Design basis events and collusion


1. A design basis accident is the maximum credible accident a nuclear facility is designed to withstand. It is the worst accident that could credibly be anticipated. Nuclear facilities have to be designed to withstand such things as the worst earthquake, flood, or storm that could be expected in the area in which they are sited. Any accident that cannot be credibly anticipated is termed “beyond design basis.”

It should be pointed out that the design basis only considers credible events that can be planned for. Often cited examples of events that cannot be planned for include those that do not pose credible challenges, such as the sudden emergence of a new ice age. But the design basis does not include acts of war, terrorism, and human failings of operators, regulators, or design engineers.

2. The core damage frequency is a probabilistic assessment of frequency of core damage events, accidents that damage the fuel in a reactor. It is common for the terms “core damage event” and “meltdown” to be used interchangeably. Most core damage events are not catastrophic, however, and about two-thirds of the historic core damage events at commercial reactors went by without much notice. In commercial reactors, there have been four core damage events that were catastrophic, and, as far as we know, eight others not that bad.

3. The evaluation of the core damage frequency is in terms of reactor-years. A reactor-year is a measure of time of operating reactors, equivalent to one reactor running for one year. A core damage frequency of 1/10,000, means that there is a 1/10,000 chance of a meltdown in any given year at any given reactor. With 500 such reactors in the world, there would be a 1/20 chance of any year having a core damage event, with a much lower chance for catastrophic meltdowns. Only old reactors have an estimated 1/10,000 core damage frequency, however, and the newer ones are considered safer.

Industry safety predictions:

The GE boiling water reactors are among those estimated to have a core damage frequency of 1/10,000, at worst. Later reactors, which constitute more than 90% of those running today, were estimated to have core damage frequencies of, at worst, 1/20,000 or 1/50,000. For the current number of nuclear plants, this translates into one core damage event in 40 to 100 years, with catastrophic meltdown much less often than that. Please note that these are the most conservative industry numbers. Some estimates indicate core damage events could be expected once in a millennium, or even less often.

Empirical safety evaluation:

In the cold light of reality, the core damage frequency estimates have turned out to be grossly inaccurate. The Max Planck Institute has issued a report, “Probability of contamination from severe nuclear reactor accidents is higher than expected,” indicating that the actual frequency of catastrophic meltdown of nuclear reactors is about 200 times as high as the estimates indicated.

The report is not based on estimates, but on empirical data. Its calculation considers the number of reactor years accumulated and the number of core damage events that have happened. Worldwide, nuclear reactors have accumulated about 14,500 reactor years, and produced four catastrophic meltdowns. This means the actual likelihood of a catastrophic core damage event is about 1/3625. For all core damage events, including those that are not catastrophic, the frequency is about 1/1210 for all reactor types, and about 1/635 for older reactors.

The Max Planck Institute report says we can expect a catastrophic meltdown of current technology nuclear reactors every ten to twenty years, worldwide, with non-catastrophic core damage events somewhat more often. 

The causes of failure:

The report on the Fukushima Disaster, issued by the Japanese Parliament, reveals the most important cause of that failure. According to that report, the Fukushima Disaster was not caused by an earthquake or tsunami, but by collusion between regulators, owners, and government. And in fact, we can observe that all of the core damage so far are arguably the result of human failure, which is not accounted for in considerations of the design basis or the estimates of core damage frequency.  

An example of the implications:

To use the Vermont Yankee nuclear plant as an example, since it is an old-style reactor the empirical data we have says there is a 1/635 chance of a core damage event in any given year. Given a licence period of twenty years, there is a 1/32 chance it will have a core damage event, and the chance of a catastrophic meltdown is roughly 1/100. Since there are 23 such reactors in the US, we can expect an approximately 20% to 25% chance of a catastrophic meltdown, if they are all allowed to run for another twenty years. Of course, this does not take the effects of aging into account, so the actual number is probably worse than that. It also says nothing about the other 81 reactors in the US.  Furthermore, it only accounts for reactors, and not for spent fuel pools.


We have two very different sets of numbers here representing safety probabilities. One is the industry-predicted rate of failure in an ideal world. The other is the actual failure rate in the real world. The industry-predicted failure rate is only about 0.5% of the actual failure rate.

One implication is that the engineering that went into safety of nuclear power plants is probably insufficient to prevent 99.5% of the failures. 

Another implication is that the underlying assumptions on nuclear safety used by industry and regulators are nearly completely wrong.

Clearly, current standards for safety engineering of nuclear power plants have failed utterly, and need to be replaced completely. To fulfill its role properly, nuclear safety engineering has to account for human errors resulting from such things as inexperience, greed, misplaced loyalty, bad hair days, and hubris. If that is not possible, then nuclear safety is not possible.

One Response to “Design basis events and collusion”

  1. tawny Says:

    Looks like a good analysis to me.

    Here is another sort of analysis – when pondering how it can be possible for human beings to make decisions that seem to fly in the face of common sense and science both – that place at risk the survival of an eco-environment on earth capable of sustaining life – I realized that those in power in industry and government see themselves in a sort of competition with other wealth-at-any-cost seekers – a competition to ‘get there first’ – to nail down the sweet ‘taxpayer funded for private profit’ deals before the competition beats them to the punch.

    By their analysis, it is a race for the bucks – a race that will NOT be won by any who are held back by moral or even practical/pragmatic scruples, such as concerns for the viability of the biosphere or for the survival of our posterity – broadly speaking, of the human race.

    As they correctly analyze it,even if they personally are constrained by reasonable concerns for the safety of the people and the survival of the biosphere – well, that does not mean/guarantee that OTHER competitors will be similarly constrained – it just means that they themselves have bowed out of that particular race-for-riches – have voluntarily disqualified themselves – thrown in the towel, so to speak.

    Even if THEY voluntarily act responsibly and prudently, other ‘movers and shakers’ probably will not. Therefore, why should they voluntarily put themselves under any sort of ethically motivated constraints?

    This, I believe, is the kind of Realpolitik ‘math’ that the big movers and shakers perform and rely upon in making their decisions which seem to most of us to fly in the face of prudence, sanity, and, indeed, of common sense and the ‘survival instinct.’

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: