Redundancy and the function of safety regulation

Redundancy is a standard practice in safety engineering. The idea is to provide multiple systems to do an important job, so when one fails, another can do the job safely until the problem can be addressed. A well-known example of a redundant system is the sets of lines that provide steering for aircraft. Modern design requires multiple cables or hydraulic lines, so steering is no lost in the event of failure.

In a nuclear power plant, all systems that can impact safety are supposed to have redundant backup systems. There are redundant backup power systems, redundant cooling systems, redundant instrumentation, and redundant alarm systems.

Redundancy does not mean having a second machine next to the first, but having backup systems that are not subject to the same conditions. At Fukushima Daiichi, the problem was not a lack of redundant equipment, but rather that the redundant systems were all vulnerable to the same problems. When a source of power was lost to flooding, the redundant backup systems were lost to the same flood waters.

A similar issue was discovered at the Maine Yankee plant. Redundant electric lines supplying power to safety equipment ran through the same space, so an event in that space that destroyed one line would almost certainly also destroy the other. Ultimately, this problem was one of the most important issues leading to the plant being closed, in 1997, the year after it last produced power.

The problem at Maine Yankee is an important case in point, however, because it illustrates another problem. The discovery in 1996 that the electric lines were badly routed followed a much earlier discovery of the same flaw. It had been reported by an NRC inspector named Peter Atherton, in 1978. His report lead to the loss of his job and security clearance, but it did not improve safety and only provided an example to other NRC inspectors who might be inclined to do what they were ostensibly paid to do.

Ray Shadis’s short article on the issues at Maine Yankee, “Why Maine Yankee Cashed In,” is available the NRC website. Peter Atherton is recognized for his report, but the report’s contents are not available.

Maine Yankee provides a clear record of a failure that did not kill anyone, but it did put a lot of people at risk. It was the same kind of risk that played out so tragically at Fukushima Daiichi. We cannot know how many people might have gotten sick or died from either, in the one case because the accident did not happen, and in the other because the record is not closed. But we do know that the cost of the Fukushima Disaster was high, and the cost of a Maine Yankee Disaster resulting from Atherton’s report going without action could also have been high.

According to the report on the Fukushima Disaster by the Japanese Parliament, the underlying cause of the disaster was collusion between government, regulators, and the industry. Given that collusion, sooner or later, something was going to go wrong, and the earthquake and tsunami were just the triggers of an event enabled by government and industry.

The problems at Maine Yankee, Fukushima Daiichi, and quite possibly all other nuclear power plants can be reduced by applying the standard safety engineering practice of redundancy. Redundancy does not merely apply to physical components of a system, but also to functions. The NRC provides the very important safety function of outside regulation. The problem is that the US congress reserved all rights to radiological safety to the NRC, eliminating the possibility of redundancy of that function, which is required by safety practice. By preventing functional redundancy, and preventing others from filling the need for safety, the Federal Government is in violation of one of the most important fundamental issues of safety.

Officers of the NRC will doubtless say that its internal Office of the Inspector General provides for proper regulation of the agency. While I would not advocate giving up the OIG’s function, I cannot agree that it provides the function I am calling for. The OIG’s function is to correct problems that appear in the NRC, not to prevent them from happening in the field.

The NRC is notoriously a captive agency, operating according to the perceived needs of the industry it is supposed to be regulating. The NRC is doing precisely the same thing here that went wrong in Japan. And just as failure was guaranteed in Japan, it is guaranteed here.

We can do better. The function regulating safety in the nuclear industry is too important to allow it to be done by a single organization, without redundancy. We should see to it that redundancy is provided, not only in equipment, but in safety regulation.

While it is conceivable that the Federal Government can produce a truly independent second regulatory agency, it seems unlikely that this will ever happen effectively. It would be much more effective to allow a measure of authority over safety to each state. Part of the reason for this is that it makes separation of agencies more surely possible. Part of the reason is that it makes some of the regulators for nuclear plants more closely answerable to the people who live near those plants.

This kind of redundancy is already provided in other areas of government. The states have their own environmental laws, with agencies to enforce them. States also have their own occupational safety laws and inspectors. Even the function of the military has a redundant state compliment in the National Guard.

We need to change the current Federal laws to allow states to assure the safety of their own citizens, since the Federal Government cannot provide for it. I would not claim this is an ideal solution, but it is better than nothing. I would not claim that it is an easily achievable solution, but it will get more support nationwide – worldwide – than Vermont trying to take on Federal preemption in the courts, and this might make it more achievable.

4 Responses to “Redundancy and the function of safety regulation”

  1. Kevin Downey Says:

    I applaud this idea of allowing states to create redundant NRC’s. This decision by Judge Murtha recently that safety is the sole purview of the NRC was a slap in the face for Vermont and as a result, all the other 49 states.To force the states to accept Washington’s laissez-faire attitude about states’ rights totally ignores the concerns of any of the 104 communities that host nuclear plants, which I find abhorrent. At the same time, I have little faith that the NRC would willingly go along with such a suggestion, let alone a dysfunctional Congress agreeing on anything like this. In my view the NRC should be sued for negligence and disregard for their charter. They are not the Nuclear REGULATORY Commission, they’re the Nuclear ADVOCACY Commission. The revolving door from nuclear navy, to nuclear power plant control rooms to NRC is truly a restrictive, exclusive club if I’ve ever seen one, one that allows its members a sense of invulnerability. This indeed should change.

  2. Clay Turnbull Says:

     Northeast’s wind-power market is on the upswing
    Wind power is expanding rapidly in the Northeast, thanks to the falling costs and increasing efficiency of turbines, observers said. These allow wind farms to become more competitive with fossil-fuel plants, especially in the Northeast, where utility costs are typically above the national average. “Power prices are relatively high [there], so by delivering wind projects, you can develop a pretty affordable source of generation,” said Elizabeth Salerno, chief economist and director of industry data and analysis at the American Wind Energy Association. The Boston Globe (tiered subscription model) (7/9)        

  3. Steve Reucroft Says:

    George’s article is excellent and I totally support it and it’s conclusions. Unfortunately, the usual argument against redundancy involves the cost of implementation. If you have two independent systems the cost is roughly doubled. And it’s not really adequate to have only two independent systems, you need at least a third to resolve disagreements between the first two. In the current economic climate there would likely be enormous problems bringing such a proposal to reality. But that doesn’t mean we shouldn’t try.

    • geoharvey Says:

      Somehow, I would guess the people of Vermont would be willing to foot the bill for a state agency. My guess is that if it were a regional agency, the governments of New York, Connecticut, and Massachusetts would chip in.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: