Human Nature

Shaken to the Core

I’ll feel safer about nuclear power when the industry looks more shaken by what happened in Japan.

Gregory Jaczko, chairman of the Nuclear Regulatory Commission

On Wednesday, Gregory Jaczko, the chairman of the U.S. Nuclear Regulatory Commission, testified before a Senate subcommittee about the nuclear crisis in Japan. He assured the committee of “our continuing confidence in the safety of the U.S. commercial nuclear reactor fleet.” In their opening statements, Jaczko and William Levis, an executive representing the industry’s Nuclear Energy Institute, used variants of the words assure, ensure, and confident 21 times.

I don’t want to hear the industry and its regulators talk this way after Fukushima. I don’t want to hear confidence and assurances. I want to hear humility and a ruthless re-examination of assumptions.

I understand the need to put Fukushima in perspective. I agree with Jaczko and Levis about the relative safety of nuclear power. Measured by accidents, direct fatalities, and indirect health damage, nuclear energy is many times safer than fossil fuel production. It’s even safer than hydroelectricity, which has killed thousands of people in dam failures. But the key to nuclear safety isn’t confidence. It’s doubt.

The power of modern science comes from its relentless self-scrutiny. Nothing is certain; everything is open to challenge. Karl Popper, the great philosopher of science, distilled the essence of the enterprise: We test hypotheses against reality not to prove them, which is impossible, but to falsify or modify them.

That’s how we should think about Fukushima. The Fukushima Daiichi nuclear plant was built and upgraded according to the worst-case assumptions of the industry and its regulators. Those assumptions have just been spectacularly falsified. Our job now is to figure out what they got wrong.

In his written testimony, Jaczko told the committee:

There are many factors that assure us of ongoing domestic reactor safety. We have … used a philosophy of Defense-in-Depth, which recognizes that nuclear reactors require the highest standards of design, construction, oversight, and operation. … Designs for every individual reactor in this country take into account site-specific factors and include a detailed evaluation for natural events, such as earthquakes, tornadoes, hurricanes, floods, and tsunamis, as they relate to that site. There are multiple physical barriers to radiation in every reactor design. Additionally, there are both diverse and redundant safety systems that are required to be maintained in operable condition and frequently tested to ensure that the plant is in a high condition of readiness to respond to any situation.

It’s true that reactors are designed to standards far higher than any oil, gas, or coal facility. And defense in depth—the inclusion of backup safeguards in case your primary safeguards fail—is exactly the kind of self-doubting philosophy Popper would have endorsed. But at Fukushima, our defenses weren’t deep enough. The Daiichi facility’s “evaluation for natural events” underestimated the magnitude and ramifications of the worst-case quake. The plant was “frequently tested” to ensure readiness for “any situation”—but apparently not for the situation that actually happened. The safety systems seemed “diverse and redundant” but in fact were all taken out by the same chain of events. And once the radiation began to leak, the country had no remotely operated vehicles prepared to fight the meltdown where humans couldn’t go. It wasn’t defense in depth that failed. It was our implementation of that idea.

The hearing was full of buzzwords conveying empty certainty. “Detailed evaluation” based on what details? “Frequently tested” against what?  “Redundant” how? Levis, the industry executive, said, “U.S. nuclear power plants are safe” because they’re designed “to manage the maximum credible challenges appropriate to each nuclear power plant site.” Maximum credible challenges? I bet that’s what Japanese executives used to say about Daiichi.

Jaczko told the committee that nuclear power stations being planned today “have enhanced designs and enhanced safety features that at least at the design stage and on paper seem to indicate that they would have an inherent safety advantage over the existing plants.” But the Fukushima disaster wasn’t on paper. It melted the paper on which previous safety assurances were based.

When Jaczko was asked about spent nuclear fuel, he noted that the NRC had “recently affirmed a decision we’ve made over the years that we call our waste confidence decision. … We believe for at least 100 years, that fuel can be stored with very little impacts to health and safety or to the environment.” As to whether the fuel should be stored in dry casks or pools, he told the senators, “The information we have right now shows that both of these methodologies are equally safe for a very long period of time.” But Ernest Moniz, an MIT expert on nuclear energy, was more candid about these calculations. “We think that there is a good case to be made for the integrity of 100-year storage,” Moniz testified. “But the reality is, it’s based upon an extraordinarily skimpy database. “

This is the core of nuclear overconfidence: drawing rosy projections from “information” and “methodologies” that were based on very little data and have now been called into question by the data from Fukushima: earthquake, tsunami, hydrogen explosions, cracked storage pools, radiation leakage. Take it from me: Two days into the Japan crisis, when the reactor cores appeared undamaged, I went beyond the industry’s worldwide safety record and said the Daiichi plant had survived everything that could have gone wrong. Then more things went wrong.

Look at the global safety report I cited, which was issued last year by the Nuclear Energy Agency of the Organization for Economic Co-operation and Development. The report correctly notes that historically, nuclear power has been far safer than fossil fuels. But it also projects the nuclear industry’s future safety based on “probabilistic safety assessment.” The report calls PSA a “systematic and comprehensive technique to evaluate risks associated with complex systems such as nuclear power plants.” The evaluation is based on 1) “the initiating faults and sequences of events that could lead to core damage,” 2) the “consequences of core damage,” and 3) “how likely are these events to occur.” According to the PSA evaluation, a reactor like the one at Fukushima might suffer core damage every 800 to 1,000 years.

Less than a year later, Fukushima suffered core damage.

I’m not saying we can’t trust nuclear power. I’m saying our trust depends on rigorous study of nasty surprises. Sen. Dianne Feinstein, the California Democrat who chaired Wednesday’s hearing, got it right when she called for “rethinking,” “self-reassessment,” and accident response systems agile enough to address “scenarios we never imagined.” Jaczko, too, got it right when he defined the NRC as a “learning organization” committed to “continuous improvement.” He spoke of preparing nuclear plants for “beyond-design-basis accidents”—scenarios unaccounted for in the plants’ highly touted construction plans. And Levis, in his concluding remarks, found the right tone of humility. “What is it that we don’t know?” he asked. “If the heat sink is lost, what would you do? If you lost emergency A/C power, what would you do? We ask ourselves continually those what-if questions, and ‘What have we missed here?’ “

Keep asking those questions, and we’ll all feel safer.

(My recommended reading: Amory Lovins at National Geographic’s Great Energy Challenge  warns that U.S. regulation of nuclear power “ is not clearly better than Japanese regulation, nor more transparent.” Greenpeace tells BoingBoing that the 20-kilometer evacuation zone around Daiichi “ doesn’t take into account pockets of high radioactivity elsewhere.” John Boyd at IEEE Spectrum says a robot will spray dust-controlling resin on the plant’s debris. Darren Quick at Gizmag reports that QinetiQ is sending Japan kits that “ convert standard Bobcat loaders into unmanned vehicles” in 15 minutes. Toni Johnson at CFR says Japanese utilities will replace their lost nuclear power with oil, coal, and liquefied natural gas. The Atlantic reports that since Fukushima, “ a growing number of Iranian opinion makers” have come out against the country’s nuclear program on safety and economic grounds.)

Human Nature’s latest short takes on the news, via Twitter: