Maintenance Mindset: A case study in integrity and failure – the Challenger disaster

Welcome to Maintenance Mindset, our editors’ takes on things going on in the worlds of manufacturing and asset management that deserve some extra attention. This will appear regularly in the Member’s Only section of the site. This week's column features guest contributor Michael D. Holloway, President of 5th Order Industry.

Key takeaways

• Organizational pressure can distort engineering judgment; safety requires prioritizing evidence over schedules.
• Independent research can validate field data and strengthen engineers’ risk assessments against organizational bias.
• Clear, context-driven data presentation is essential—misframing results can hide critical safety risks.

On January 28, 1986, the Space Shuttle Challenger disintegrated 73 seconds after launch, killing all seven crew members. The direct cause was failure of an O-ring seal on the right solid rocket booster (SRB). But the deeper cause was a breakdown in how data was measured, interpreted, and acted upon. The evidence was present long before the launch, yet organizational pressures and misframing of risk led to one of the most visible engineering failures in history.

Technical background: O-rings and temperature sensitivity

Each SRB used field joints sealed with elastomer O-rings designed to prevent hot gases from escaping. In normal conditions, the O-ring would flex and form a tight seal once pressurized. At colder temperatures, however, elastomers lose flexibility. Their glass transition temperature (Tg) becomes critical: if the material shifts toward brittleness, sealing capability is delayed or lost.

From 1981 onward, engineers documented multiple cases of “blow-by,” where combustion gases partially eroded O-rings before full sealing occurred. These warnings became more urgent as data showed erosion was worse in colder launches.

Independent academic investigation

In January 1986, just weeks before the launch, I was studying elastomer behavior as part of my senior thesis under the supervision of Dr. George Morris, professor and consulting scientist at Raytheon Corporation in Middletown, Rhode Island. I was provided with samples of the O-ring material, a pyrolyzed polysulfide compound. My analysis showed that the material had undergone a shift in its glass transition state. The result was a stiffer product at low temperatures, with increased susceptibility to fissures and microcracks.

I documented these findings in my thesis and shared the research and analysis with Morton Thiokol and Caltech. The data aligned with what engineers at Thiokol were already observing in the field: the material’s properties made it dangerously unreliable in the cold launch conditions forecast for January 28.

The data integrity breakdown

On January 27, Thiokol engineers presented NASA with charts highlighting the risks of O-ring erosion. Their recommendation was to delay the launch until warmer temperatures. However, the data presentation emphasized past “successful” launches rather than statistical failure probability. The effect was that risk looked tolerable when, in fact, the cold launch condition was outside any proven safe boundary.

NASA managers, under political and schedule pressure, dismissed the warnings as inconclusive. Thiokol executives, facing direct pressure from NASA, overrode their engineers and approved launch. The decision was not driven by lack of data, but by misinterpretation and organizational bias.

At launch, temperatures at Kennedy Space Center were 36°F. The right SRB’s aft joint O-ring, already stiffened from low temperature and Tg shift, failed to seat in time. Hot gases leaked, eroding both O-rings and burning through the joint. At 73 seconds, a jet of flame breached the external fuel tank, igniting liquid hydrogen and oxygen. Challenger was destroyed.

Lessons in data integrity

1. Material science must be tied directly to risk analysis. The O-ring Tg shift and fissure risk were known. Translating that material property data into probability-of-failure terms was the missing link.
2. Independent academic research is vital. The findings I shared with Morton Thiokol and Caltech were consistent with field data. External review could have reinforced Thiokol’s engineers and made dismissal harder.
3. Presentation of data matters as much as data itself. Charts showing “flights versus erosion” obscured the temperature-risk trend. A simple regression model on O-ring erosion versus launch temperature would have made the danger clear.
4. Organizational pressure distorts interpretation. NASA required “proof” of failure, when reliability engineering operates in probability. Waiting for proof meant accepting catastrophic risk.

Broader implications for aerospace safety

The Challenger disaster reshaped aerospace safety protocols. The Rogers Commission confirmed that engineering concerns were known but suppressed or reframed. It highlighted that data integrity involves more than measurement. It requires clarity, independence, and organizational courage.

The O-ring failure was not a mystery. The data was in hand, both from field experience and laboratory analysis of material properties. The catastrophe occurred because decision-makers discounted that evidence and prioritized schedule over safety. The Challenger stands as a permanent reminder: data integrity requires more than numbers; it requires that warnings be heeded, that evidence be presented with clarity, and that organizational systems respect science over pressure.