1 / 20

Nuclear Power as a High Risk System And the Accident at Three Mile Island

Discussing Perrow Chapters 1 and 2 Presented by Gus Scheidt Friday the Thirteenth September 2002. Nuclear Power as a High Risk System And the Accident at Three Mile Island. Three Mile Island. Nuclear Plant near Harrisburg, Pennsylvania March 28, 1979 -- Unit 2 near meltdown

tanner
Download Presentation

Nuclear Power as a High Risk System And the Accident at Three Mile Island

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Discussing Perrow Chapters 1 and 2 Presented by Gus Scheidt Friday the Thirteenth September 2002 Nuclear Power as a High Risk System And the Accident at Three Mile Island

  2. Three Mile Island • Nuclear Plant near Harrisburg, Pennsylvania • March 28, 1979 -- Unit 2 near meltdown • U.S. most serious nuclear accident to date (1984) • Presented "to convey... the interconnectedness of the system, and the occasion for baffling interactions."

  3. TMI: Summary of Events • (Failure) condensate polisher system, part of secondary cooling system, leaked some water • (ASD) Feedwater pumps shut down • (ASD) Turbines stopped • (ASD) Emergency feedwater pumps started • **Normally, problem would have been solved, but...

  4. TMI: Summary of Events • (Failure) Valves in Emergency Feedwater system left closed by maintenance • (Operator Error?) No one noticed the indicator signaling that the valves were closed • (ASD) Reactor Scrammed • (ASD) PORV (Pilot-Operated Relief Valve) briefly opened

  5. TMI: Summary of Events • (Failure) PORV failed to close • (Failure) PORV indicator malfunctioned; operators thought PORV had closed • NOTE: We are now only 13 seconds into the accident

  6. TMI: Summary of Events • (ASD) Two reactor coolant pumps started • Steam bubbles that resulted from loss of pressure caused false readings • Pressure readings in core dropped sharply • (ASD) HPI (High Pressure Injection) turned on • (Operator Error?) After 2 minutes, operators cut back HPI

  7. TMI as a System Failure • Pieces of TMI accident occur elsewhere in the industry; just not all at once • Reactor (new/complex) engineered by one company; system for drawing off heat (old/unsophisticated) by another • Tolerance for some components frighteningly small • Technology was new; process not well understood

  8. TMI as a System Failure • Parts of the reactor are interdependent • But not in direct operational sequence • ** The situation was incomprehensible to the operators working during the accident • So much known about failures of TMI Unit 2 only because of the accident • Why is this called a "Normal" Accident?

  9. Nuclear Power as a High Risk System We have not given nuclear power enough time to disclose its disastrous potential We don't have enough experience to make a reasonable assessment of the risks

  10. Tools for Examining High-Risk Systems Operating Experience The Construction Problem Safer Designs? "Defense in Depth" Trivial Events in Nontrivial Systems Learning from Our Mistakes Fermi The Fuel Cycle as a System

  11. Operating Experience Varying sizes and types of plants Different manufacturers with different designs Little industry learning time Slow maturation of the industry

  12. The Construction Problem Lack of NRC engineers on site "The builders can't pour concrete" Intimidation of federal inspectors Falsified safety inspection documents Diablo Canyon -- Wrong diagrams

  13. Safer Designs? Government push for nuclear power adoption There are other designs, but not significantly less complex, interactive, tightly coupled We likely will not see safer designs in the near future Under-utilization of current reactors 10+ years to design/build new facility

  14. "Defense in Depth" Containment buildings Semi-Remote locations ECCS (Emergency Core Cooling System) Helpful, but the possibility of accidents that evade these defenses exist

  15. Trivial Events in Nontrivial Systems Everyday failures are significant if we add catastrophic potential Shirt trips breaker -> scram Complex plumbing -> radioactive water to drinking systems Dropped light bulb -> scram, almost cracked vessel & meltdown Faulty indicator -> 9 feet of river water in containment building

  16. Learning from Our Mistakes We Don't Nuclear Safety Reports dozens of accidents, many near meltdown, to show how an “excellent safety record... has been maintained” “Two-thirds of the problems... are strikingly similar to ones previously reported.”

  17. Fermi A safety device (piece of metal) dislodged by the coolant and blocked the flow of the coolant Illustrates some of the principles in the book Problem originated with a safety device Poor design and negligent construction No clear procedure to follow Those attached to high-risk systems can be uncommonly cheerful about failures

  18. The Fuel Cycle as a System Mining uranium ore Processing ore into fuel Burning it in reactors Disposing the many kinds of waste All involve serious hazards

  19. Conclusion Design, construction, and operating problems do not, in themselves, cause system accidents Rather, it is the potential of unexpected interactions of small failures that make the system prone to accident

  20. Discussion How do software systems, or software components of systems, compare to TMI? How does TMI compare to Guam? Given Guam and TMI, can we hypothesize some failure paradigms?

More Related