Walking a Nuclear Tightrope
Chapter 3 The Lessons of ear-plus Outages
irst and foremost, the fact that the 51 year-plus nuclear power reactor outages since 1966 have not led to a major acci- dent is an enduring legacy of the “defense-in- depth” approach to nuclear safety practiced by the NRC and its predecessor, the AEC: F
The NRC’s approach to protecting public health and safety is based on the philosophy of defense- in-depth. Briefly stated, this philosophy () requires the application of conservative codes and standards, which create substantial safety margins in the design of nuclear plants; (2) requires high quality in the design, construction, and opera- tion of nuclear plants to reduce the likelihood of malfunctions, including the use of automatic safety system actuation features; () recognizes that equipment can fail and operators can make mistakes, thus requiring redundancy in safety sys- tems and components to reduce the chances that malfunctions or mistakes will lead to accidents that release fission products from the fuel; and () recognizes that, in spite of these precautions, serious fuel damage accidents can happen, thus requiring containment structures and other safety features to prevent the release of fission products off site.2
Despite inept management, widespread equipment degradation, and/or significant design
flaws that resulted in extended reactor downtime, the public has not been physically harmed by a year-plus outage.** Nuclear power plants are far from being houses of cards. The “substantial safety margins” and “redundancy” built into them by the AEC’s original requirements have helped prevent them from toppling even when safety margins were badly eroded.
However, Edwin C. Triner, director of the AEC’s Office of Program Analysis–Regulation, expressed a different fear in a letter to his boss in 1974:
I am very concerned that we are currently establishing patterns of excessive tolerance that will make strong action increasingly difficult to take and will haunt us in future years when the population of and dependence on nuclear facili- ties have greatly increased.3
Triner’s warning was both justified and unheeded; 49 of the 51 year-plus reactor outages occurred after he made this statement.
Lesson 1: Owners Are Given Too Much Leeway
The frequency with which plant owners have had to shut down their reactors for a year or more just to restore the minimum safety margins is itself a sign of the “excessive tolerance” that has allowed safety to erode to dangerous levels. More
The same cannot be said of the public’s psyche or pocketbook.