Thirty Years since Three Mile Island

Today is the 30th anniversary of the accident at TMI, the Three Mile Island nuclear power plant outside Harrisburg, PA. Since that event, there were no new nuclear power plants started in the US, and some projects were terminated. More on that later.

I need to find a slide I took of the plant approximately one year after the accident and scan it. The paranoia of a security guard was captured nicely.

Among the many ironies of that event, the movie The China Syndrome was released on March 16, less than two weeks before the accident. With the tagline "Today, only a handful of people know what it means... Soon you will know.", it described a Loss Of Coolant Accident (LOCA) quite similar to TMI accident, except there was apparently no meltdown in the movie. By the way, the similarities between the movie and the actual events were no accident.

Irony #2:
Why were they no accident? If you look at the safety considerations that go into nuclear power plant design, as I have, you will see that they are built around the statistical analysis of various ways a reactor can fail. The best solution is a design with passive safety features, where the loss of some crucial element results in the device shutting itself down. If that is not possible, you build active backup systems that protect against likely (and unlikely) scenarios and forbid operation of the reactor when those systems are not available. Likely scenarios get more attention than unlikely ones. The one that started the TMI incident, a LOCA, is considered to be a highly likely scenario - whether from a pipe break or a shutdown of the main feedwater pumps (the problem at TMI, followed by a stuck valve) or manual intervention due to faulty readings (in the movie, where later events concerned a possible major pipe break).

The accident at TMI started when coolant was lost due to a failure in the external cooling system that shut down the main feedwater pumps and scrammed the reactor. This is not all that rare. The first defense against a LOCA like that at TMI is a secondary feedwater pump. My recollection from the time is that this system was physically disconnected for maintenance, but this is not mentioned in the Wiki article. I'm pretty sure that its normal operation after the reactor scram would have prevented any further problems by removing the post-fission decay heat from the reactor. Operating while it was shut down resulted in a significant increase in the probability of the next event in the failure chain. In addition, my recollection is that red tags, warning that a certain system was off, obscured crucial instruments and other tags warning that even more important systems were off. They were not operating a reactor that looked like the one analyzed to estimate the probability of an accident like this taking place.

The next key event is that a pressure relief valve opened. This was normal. However, it stuck open, and pressure in the cooling system fell. Again, an automatic "active" safety system, the emergency core cooling system (ECCS), kicked in. If allowed to run as designed, this would have prevented the accident. However, much like the error made by the operators in the movie, the ECCS was shut off manually because the operators believed the water level in the reactor was too high and did not know (due to a poorly designed warning light) that the pressure relief valve was open. This error was noticed two hours later when a new shift arrived, and actions taken at that point prevented further damage.

Irony #3:
The movie was based on the premise, common in both the anti-nuclear movement and many experts in nuclear power, that once a core meltdown started, it would lead inevitably to a full melting of the core - right through the containment vessel until all of that radioactivity got released into the atmosphere and ground water. The irony is that we learned, long after the fact, that the core of the TMI reactor had been damaged and a meltdown had started. This accident, along with some observations long after the Chernobyl disaster (see this section in particular as well as this picture of the post-TMI situation), showed that the molten core material does not appear able to sustain a "critical" nuclear reaction. It forms a lava-like mixture with whatever is around as it forms. It does not appear that it could get through undamaged concrete, let alone get to groundwater or to China.

Irony #4:
The China Syndrome movie was produced as anti-nuclear power plant propaganda, yet the accident at TMI did more to harm nuclear power than any movie could. It was the eventual loss of about a billion dollars, from an accident that would not have taken place if management had sensibly realized that safety rules were there to protect their investment rather than cut into their profits, that led the industry itself to cut back on investment in nuclear power. Who would loan money or invest in something where all of that money, and more, could be lost in an hour by a failure to operate the system prudently?

It has taken more than a generation with no comparable failures to bring back nuclear power. This is also no accident, as it resulted from revised training procedures and better control room design. In addition, the new reactor designs are far superior to the old ones, with more passive safety systems.

Shared Lesson:
The "graveyard shift" (third shift, typically 12 mn to 8 am or 10 pm to 6 am) is well named. Both TMI (4 am) and Chernobyl (1 am) occurred during that shift, and poor decision making contributed to - and likely caused - both "accidents". At TMI, the tired operators never re-evaluated what was going on. The fresh shift, arriving at 6 am, identified the actual problem almost immediately. At Chernobyl, key decisions were made under pressure, late at night, after a long day, and in some ignorance of the physics of the reactor that was the basis for rules saying you should never do what they eventually did.

The Ultimate Lesson:
Many things are safe only if you treat them with the proper respect due something that is actually dangerous. In the case of nuclear power, the challenge is to convince the public that this technology is safe while simultaneously convincing management and plant operators that it is NOT safe. It is only safe if you act as if it isn't. This applies to many things in life, ranging from shooting guns to driving cars. For example, the risk of death in a car accident is much lower if you wear your seatbelt, particularly in a car with air bags. This does not mean you are so safe in a car with air bags that you don't need to wear a seat belt. An air bag is of minimal value if you are not belted into the space in front of it. Promotion of air bags has obscured this not-so-minor detail and people die as a result.


PS -
One thing that I found interesting is that, despite its politically charged importance, the Wiki article about TMI is extremely accurate and (apart from my memory that there was a backup cooling system disabled that was the first stage in the ECCS, before the pressure valve would have opened) contains nothing inconsistent with my memory of the NRC report I read way back then.