May 22, 2011

Where b Was Wrong On Fukushima

by Malooga
lifted from a comment

Before I say what I am going to say, let me explain a little about my background. I spent a number of years as one of the head trainers in what at the time was the second largest oil refinery in the western hemisphere. In that capacity, I trained operators, and wrote training manuals of the type that b has linked too. More specifically, I oversaw the preparation of refinery-wide emergency procedures for final FEMA approval and licensing of our refinery. In that role, I interfaced with the relevant senior operators and supervisors in reviewing, and in most cases, revising or rewriting hundreds of individual unit emergency procedures. I was expected to be the one who asked the "What If? questions, and foresaw unplanned events. In this role, I was required to read the classic text on industrial accidents, "What Went Wrong," and digest the historical record on oil refinery accidents. I played a key role in dealing with accidents at our plant -- and there were many -- though obviously none even approaching this in magnitude. I held certifications on a score of different units and worked on about fifteen different types of refining units. I have and have had friends who were/are certified nuclear plant operators. Additionally, my father was a chemical engineer who worked on Oak Ridge. I grew up with the blueprints of a number of reactors covering my father's workshop walls. My uncle, also a chemical engineer, worked for Exxon, then moved to AIG where he insured large industrial plants.

I consider that I know a lot about industrial accidents from a number of different angles, and can certainly read blueprints, piping and instrumentation diagrams, etc. I know a lot about emergency procedures and how they are formulated and understand whaat really goes on during accidents. Obviously, I am not an expert on nuclear power, per say.

One thing I know for sure, all accidents are political events and financial events involving gargantuan corporations. The larger the event, the truer this is. The safety of workers and the public is subordinate to those facts. That is simply how things work on the planet at this point in time. Workers lives may be insured for $250k and it may be cheaper to "expend" a number of workers, rather then use an intermediary device. It is simple cost-benefit analysis, made simpler if the tax payers are now picking up the tab.

Lest anyone think otherwise after saying this, I am against nuclear power categorically. The fact that a "cold shutdown" requires "hot powered" circulation pumps is Orwellian. An entire oil refinery can be rapidly shut down. Everything is designed with a failsafe mode. In other words, I reject nuclear power from a design point of view even before I consider radiation contamination such as we are seeing, or the geologically long-term unsolved issues of waste storage.

Nevertheless, I have nothing but the utmost respect for the operators, maintainence crews, engineers and other employees of nuclear power plants. I believe that until you get up to the corporate management level, all employees have the safety and best interests of the public, as they see it, at heart.

With that said, this is what I have learned from this accident.

While I trust informed people to make decisions about political issues and the adoption/rejection of technologies like nuclear power, they are simply not qualified to make operational decisions. This should be obvious. Could you manage a car in an accident if you didn't know how to change gears or that there was a brake pedal?

The first place I went after the accident was to the nukeworkers forum. The operators were very optimistic after the SBO, but after the prolonged loss of cooling spirits quieted down. One point brought up there, and numerous other places, was that small incremental changes in piping line-ups existed between what, on paper, were identical units. These small changes can have large implications when it comes to emergency procedures and what is possible when you are forced to dig deep. Even identical units can behave in radically different ways for unexplained purposes. The same with a more established technology like oil refineries. Therefore, I would be loathe to give advice even on a unit I was certified on, but had never worked on, much less a technology I never worked on.

Even the most simple unit in an oil refinery takes a minimum of an entire month of full-time work and study to pass the lowest level of certification, essentially meaning you are qualified to walk around when everything is hunky-dory with a clipboard under your arm and a hardhat on your head. Nobody would dream of leaving you alone to change a lineup, or switch pumps or compressors for several months more. Since the normal state of process operations is fairly uneventful, to become an expert on a unit requires a minimum of 5-10 years of work as an outside operator, board operator and supervising operator through numerous start-ups, shutdowns, and emergencies. That's oil refineries. Nuke plants are more complex, dangerous, and so the requirements are accordingly tougher. To become a shift supervisor for a plant -- that is, the person in charge of that entire plant at that point in time, perhaps $1B or more in capital -- takes 20-30 years of experience and many skill sets. I am not lying or exagerating when I say that it is easier to become a brain surgeon.

To think that some political minister knows more about what to do in a crisis than the shift supervisor is ludicrous. It is like imagining that Bush or Obama understands more about warfare than Sun Tzu or Otto Von Bismark. That is why Japanese nuke laws empower the plant managers in the case of an accident.

Now, these experts don't just shoot from the hip. They have emergency procedures, tons of them, which they are drilled on incessantly. General emergency procedures, then if things go more wrong, there is another set of charts, and finally there is a set of charts for catastrophic events like those we have recently witnessed. That doesn't mean that some action could not be changed, but one better have a very good reason, and it would only be done in careful consultation with other senior operators and engineers.

Deep and broad knowledge, experience and emotional calmness are far more important in emergency situations than intellectual brilliance. Before I learned that lesson, I got burned a number of times. You see, I thought I was smarter than anyone else around. And while I may have been more literate than any of the 700 other operators and managers (and I emphasize the word "may"), I discovered that there were quite a few brilliant and wise minds with far more experience than I, who had far better judgement than I in crises.

This is why I learned never to say "Why don't you do this?", but rather, "I don't understand why you are not doing this?", or "Do you think that doing this would help?" Invariably, the sugestion had been considered and rejected by those who knew more.

Now, what happened at Fukushima quickly went way beyond the purview of plant operations: all actions soon required a team of operators, engineers and scientists. Scientists to calculate what exactly was happening and might happen (because we are largely in the realm of historically uncharted events on this planet), engineers to figure out how some change might be effected, and operations to rule on whether such actions were physically possible. As we have seen, in an accident of this magnitude, Safety's usual trump ruling has been entirely disposed of.

All of this is perhaps a long explanation of why I stopped posting after my second disagreement with b. Now b is obviously very bright and talented, and puts a great deal of work and research into this blog. And perhaps it is more of a language problem in how questions are phrased, as I noted with myself above. And I have no idea what b's background is. But all my life experience has taught me that when someone consistently believes they know more than the experts, to put it politely, they don't.

Our first disagreement was when I stated that the reactor had to be scrapped after the introduction of salt and b disagreed. The alloys that go into building pressure vessels are very specific technical specifications for very specific conditions. In addition to my refinery background, one of my friends teaches the course on metal alloy failure at the Coast Guard Academy in New London (think nuclear subs) -- a course I have assisted with. To keep it in lay terms, a number of internal pressure vessel parts already have long covered-up histories of embrittlement and even failure. The minute you introduce salt into the chemistry, this problem grows exponentially. Additionally, every valve, gauge and pump would have to be replaced. I could go on, but I think the point has been made.

Now let me turn to the ultimate reason why I knew that the reactors were scrap.

I'm glad that you, b, have finally had your "Road to Damascus" moment and realized that all the internal damage was done within the first 15 hours or so. I was hoping you would finally come to this conclusion, I have watched it slowly develop, and I had decided that it wasn't worth publishing on this thread until basic reality was acknowledged about the actual level of failure, before it was even a story, really.

The SBO was the first shot across the bow; but two other factors were the dispositive ones: A) Quake-based damage to the plants vessel and piping infrastructure, specifically welds, flanges, instrumentation, pipe hangers, check, block, and orbit valve integrity, etc., which even at this time might not be fully known, effecting vessel integrity and the ability to cool down the units. B) Loss of cooling.

In other words, either an SBO, as happened at Vogtle, would be hairy, or a loss of cooling. The three concurrent problems together simply overwhelmed the designed coping capacity of the system.

Reactor-based damage as I have described in the briefest way above would be beyond the ability to deal with in the necessary timeframe. Xray equipment and technicians are not on site. Just to walk through a unit with full lighting and carefully visually inspect an entire unit would take several hours minimum after this level of event. As it turned out, at least one major weld -- at a point where there is little pipe flexibility -- did fail.

Now let's examine what the implications of this awakening means in retrospect.

A. If you have finally figured this out -- when the reactors began melting, you must presume that everyone who knows anything about Nuclear Power knew this immediately. (Unless you think that you are smarter than them; see above) Therefore, they (the plant operators and the government) knew the unprecedented magnititude and danger they were facing within several hours of the earthquake. Therefore, all news, accusations, finger pointing, disclosures, intentional contradictions of story, official lies, etc. have been managed from the start as political events of the highest import by the highest levels of power. For example, say you want to evacuate people from a radius of twenty kilometers around the plant. If you said that initially, you would create general panic leading to many deaths. So you start with two k, bump it up once the core has evacuated, and then repeat as necessary. That is exactly what they did.

Repeat: All news is political. As in the Bin Laden assasination, and all disinformation campaigns, creating contradictions and ambiguities encourages people to accept the basic assumptions: In the former case, that Bin Ladin was actually alive; in the later, that events were unfolding incrementally, rather than that the entire scenario was envisaged from the start and therefore had to be managed.

B. This is what I tried to explain from the start. You can go back to the official timeline, and the Japanese legal regulations (which I did before posting my second criticism) and see that -- especially considering the magnitude of the event and the number of plants that TEPCO had concerns with -- all communications with the government were timely. The legal regulations REQUIRE the plant operator to seek permission from the government in the case of severe emergency. The granted permission has many implications, liabilty, etc., but specifically empowers the plant operators to take whatever measures are necessary. This makes sense as they are the ones who know what is happening in real-time at the site. Once granted authority, plant actions were taken in a timely manner. I don't have the government regulations in front of me to quote from (dead computer), but if someone wants me to reconstruct and quote regulations and timeline, I certainly can, I believe it was paragraph 64 or around there.

You misunderstood events, seizing upon a planted disinformation story of the government criticizing TEPCO, which as I pointed out contained no hard evidence and was a political document. Knowing, as you do now, that everyone knew an unprecedented series of meltdowns was underway and that therefore all information and ongoing narratives had to be managed, and that the government had ceded control to TEPCO, the story makes no sense, as I said. Yeah, the minister was once a big honcho at TEPCO, but that doesn't mean that he understands the intricacies of emergency procedures and vessel stress tolerances. Tom Kean, of 9-11 comission infamy, was a big honcho where I worked, but he didn't know a pump from a dump, much less metal fatigue tolerance catastrophic failure probabilities. (My boss at the oil refinery made a big name for himself in the industry by increasing throughput a mere 15% beyond design. Don't think that that small amount did not increase injuries and accidents, it did, but it still made money.)

When narratives are designed to manipulate public opinion we see:
1) Rosy scenarios: Someone here posted an industry article painting the fairytale that reactors were designed to completely safely melt down. Similar to: Iraq, Libya cakewalk. They know its not true, in fact they NEED a quagmire to permanently position troops there, but they can't say that, so the public is manipulated by rosy scenarios.

2) Blame game stories. As above, also as above on this thread. We will see more. Similar to the Bush being blamed for not knowing that there were no WMD false narrative, as oppossed to the real "US knew there were no WMD and that was why they felt safe to invade at that time" narrative. It is easier to find a fall guy then to have the public accurately assess the dangers and imperil the industry.

3) Contradictions in stories. Self - explanitory. Confuses public about details, while reinforcing general narrative.

4) Complete lies, with the truth leaking out much later after the mass of the public has moved on, and when a mass change of belief would simply be too threatening for most people.

This is why there have been so many actions that do not appear to make sense.... based upon the information they have told us. In situations like this one is better off trying to figure out what is really going on based upon what they are actually doing, rather than thinking you are smarter than them and that you know what they should be doing, an approach you take far too often. As they say in computer programming: Garbage in, garbage out. Their actions speak louder than the assumptions they feed you.

This is why so many of the things that you didn't understand why they were doing were actually easily explained. For instance, burying with concrete from above vs. groundwater contamination from below. The real problem was waiting until you were ready to make a paradigm shift in how you framed the accident.

C. You spent a lot of energy criticizing the sea water injection operations. But as you now know, by the time power was restored to cooling systems, the damage had already been done. This is proved by the fact that there is no correlation between when sea water injection (lagtime) was started and the later explosion times for the three units. The cooling would not have prevented the explosions. When you assumed they were incompetently managing for cooling, they were actually managing for vessel integrity against further explosions, knowing that there were three different meltdown scenarios underway. Again, someone even posted some pro-industry propaganda here early on which said that the reactors were designed to "safely" melt-down.

Finally, there are a minimum a 5 potentially fatal design flaws in these reactors that others who know more than me have detected, notably nitrogen blanketing systems, off gas systems, and fuel pool gate seals. But an examination of those issues is beyond the scope of this post and any free time I have available.

My response to Malooga:

A. If you have finally figured this out -- when the reactors began melting, you must presume that everyone who knows anything about Nuclear Power knew this immediately.

I don't think so. There was a lot guessing around by some experts I know. They feared that melting was happening, but did not know it. The news was so scarce that anything was possible in the first days. Heck - it wasn't even clear what emergency cooling system architecture the plants had.

Also this from you on April 1:

The units were trash the minute sea water was injected.
We now know that they were likely scrap even before that.

B. ... Once granted authority, plant actions were taken in a timely manner.

I very much doubt this.

You misunderstood events, seizing upon a planted disinformation story of the government criticizing TEPCO, which as I pointed out contained no hard evidence and was a political document.

There were several stories about Tepco delaying seawater injection - they do not seem to me to have been all out lies. Where is your "hard evidence" that those were planted disinformation?

Also this: TEPCO didn't follow Fukushima emergency manual

NHK has learned it is highly likely that the operator of the Fukushima Daiichi nuclear power plant did not follow the procedures to prevent a hydrogen explosion.

NHK obtained the manual for the No.1 reactor, where the hydrogen blast occurred on March 12th, one day after the tsunami destroyed the reactor's cooling system.

A failure of the cooling system causes the pressure inside the reactor's container vessel to rise and generates the risk of a hydrogen explosion.

The manual calls for releasing air from the vessel when the pressure is projected to rise to 853 kilopascals -- double the operating limit.

A venting operation is necessary to prevent the vessel from being damaged, which could lead to the leakage of a large amount of radioactive substances.

The manual NHK has obtained shows that the pressure inside the vessel was close to the level that requires a venting operation 13 hours before the explosion occurred.

But the plant operator, Tokyo Electric Power Company, did not start the operation until 6 and a half hours before the explosion, and the operation was carried out just one and a half hours before the blast because it was hampered by high-level radioactivity.

C. You spent a lot of energy criticizing the sea water injection operations. But as you now know, by the time power was restored to cooling systems, the damage had already been done.

Where did I criticize the seawater injection? I criticized and still do any further water injection because it spreads more radioactivity into the environment. It is high time to think of some different cooling method.

Like with all such events, the news fluctuates, knowledge at the beginning is low and develops over time. What I try in such cases is to give an overview of what I can gather as facts and my somewhat learned opinion (I have a master degree in Industrial Engineering and Industrial Economics/Management) or best guess. I also apply Occam's razor. What you see as well orchestrated information management by the government and Tepco from the start is more likely to have been confusion and clumsiness than a sound grip of the situation. It likely took them a few days too to get the real extend of the problem. Looking back I don't see where I should have written something different. I worked with the then available information. That's all I can do. As much as I like conspiracy stories, as long as I have no base to support them, I don't go with them.

Posted by: b | May 23 2011 11:09 utc | 13

What I'd really like to understand -- or maybe I don't want to? -- is exactly how bad this situation can get.

Suppose it's triple meltdown. Suppose that the core is out of the vessel in all 3 cases and lying on the concrete floor. Then what?

Sarcophagise and leave? extend the exclusion zone? to how many km? What about Tokyo?

What elevation in mortality and morbidity in downwind Asia can be expected from an event of this magnitude?

How much die-off of coastal marine life can be expected from the dumping of "hot" water and particulates from the disaster area?

If we are in uncharted territory, is anyone working on drawing some new maps?

And once again I have to ask, is it the Hindenberg Moment yet?

Posted by: DeAnander | May 24 2011 6:56 utc | 17

Suppose it's triple meltdown. Suppose that the core is out of the vessel in all 3 cases and lying on the concrete floor. Then what?

Hopefully nothing. Likely the spread out corium will cool down over some 10-20 years. But worst case? Some recriticality (temperatures point to no 3 may have had some at the end of April), again very high temperatures, melting through the concrete, hitting groundwater, steam explosion, lots of nasty core stuff in the environment.

Sarcophagise and leave?

The best one can do. Come back after some decades and clean it up. For time scale: the very nasty Windscale accident took place 1957, total decomissioning will take until 2037 at least.

extend the exclusion zone? to how many km?

The Japanese government has already done so to the north west of Daiichi where the wind took some of the hotter stuff. If things cool down now no further evacuations will need to take place. One will have to measure to find "hot spots" where more than the average of the stuff came down (depends on landscape, rain etc.) and clean those up as much as possible.

What about Tokyo?

Likely nothing. Radiation there is already down from peak and will decrease further. Besides - it is impossible to evacuate it.

What elevation in mortality and morbidity in downwind Asia can be expected from an event of this magnitude?

Very difficult to predict. The studies have a very, very wide range. As it is normal that some 30% of the people die of some cancer, how can one relate one additional cancer percentage to radiation?

How much die-off of coastal marine life can be expected from the dumping of "hot" water and particulates from the disaster area?

Too diluted to lead to die-off. Problematic could be accumulation along the food chain. Not good for a suchi country.

If we are in uncharted territory, is anyone working on drawing some new maps?

New maps I don't know, but lots of scientist will work with the data. Hopefully we will get some more sane regulations and decomissioning of the most dangerous reactors we have.

And once again I have to ask, is it the Hindenberg Moment yet?

Nah - the nuclear mafia is too entrenched. Though like after TMI, new plants will have trouble to get accepted.

Posted by: b | May 24 2011 10:16 utc | 18

