Henry:
“Yes, they fixed the known issues. But doubts linger around whether that
list was really complete, and around the possibility that human error
might compromise hardware that can cope if everything is done right. The
fundamental problem is that solids are not very fault-tolerant and their
failure modes tend to be unsurvivable, so a lot of "what if X happens?"
questions are answered "we really hope it doesn't". At some point that
answer is inevitable, but better it should show up only for really
implausible cases.”
I may answer my own question, but it has something to do with
combustion/thrust instabilities and inability to shut it off without
activating the FTS/RSS, doesn't it?
It's not impossible to shut solids down -- and in fact, solid boosters
were selected for the Shuttle on the assumption that they *could* be shut
down in emergency cases -- but it tends to be a somewhat violent process,
and when it turned out that the ET and orbiter wouldn't survive it, the
choice of solids was not reconsidered.
Being able to shut things down safely is definitely important to graceful
handling of many "what if" cases.
Henry