How Safe Are US Nuclear Reactors? Lessons from Fukushima

Nuclear Cooling Towers

(Image credit: Orion Montoya)

The meltdown started when water to cool the reactors fell to dangerously low levels four hours after the fourth-largest recorded earthquake rattled the Fukushima Daiichi nuclear power plant. Five out of six of its reactors lost electricity when a 14-meter tall tsunami swept in 40 minutes later. Backup diesel generators lost their fuel tanks and died. Cooling water pumps failed. Nuclear fuel rods began melting and volatile hydrogen gas built up. Subsequent explosions and fire spewed 15,000 terabecquerels of radioactive cesium 137 alone, enough so that officials created an "exclusion zone" of 20 kilometers around the plant that persists today. (A becquerel is a unit of the rate of radioactive decay—or radiation emitted by a substance.) As a result, the emergency at Fukushima Daiichi that began on March 11, 2011, is only the second nuclear accident to merit the most severe international crisis rating, joining the reactor that exploded at the Soviet Union's Chernobyl nuclear facility in Ukraine April 1986.

But the disaster was no surprise given the type of reactors at Fukushima. In fact, nuclear power experts, computer models and other analyses have consistently shown for decades that a problem in the older boiling-water reactors employed at Fukushima Daiichi would become disastrous because of a flawed safety system that houses the nuclear fuel, known as the Mark I containment. It is "the worst one of all the containments we have"—and in a complete blackout, "you're going to lose containment," noted U.S. Nuclear Regulatory Commission (NRC) Deputy Regional Administrator Charles Casto on March 16, 2011, who was in Japan to assist, according to transcripts of internal meetings released by the NRC. "There's no doubt about it."

Latest Videos From

Watch full video here:

Off the Mark The Mark I containment is a doughnut-shaped structure beneath the reactor itself that is partially filled with water. In the event of a breakdown of pumps that supply the reactor with fresh cooling water, the torus design is supposed to provide additional cooling. Steam created by the still fissioning fuel floods into the torus and is cooled by the supplemental water there. That additional cooling would limit the pressure created by any steam buildup, theoretically allowing the reactor's designers to employ less strength in other parts of the safety system.

Unfortunately, any additional cooling provided by the torus did not last as long as the loss of electricity at Fukushima. As a result, the nuclear rods heated their zirconium cladding along with the remaining water to steam. At high heat, the cladding interacts with the surrounding water vapor, binding tightly to the oxygen and freeing the hydrogen, which escapes as a gas. If allowed to accumulate, the hydrogen can burn with an invisible flame as it did at Three Mile Island (which had a different containment system) or, as appears to be the case at Fukushima, explode. As much as 1,000 kilograms of hydrogen may have been generated at the complex this way, according to the Japan's Nuclear and Industrial Safety Agency. In fact, the nuclear fuel in Unit 3 produced enough hydrogen to cause the explosion in Unit 4 next door via a shared exhaust stack.

To minimize the chances of such hydrogen accumulation, the NRC has suggested U.S. reactors strengthen vents to ensure that they could be used to relieve such a dangerous buildup of pressure. After all, the accretion of hydrogen could also raise pressures above the design limits of the safety systems. Fukushima Daiichi actually had such hardened vents, which either failed to operate or were not used soon enough to prevent the explosions. One problem may have been that the vents require electricity to operate—and at that point the stricken nuclear power plant had none.

"The NRC is implementing a [recommendation] to enhance the vents by making them 'reliable' under adverse conditions," such as a loss of electricity, says NRC spokesman Scott Burnell. And the agency concludes that such voluntary improvements provide "appropriate protection" of public health and safety. Beyond that, new rules are expected to address any lessons learned from the Fukushima nuclear crisis.

Regardless of the ability of the vents to function appropriately, one clear difference exists between the operation of such boiling-water reactors in the U.S. versus those in Japan—in the U.S., reactor operators have the authority to vent radioactive steam or hydrogen gas as conditions warrant. The employees of the Tokyo Electric Power Co. (TEPCO), which ran Fukushima Daiichi, appear to have required or at least sought government authorization to do so. "They were concerned venting might allow a flow of radioactive materials into the air, and they had not yet fully evacuated the area," explains mechanical engineer Vijay Nilekani of the Nuclear Energy Institute (NEI), an industry group. By the time evacuations and authorizations had taken place, "they had damaged the core and were venting hydrogen that caused explosions," Nilekani explains. "If you don't damage your core, you do not produce the large amounts of hydrogen that resulted in detonation."

Such problems have long been an issue with the Mark I, the "safety disadvantages" of which were highlighted in an internal memo at the U.S. Atomic Energy Commission —the precursor to the NRC—as far back as 1972. The NRC nonetheless permits its use because "the Mark I can survive long enough to allow for actions that keep the public safe in the event of a radioactive release," Burnell says. In other words, there would be time to evacuate or take other safety precautions.

Modeling the worst To make that judgment, the NRC relies on computer modeling, the most recent of which is known as State-of-the-Art Reactor Consequence Analyses. That modeling took two representative nuclear power plants in the U.S.—a pressurized-water reactor from the Surry Power Station in Virginia and a boiling-water reactor from Peach Bottom Atomic Power Station in Pennsylvania—and attempted to assess what would happen in a severe accident, such as the loss of all electric power as a result of an earthquake, among other scenarios.

The Peach Bottom reactors are broadly similar to those in use at Fukushima. In fact, they are similar enough that the NRC even turned to this analysis to try to predict what might happen at the latter's during that accident. Much as what unfolded during the crisis in Japan, the computer modeling suggested that fuel in one of the two reactors on the Peach Bottom site would begin to melt as soon as nine hours after a loss of cooling water flow. Peach Bottom's Mark I containment would then fail roughly 20 hours after the earthquake if there was no restoration of cooling water. The breached reactor would then spew "16 percent of the core inventory"—"inventory" meaning cesium 137, along with 68 other radioactive isotopes in the hot nuclear fuel. The consequences of the release, the analysis concluded, "could be serious."

But the computer modeling only analyzed catastrophic failure at one reactor at each of these nuclear power plants, despite the fact that Peach Bottom and Surry each have two reactors on site. Multiple reactors might be expected to be similarly troubled by shared challenges, as seen during the Fukushima crisis. Nor did the modeling analyze what would happen if a powerful earthquake immediately destroyed safety equipment or ripped a hole in the structure containing the reactor itself.

The key weakness revealed by both the Fukushima plant and in the U.S. computer models is the reliability of backup electricity. The reactors at Fukushima had batteries big enough to power equipment, including monitoring instruments, for eight hours. U.S. reactors are required only to have two hours of such battery backup. "The NRC is currently revising the station blackout rule, and this effort could lead to change in battery coping times," the NRC's Burnell says. "The models show that when you have a station blackout where you still have batteries, there are steps that can be taken to go beyond what is considered the normal life of batteries." Engineers could extend battery life by recharging them and/or by shutting down all nonessential systems, for example.

Staying flexible The U.S. nuclear industry, for its part, is suggesting that it will voluntarily implement an approach it calls FLEX, which is meant to be a "diverse and flexible coping capability." Nuclear power plant operators would purchase and store portable equipment that could be used to provide additional means of cooling the reactor, a plan that could be in place as soon as 2015. "FLEX would provide multiple means of obtaining power and water needed to fulfill the key safety functions of core cooling, containment integrity and spent-fuel pool cooling that would preclude damage to nuclear fuel," explains Adrian Heymer, executive director of Fukushima regulatory response at NEI. That equipment list might include extra pumps, portable diesel generators for recharging batteries, additional battery packs and hoses as well as fuel and diesel-powered air compressors, among other things. They would keep the plant running for 72 hours. The similar work done to improve safety in the wake of the terrorist attacks in September 2001 "gives us a 10-year head start on dealing with unexpected events," argues NEI president Marvin Fertel, and FLEX builds on that approach.

Plus, new pressurized-water reactor designs currently under construction in Georgia, known as the AP-1000, incorporate so-called passive safety features, including enough water to cool a reactor for three days in the absence of any human action. "If this design had been used in Fukushima, we would not have a news story," argues nuclear engineer Aris Candris, CEO of Westinghouse, the company responsible for the new design. "The AP-1000 is immune to the loss of off-site power."

But even at a reactor that does not fare as well in a large earthquake and is not immune to the loss of off-site power, there is "essentially zero risk of early fatalities," according to the NRC worst-case modeling. Even when a release of radioactive material reaches the environment, "it's small enough and takes so long to reach the community that people have already been evacuated or otherwise protected," NRC's Burnell argues. "The public avoids any short-term dose large enough to kill." And that is exactly what happened at Fukushima.

The dangers of spent fuel The multiple explosions at Fukushima Daiichi revealed another safety risk, one that is, if anything, of more concern in the U.S. The explosions tore open reactor buildings, damaging the 12-meter-deep pools where used nuclear fuel is kept cool, potentially setting off another meltdown in the fuel there as the surrounding water drained away or boiled off. Densely packed spent fuel without water can heat enough to burst its zirconium cladding and, ultimately, set the cladding ablaze. Without walls, which had been blown out by previous explosions, there was nothing left to keep the cesium 137 and other radioisotopes in the nuclear fuel from escaping in such an event at the Fukushima reactors.

In fact, the plume of contamination spreading to the northwest of the stricken nuclear power plant may have come from such spent fuel. Despite having been shut down for refueling, Unit 4 also suffered an explosion and what remains identified by Japanese authorities as a "lube oil fire." (NRC experts, though, disagreed, at least at the time: "We know it wasn't a lube oil fire," argued Larry Camper, director of the NRC's Division of Waste Management and Environmental Protection, on March 20, 2011, according to the transcripts.) The fire, whatever kind it was, appears to have carried radioactive particles into the surrounding countryside to the northwest as it coincided in time with the wind blowing in that direction.

In the U.S., because of a lack of a long-term plan for dealing with such nuclear waste, spent-fuel pools are even more densely packed, making it easier for a meltdown to occur in the event of a loss of water. Such pools at the nation's 104 nuclear reactors hold more than 45,000 metric tons of the nation's approximately 65,000 metric tons of such used nuclear fuel. That said, the nuclear industry's FLEX approach, would also include additional pumps and hoses to get water to the spent-fuel pools, as well as instruments to monitor their condition.

Ironically, the loss of walls and roofs may have been the key to preventing a worse accident at Fukushima. By ripping off the walls and roofs, the explosions enabled emergency workers to spray cooling water into the pools directly—if inefficiently—via water cannons and other devices. "What would have happened had those explosions not occurred?" asks nuclear engineer David Lochbaum of the Union of Concerned Scientists. "The radiation levels in the buildings were too high to allow access, even if workers had equipment with which to add water to the pools." In that case, the spent nuclear fuel likely would have begun melting down and there would have been few ways of restoring cooling water.

The NRC solution is for reactor operators to add hoses or spray systems to permit cooling water to be added to such spent-fuel pools. But because of the location of such pools in older boiling-water reactor designs—specifically, in the upper levels of the reactor building—any water added would ultimately drain down through the building, inundating the emergency pumps in the basement. "Instead of a natural tsunami triggering reactor meltdowns, this 'fix' induces a man-made tsunami inside the reactor building that leads to the same outcome," Lochbaum argues.

Worse, if the spent nuclear fuel did melt down, it too might follow the same path down. "People are worrying that the stuff has maybe melted through the concrete floor" of the spent-fuel pool, noted John Monninger, an NRC risk analysis official in Japan, on March 20, 2011, according to the transcripts. "The next stop is the top of the torus," or the doughnut-shaped ring containing the extra cooling water. Brian McDermott, then-director of the NRC's Division of Preparedness and Response, completed the thought on a conference call, according to the NRC transcripts: "Then you've got potential steam explosions with this melting into the water in the torus. And then after that, who knows where it goes."

The real solution, according to Lochbaum and other experts, is to require spent fuel to be moved from pools to more permanent storage in massive concrete and steel casks after five years of cooling down. That would reduce the amount of fuel in the pools, reduce the overall heat, permit more water in the pools themselves in case of emergency as well as reduce the amount of radioactive material that could be released if an accident occurs. "Thinning out the spent-fuel pools is a no-brainer," Lochbaum says.

As NRC staff noted during the Fukushima emergency, when there was concern that the spent-fuel pool at Unit 4 may have lost its cooling water as well as been damaged by the reactor building explosion, adding cold water to already hot fuel can create a problem in its own right. "That's going to 'rubble-ize' [sic] those fuel pools," argued the NRC's Casto on March 17, 2011, who had witnessed a similar accident in Hungary, according to the transcripts. "You put that water on that hot fuel and rubble-ize it, you're going to get particulates also. So you're going to have some level of significant release… plus it's being carried away in the steam."

Regardless, the 23 boiling-water reactors in the U.S. that are the same as those at Fukushima Daiichi continue to generate electricity today. In Japan, just one month before the devastating magnitude 9.0 earthquake and tsunami, the complex's stricken Unit 1 reactor had received approval to operate for another decade. And on March 10, 2011, the NRC licensed the boiling-water reactor of similar design and vintage at Vermont Yankee to operate for another 20 years (pdf), just one day before the Fukushima crisis.