FALCON USER’S GUIDE Table 1-1: Key safety features of Falcon launch vehicles Design/Operations Feature Safety Benefit Designed to NASA human-rating margins and safety Improves reliability for payloads without crew through requirements increased factors of safety, redundancy and fault mitigation Horizontal manufacturing, processing and integration Reduces work at height during numerous manufacturing, processing and integration procedures, and eliminates many overhead operations All-liquid propulsion architecture; fuel and oxidizer are Significantly improves safety by eliminating hazardous stored separately on the ground and in the vehicle. ground handling operations required for systems that Propellant is not loaded into the vehicle until the vehicle use solid propellant cores or boosters is erected for launch Rocket-grade kerosene and liquid oxygen as primary Reduces health hazards to processing, integration, and propellants recovery personnel compared to systems that use high toxicity primary propellants Non-explosive, pneumatic release and separation Zero-debris separation systems significantly reduce systems orbital debris signature, can be repeatedly tested during the manufacturing process, and eliminate hazardous pyrotechnic devices Regular hardware-in-the-loop (HITL) software testing Complete verification of entire mission profile prior to flight 1.5 FALCON RELIABILITY 1 A study by The Aerospace Corporation found that 91% of known launch vehicle failures in the previous two decades can be attributed to three causes: engine, avionics, and stage separation failures. With this in mind, SpaceX incorporated key engine, avionics, and staging reliability features for high reliability at the architectural level of Falcon launch vehicles. Significant contributors to reliability include: 1.5.1 ENGINES The Merlin engine that powers the Falcon family of launch vehicles is the only new hydrocarbon engine to be successfully developed and flown in the U.S. in the past 40 years. It has the highest thrust-weight ratio of any boost engine ever made. The liquid-propelled Merlin powers the Falcon propulsion system. The engine features a reliable turbopump design with a single shaft for the liquid oxygen pump, the fuel pump, and the turbine. The engine uses a gas generator cycle instead of the more complex staged combustion cycle. The regeneratively cooled nozzle and thrust chamber use a milled copper alloy liner that provides large heat flux margins. A pintle injector provides inherent combustion stability. Engine failure modes are minimized by eliminating separate subsystems where appropriate. For example, the first-stage thrust vector control system pulls from the high-pressure rocket-grade kerosene system, rather than using a separate hydraulic fluid and pressurization system. Using fuel as the hydraulic fluid eliminates potential failures associated with a separate hydraulic system and with the depletion of hydraulic fluid. The high-volume engine production required to fly 10 Merlin engines (Falcon 9) or 28 engines (Falcon Heavy) on every launch results in high product quality and repeatability through process control and continuous production. Flying several engines on each mission also quickly builds substantial engineering data and flight heritage. During Falcon launch operations, the first stage is held on the ground after engine ignition while automated monitors confirm nominal engine operation. An autonomous safe shutdown is performed if any off-nominal condition is detected. 1 Chang, I-Shih. “Space Launch Vehicle Reliability,” Aerospace Corporation Publication (2001). © Space Exploration Technologies Corp. All rights reserved. 3