank.

The first visual indication that swirling flame from the right Solid Rocket Booster breached the External Tank was at 64.660 seconds when there was an abrupt change in the shape and color of the plume. This indicated that it was mixing with leaking hydrogen from the External Tank. Telemetered changes in the hydrogen tank

pressurization confirmed the leak. Within 45 milliseconds of the breach of the External Tank, a bright sustained glow developed on the black-tiled underside of the Challenger between it and the External Tank.

Beginning at about 72 seconds, a series of events occurred extremely rapidly that terminated the flight. Telemetered data indicate a wide variety of flight system actions that support the visual evidence of the photos as the Shuttle struggled futilely against the forces that were destroying it.

At about 72.20 seconds the lower strut linking the Solid Rocket Booster and the External Tank was severed or pulled away from the weakened hydrogen tank permitting the right Solid Rocket Booster to rotate around the upper attachment strut. This rotation is indicated by divergent yaw and pitch rates between the left and right Solid Rocket Boosters.

At 73.124 seconds,. a circumferential white vapor pattern was observed blooming from the side of the External Tank bottom dome. This was the beginning of the structural failure of hydrogen tank that culminated in the entire aft dome dropping away. This released massive amounts of liquid hydrogen from the tank and created a sudden forward thrust of about 2.8 million pounds, pushing the hydrogen tank upward into the intertank structure. At about the same time, the rotating right Solid Rocket Booster impacted the intertank structure and the lower part of the liquid oxygen tank. These structures failed at 73.137 seconds as evidenced by the white vapors appearing in the intertank region.

Within milliseconds there was massive, almost explosive, burning of the hydrogen streaming from the failed tank bottom and liquid oxygen breach in the area of the intertank.

At this point in its trajectory, while traveling at a Mach number of 1.92 at an altitude of 46,000 feet, the Challenger was totally enveloped in the explosive burn. The Challenger’s reaction control system ruptured and a hypergolic burn of its propellants occurred as it exited the oxygen-hydrogen flames. The reddish brown colors of the hypergolic fuel burn are visible on the edge of the main fireball. The Orbiter, under severe aerodynamic loads, broke into several large sections which emerged from the fireball. Separate sections that can be identified on film include the main engine/tail section with the engines still burning, one wing of the Orbiter, and the forward fuselage trailing a mass of umbilical lines pulled loose from the payload bay.

The Explosion 73 seconds after liftoff claimed crew and vehicle. Cause of explosion was determined to be an O-ring failure in right SRB. Cold weather was a contributing factor. Launch Weight: 268,829 lbs.

Lessons Learned

The Presidential Commission on the Space Shuttle Challenger Accident made the following recommendations, which were subsequently implemented by NASA.

Recommendation I.

Solid Rocket Motor.

Independent Oversight.

Recommendation II.

Shuttle Management Structure.

Astronauts in Management.

Shuttle Safety Panel.

Recommendation III.

Criticality Review and Hazard Analysis.

Recommendation IV.

Safety Organization.

Recommendation V.

Improved Communications.

Recommendation VI.

Landing Safety.

Recommendation VII.

Launch Abort and Crew Escape.

Recommendation VIII.

Flight Rate.

Recommendation IX .

Maintenance Safeguards.

- See more at: http://engineeringfailures.org/?p=85#sthash.7UVEDUlg.dpuf

Bridges

Eastern Freeway Collapse

More than a month after about 100 tonnes of concrete came crashing down from the under-construction Eastern Freeway near Wadala — killing one person and injuring six others — independent experts probing the episode have submitted the interim inquiry report to Mumbai Metropolitan Region Development Authority (MMRDA).

Eastern Freeway collapse

The study states the reason for the accident was technical failure and not human error. Confirming the same, MMRDA commissioner Rahul Asthana said, “The interim report on the Eastern Freeway submitted to us by the experts states that the cause behind the disaster was technical and not a human error on part of the contractor.”

“The jack on which the girder supports are launched developed technical problems while the process was on following which the accident took place,” said another MMRDA official.

The three-member committee formed by MMRDA includes professor of civil engineering department from Indian Institute of Technology Rajiv Sinha, chief engineer from Public Works Department SD Tamsekar and MMRDA’s chief of transport and communication PRK Murthy.

- See more at: http://engineeringfailures.org/?p=791#sthash.8Hggjovi.dpuf

Tacoma Narrows Bridge

The Tacoma Narrows Bridge opened to traffic on July 1, 1940. Its main span collapsed into the Tacoma Narrows four months later on November 7, 1940, due to a physical phenomenon known as aeroelastic flutter caused by a 42 mph wind. The bridge collapse had lasting effects on science and engineering. In many undergraduate physics texts the event is presented as an example of elementary forced resonance with the wind providing an external periodic frequency that matched the natural structural frequency (even though the cause of the bridge’s failure was determined to be aeroelastic flutter). Its failure also boosted research in the field of bridge aerodynamics/aeroelastics which have themselves influenced the designs of all the world’s great long-span bridges built since 1940.

No human life was lost in the collapse of the bridge. However, a small dog perished after it was abandoned in a car on the bridge by its owner, Leonard Coatsworth, and by another man, both of whom were bitten by the terrified dog when they attempted to remove it. The collapse of the bridge was recorded on 16mm film by Barney Elliott, owner of a local camera shop, and shows Leonard Coatsworth leaving the bridge after exiting his car. In 1998, The Tacoma Narrows Bridge Collapse was selected for preservation in the United States National Film Registry by the Library of Congress as being “culturally, historically, or aesthetically significant.” This footage is still shown to engineering, architecture, and physics students as a cautionary tale.

Dismantling of the towers and side spans—which survived the collapse of the main span but were damaged beyond repair—began shortly after the collapse and continued into May 1943. The United States’ participation in World War II as well as engineering and finance issues delayed plans to replace the bridge.

- See more at: http://engineeringfailures.org/?p=165#sthash.Tnqx310p.dpuf

Chemicals

CASE NUMBER: 233

CASE MNEMONIC: BHOPAL

CASE NAME: Bhopal Disaster

A. IDENTIFICATION

1. THE ISSUE

Developing countries are particularly vulnerable to industrial

crises. However, industrial accidents such as Bhopal are not

just an Indian or even a Third World problem but are industrial

disasters waiting to happen , whether they are in the form of

"mini-Bhopals", smaller industrial accidents that occur with

disturbing frequency in chemical plants in both developed and

developing countries, and "slow-motion Bhopals", unseen chronic

poisoning from industrial pollution that causes irreversible

pain, suffering, and death (Weir, pp. xi-xii). These are the key

issues we face in a world where toxins are used and developed

without fully knowing the harm that can come from their use or

abuse.

2. DESCRIPTION

Developing countries, such as India, are particularly vulnerable

as they lack the infrastructure (e.g. communication, training,

education etc.) required to maintain technology but are

nevertheless, eager to set up and maintain industrial plants. As

a result, they compete globally to attract multinational

companies for their investment and capital, and in this process,

often tend to ignore the safety and health violations that many

MNC's engage in. "Developing countries confer upon MNC's a

competitive advantage because they offer low-cost labor, access

to markets, and lower operating costs. Once there, companies

have little incentive to minimize environmental and human risks.

Lax environmental and safety regulation, inadequate capital

investment in safety equipment, and poor communications between

companies and governments compound the problem" (Cassels, p.279).

The Bhopal facility was part of India's Green Revolution aimed to

increase the productivity of crops. Considered an essential

factor in the effort to achieve self-sufficiency in agricultural

production, pesticide production use increased dramatically

during the late 1960's and early 1970's. The decision to

manufacture the pesticides in India, as opposed to relying on

imports was based on India's goal of preserving foreign exchange

and its policy of industrialization (Cassels, p.39). In 1969,

Union Carbide (UCC-the parent company) set up a small plant

(Union Carbide India Ltd.- UCIL) in Bhopal, the capital city of

Madhya Pradesh, to formulate pesticides.

Bhopal was chosen as the site for the Carbide plant because of

it's central location in India, a railway system that spanned the

country, a large lake which provided a reliable source of water,

and sufficient electricity and labor to sustain a large scale

industrial plant. The MIC facility was located in the existing

Carbide plant to the north of the city, adjacent to an existing

residential neighborhood and barely two kilometers from the

railway station. Union Carbide claims that the "squatter

settlements" around the plant arrived only after it did.

However, "all three of the worst-affected communities in the

disaster apparently existed before the Union Carbide plant

opened" (Weir, p.36).

Until 1979, the Indian subsidiary of Carbide used to import MIC

or methyl isocyanate from the parent company. After 1979, it

started to manufacture its own MIC. MIC is one of many

"intermediates" used in pesticide production and is a dangerous

chemical. It is a little lighter than water but twice as heavy

as air, meaning that when it escapes into the atmosphere it

remains close to the ground. It has the ability to react with

many substances: water acids, metals, and the small deposits of

corrosive materials that accumulate in pipes, tanks, and valves.

The MIC in Bhopal was used for the production of various

pesticides, mainly Sevin brand carbaryl insecticide and Temik

brand aldicarb pesticide. All the pesticides produced at UCIL

were sold in the Indian market.

According to many, Bhopal is the site of the greatest industrial

disaster in history. On the night of December 23, 1984, a

dangerous chemical reaction occurred in the Union Carbide

factory when a large amount of water got into the MIC storage

tank # 610. The leak was first detected by workers about 11:30

p.m. when their eyes began to tear and burn. They informed their

supervisor who failed to take action until it was too late. In

that time, a large amount, about 40 tons of Methyl Isocyanate

(MIC), poured out of the tank for nearly two hours and escaped

into the air, spreading within eight kilometers downwind, over

the city of nearly 900,000. Thousands of people were killed

(estimates ranging as high as 4,000) in their sleep or as they

fled in terror, and hundreds of thousands remain injured or

affected (estimates range as high as 400,000) to this day. The

most seriously affected areas were the densely populated shanty

towns immediately surrounding the plant -- Jayaprakash Nagar,

Kazi Camp, Chola Kenchi, and the Railway Colony. The victims

were almost entirely the poorest members of the population.

This poisonous gas, caused death and left the survivors with

lingering disability and diseases. Not much is known about the

future medical damage of MIC, but according to an international

medical commission, the victims suffer from serious health

problems that are being misdiagnosed or ignored by local doctors

(Lancet, "Round...").

Exposure to MIC has resulted in damage to the eyes and lungs and

has caused respiratory ailments such as chronic bronchitis and

emphysema, gastrointestinal problems like hyperacidity and

chronic gastritis, ophthalmic problems like chronic

conjunctivitis and early cataracts, vision problems, neurological

disorders such as memory and motor skills, psychiatric problems

of various types including varying grades of anxiety and

depression, musculoskeletal problems and gynecological problems

among the victims. It is estimated that children born in Bhopal

after the disaster face twice the risk of dying as do children

elsewhere, partly because parents cannot care for them

adequately. Surprisingly enough, despite the serious health

problems and the deaths that have occurred, Union Carbide claims

that the MIC is merely a "mild throat and ear irritant" (Lancet,

"Round..." p.952).

The Bhopal disaster was the result of a combination of legal,

technological, organizational, and human errors. The immediate

cause of the chemical reaction was the seepage of water (500

liters)into the MIC storage tank. The results of this reaction

were exacerbated by the failure of containment and safety

measures and by a complete absence of community information and

emergency procedures. The long term effects were made worse by

the absence of systems to care for and compensate the victims.

Furthermore, safety standards and maintenance procedures at the

plant had been deteriorating and ignored for months. A listing

of the defects of the MIC unit runs as follows:

-Gauges measuring temperature and pressure in the various

parts of the unit, including the crucial MIC storage tanks,

were so notoriously unreliable that workers ignored early

signs of trouble (Weir, pp.41-42).

-The refrigeration unit for keeping MIC at low temperatures

(and therefore less likely to undergo overheating and

expansion should a contaminant enter the tank) had been shut

off for some time (Weir, pp.41-42).

-The gas scrubber, designed to neutralize any escaping MIC,

had been shut off for maintenance. Even had it been

operative, post-disaster inquiries revealed, the maximum

pressure it could handle was only one-quarter that which was

actually reached in the accident (Weir, pp.41-42).

-The flare tower, designed to burn off MIC escaping from the

scrubber, was also turned off, waiting for replacement of a

corroded piece of pipe. The tower, however, was

inadequately designed for its task, as it was capable of

handling only a quarter of the volume of gas released (Weir,

pp.41-42).

-The water curtain, designed to neutralize any remaining

gas, was too short to reach the top of the flare tower, from

where the MIC was billowing (Weir, pp.41-42).

-The lack of effective warning systems; the alarm on the

storage tank failed to signal the increase in temperature on

the night of the disaster (Cassels, p.19).

-MIC storage tank number 610 was filled beyond recommended

capacity; and

-a storage tank which was supposed to be held in reserve for

excess MIC already contained the MIC (Cassels, p.19).

Ironically, in Bhopal, the people living around the Union Carbide

plant were warned of potential hazards in a series of local

newspaper articles, but residents ignored these warnings because

they did not know how to react to them, while local officials

dismissed them as sensationalist reporting (Technology Review,

p.73).

Interestingly enough, Carbide tried to hide its poor safety and

maintenance record along with the other faults already mentioned,

by claiming publicly that the company was the victim of sabotage

by a 'disgruntled employee'. Yet, Carbide didn't release the

name of this employee or bring charges against him/her. However,

there is evidence to the contrary which supports the view that

Carbide (both the parent company and its Indian subsidiary) was

a negligent company that failed to improve its deteriorating

plant. Incidentally, in a report (May 1982) of the Indian

subsidiary conducted by a three-member safety team from the Union

Carbide headquarters in the U.S., indicated that "a serious

potential for sizeable releases of toxic materials in the MIC

unit either due to equipment failure, operating problems, or

maintenance problems thus requiring various changes to reduce the

danger of the plant; there is no evidence the recommendations

were ever implemented" (Weir, pp.40-41).

Furthermore, "Carbide persistently shows 'wanton and wilful

disregard for the health and safety of its workers and the

communities in which it operates'"(New Statesman and Society,

"Surviving..." p.5). Additionally, a scientific report published

by two U.S. organizations, the National Toxic Campaign and the

international Council on Public Affairs, Union Carbide continues

to be " 'a major discharger of toxic substances into the

environment, and a major generator of hazardous waste'. In 1988,

the company generated more than 300 million pounds of hazardous

waste - an increase of 70 million compared with 1987" (New

Statesman and Society, "Surviving..." p.5).

Carbide had dropped the safety standards at the Bhopal plant well

below those it maintained at a nearly identical facility in West

Virginia. It is also important to note here that Carbide was

able to operate its deteriorating plant because industrial

safety and environmental laws and regulations were lacking or

were not strictly enforced by the state of Madhya Pradesh or the

Indian government making them indirectly responsible for the

tragedy at Bhopal.

Ajka Alumina Plant (Redsludge Disaster)

On October 4, 2010, a dam wall at the Ajkai alumina plant in Ajka, Hungary, collapsed; freeing about a million cubic metres (35 million cubic feet) of liquid waste, called “red mud”.  The mud was released as a 1–2 m (3–7 ft) wave, flooding several nearby localities. At least four people died, and 123 people were injured. About 40 square kilometres (15 square miles) of land were initially affected, and there were concerns that the contamination could affect the Rába and Danube rivers.

The “red mud” that caused the accident is a waste product of the Bayer process for purifying the mineral bauxite into alumina, a form of aluminium oxide. The mud contains most of the impurities in the original bauxite; the characteristic red colour comes from hydrated iron(III) oxide, which is the main component, but it also contains titanium and vanadium compounds along with smaller amounts of other heavy metals. The mud, which is highly alkaline when it is first produced, is stored in large open-air ponds; there is thought to be about 30 million tonnes of red mud stored around the Ajkai Timföldgyár plant. According to a press release by MAL, the mud had the following chemical percentage makeup:

MaterialPercentage amount

Notes

Fe2O3 (iron-oxide) 40-45% Gives the red colour of the mud

Al2O3 (aluminium oxide) 10-15%

SiO2 (silicon dioxide) 10-15%Present as sodium or calcium-alumino-silicate

CaO (calcium oxide) 6-10%

Tio2 (titanium dioxide) 4-5%

Na2 O (bounded sodium oxide)

5-6%

It was not initially clear how the containment at the mud pond had been breached, although the accident came after a particularly wet summer in Hungary, as in other parts of central Europe. Police have seized documents from the Ajkai Timföldgyár plant, although a spokesman for Hungarian Alumina Production and Trading (MAL Magyar Alumínium Termel? és Kereskedelmi Zrt.), the company that operates the plant, said the last inspection of the pond had shown “nothing untoward”. Hungarian prime minister Viktor Orbán said human error—not flooding—likely caused the spill. The series of ponds responsible for the spill were once owned by the government, but have since been privatized, raising questions about whether profits were put before safety.

Executive Summary from the Kolontar Report

Regarding the spatial extent, duration and severity of impact, the dam break at 12:25 pm on 04. 10. 2010 and the red mud disaster in its wake turned out to be the greatest environmental crisis ever of Hungary and of the whole region. Th e spilt slurry reached the municipalities of Devecser, Kolontár, Somlóvásárhely, Somlójen?, Tüskevár, Apácatorna and Kisberzseny. The red mud contaminated the valleys of the Torna creek and the Marcal river, almost reaching the river Rába. Th rough the Torna, Marcal, Rába and the Moson branch of the Danube, the alkaline slurry entered the Danube, causing destruction in all the aff ected waters. Along the Torna and the impacted section of Marcal, practically all aquatic life was destroyed.

The disaster left 10 people dead and almost 150 injured, including local residents and the participants in the rescue operations.

The spilt mud and alkaline slurry polluted about 1,000 acres of land. Th e amount of the emitted pollutants was about 0.9–1 million cubic meters.

The fact that the devastation wrought by the dam break signifi cantly exceeded the expected impact as specifi ed in the disaster management plan can be accounted for inphysical terms by the exceedingly large water content of the slurry stored in Basin X, and  from a chemical perspective by the alkalinity of the spilt liquid, which approached

pH 13. Th e relatively high concentration of metals (arsenic, mercury, etc.) in the pollutant mix has also presented further health and environmental problems.

The Bayer process is globally the most widespread method of producing aluminium, and leads to the formation of red mud practically everywhere it is used. Currently, no economically viable and efficient solutions are available for the recovery of this slurry or tailings-like material. It is most often deposited (dumping it in the sea or in reservoirs surrounded by dams). Attempts have been made to find ways of recovering the material: red mud is used both as a raw material or an additive e.g. in manufacturing bricks, road construction and soil improvement. Furthermore, the technology for extracting metals is practically available but it is too costly. In an international context, the trend is shifting away from wet disposal technologies towards dry disposal, which poses lower risk. (Dry disposal was used in Mosonmagyaróvár until production was discontinued there.) Th e alkalinity of the deposited slurry is typically lower internationally than it is in Hungary. On the other hand, the dry technology about to be temporarily introduced in Ajka, a technology which involves blending in power plant gypsum, has not yet been implemented at an industrial level anywhere.

Following this unprecedented accident the authorities responded with the expected rapidity and decisiveness, but not always efficiently in the defence of human health, the environment and material assets impacted by the disaster or at risk. One reason for the fact that intervention was not efficient enough was lack of information (local residents and participants in the rescue operations were not informed as to the composition and pH value of the red mud, the biological effect of the slurry, the list of materials to be used in restoration and whether they were available). Th e defective communication structure was a further reason (crucial information on environmental health issues was published with a delay of several days, with significant initial inaccuracies). As a result, for several days the people impacted were on several occasions forced to make decisions potentially influencing the rest of their lives based on conflicting information (e.g. “the red mud is not harmful” vs. “the red mud is toxic and/or radioactive”). Th e deficiencies of governmental information characterising the first days after the accident were primarily mitigated by non-governmental organisations (Greenpeace, Clean Air Working Group, etc.), as they were the sources of communication regarding measurement data and useful health advice.

The red mud contained chromium, mercury, lead and nickel contaminants several times the limit values for ground water and drinking water, also exceeding intervention levels no longer in force. The majority of tests indicated arsenic concentration levels beyond the limits values defined for soil and sewage sludge.

In the first few days, public authorities and institutions stated, citing test results obtained decades earlier, that the composition of the red mud poses no significant health risk or

environmental hazard. In the first week of damage control, the population received no factual information about either the potential radioactive impact of the pollutants or the health consequences of airborne dust pollution. Th e long-term effects of soil pollution on the environment and agricultural production were not communicated to residents until February 2011. Official communications involving conflicting and often unsubstantiated information was a constant feature of the remediation process.

At the same time, the first measurements made by the Hungarian Academy of Sciences clarified what environmental authorities had managed to ignore for years: “based on analysing samples taken at different locations, the reservoir spillage takes pH values in the range 11 to 14. Consequently, the red mud should be considered as an environmentally hazardous substance.”

***

Possibly the most important statement of the Kolontár Report is that all Hungarian authorities with a role in licensing and monitoring the accident-stricken red mud reservoir had committed errors.

The Central Transdanubian Environmental, Nature Protection and Water Management Inspectorate had endorsed the classification of the deposited material as non-hazardous waste, thus significantly relaxing requirements on disposal and subsequent monitoring.

The authorities endorsed the uncorroborated disaster management plan handed in by MAL Co. Ltd.

The Inspectorate failed to engage the competent District Mining Inspectorate in the licensing process.

The notary of Ajka had prohibited the depositing of hazardous waste in the reservoir, but failed to take steps when hazardous waste was in fact deposited in the area.

Although the licensing of mining waste deposits has been the competence of the Mine Supervision since 2008, the competent District Mining Inspectorate did not check the structure of the disposal site for technological compliance, and failed to enforce use of the best available technology with regard to disposal (conversion to dry technology).

None of the authorities substantially considered the risk of a dam break.

When the privatisation contract was concluded, IPPC and BAT requirements were not taken into consideration. Neither was compliance with these requirements subsequently enforced in an exhaustive manner by either the environmental or the construction authorities.

Regarding the occurrence and the severity of accident, a decisive factor was the Hungarian authorities’ failure to treat the red mud deposited together with the slurry as hazardous waste in the course of the licensing and inspection process, even though the alkalinity of the material in the reservoir that was later damaged would have justifi ed this. Licensing hazardous waste disposal entails imposing stricter standards and the participation of more authorities than is required for treating non-hazardous waste. A more thorough procedure might have shed light the technological risks of the landfill and the deficiencies of the emergency plan.

The company acting as the landfill operator bears liability for classifying the deposited material as non-hazardous at the time of applying for the integrated environmental permit, even though the alkalinity levels clearly met the criteria for hazardous waste. Th e company also bears partial liability in failing to meet the environmental requirements specified in the privatisation contract fully and on time. Similarly, the company bears partial liability for failing to ensure the transition (or the preparation for the transition) to a dry depositing technology, at the latest, by the time of requesting the integrated environmental permit. Though it is at present an open question, local reports suggest that the company might have become aware of the stability problems of the reservoir (local residents reported works carried out in August and September to reinforce the wall of Basin X), but failed to notify any of the official bodies.

***

Furthermore, the occurrence of the accident can be linked to regulatory anomalies owing to the fact there had been defi ciencies in adopting and properly implementing EU legislation. The relevant Hungarian legislation only partially matches “Directive 2008/98/EC on waste requirements”. Th ough it should have entered into force by 12.12.2010, the Directive was not fully implemented in Hungary. An important fact concerning the issue of the responsibility of authorities is that the waste treatment plant belongs to the competence of the Mine Supervision under Hungarian legislation. Th e directive cited imposes an obligation of regular monitoring on the operator, to be carried out at least annually with regard to both the condition of the built structure and of the waste, but this obligation was not fulfilled in practice.

According to the Act on the Environment, the permit-holder (along with the owners and managers of legal entities which cause harm) has increased responsibility for damages incurred through use of the environment, a responsibility which may only be limited, or transferred under very strict conditions. However, these general rules apparently come short of providing for adequate and available fi nancial means needed to cover for the damage incurred. According to the Act adopted in 1995, the rules governing the obligation to provide a security deposit and to establish dedicated reserve funds in the course of the environmental licensing process and the rules on liability insurance

policies shall be laid down in a government decree. This objective has only been formally met so far.

On the whole, the EU legislation examined in the present analysis, provided it is adopted and implemented in line with the intent of the legislator, seems suitable for the prevention of similar accidents and for managing the consequences thereof. At the same time, there is a need to adopt uniform classifi cation criteria for hazardous waste, unified EU-wide regulation governing security deposits and liability insurance (at least for reasons concerning competition law), and a common EU environmental emergency fund set up to cover environmental damage that can not be remedied otherwise.

***

It is not possible to account for the Kolontár red mud disaster by means of a single cause. Among the potential causes and preceding events, the following should by all means be noted:

Th e conditions of privatization: it was with reference to the obligations of environmental protection that the buyer was able to acquire the Ajka Aluminium plant at a very low price. However, these obligations were not properly regulated within the contract, and there were also gaps in monitoring implementation. Moreover, the authorities allowed on more than one occasion for the owner to postpone meeting these obligations.

Defi ciencies in monitoring environmental damage-limitation: the privatisation contracts contained an obligation to provide for environmental damage-limitation, but the monitoring of how this was implemented was defi cient. No detailed documentation is available, except for written records to the effect that invoices were presented as evidence for compliance without technical inspection having taken place;

Outdated disposal technology: when the fi rst red mud reservoirs were established, the technology of wet disposal for red mud was still widespread, but much safer dry processes were already available by the time the permit for Basin X was granted, and the integrated environmental permit for the reservoir was granted;

Incorrect classification of red mud waste: when the integrated environmental permit was granted, red mud was not classifi ed as hazardous waste, even though it clearly counted as such on the basis of its pH value under the Hungarian and EU legislation then in force;

licensing and monitoring malpractice on the part of administrations: following the disaster, a court ruling was required to clarify which authority should have granted a permit for the dam building at the reservoir and carried out static stability inspection of the built structure;

the sinking of the dam (which could also be related to posterior slurry walling): satellite images clearly show that the barrier sank in certain places at a rate of 1 cm / year, creating maximum shear stress precisely at the section where the dam fi nally broke, while the sinking itself might have occurred because of the slurry walling, or because of the dam base and subsoil becoming soaked due to the slurry walling. However, no use was made of the satellite imagery in the structural engineering inspection of the dam, even though they were continuously available;

Negligence on the part of company management, the authorities and government officials: several NGOs had previously protested about the lack of environmental protection developments and the failure to carry out inspections. Th eir comments had no practical consequences at all.

The Ajka red mud disaster was unique due both to its nature and its dimensions. At least part of the lessons learned from similar industrial accidents remain valid:

The costs of remediation are eventually borne by the state, with the companies responsible for incidents almost always backing out of the process to a greater or smaller extent,

Compensation for damages only takes place in the long run, with both the range of individuals eventually receiving compensation and its extent far more limited than that originally promised,

Personal and institutional responsibility is identifi ed in the rarest of cases,

The impact of environmental damage typically lasts longer than was originally estimated.

Computers

The Pentium FDIV bug is the most famous (or infamous) of the Intel microprocessor bugs. It was caused by an error in a lookup table that was a part of Intel’s SRT algorithm that was to be faster and more accurate.

With a goal to boost the execution of floating-point scalar code by 3 times and vector code by 5 times, compared to the 486DX chip, Intel decided to use the SRT algorithm that can generate two quotient bits per clock cycle, while the traditional 486 shift-and-subtract algorithm was generating only one quotient bit per cycle. This SRT algorithm uses a lookup table to calculate the intermidiate quotients necessary for floating-point division. Intel’s lookup table consists of 1066 table entries, of which, due to a programming error, five were not downloaded into the programmable logic array (PLA).

When any of these five cells is accessed by the floating point unit (FPU), it (the FPU) fetches zero instead of +2, which was supposed to be contained in the “missing” cells. This throws off the calculation and results in a less precise number than the correct answer(Byte Magazine, March 1995).

At its worst, this error can occur as high as the fourth significant digit of a decimal number, but the possibilities of this happening are 1 in 360 billion. It is most common that the error appears in the 9th or 10th decimal digit, which yields a chance of this happening of 1 in 9 billion.

Intel has clasified the bug (or the flaw, as they refer to it) with the following characteristics:

On certain input data, the FPDI (Floating Point Divide Instructions) on the Pentium processor produce inaccurate results.

The error can occur in any of the three operating precisions, namely single, double, or extended, for the divide instruction. However, it has been noted that far fewer failures are found in single precision than in double or extended precisions.

The incidence of the problem is independent of the processor rounding modes.

The occurrence of the problem is highly dependent on the input data. Only certain data will trigger the problem. There is a probability that 1 in 9 billion randomly fed divide or remainder instructions will produce inaccurate results.

The degree of inaccuracy depends on the input data and upon the instruction involved.

The problem does not occur on the specific use of the divide instruction to compute the reciprocal of the input operand in single precision.

Furthermore, the bug affects any instruction that references the lookup table or calls FDIV. Related instructions that are affected by the bug are FDIVP, FDIVR, FDIVRP, FIDIV, FIDIVR, FPREM, and FPREM1. The instructions FPTAN and FPATAN are also susceptible. The instructions FYL2X, FYL2XP1, FSIN, FCOS, and FSINCOS, were a suspect but are now considered safe.

A 3-D plot of the ratio 4195835/3145727 calculated on a Pentium with FDIV bug. The depressed triangular areas indicate where incorrect values have been computed. The correct values all would round to 1.3338, but the returned values are 1.3337, an error in the fifth significant digit. Byte Magazine, March 1995.

The Pentium Chip Story: A Learning Experience

by Vince Emery

The pandemonium over Intel’s Pentium chip cost the company millions of dollars and could easily have been prevented. The uproar started and grew on the Internet.

June 1994: Intel testers discover a division error in the Pentium chip. Intel managers decide that the error will not affect many people and do not inform anyone outside the company. This was Intel’s first mistake. The company was right in that the division error could affect only a few customers, but not disclosing the information made Intel appear to hide a sinister secret. It sent the message to customers that Intel was not trustworthy. Disclosing the flaw upon discovery would have created only minor news, on the same low level as an automaker announcing a minor defect. (Today Intel posts all known flaws on the Internet to avoid a reccurrance of this problem.) The same month, Dr. Thomas R. Nicely, a professor of mathematics at Lynchburg College, Virginia, notices a small difference in two sets of numbers. He double-checks all his work by computing everything twice, in two different ways. Dr. Nicely spends months successively eliminating possible causes such as PCI bus errors and compiler artifacts.

Wednesday, October 19: After testing on several 486 and Pentium-based computers, Dr. Nicely is certain that the error is caused by the Pentium processor.

Monday, October 24: Dr. Nicely contacts Intel technical support. Intel’s contact person duplicates the error and confirms it, but says that it was not reported before.

Sunday, October 30: After receiving no more information from Intel, Dr. Nicely sends an email message to a few people, announcing his discovery of a “bug” in Pentium processors. (Dr. Nicely’s original email message)

That same day, Andrew Schulman, author of Unauthorized Windows 95, receives Dr. Nicely’s email.

Tuesday, November 1: Schulman forwards Dr. Nicely’s message to Richard Smith, president of Phar Lap Software in Cambridge, MA. Phar Lap’s customers write number-crunching software that could be affected by the Pentium flaw. Phar Lap programmers test and confirm the division error. Realizing the significance of the flaw, Smith immediately forwards Dr. Nicely’s message to important Phar Lap customers, to Intel, and to people at compiler companies, including Microsoft, Borland, Metaware and Watcom. He also posts the message to the Canopus forum of CompuServe with a note asking people to run Dr. Nicely’s test and report results back to Smith. This is the first public disclosure of the flaw.

Wednesday, November 2: Smith receives about ten confirmations of the error from Canopus readers. Alex Wolfe, a reporter for Electronic Engineering Times, sees Smith’s post on Canopus and starts research for a story. He forwards Dr. Nicely’s message to several people, including Terje Mathisen of Norsk Hydro in Norway.

Thursday, November 3: Mathisen confirms the flaw and emails his findings back to reporter Wolfe. Mathisen goes to the Internet newsgroup comp.sys.intel and posts a message titled “Glaring FDIV Bug in Pentium!” Within 24 hours, hundreds of technical people all over the world know about the Pentium flaw. (Note that only two days have passed since Schulman forwarded Dr. Nicely’s original message.) All hell breaks loose on the newsgroup.

Monday, November 7: Wolfe’s article runs in Electronic Engineering Times, headlined INTEL FIXES A PENTIUM FPU GLITCH. In the story, Intel says it has corrected the glitch in subsequent runs of the chip, and Steve Smith of Intel dismisses the importance of the flaw, saying, “This doesn’t even qualify as an errata (sic).” This is only the first print article about the flaw, but by this time there are hundreds of postings about it in CompuServe forums and Internet newsgroups. Allresearch results are posted in public on the Net for the world to criticize and contribute to.

Wednesday, November 9: The ruckus spills out of the technical newsgroups and into business and investment newsgroups.

Tuesday, November 15: Tim Coe of Vitesse Semiconductors and Mike Carleton of USC announce on the Net that they have reverse-engineered the way the Pentium chip handles division and created a model that predicts when the chip is wrong. By this time, a furor has erupted on the Net. Intel still claims there is no problem. Intel’s stock drops 1 3/8 points.

Tuesday, November 22: CNN’s Moneyline program looks at the issue. Steve Smith of Intel says the Pentium processor’s problem is minor.

Wednesday, November 23: MathWorks sends out what is a press release on the issue, MATHWORKS DEVELOPS FIX FOR THE INTEL PENTIUM FLOATING POINT PROCESSOR.

Thursday, November 24 (Thanksgiving holiday): The New York Times runs a story by John Markoff, CIRCUIT FLAW CAUSES PENTIUM CHIP TO MISCALCULATE, INTEL ADMITS. In the story, an Intel spokesman says the company is still sending out the flawed chips. A similar story by the Associated Press is printed by more than 200 newspapers and run on radio and television news. Intel Applications Support Manager Ken Hendren posts a message on America Online and the Internet, revealing that Intel has no one providing customer support on the Internet. Intel seems unaware of the solidity of opinion on the Net about the Pentium processor’s flaw. At this point, an offer by Intel to replace any flawed Pentium chips would have smoothed the waters. Instead, Intel makes an offer to replace a Pentium chip only after Intel had determined you used the chip in an application in which it would cause a problem. Intel customers are irate. The chip hits the fan.

Friday, November 25: This weekend, the Internet’s humor newsgroups sprout Pentium jokes.

Sunday, November 27: A notice appears on the Internet newsgroup comp.sys.intel, from Intel’s president, Dr. Andrew Grove, but bearing someone else’s “return address”. (Dr. Grove’s original posting)

Monday, November 28: Internet newsgroups are flooded with furious messages such as, “Having conclusively demonstrated themselves utterly unworthy of the public’s trust, they still seem unable to comprehend what that means.” No one from Intel responds to these posts.

November 29 – December 11: Intel receives thousands of messages and phone calls saying that Intel misses the point. Intel becomes a laughingstock on the Internet joke circuit:

At Intel, quality is job 0.999999998.

Q: Know how the Republicans can cut taxes and pay the deficit at the same time? A: Their spreadsheet runs on a Pentiumcomputer.

We are Pentium of Borg. Resistance is futile. You will be approximated.

The Intel version of Casablanca: “Round off the usual suspects.”

Q: How many Pentium designers does it take to screw in a light bulb? A: .99995827903, but that’s close enough fornontechnical people.

The situation degrades to a point past any logical response. People believe Intel does not stand behind its products. While the fury grows, Intel remains silent.

Monday, December 12: IBM issues a press release: IBM HALTS SHIPMENTS OF PENTIUM-BASED PCS. Intel counters with INTEL SAYS IBM SHIPMENT HALT IS UNWARRANTED. Internet analysts immediately demonstrate that IBM’s claims are exaggerated, but at the same time no one believes Intel.

Wednesday, December 14: Intel releases a white paper explaining the situation rationally. Too late. Intel’s communications are jammed with tens of thousands of phone calls and email messages from worried and angry customers.

Friday, December 16: Intel stock closes at $59.50, down $3.25 for the week.

Monday December 19: The New York Times prints a story by Laurie Flynn headlined INTEL FACING A GENERAL FEAR OF ITS PENTIUM CHIP. It says that eight product liability lawsuites and two shareholder suits were filed against Intel. Flynn quotes Florida Deputy Attorney General Pete Antonacci: “They’ve got to stop acting like a rinky-dink two-person operation in a garage and start acting like the major corporation they are.” About the same time, a New York Times story about the New Jersey Nets basketball team is headlined MENTALLY SPEAKING, NETS ARE PENTIUMS. Intel’s lavishly promoted brand name has become an insult.

Tuesday, December 20: Intel finally apologizes and says it will replace all flawed Pentiums upon request. It sets aside a reserve of $420 million to cover costs. It hires hundreds of customer service employees to deal with customer requests. And it

dedicates four fulltime employees to read Internet newsgroups and respond immediately to any postings about Intel or its products.

January, 1995: Intel has received commitments to purchase all the Pentium chips it can manufacture through the end of 1995.

- See more at: http://engineeringfailures.org/?p=466#sthash.oAkPT3Ve.dpuf

Hydro

The Banqiao Reservoir Dam Failure

The Banqiao Reservoir Dam, located on the River Ru in the Zhumadian Prefecture of the Chinese Henan province, failed in 1975, killing an estimated 171,000 people (although some reports estimate that number to be as high as 230,000) and destroying the homes of 11 million people. It is considered to be the biggest dam failure in history, with more casualties than any other dam failure.

Built between April, 1951 and June, 1952, the Banqiao Reservoir Dam was designed in such a way that would allow it to withstand a large flood. This type of flood, where 300 mm of rain falls per day, is known as a “once-in-1,000-years flood.” The August 1975 flood, however, was what is known as a once-in-2,000-years flood, more massive than the construction of the dam had accounted for, meaning that more than an annual amount of rain fell in only 24 hours. Records indicate that 189.5 mm of water fell every hour, which translates to 1,060 mm per day. That far exceeds the province`s average annual rainfall, which is only around 800 mm.

Chances of the devastating flood happening did not go unnoticed and on August 6, a request was made to open the dam. That request was rejected due to an existing flood in those downstream areas. By August 7, the request was granted by telegrams, which failed to get to the proper authorities. Late on August 7, Unit 34450 of the People`s Liberation Army telegraphed the very first warning for the dam failure, but in a matter of only three hours, the Shimantan Dam broke. Within 30 minutes, the water from that dam crested at the Banqiao Dam.

In the wee hours of August 8, 1975, the 24.5-meter Banqiao Reservoir Dam was breached in the aftermath of the third typhoon that had decimated China that year. Over 700 million cubic meters of floodwater was released over the course of six hours. The

Daowencheng Commune located downstream was immediately erased from history and 9,600 people were killed instantly.

Survivors recall that the dam bursting sounded like the sky above had collapsed and that the earth itself was cracking. One after another, the other 61 reservoirs located in the area, including the Shimantan Dam, collapsed. This chain reaction released another six billion cubic meters of floodwater, all to an area measuring 10,000 square kilometers.

In total, 62 dams broke and 11 million people`s lives would never be the same. Anyone who survived the initial flooding was trapped without access to food or clean water and contaminated water caused illness throughout the area. 26,000 deaths were attributed to the floodwaters, while nearly 145,000 people lost their lives because of epidemics and famine. In total, around 5,960,000 structures were destroyed, converting the Chinese landscape into one filled with corpses and disease.

After years of studying the incident, researchers concluded that it was the design of the Banqiao Reservoir Dam and the other reservoirs, along with the principles pertaining to the containment of the river, which should be blamed for the failure and subsequent calamity. While many pointed fingers at the weather forecast all those years ago, researchers are citing that the tragedy was man-made and not entirely a natural disaster.

During the late 1950s, scientists warned that any given reservoir`s flood control was being ignored and that the irrigation functions of those reservoirs were overemphasized during the heat of the construction frenzy. It has been estimated that China continues to have 87,000 reservoirs across the nation that were built during this low standard construction era and most of these have fallen into serious disrepair. On top of sub-par construction standards, the country also lacked any early warning system as well as an evacuation plan that could have saved lives.

In the aftermath of the devastation, the Banqiao Reservoir reconstruction was considered a crucial national project in The Seventh Five-Year Plan of China, which was a series of important economic and social development initiatives. The Huai River Water Resources Commission was in charge of the project with the Changjiang Gezhouba Engineering Bureau heading up the construction contract. The rebuilding project lasted from the end of 1986 to June 5, 1993.

Today, engineering programs throughout the world educate students on the devastating history of dam failures and outline the construction methods that need to be taken in order to prevent such a widespread calamity in the future.

- See more at: http://engineeringfailures.org/?p=723#sthash.h8O6z9hj.dpuf

Sayano-Shushenskaya Hydroelectric Power Station Accident

On August 17, 2009, turbine 2 of the Sayano–Shushenskaya hydroelectric power station near Sayanogorsk in Khakassia, Russia, broke apart violently. The turbine hall and engine room were flooded, the ceiling of the turbine hall collapsed, 9 of 10 turbines were damaged or destroyed, and 75 people were killed. The entire plant output, totaling 6,400 MW and a significant portion of the supply to the local grid, was lost, leading to widespread power failure in the local area, and forcing major users such as aluminum smelters to switch to diesel generators. An official report on the accident was issued on 4 October 2009.

Background

Sayano–Shushenskaya hydroelectric power station is located on the Yenisei River, near Sayanogorsk in Khakassia. Before the accident, it was the largest hydroelectric power station in Russia and the sixth-largest hydroelectric power station in the world, by average power generation. The plant is operated by RusHydro. On 2 July 2009, RusHydro announced the station’s all-time highest electricity output per 24 hours.

Turbine 2

Turbine 2 had experienced problems for a long time prior to the 2009 accident. After its installation in 1979, the first problems appeared. During 1980-1983, many more problems with seals, turbine shaft vibrations, and bearings surfaced. From the end of March to the end of November 2000, a complete reconditioning of turbine 2 was performed. Cavities up to 12 mm deep and cracks up to 130 mm long were found on the turbine wheel and repaired. Many other defects were found in the turbine bearings and subsequently repaired. In 2005 further repairs were made to turbine 2. Problems found were similar in several aspects to the defects observed during the previous repair.

From January to March 2009, turbine 2 was undergoing scheduled repairs and modernization. It was the first and only turbine in the station which was equipped with a new electro-hydraulic regulator of its rotational speed supplied by the Promavtomatika company. During the course of the repair, the turbine blades were welded, because, after a long period of operation, cracks and cavities had appeared. However, the turbine wheel was not properly rebalanced after these repairs had been completed. After the repairs, turbine 2 had increased vibration, ca 0.15 mm for the main bearing at the full load of the turbine. However it did not exceed specifications, but the increased vibration was unacceptable for long term use. The elevated vibration compared to other turbines was apparent for turbine 2 before the repair as well. The vibration exceeded the allowed specification in the beginning of July and continued to increase with accelerated speed.

On the night of 16–17 August, the level of vibration increased substantially. There were several attempts to stop the turbine. During 16 August up to 20:30, the load of turbine 2 was 600 MW, then it was reduced to 100–200 MW. On 17 August 2009 at 3:00, the load was increased again to 600 MW; at 3:30, the load was decreased to 200 MW; and at 3:45, it was increased again to 600 MW. During this time, the level of vibration was very high, and was also registered by seismic instruments in the plant. During attempts to shut it down, the rotor inside the turbine was pushed up, which in turn created pressure pushing up on the turbine cover. The cover was kept in place by 80 bolts of 8-centimetre (3.1 in) diameter.

During the morning of 17 August 2009, 50 people were around turbine 2. As the plant general director, Nikolai Nevolko, was celebrating his 17th anniversary, early in the morning he went to Abakan to greet the arriving guests, and none of the workers present wanted to make or had no authority to make decisions about further actions regarding the turbine. It seems they were used to those high levels of vibration.

Turbine 2 was started on 16 August 2009 at 23:14 local time. At 23:44 it was running at full load of 600 MW. During the night its load varied between 10 and 610 MW. At the moment of the accident, which was 8:13 local time (00:13 GMT), its load was 475 MW and water consumption was 256 m3/s (9,000 cu ft/s). Vibration of the bearing was 0.84 mm which exceeded the values of other turbines by more than fourfold. The work life defined by the manufacturer for the turbines was specified for 30 years. At the moment of accident the age of the turbine was 29 years and 10 months.

The turbines of this type have a very narrow working band at high efficiency regimes. If this band is exceeded the turbines begin to vibrate, caused by the pulsation of water flow and waters strokes. These vibrations and shocks on the turbines will degrade them over time. These problems were observed many times in the plant.

On the day of accident the turbines worked at working level 212 metres (696 ft). At this pressure the recommended power band for the turbines is 570–640 MW (band III) and the allowed band is 0-265 MW also (band I). Band 265–570 MW (band II) at this pressure is not recommended and output over 640 MW (band IV) is forbidden. On the day of accident turbine 2 worked as the plants power output regulator and due to this, its output power changed constantly. The turbine often operated in band II regime which is accompanied with pulsation and strokes of water flow.

Accident

The accident occurred on 17 August 2009 at 08:13 local time (00:13 GMT). There was a loud bang from turbine 2. The turbine cover shot up and the 920-tonne (910-long-ton; 1,010-short-ton) rotor then shot out of its seat. After this, water spouted from the cavity of the turbine into the machinery hall. As a result, the machinery hall and rooms below

its level were flooded. At the same time, an alarm was received at the power station’s main control panel, and the power output fell to zero, resulting in a local blackout. Thesteel gates to the water intake pipes of the turbines, weighing 150 tonnes (150 long tons; 170 short tons) each, were closed manually by opening the valves of hydraulic jacks keeping them up between 8:35  and 9:20 hours (9.30 by official report). The operation took 25 minutes, which is near the minimum time (highest speed) allowed for this operation. The emergency diesel generator was started at 11:32. At 11:50, the opening of 11 spillway gates of the dam was started and was finished at 13:07. 75 people were later found dead.

Nine out of the ten turbines were operating at the time, with a total output 4,400 MW. Turbine ? 6 was undergoing scheduled maintenance, but was ready for a restart.

Oleg Myakishev, a survivor of the accident, described it as follows:

…I was standing upstairs when I heard some sort of growing noise, then I saw the corrugated turbine cover rise and stand on end. Then I saw the rotor rising from underneath it. It was spinning. I could not believe my eyes. It rose about three meters. Rocks and pieces of metal went flying, we started to dodge them… At that point the corrugated cover was nearly at roof level, and the roof itself had been destroyed… I made a mental calculation: the water is rising, 380 cubic meters per second, so I took to my heels and ran for the ? 10 turbine. I thought that I wouldn’t make it, I climbed higher, stopped, looked down, and saw everything getting destroyed, water coming in, people trying to swim… I thought: someone must urgently shut the gates to stop the water, manually… Manually, because there was no power, none of the protection systems had worked…

On 9 September 2009 at 17:40 local time (09:40 GMT), a fire started in the turbine hall during repair works. Around 200 people were evacuated. There were no fatalities or injuries. According to RusHydro the fire was extinguished “within a few minutes”.

Cause

On 4 October 2009 the official report about Sayano-Shushenskaya hydro accident was published by the Federal Environmental, Technological and Atomic Supervisory Service (Rostekhnadzor) on its website. However, later the report and the press release on the report were removed from the website.

Names of people killed and those who bear responsibility for the accident, and other data including a historical and technical review about the plant and plans for its future, are given in the report. The report states that the accident was primarily caused by the turbine vibrations which led to the fatigue damage of the mountings of the turbine 2, including the cover of the turbine. It was also found that at the moment of accident at

least six nuts were missing from the bolts securing the turbine cover. After the accident 49 recovered bolts were investigated from which 41 had fatigue cracks. On 8 bolts, the fatigue damaged area exceeded 90% of the total cross-sectional area.

According to this report, on 17 August 2009 at 1:20AM (local time) there was a fire at the hydroelectric power station of Bratsk which broke both communications and the automatic driving systems of other power plants in the region, including Sayano-Shushenskaya. The situation was recovered on 17 August 2009 at 15:03. At 8:12AM local time, turbine 2’s output power was reduced by the turbine regulator and it entered into the non-recommended powerband II. Shortly after this, the bolts keeping the turbine cover in place were broken, and under water pressure of about 20 bars (2,000 kPa), the spinning turbine with its cover, rotor, and upper parts started to move up, destroying machinery hall installations. At the same time, pressurized water flooded the rooms and continued damaging plant constructions.

According to Rostekhnadzor, the automatic shutdown system of the water intake pipes’ gates failed after failure of the turbine 2. This accusation was dismissed by Rakurs, the company which designed the automated safety system for the plant.

Media speculation

According to the newspaper Izvestia, the increased vibration of turbine 2 was going on for some 10 years and was well-known to the plant personnel. According to the former director of Irkutskenergo, Viktor Bobrovski, the accident could have been caused by an incorrect start-up process of the turbine which resulted in an hydraulic pressure surge, or the excess load of the turbine caused by the peak consumption of electricity. According to Bobrovski, it is common practice in the region to compensate for peak load by overloading hydroelectric power plants, and the energy system of the region is near collapse, as the main goal of its owners is to take out as much profit as possible cutting down on maintenance, investment, safety, and educational costs. Since the load for other turbines ceased after the collapse of the turbine 2, they probably started to spin without load at increasing speed until they smashed. He said that former director of Sayano–Shushenskaya hydroelectric power station, Valentin Bryzgalov, had alerted that it is dangerous to operate the plant at its maximum loads when the turbines are starting to vibrate in the axial direction. He said that the accident probably would not have had such catastrophic results if the safety systems had worked and the safety rules had been followed.

The former general director of the plant, Alexander Toloshinov, has said that the accident was most likely due to a “manufacturing defect” in a turbine. According to Toloshinov, the construction of the turbine blades of this type of turbine is not very reliable and cracks are known to develop in them under some working conditions.

On 11 September 2009, RusHydro refuted allegations that the dam overwhelmed the machinery hall leading to the destruction of turbine 2. According to RusHydro, displacements of the dam are seasonal and have been reduced in recent years. The maximum displacement (141.5 millimetres / 5.57 inches) was recorded in 2006, which was below the allowed maximum of 145.5 mm (5.73 in). According to RusHydro, the scope of displacement between the anchor legs and the machinery hall does not exceed 2.3 mm (0.091 in), which is less than the width between them (50 mm/2.0 in), and therefore the dam cannot overwhelm the machinery hall.

- See more at: http://engineeringfailures.org/?p=703#sthash.2lJXZKzY.dpuf

News

Fukushima nuclear power plant disaster was man-made and preventable, report says

A report from the Fukushima Nuclear Accident Independent Investigation Commission said the 2011 disaster at the Fukushima Daiichi nuclear power plant on the east coast of Japan was not the result of natural events, yet it was “man-made.”

“The earthquake and tsunami of March 11, 2011 were natural disasters of a magnitude that shocked the entire world,” wrote commission Chairman Kiyoshi Kurokawa in the report. “Although triggered by these cataclysmic events, the subsequent accident at the Fukushima Daiichi Nuclear Power Plant cannot be regarded as a natural disaster. It was a profoundly man-made disaster – that could and should have been foreseen and prevented.”

The investigation included more than 900 hours of hearings and interviews with 1,167 people. The commission also made nine visits to nuclear power plants, including the Fukushima Daiichi plant. After their six-month-long investigation, the investigative panel concluded that the accident was the result of “collusion” between the government, the regulators and the Tokyo Electric Power Co., and the “lack of governance” by all three parties.

“They effectively betrayed the nation’s right to be safe from nuclear accidents,” the report said.

The commission made seven recommendations for the future of nuclear power generation in Japan, ranging from the monitoring of the nuclear regulatory body by the National Diet of Japan to reforming laws related to nuclear energy.

- See more at: http://engineeringfailures.org/?p=732#sthash.nUAF0ZrA.dpuf

Puerto Rico Gas Explosion

The Humberto Vidal Explosion (sometimes also referred to as the Río Piedras Explosion) was a gas explosion that occurred on November 21, 1996 at the Humberto Vidal shoe store located in Río Piedras, Puerto Rico. The explosion killed 33 and wounded more than 80 others when the building collapsed. It is considered one of the deadliest disasters to have occurred on the island.

The investigation of the NTSB revealed that several persons had reported an alleged gas leak in the building in the days leading up to the explosion. The store had no gas supply, so another nearby gas line looked like the culprit. It was discovered that a gas pipe which carried the heavier-than-air propane gas was broken. A few years earlier, a water main was installed below, which bent the pipe in the process. When the pipe had been installed, it was already in tight bend, adding to its stress levels. The addition of the water main caused it to break.

The deadly gas was able to get into the shop basement from migrating around and over pipes, causing the bad smell. However the biggest problem was that the gas company technicians were unable to detect the gas before the blast. Investigators discovered that holes used to detect gas below were only 46 cm (1.5 feet) deep when the gas was about 4 feet down, therefore, there was no way it could be detected in this manner. The most crucial error came in the basement inspection. The technician was supposed to turn his equipment on in fresh air before entering the building, but he instead turned it on once inside the building, thus detecting no gas.

The ignition source was an air conditioning switch with heated wiring, causing the whole building to be stripped to its skeleton.

The San Juan Gas Company vehemently denied responsibility and suggested that it could have been caused by sewer gas instead. However, the lighter-than-air sewer gas collects in the ceiling, while propane collects on the floor. The explosion showed that stored shoes were tossed up, meaning that the fuel had to be at ground level.

- See more at: http://engineeringfailures.org/?p=695#sthash.THOzqG8z.dpuf

Orange goo baffles remote Alaska village

Orange goo baffles remote Alaska village

In this Aug. 5, 2011, photo, Emmanuel Hignutt with the Alaska Department of Environmental Conservation health lab shows samples of orange goo in Anchorage, Alaska. The samples were collected Aug. 3, 2011, in Kivalina, Alaska, after the mysterious goo came in from the Wulik River into the village’s harbor. (AP Photo/Mark Thiessen)

ANCHORAGE, Alaska (AP) — Leona Baldwin’s husband saw it first, and she got on the marine radio to alert others in the remote Alaska village of Kivalina that a strange orange goo was sitting on top of the town’s harbor.

The news attracted all the townspeople, anxious to get a gander of the phenomenon that covered much of the harbor and then began washing ashore Wednesday.

The next day it rained, and residents found the orange matter floating on top of the rain buckets they use to collect drinking water. It was also found on one roof, leading them to believe whatever it was, it was airborne, too.

By Friday, the orange substance in the lagoon had dissipated or washed out to sea, and what was left on ground had dried to a powdery substance.

Samples of the orange matter were collected in canning jars and sent to a lab in Anchorage for analysis.

Until results are known, Kivalina’s 374 residents will likely continue to wonder just what exactly happened in their village.

“Certainly at this point it’s a mystery,” said Emanuel Hignutt, a chemist with the state Department of Environmental Conservation lab in Anchorage.

Kivalina, an Inupiat Eskimo village, is located at the tip of an 8-mile barrier reef on Alaska’s northwest coast, and is located between the Chukchi Sea and Kivalina River to the north and the Wulik River to the south.

Villagers have never seen anything like this before, and elders have never heard any stories passed down from earlier generations about an orange-colored substance coming into town.

“This is the first for Kivalina, as far as I know,” said 63-year-old Austin Swan, a city council member.

Portions of the samples will also be sent to the University of Alaska Fairbanks and to a National Oceanic and Atmospheric Administration lab in South Carolina for testing.

“There’s a number of experts in the areas who can identify if it’s an organic material, for example, and what species this is, or perhaps it’s not an organic material, and we’re going to determine that, as well,” Hignutt said.

The Coast Guard already has ruled out that the orange material, which some people described as having a semi-solid feel to it, was man-made or a petroleum product.

That leaves algae as the best guess, said village administrator Janet Mitchell.

The concern is if it’s somehow harmful. What will it do to fish, which villagers will soon start catching to stock up for winter, or the caribou currently being hunted, or the berries?

“We rely 100 percent on subsistence,” she said.

Swan helped collect some samples for testing, and waded out into the lagoon. He grabbed some of the substance in his gloved hand.

“It was really light, a powdery look to it, and it was just floating on there, all bunched up together,” he said. “It looked like it could blow away very easily.”

He said some of the material had a sheen to it, like it was oil.

“But I couldn’t feel the oil at all, any texture at all.”

When the material bunched up in the lagoon, it created 10 foot-by-100 foot swaths of glimmering orange.

“When the wind came in, it narrowed them to a few feet wide. The color was a bright neon orange,” said Frances Douglas, a member of the city council.

“It pretty much covered the south end of the lagoon in streaks,” she said of the attraction, which drew many residents.

“Pretty much, everybody was baffled,” she said.

City personnel went to a pump house two miles away on the Wulik River, and found the material there, too. The village is also about 40 miles from the Red Dog zinc mine, but officials there assured the village the substance didn’t come from them.

Since the substance was unknown, city officials cautioned residents to keep children away from the orange goo and for residents to boil their water before drinking it.

But Mitchell said water is another concern since they don’t have much reserve in the city’s two water tanks.

The tanks need to be filled this summer from the Wulik River to make it through the winter, but the city had to stop pumping last month before the goo showed up because of rain disturbances. And they may not be able to resume pumping until they find out what the substance is.

“Right now, we’re going to have to go on water conservation, use it for consumption and try not to use it for washing,” she said. “That’s going to be difficult.”

Kivalina wasn’t alone in reporting the strange orange substance last Wednesday.

Shannon Melton said she was boating on the Buckland River about 150 miles southeast of Kivalina, and the river was not its normal color. “It was orange looking,” she said.

She took the boat out again on Thursday to go berry picking, and said the river had returned to its normal color, but some of the creeks off the river still had the orange tinge to them.

- See more at: http://engineeringfailures.org/?p=675#sthash.tfBv1RQu.dpuf

Trojan asteroid tags along on Earth’s orbit

July 28, 2011

Turns out the moon’s not the Earth’s only traveling companion. Space scientists have discovered an asteroid that’s been following our fair planet for thousands of years, at least — and there may be many more where it came from, according to a recent study.

If other so-called Trojan asteroids are found, they could turn out to be ideal candidates for a visit from astronauts, something NASA hopes will be possible within the next 15 years.

Most of the asteroids in the solar system populate the belt of rocky debris between Mars and Jupiter. But planets can pull asteroids into their orbits, too. More than 4,000 Trojan asteroids have been discovered around the gas giant Jupiter, along with a few around Neptune and Mars.

But no such asteroid had ever been found near Earth. That led some scientists to believe that our planet lacked an entourage.

But others proposed a different explanation: Perhaps there were Trojan asteroids in Earth’s orbit around the sun, but they were simply hidden from view.

The problem was this: In order for an asteroid to attain a stable position in a planet’s orbit, it must find the spot where the gravitational pull of the planet and that of the sun cancel each other out. Two of these spots, called Lagrangian points, lie along a planet’s orbit — one ahead of the planet and one behind it. Drawing straight lines between the Earth, the sun and a Lagrangian point produces a triangle whose sides are equal in length. An asteroid there would hover in the sky at a 60-degree angle from the sun.

Any object that close to the sun would be difficult to see from Earth because it would be overhead mostly during broad daylight, as invisible as the stars.

But Martin Connors, a space scientist at Athabasca University in Alberta, Canada, had an idea. Maybe NASA’s Wide-Field Infrared Survey Explorer, which aims its lens 90 degrees away from the sun, would be able to pick up an oddball Trojan with an eccentric orbit.

Indeed it did. Connors found one candidate whose strange path over six days in late 2010 seemed to match the unevenly elongated orbit typical of Trojans. His team confirmed the Trojan’s identity by spotting it a few months later with another telescope in Hawaii.

“This is pretty cool,” said Amy Mainzer, a scientist at the Jet Propulsion Laboratory who wasn’t involved in the study, which was published online Wednesday by the journal Nature. “It’s a new class of near-Earth object that’s been hypothesized to exist.”

And if more Trojan asteroids can be found, researchers said, they could be ideal for astronaut visits and the mining of precious resources. (This particular asteroid is too tilted with respect to the solar system to make a good candidate, Mainzer said.)

Stuffed into a forgotten closet in the sky, such relics could also give scientists a fresh glimpse into the early formation of the solar system.

- See more at: http://engineeringfailures.org/?p=592#sthash.sEapJBzo.dpuf

Nuclear

Fukushima nuclear power plant disaster was man-made and preventable, report says - See more at: http://engineeringfailures.org/?p=732#sthash.hkfTkbQ3.dpuf

A report from the Fukushima Nuclear Accident Independent Investigation Commission said the 2011 disaster at the Fukushima Daiichi nuclear power plant on the east coast of Japan was not the result of natural events, yet it was “man-made.”

“The earthquake and tsunami of March 11, 2011 were natural disasters of a magnitude that shocked the entire world,” wrote commission Chairman Kiyoshi Kurokawa in the report. “Although triggered by these cataclysmic events, the subsequent accident at the Fukushima Daiichi Nuclear Power Plant cannot be regarded as a natural disaster. It was a profoundly man-made disaster – that could and should have been foreseen and prevented.”

The investigation included more than 900 hours of hearings and interviews with 1,167 people. The commission also made nine visits to nuclear power plants, including the Fukushima Daiichi plant. After their six-month-long investigation, the investigative panel concluded that the accident was the result of “collusion” between the government, the regulators and the Tokyo Electric Power Co., and the “lack of governance” by all three parties.

“They effectively betrayed the nation’s right to be safe from nuclear accidents,” the report said.

The commission made seven recommendations for the future of nuclear power generation in Japan, ranging from the monitoring of the nuclear regulatory body by the National Diet of Japan to reforming laws related to nuclear energy.

- See more at: http://engineeringfailures.org/?p=732#sthash.hkfTkbQ3.dpuf