Friday, January 13, 2012

The Economist: "A dangerous lack of urgency in drawing lessons from Japan’s nuclear disaster"

Here's The Economist's take on the Japanese declaration of "the cold shutdown state" and the end of the Fukushima I Nuclear Power Plant accident. The title of the article pretty much says it all.

The paper well summarizes the elementary incompetency of both TEPCO and the Japanese government, and says the government's interim report hasn't got much attention that it deserves, except among techies at Physics Forum. It also correctly points out these reports are nothing but confidence-building exercises in Japan.

The paper's conclusion:

"Until somebody in power seizes on the report as a call to action, its findings, especially those that reveal sheer ineptitude, suggest that the public has every reason to remain as scared as hell."

Indeed.

The Economist (1/7/2012):

THERE is a breathtaking serenity to the valley that winds from the town of Namie, on the coast of Fukushima prefecture, into the hills above. A narrow road runs by a river that passes through steep ravines, studded with maples. Lovely it may be, but it is the last place where you would want to see an exodus of 8,000 people fleeing meltdowns at a nearby nuclear-power plant.

Along that switchback road the day after the earthquake and tsunami on March 11th 2011, it took Namie’s residents more than three hours to drive 30km (19 miles) to what they thought was the relative safety of Tsushima, a secluded hamlet. What they did not know was that they were heading into an invisible fog of radioactive matter that has made this one of the worst radiation hotspots in Japan—far worse than the town they abandoned, just ten minutes’ drive from the gates of the Fukushima Dai-ichi plant. It was not until a New York Times report in August that many of the evacuees realised they had been exposed to such a danger, thanks to government neglect.

Negligence forms the backdrop for the first government-commissioned report into the Fukushima nuclear disaster, released in late December. Although only an interim assessment (the complete report is due in the summer), it is already 500 pages long and the product of hundreds of interviews. A casual reader might be put off by the technical detail and the dearth of personal narrative. Yet by Japanese standards it is gripping. It spares neither the government nor Tokyo Electric Power (TEPCO), the operator of the nuclear plant. It reveals at times an almost cartoon-like level of incompetence. Whether it is enough to reassure an insecure public that lessons will be learnt is another matter.

Since the Three Mile Island disaster in 1979, it has become axiomatic to assume that complex systems fail in complex ways. That was broadly true of Fukushima, though often the failures appear absurdly elementary. In the most quake-prone archipelago on earth, TEPCO and its regulators had no accident-management plan in the event of earthquakes and tsunamis—assuming, apparently, that the plant was proofed against them and that any hypothetical accidents would be generated only from within. TEPCO had, in the event of nuclear disaster, an off-site emergency headquarters just 5km from the plant that was not radiation-proof, and so was effectively useless. On site, the workers in its number one reactor appear not to have been familiar with an emergency-cooling system called an isolation condenser, which they wrongly thought was still working after the tsunami. Their supervisors made the same mistake, so a vital six hours were lost before other methods for cooling the overheating atomic fuel rods were deployed. Partly as a result, this was the first reactor to explode on March 12th.

The government was almost as clueless. Naoto Kan, then prime minister, had a crisis headquarters on the fifth floor of the Kantei, his office building. But emergency staff from various ministries were relegated to the basement, and there was often miscommunication, not least because mobile phones did not work underground. Crucial data estimating the dispersion of radioactive matter were not given to the prime minister’s office, so that evacuees like those from Namie were not given any advice on where to go. That is why they drove straight into the radioactive cloud. The report faults the government for providing information that was often bogus, ambiguous or slow. Perhaps the biggest failure was that nobody in a position of responsibility—neither TEPCO nor its regulators—had sought to look beyond the end of their noses in disaster planning. No one seems ever to have tried to “think the unthinkable”.

In America official reports such as those on the September 11th attacks or the Deepwater Horizon oil spill have become acclaimed books. This one is hardly a page-turner. A privately funded foundation, headed by Yoichi Funabashi, a former editor of the Asahi Shimbun newspaper, is doing a separate investigation, based partly on the testimony of TEPCO whistle-blowers. (One, according to Mr Funabashi, says the earthquake damaged the reactors before the tsunami, a claim that officials have always rejected.) It at least promises to have literary merit. Mr Funabashi, a prominent author, draws parallels between the roots of the disaster and Japan’s failures in the second world war. They include the use of heroic front-line troops with out-of-touch superiors; rotating decision-makers too often; narrow “stovepipe” thinking; and the failure to imagine that everything could go wrong at once.

Complex systems, jerry-rigged

For now, the risk is that the interim report does not get the attention it deserves. So far it seems to have aroused more interest on a techie website called Physics Forums, beloved of nuclear engineers, than in the Japanese press. The government, led by Yoshihiko Noda, has not yet used it as a rallying call for reform. One of its recommendations, an independent new regulatory body, will soon be set up. Others, such as new safety standards and broader evacuation plans, would take months to implement.

Such reports are, after all, confidence-building exercises. They are meant to reassure the public that, by exposing failures, they will help to prevent them from being repeated. In the case of Fukushima Dai-ichi there is still plenty to be nervous about. Although the government declared on December 16th that the plant had reached a state of “cold shutdown”, much of the cooling system is jerry-rigged and probably still not earthquake-proof. On January 1st a quake temporarily caused water levels to plunge in a pool containing highly radioactive spent-fuel rods.

Meanwhile, across Japan, 48 out of 54 nuclear reactors remain out of service, almost all because of safety fears. Until somebody in power seizes on the report as a call to action, its findings, especially those that reveal sheer ineptitude, suggest that the public has every reason to remain as scared as hell.

13 comments:

Anonymous said...

Unfortunately, it really didn't matter what the operators or managers did or didn't understand about the isolation condensers in Unit 1. It appears (yet to be 100% confirmed) that valves INSIDE the primary containment automatically close when both DC and AC power is lost and there is no way to open them without power and without going INTO the primary containment. These valves were in the coolant circuit for the isolation condensers, so, after complete loss of power, it does not appear that there was any way that the last ditch cooling system could have worked. That "failsafe" aspect of the valves was apparently not understood by either the operators or the managers. There are 3 choices when designing something like these valves: fail closed, fail open and fail don't change state. Each choice has to be considered given the circumstances of the failure. Apparently, the circumstances of failure of both AC and DC power simultaneously was not considered. The valves were closed just minutes before the tsunami hit because the condensers were exceeding the maximum allowable cooling rate, but that spec was for normal operation. Exceeding that spec could damage the reactor pressure vessel, so it would seem to be a serious limit to be observed under normal conditions - even normal accident conditions. However, in hindsight, it obviously would have been preferable to risk damaging the reactor by letting the isolation condensers cool as much as they could.

Anonymous said...

".. so a vital six hours were lost before other methods for cooling the overheating atomic fuel rods were deployed. "

2:14,
I'll give you the benefit of a doubt with your "it really didn't matter what the operators or managers did or didn't understand ". Operators, perhaps not, but the managers should have known and it directly implies that they were not hands-on to verify correct operation.

"That "failsafe" aspect of the valves was apparently not understood by either the operators or the managers. "
"Apparently, the circumstances of failure of both AC and DC power simultaneously was not considered. "
We have to surmise that something was considered as "the condensers were exceeding the maximum allowable cooling rate" and the valves were closed.

What did matter with the decisions by the managers is they decided not to inform the people of the area that control of the reactors was completely lost.
To say that did not matter is further crime upon the people of Japan.

Are we to imagine continued "loss of AC" into the future w/this excusing of TEPCO management and Japanese govt. w/yourself providing the "DC" loss ?

You'll recall the onsite inspectors fled ?, begging the question of "normal accident conditions".

Anonymous said...

@3:56 A.M. I shall assume that you have misunderstood my point. I will try to restate it in a way that hopefully will be clearer. It appears that each coolant loop for the 2 isolation condensers had 4 valves: 2 inside the containment and 2 outside the containment. It appears that the 2 valves inside the containment were DC controlled (signal voltage) and AC operated (power voltage). Upon loss of power, it appears that that the "failsafe" choice was that the 2 inside valves would automatically close. It also appears that there was no way to open the valves from outside the containment, either manually or otherwise, without power.

Therefore, it did not matter that the valves were closed prior to the tsunami, because, upon flooding of the electrical panels and batteries, both AC and DC power was lost which meant that the valves would have closed ANYWAY, EVEN IF THEY HAD REMAINED OPEN. Likewise, it did not matter that the operators and the managers did not understand the behavior of the valves, because the valves would have closed ANYWAY upon loss of power. The only thing that could have been different, if the valves' "failsafe" behavior had been understood, is that they might have started alternate injection of water into the reactor (probably with firetrucks) a little sooner. Given that the core started to be uncovered within hours after the tsunami (by it is guessed somewhere between 1700 and 1900 hours), it is almost certain that core damage could NOT have been prevented, even IF the behavior of the valves had been understood and alternate water injection methods had been pursued a little earlier. That is what I meant by "it did not matter". The design of the valves' "failsafe" state prevented the isolation condensers from working in exactly the circumstances when they were indispensable and it is almost certain that core damage could not have been prevented. Thus, it appears that there would have been NO possibility of performing or verifying "correct operation."

I neither made nor implied anything with respect to disclosures to the public. By "normal accident conditions," I meant an accident that did NOT involve a station blackout. Nevertheless, it appears that the isolation condensers would have continued to operate for some hours even under a complete station blackout if only ALL the valves (both inside and outside the containment) had been "fail open." Why then, were they "fail close?" I remember reading somewhere that the thought might have been that valves inside the containment are normally designed to be "fail close," so that there is no path for radioactivity to escape the containment in case of an accident. Maybe that was the thinking, but I don't know.

Anonymous said...

Do not believe that a worker didn't know what he was doing when he shut down the IC, or that the plant manager didn't know about it.

Always be suspicious when they blame the on-site workers and management.

After all, in Tokai-mura recriticality accident, workers were transporting uranium in a bucket, and that was according to the "real" manual to be followed in the actual operation. Cigarette smoking must have been the optional.

Anonymous said...

"There are 3 choices when designing something like these valves: fail closed, fail open and fail don't change state. Each choice has to be considered given the circumstances of the failure."

If I remember correctly, the most important period when decisions could have been made that could have substantially changed the course of events at TMI happened in the first 13 minutes. However, during that time, nobody had a clue what was going on, for technical and organizational reasons.

So when you design a part like a valve that you can let fail in three states you have to ask yourself, do you let it do that in a predefined way so you KNOW how it will fail and can adjust all other parameters accordingly. Or do you let it fail as-is and let the operators make that decision in a situation where you and they cannot be certain of anything, that they know the parameters to make a decision or are even present to do operate anything.

The point is that the event and all possible combinations of parameters that lead to a disaster have not and probably cannot be anticipated due to complexity and tight coupling of the system.

Anonymous said...

12:03,

are these isolation condenser valves the same ones Arne Gundersen indicated had failed, months ago ?

Not to minimize the technical considerations you point out,
but the tsunami ruled out any chance of controlling core temps and TEPCO and the govt's response was dysfunctional.

They instead chose to lie to the people.

Anonymous said...

@6:23

I won't disagree with you on the dysfunctional response. It was awful. However, the safety systems in Unit 1 should have worked, at least for a few hours, even under the conditions after the tsunami. Why they didn't is going to be the subject of continuing investigation for many years. So far, in principle there doesn't seem to have been any mechanical failure that would have prevented the isolation condensers from working. There is also a report that the emergency cooling system in Unit 3 was also shut down prematurely(?), but I haven't chased that one down.

Anonymous said...

@12:29

Apparently they did not even have a manual for the situation they found themselves in, which has been described as a "beyond design basis station blackout." Consequently, they were making the beyond design basis station blackout operations manual up as they went along. They did a lot of ingenious things and did manage to save Units 5 and 6, but they should never have found themselves in that situation in the first place. I am not excusing them - just trying to understand what happened. It is inexcusable that this eventuality wasn't planned for.

nottheonlyone said...

Regarding Mr Funabashi's whistleblower who says the quake itself caused damage. I have read that the land dropped by up to 50cm in the vicinity of the plant. How does anyone expect that all of the piping, cabling etc would be able to withstand this? As TEPCO did not have even an accident emergency PLAN do you think it likely that pipes were installed with a redundancy of even 25cm? Surely some of them must have snapped, but I suppose acknowledgment of this would show how imperiled some of the other NPPs are.

Anonymous said...

@2:06

The loss of control room functionality was key. Apparently there is an indicator light that shows whether each valve is open or closed. When the control room lost power, they couldn't tell whether the valves were opened or closed. There was no backup power for the signal wiring, which doesn't require a lot of power. The apparent "fail closed" design of the valves inside the containment was not known and/or understood by either the operators or the management. Unbelievable and tragic, when considering that the isolation condensers were the last line of defense.

arevamirpal::laprimavera said...

You could have read about ground shifting back in May 2011 on this blog:

http://ex-skf.blogspot.com/2011/05/fukushima-i-nuke-plant-ground-may-have.html

Anonymous said...

And nottheonlyone, that is precisely why the onsite inspectors fled.
They entered buildings that had not only been severely damaged, piping tolerances do not tolerate that much play anywhere in any facility.

This means they entered buildings severely damaged and showing signs, by the minute, of every safety mechanism they possessed failing catastrophically before their eyes.

That was a good piece of roundup, ex-skf, in May, at that link.

Lord Metroid said...

Loss of power in a powerplant... Ridiculus!

Post a Comment