Executive SummaryBack to table of contents
In this paper, we briefly survey the lessons that emerged from the three major accidents in the history of nuclear power—the Three Mile Island accident in the United States in 1979, the Chernobyl accident in Ukraine in 1986, and the recent Fukushima accident in Japan in 2011—as well as from a few other, less important accidents. To determine what (if any) impact those lessons have had on the course of nuclear power, we consider which measures were adopted to prevent similar accidents from occurring. We conclude with a few observations that might help guide possible future action.
Our survey yields nine general observations:
- In terms of fatalities and effects on health and environment, and even taking into account rare destructive accidents such as Chernobyl and Fukushima, nuclear power has overall been safer and less environmentally damaging than most other ways of generating electricity. However, there is no way to ensure complete safety in the nuclear industry (or anywhere else), and the rare accidents have been extremely damaging. Learning from every opportunity is essential, but this has occurred spottily, especially across national boundaries. “Safety is hard work,” according to Richard Meserve, former chairman of the U.S. Nuclear Regulatory Commission (NRC). “It must be embedded in the management and cultural practices of both operators and regulators; it is an obligation that demands constant attention.”1 This obligation has not always been met.
- The rare destructive accidents at Fukushima and Chernobyl have had a significant impact on nearby communities due to radioactive contamination of land, groundwater, and the ocean. Long-term evacuations that prevent people from returning to their homes, farms, and businesses have a lasting impact on public well-being. While these consequences should not be trivialized, large-scale contamination is not unique to accidents from nuclear power. It occurs across a broad spectrum of human activities ranging from dam failures, to accidents at chemical industrial facilities, to oil spills. Therefore, any efforts to expand regulatory safety goals beyond public health impacts to include off-site contamination should factor in all risks encountered by society, assessing environmental contamination relative to other individual and public health risks.2
- All three of the major nuclear power accidents as well as several of the lesser-known close calls had precursors in previous incidents, although often not at the same location or in the same country. The lessons-learned reviews completed after the accidents have often contained specific useful points. Some of those points have been implemented—that is, the lessons were learned—but others have not been. Not surprisingly, implementation steps that translated into more efficient operations, such as better, more standardized operating procedures, were carried out more often than steps that required immediate expenditures to avoid uncertain disaster, such as better defenses against possible flooding. Further analysis may find other, less obvious correlations.
- A regulating agency with appropriate power and strong technical competence—one that is well staffed, well funded, and independent of its licensees3—is a necessary, though not sufficient, requirement for safety and in particular for the formulation and implementation of lessons learned. Regulatory capture by licensees through either political or administrative processes has been a problem in several countries. Recent decisions (for example, in India and Japan) to remove the regulating agency from the administrative structure of the operating and promoting agency are a step toward greater safety. However, such decisions have been politically challenging to implement. One year after the Fukushima accident, Japan has yet to establish an independent regulating agency because of political bickering between the ruling and opposition parties. India has faced similar challenges. Beyond an effective regulator, however, a culture of safety must be adopted by all operating entities. For this to occur, the tangible benefits of a safety culture must become clear to operators. Regulators must also encourage the identification and reporting of problems to enable effective implementation of corrective action programs. Ensuring both safety and security at nuclear sites is not a matter of simply setting forth regulations to meet known problems. Rather, it is a continuing and dynamic set of interactions involving regulators, licensees, and other stakeholders, none of which is independent of the others.
- An example of a well-balanced combination of transparency and privacy is INPO (the Institute of Nuclear Power Operations), which was created in the wake of Three Mile Island. Funded and supported by the U.S. nuclear power industry, INPO provides a forum for the ongoing process of learning lessons in the operations area. Operator ratings at the various plants remain private, but results with regard to operating procedures and consequences are public. Because of differing laws, policies, and priorities, however, it will be difficult to extend the concept to the international nuclear power industry despite the fact that what happens in one country usually affects the future of the industry in other countries. In addition, many lessons that do not concern operations must be learned. International cooperation should be broadened beyond participation in INPO and the World Association of Nuclear Operators (WANO) to include, for example, the Electric Power Research Institute (EPRI).4
- In the United States and in some other countries, public fear of radioactivity and the ensuing interventions of often well-informed organizations have been a spur to learning from experience. On the other hand, unswerving ideologically based political opposition has served to decrease transparency and mutual cooperation.
- Fear and uncertainty surrounding the health impacts of low levels of ionizing radiation have resulted in widespread feelings of worry and confusion particularly, but not only, for those affected by reactor accidents. Therefore, public discourse about the health impacts of low-level ionizing radiation must be carried out in the context of all such public risk to health and safety, so as not to contribute unnecessarily to excessive health concerns.
- Because so much of the cost of nuclear power is incurred before the first kilowatt-hour is generated, the financial backers, including private and government insurers and guarantors, in theory have considerable leverage over the industry, as does any entity that can delay construction and operations, such as regulators and interveners.
- There can be a tendency to focus the lessons-learned effort primarily on system failures, sometimes marginalizing system successes. Lessons can also be learned from successes. Severe reactor accidents are extremely rare, and every effort should be taken to abstract key engineered or organizational successes.
If we look at the conclusions drawn from both lessons learned and lessons not learned, we could ask how they might apply in the future and, in particular, how they might improve nuclear power safety worldwide. From these questions, we come to another set of observations:
- Modern reactors (classified as Generation III and III+) use safer designs and can be operated more safely than the ones that have caused major accidents. But it is not clear at present how many of the safest designs will be built. Currently there are more than sixty new reactors under construction and hundreds more in the planning stage. The majority of those under construction are Generation II designs with enhancements over plants currently operating. However, the first sets of Generation III and III+ designs are now being built, and many reactors in the planning stage will incorporate the improved variety.
- The Fukushima accident was initiated by a “once in a thousand years” external event. A precursor incident at the Le Blayais Nuclear Power Plant in France in 1999 that did not lead to radioactivity release had also been viewed as a “once in a thousand years” flood. These characterizations are misleading. In the case of Fukushima (analyzed in more detail later in this paper), the possibility of this “rare event” had been anticipated and disregarded; moreover, the severity of the nuclear accident was greatly increased by siting, design, and response failures. In addition, rare events occur randomly, and the recurrence rate cannot be counted on. Further, considering the lifetimes and the siting of reactors worldwide, there is a valid statistical basis for taking into account even those events that occur once in a thousand years and spending money to prevent or alleviate the worst consequences.
- While there was clearly substantial failure in Japan to adequately address external natural events that should have been included within the design basis, it is important to recognize that there will always be events, in particular natural events or potential terrorist attacks, that will surprise us (for example, the 5.8 magnitude earthquake in Virginia and the Missouri River flooding, both of which took place in 2011). These types of events are why margin and a defense-in-depth approach to safety are essential to ensuring minimal public risk. The failure at Fukushima was due to an insufficient “tsunami defense-in-depth approach,” not a failure of the defense-in-depth philosophy itself. Regulatory reform must always focus on a healthy blend of improving defensive actions, mitigation measures, and emergency response to ensure facility robustness for events we can anticipate and those we cannot.
- Most serious accidents and incidents have had precursors that could have served as warnings. Mechanisms to facilitate and, where needed, enforce mutual learning have not always been adequate to prevent avoidable disasters, especially from one country to another. Information-sharing, import/export agreements based on safety standards, agreements to facilitate cooperation among regulatory authorities, and the participation of financial interests such as investors and insurers all have a role to play in improving mutual learning among different states.
- Improved cooperation will rest most securely on lasting, shared economic interest among vendors, owners-operators, government regulators, and the public. At the same time, the international nuclear power and nuclear fuel cycle markets will become if anything more competitive than they have been. New users with no operating or regulatory experience are entering the market: for example, the United Arab Emirates. Therefore, without considerable government attention and cooperation, the nuclear power industry may not become safer, even though from a purely technical point of view it has the potential to do so by adopting the more advanced Generation III and III+ passive reactor designs.
- Any plan to deal with emergencies must include an incident command structure with clear lines of communication and well-defined areas of responsibility, including the responsibility to provide timely information to the actors involved and to the public. This plan must include all relevant actors, from top political authorities to the regulators and management structure of the licensee and on to local operators and responders at the scene of the emergency. Reviews of the Fukushima accident have highlighted failures in this regard, but Chernobyl and, to a lesser extent, Three Mile Island also demonstrated the need for improvement.
2. The NRC set safety goals in its Safety Goal Policy Statement, initiated not long after Three Mile Island and released in 1986. These goals are stated in terms of both individual risk and societal risk; they establish a level of acceptable risk in comparison with other types of risk encountered by individuals and society.
3. Licensees are the entities licensed to construct, operate, and otherwise deal with nuclear installations. They are mainly electric utilities but also include nonprofit research organizations, among others.