Last week, in the Nation's Capital, a speeding subway train piled into another, killing nine and shaking up the whole area. The press noted that this was the type of accident the system design "made impossible," and they explored the implications of that.
The discussion was eerily reminiscent of discussions we had fifty years ago about the designs of nuclear power plants. Could we design to make accidents "impossible," and what did it mean, when the chips were down?
The term, as generally used by engineers, means that a particular event (in this case, one train hitting another), cannot happen, if all the system's parts work as intended. Since we know that components do fail, does this assurance mean anything useful at all? Yes, it can mean that most, or nearly all, accidents of this type are precluded. The word "impossible" then means "highly improbable." Many people stop their accident analysis at this point, saying the designer's job is to make serious accidents highly improbable. Period.
I suggest two further considerations. First: There are events that are simply impossible, as decreed by the Laws of Nature (which physicists call the Laws of Physics). For example, used nuclear fuel is shipped in armored casks, built to survive car wrecks. Some nuclear critics call these casks "Mobile Chernobyls," trying to imply that they might undergo some sort of nuclear accident. But they cannot behave like a reactor, because there is simply not enough uranium in them. This is as certifiable as 2+2=4. All the time. No probabilities involved. Guaranteed by Mother Nature.
The other factor is the magnitude of the accident. If the consequences of the worst realistic accident are tolerable, then the whole situation is different than if a catastrophe is possible. This factor does not involve probabilities at all. There are two separate tasks for the designer: to make serious accidents highly improbable, and (if possible) to make the consequences of the worst realistic accident tolerable.
For some reason, many nuclear people don't like to talk about consequences, even though the relevant data are reassuring. They say it scares people. My experience is that people are more disturbed about concerns they can't get answers to. It happens that we do have a great deal of information on how Nature limits the harm that a mass of molten reactor fuel can cause, even if it is surrounded by a containment structure with a large hole in it. Because that's the worst realistic case that we'll talk about next.
Meanwhile, here's a link to the papers in SCIENCE that reports the research and its conclusions.
Wow, thanks for the insightful post. I look forward to reading more from you.
Posted by: ugg boots | February 03, 2010 at 05:07 AM