But there's much more we can do to reduce the odds of a catastrophe.
- By James M. ActonJames M. Acton is a senior associate at the Carnegie Endowment for International Peace in Washington.
Until March 11, with the 25th anniversary of the Chernobyl accident approaching — and memories of that disaster receding — safety concerns no longer appeared to be the killer argument against nuclear power they once were. Instead, another fear, of climate change, looked like it might be driving a "nuclear renaissance" as states sought carbon-free energy sources. But the ongoing crisis at Japan’s Fukushima Daiichi Nuclear Power Station will return safety to the forefront of the nuclear power debate. Even the most ardent industry advocates now recognize that the unfolding crisis inside two reactors there — shown on live television and beamed around the world — has left the future of their industry in doubt.
Nevertheless, the case for nuclear power remains strong. All forms of energy generation carry risks. Fossil fuels, which (for the time being at least) are nuclear energy’s principal rival, carry the risk of catastrophic climate change. And as we’re seeing in Japan, we haven’t eliminated all the dangers associated with nuclear power, even though accidents are few and far between.
Good public policy involves balancing these risks. Persuading the public to accept the risks of nuclear energy will, however, not be easy. To do so, the nuclear industry will have to resist a strong temptation to argue that the accident in Japan was simply an extraordinarily improbable confluence of events and that everything is just fine. Instead, it must recognize and correct the deficiencies of its current approach to safety.
When it comes to safety, the nuclear industry emphasizes the concept of "defense in depth." Reactors are designed with layers of redundant safety systems. There’s the main cooling system, a backup to it, a backup to the backup, a backup to the backup to the backup, and so on. A major accident can only occur if all these systems fail simultaneously. By adding extra layers of redundancy, the probability of such a catastrophic failure can — in theory at least — be made too small to worry about.
Defense in depth is a good idea. But it suffers from one fundamental flaw: the possibility that a disaster might knock out all of the backup systems. A reactor can have as many layers of defense as you like, but if they can all be disabled by a single event, then redundancy adds much less to safety than might first meet the eye.
This kind of failure occurred at Fukushima Daiichi on March 11. As soon as the earthquake struck, the reactors scrammed: The control rods, used to modulate the speed of the nuclear reaction, were inserted into the reactor cores, shutting off the nuclear reactions. So far so good. Nevertheless, the cores were still hot and needed to be cooled. This in turn required electricity in order to power the pumps, which bring in water to cool the fuel.
Unfortunately, one of the external power lines that was designed to provide electricity in just such a contingency was itself disrupted by the earthquake. This shouldn’t have mattered because there was a backup. But, according to a news release issued by the power-plant operator, the malfunction in one external supply somehow caused off-site power to be lost entirely.
Once again, this shouldn’t have been too much of an issue. There was a backup to the backup in the form of on-site diesel generators. And, sure enough, they kicked in. Fifty-five minutes later, however, they were swamped by the tsunami that followed the earthquake. From that moment on, plant operators were in a desperate struggle to prevent core melting.
Japanese regulators are certainly aware of the danger of earthquakes; they take safety extremely seriously. Like other buildings in Japan, nuclear reactors must be able to withstand earthquakes. The problem, as we now know, is that there is a significant chance of them falling victim to events more extreme than those they were designed to withstand.
This problem was highlighted by the earthquake centered near the Kashiwazaki-Kariwa nuclear power plant in 2007. The earth movements generated by that quake were larger than the plant’s design limit. Fortunately, there was not a major accident; the safety systems worked as designed in spite of the quake’s physical impact. Before the plant could reopen, however, new safety features had to be added to ensure that it was capable of withstanding bigger earthquakes.
Of course, the issues raised by the 2007 and 2011 earthquakes are relevant to the whole world — not just Japan. What is needed now is a sober and careful assessment of what engineers call the "design basis" for all nuclear power plants worldwide — those already in operation, those under construction, and those being planned. Specifically, we need to determine whether they are truly capable of withstanding the whole range of natural and man-made disasters that might befall them, from floods to earthquakes to terrorism.
Even after the ongoing disaster in Japan, the nuclear industry is unlikely to welcome such an exercise. It is almost certain to argue that a whole-scale reassessment is unnecessary because existing standards are adequate. But after two earthquakes in less than four years shook Japanese reactors beyond their design limits, this argument is simply not credible. It is also self-defeating.
For nuclear energy to expand, the public must trust the nuclear industry. It must trust reactor operators to run their reactors safely. It must trust regulators to ensure there is adequate oversight. And, most importantly perhaps, it must trust reactor designers to create new reactors that do not share the vulnerabilities of older ones.
This last point is crucial. New reactors, with enhanced safety features, would almost certainly not have befallen the same fate as those at Fukushima Daiichi, which is four decades old. Convincing the public of this argument will be extremely hard now, however.
After Chernobyl, the nuclear industry argued that — as far as safety was concerned — Soviet RBMK-type reactors, like the one involved in the 1986 accident, had about as much in common with modern Western reactors as an inflatable dinghy does with an ocean liner. And they were right. But their argument made very little impact because the nuclear industry had lost the public’s trust.
It is vital the nuclear industry does not make the same mistake now. It must not try to sweep safety issues under the carpet by telling people that everything is OK and that they should not worry. This strategy simply won’t work. What might work is to acknowledge the problem and work to fix it.