Multiple Failures Exposed Diablo Canyon to Higher Risk

It is a coincidence that the Union of Concerned Scientists has released  a new report on nuclear power plant safety while the Japanese nuclear crisis continues to unfold. Yet, the heightened awareness that many people now have of the importance of nuclear plant cooling systems may put us in a better position to understand the significance of the UCS findings.

The report highlights 14 “near misses” at U.S. nuclear plants in 2010, including one at California’s Diablo Canyon Nuclear Plant, where valves that provide emergency cooling water to the Unit 2 reactor core and containment vessel had been stuck in the closed position for 18 months without anyone knowing about it.  According to UCS, “that meant operators would be unable to provide cooling water to the reactor core and containment vessel at a key point during an accident.”

As plant operators tend to do, the managing utility attempted to minimize the apparent significance of this mistake.  The company points out that the plant’s operators could still have kept the reactor cool by opening the valves manually.  Besides, says Pacific Gas & Electric Company spokesperson Kory Raftery, “the potential is very small for the type of situation where we’d need this system in the first place.”

PG&E seems to be hoping that we will forget the importance of redundant protections in further reducing the risk of a catastrophic failure.  In a commentary related to the Japanese crisis, Harvard Kennedy School Associate Professor Matthew Bunn reminds all of us of the “huge importance of taking redundant safety systems seriously.”  The company’s observation that the odds of a meltdown are small, intended to offer reassurance to the public, can actually have the opposite effect.  It suggests that the plant operators are willing to forgive themselves for a major safety breach.

The Union of Concerned Scientists focuses on the Federal Nuclear Regulatory Commission’s inspection process, notes that NRC devotes about 6,300 person-hours of oversight to each plant each year, and wonders how diligent analysts could have missed this problem for 18 months.  UCS also points out that the NRC only looks at 5% of each plant’s records.  For every problem like this that the inspectors identify, there may be 19 more.  This fact, perhaps more than any other, underscores the importance of figuring out what went wrong in the one instance that the inspectors uncovered. Closer examination suggests that this situation is the result of a multitude of failures:

1. The initial mistake

With something as important as valves controlling cooling water, a mistake like this should never happen in the first place. Anticipating the potential for human error, there should be redundant visual cues that would make it obvious when a valve is improperly set.  Either such cues were not in place, or the plant operators ignored them.

2. Inadequate quality control at the plant

The second line of defense should be in the form of inspections occurring after any adjustment of critical safety equipment in the plant.  According to UCS, the NRC did eventually impose sanctions on the utility for this particular failure.  Yet, beyond the first inspections, it is unthinkable that this kind of mistake could go unnoticed for 18 months.  Shouldn’t safety equipment be examined daily — or at least weekly or monthly?  Again, either the inspections never happened, inspectors repeatedly missed the problem, or there was a subsequent failure to report or to act.

3. Inaction by Diablo’s Independent Safety Committee

When construction of Diablo Canyon was completed, a study of the design and construction process uncovered so many errors that the company risked losing billions of dollars in imprudent costs.  To avoid this, the company negotiated an arrangement under which it would be paid by ratepayers based on the plant’s output, rather than on the basis of reasonable construction cost.  In order to protect against the utility therefore pushing the plant too hard, regulators established an Independent Safety Committee to keep a sharp eye on the plant. Apparently the Committee was not looking for this kind of mistake, either, or it could have brought it to the attention of the operators and regulators much earlier.

4. A slow response from the NRC

In the 1980’s, when the NRC discovered that Diablo’s engineers had made serious design errors, the regulators lost confidence in the integrity of the plant.  In response, the NRC undertook copious inspections and ordered a complete design review.  Here, the NRC has looked at 5% of the plant’s records, uncovered a significant safety problem and even penalized the company for its failure to find the problem sooner.  Yet, where is the call for more thorough inspections, and a demonstration by the plant operators that the other 95% of the facilities and their operations are sound?  And how could 6300 hours of annual regulatory oversight not uncover such a basic problem or the lack of adequate post-repair inspections?

There are reasons for a loss of confidence in the safety of nuclear power plants.  That distrust can only grow if plant operators, inspectors, and regulators fail to make the extra effort to uncover and respond to significant problems.

, , , , ,