Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

World Is Ignoring Most Important Lesson From Fukushima

timothy posted about 2 years ago | from the stir-gently-rather-than-shake dept.

Japan 328

mdsolar writes "Kenichi Ohmae, an MIT-trained nuclear engineer also widely regarded as Japan's top management guru, is dean of Business Breakthrough University. In the CSM he writes: 'Fukushima's most important lesson is this: Probability theory (that disaster is unlikely) failed us. If you have made assumptions, you are not prepared. Nuclear power plants should have multiple, reliable ways to cool reactors. Any nuclear plant that doesn't heed this lesson is inviting disaster.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


Correct (4, Insightful)

geekoid (135745) | about 2 years ago | (#39591017)

Which is why modern reactors depends on gravity; which to the best of my knowledge has never been turned off.

Reckless! (5, Funny)

Anonymous Coward | about 2 years ago | (#39591075)

That's just the kind of reckless thinking that caused the failure in the first place. We must provide for EVERY contingency, no matter how unlikely!

For the children!

Re:Reckless! (5, Informative)

lgw (121541) | about 2 years ago | (#39591659)

From what I understand pebble-bed reactors don't even count on gravity-fed cooling. The reaction simply stops if it gets too hot, effectively setting a maximum temp that won't burn through concrete.

Of course, pebble-bed was more about demonstrating idiot-proof safety than practical power generation, but it would actually work just fine (if not as cheaply as more sophisticated designs).

Re:Correct (3, Insightful)

sehlat (180760) | about 2 years ago | (#39591081)

Well, if you *could* figure out a way to turn off gravity, I'm sure the Nobel Prize committee, NASA, and a whole bunch of science fiction fans would be listening eagerly.

Re:Correct (3, Insightful)

bobcat7677 (561727) | about 2 years ago | (#39591191)

I think if gravity was turned off, we would have bigger problems then a few melting nuke reactors.

Re:Correct (5, Funny)

Mitchell314 (1576581) | about 2 years ago | (#39591219)

Right. Everybody's percolating coffee machines wouldn't work. Death would be a welcome reprieve should this horrible reality come into being.

Re:Correct (2, Insightful)

Anonymous Coward | about 2 years ago | (#39591399)

just put you Mr.Coffee in a centrifuge...

Re:Correct (2)

sgrover (1167171) | about 2 years ago | (#39591201)

the idea of turning off gravity is um, misguided to say the least. But working around gravity is possible, even in natural conditions. Wind, buoyancy, air foil type lift, impacts with lever type mechanisms (intentional or not), etc. And looky there, something going UP when it was supposed to be going down. Not planning for this eventuality in the extreme cases of protecting something that could literally kill thousands of people (or more), well that is also misguided, IMO.

Re:Correct (1)

Anonymous Coward | about 2 years ago | (#39591563)

the idea of turning off gravity is um, misguided to say the least.

It's merely unheard of. And it goes against some of the things we think we know about the universe.

Re:Correct (4, Insightful)

BagOBones (574735) | about 2 years ago | (#39591083)

That doesn't solve the problem of all the OLD reactors that are now past the original intended end of life for their design.

Re:Correct (0)

Anonymous Coward | about 2 years ago | (#39591339)

and whose fault is it? Solution in its basic form is simple. Close old ones, build new ones.
Unfortunately unwashed masses that inhale fumes from coal plants every day go batshit insane when they hear 'nuclear' and politicians play along.

I am all for closing all nukes at once. Maybe those ignorant hippies, who don't understand how the world they live in works and what greases its wheels, will learn something from blackouts, brownouts and less juice for their apple branded gizmos.

Re:Correct (0)

Anonymous Coward | about 2 years ago | (#39591411)

Wow, talking about being misguided.

Do the math and check how many nuclear reactor you have to build to substitute coal or oil. Noe find that many suitable sites, if you can, and enough fissile material to power them all.

Re:Correct (0)

Anonymous Coward | about 2 years ago | (#39591537)

Define suitable site.

Re:Correct (0)

Anonymous Coward | about 2 years ago | (#39591357)

So replace them with modern reactors.

Re:Correct (0, Flamebait)

19thNervousBreakdown (768619) | about 2 years ago | (#39591305)

This is from the Christian Science Monitor.

Christians' (and all religious folks) minds are broken. Sometimes in very obvious ways, such as when they're giving tacit approval to the institutionalization of child sexual abuse by tithing to the Catholic church even after it was shown that they assisted priests in getting away with it. Sometimes in much more subtle ways. For instance, this guy seems to think there are absolute answers to everything. I suppose that's not such a big leap when you accept that there's an all-powerful all-knowing being. He says that they should have planned for the 15' tsunami regardless of the fact that it was a 1/10,000 year event because it happened. As in, it happened in the past. Therefore, they should have planned ahead for it. Because now that it's happened, the ... probability (I have a real problem applying this word to a past event) that it would have happened is 100%. Which they should have planned for.

He says that we should have an infallable way to cool every reactor, or we shouldn't have reactors. Well, I guess there can only be one reactor, because there's only one pope to go around blowing on these things to keep everyone safe, and the probability that two reactors would break at once is 100% once two reactors have broken at once.

Sorry. It sucks. I'm sure they did lots of things wrong at Fukushima. Maybe one of them was drawing the line at a once in 10,000 years event, maybe it should have been a once in 100,000 years event. But saying that we should have some guaranteed way of making things safe is ridiculous. Nothing is 100% safe, and you can never, ever predict everything that might go wrong. I'm sure my actual argument will be drowned out by the fact that I took the opportunity to take a stab at the religious, but hey, I've got the karma to burn and it needs to be said until we stop treating these delusional people as intellectual equals.

Re:Correct (0)

Anonymous Coward | about 2 years ago | (#39591347)

What a troll. The Christian Science Monitor is not the sort of religious group it makes sense to flame.

Re:Correct (-1)

Anonymous Coward | about 2 years ago | (#39591627)

Amen! (pun indeed) People die everyday, some for natural cause others by accident, others by stupidity. These religious freaks instead of being concerned about an accident that, despite unfortunate, happened during special circumstances, they should be more worried about hunger in Africa or the extreme living conditions in China and India.

Re:Correct (5, Informative)

Troggie87 (1579051) | about 2 years ago | (#39591423)

For those who don't follow reactor tech and don't know whats being talked about, liquid sodium reactors use literally a vat of salts and radioactive material in a magma-like sludge. There is a plug at the bottom of the vat with a melting point that is well above operating spec, but well within reach if the reactor lost cooling. If all other failsafes are disabled, the plug melts and all the molten sludge runs into 2-3 smaller tanks. The reaction then stops being self sustaining, and you just have to recover the containment units and repair the reactor. Its literally idiot proof barring a fault line opening a chasm beneath the plant or a direct asteroid impact.

There are also gravity-fed means of cooling conventional reactors, but I wouldn't call any of them fool proof. Liquid sodium seems like the best bet to me from a safety standpoint, at least as far as using up existing nuclear material. Thorium reactors show promise as well, but since we have a ton of reusable nuclear material liquid sodium would be my choice from a practicality standpoint.

Re:Correct (1)

Anonymous Coward | about 2 years ago | (#39591529)

"Idiot proof" - right there you just lost a couple points. Build a better nuclear reactor and the world builds a better idiot. Not that I'm against nuclear reactors, I just agree with the original premise - failures *will* happen with any system. Multiple independent fail-safes and dead-man systems are necessary for a system like this.

Re:Correct (3, Informative)

Troggie87 (1579051) | about 2 years ago | (#39591787)

"Idiot proof" - right there you just lost a couple points. Build a better nuclear reactor and the world builds a better idiot. Not that I'm against nuclear reactors, I just agree with the original premise - failures *will* happen with any system. Multiple independent fail-safes and dead-man systems are necessary for a system like this.

Theres some truth to that, but i meant it in the sense that human interaction isn't needed in the slightest, nor is any real mechanical action other than liquid flowing downward. Its not like "modern" (as in what operates now) reactors, where there is a time limit on the response within which some human being has to respond. Every human being could vanish from the earth in an instant, and a liquid sodium reactor would turn itself off 100% of the time. You take the human out of the equation.

Re:Correct (4, Informative)

hydrofix (1253498) | about 2 years ago | (#39591467)

He is referring to a passive cooling systems [wikipedia.org] (aka. convection cooling, gravity cooling or natural cooling). Such systems are great and essential safety feature in modern reactors, and Fukushima Daiichi actually had a passive emergency cooling system. However, with current technology such systems can only contain the decay heat for up to 72 hours. It is only a temporary system, giving technicians time to restore external power to cooling pumps. This can be problematic in a catastrophic situation (such as natural disaster).

Re:Correct (3, Informative)

sperxios10 (848382) | about 2 years ago | (#39591569)

They US authorities on '60s started trying gravity on various types of reactors for many years (passive cooling) and it failed miserably all times. Download the excellent BBC's 1992 documentary on the subject A is for Atom [archive.org], or watch it on YouTube [youtube.com].

It was after they had confirmed the problem that they started installing diesel generators to operate the cooling pumps. The problem was discovered also in USSR. Chernobyl erupted during an experiment to test the cooling apparatus while disconnecting the plant from grid.

The root cause of all this was that they designed the commercial Nuclear Plants by scaling the 60cm diameter Submarine Reactors into 3 meter or even more. That way, the multiplied the fuel mass x1000, and disregarded that fact they were no longer 100 meters deep below the ocean surface, something that would guarantee passive cooling simply by hydrostatic pressure.

Re:Correct (1)

Anonymous Coward | about 2 years ago | (#39591739)

All of that sounds great. But human technology is subject to failure. Sorry, but every time I hear this line of how modern reactors are safe because of this or that, I always flash to the line of "God himself could not sink this ship!"

Error in translation? (5, Insightful)

ceoyoyo (59147) | about 2 years ago | (#39591049)

Either there's an error in translation or the MIT trained nuclear engineer has forgotten what probability theory is.

Having multiple means of cooling a reactor sounds like a good idea, but that will only reduce the probability of disaster.

Re:Error in translation? (1)

Anonymous Coward | about 2 years ago | (#39591139)

As a "top management guru" probably his only concern is the probability that the whole thing goes tits up before you're strapped into your golden parachute.

Re:Error in translation? (3, Insightful)

laron (102608) | about 2 years ago | (#39591181)

Redundant systems are a good idea, but you should ask yourself if one event (or a common group of events, like an earthquake and a tsunami) can knock out all of your systems at once.

Re:Error in translation? (3, Insightful)

sgrover (1167171) | about 2 years ago | (#39591287)

Don't forget that Fukishima was TWO events happening at once (or close enough together to be counted as one). I think the design would have been fine if it was JUST an earthquake, or JUST a tsunami. But combined so close to each other was too much for the design.

Re:Error in translation? (4, Insightful)

NatasRevol (731260) | about 2 years ago | (#39591461)

If you're near any large body of water, they're very likely to happen together and should always be considered that way.

Re:Error in translation? (1)

laron (102608) | about 2 years ago | (#39591485)

See, that's what I meant with "common group of events". Tsunamis are often triggered by earthquakes, so it would make sense to expect that both can happen together.

Re:Error in translation? (2)

tigre (178245) | about 2 years ago | (#39591271)

Either there's an error in translation or the MIT trained nuclear engineer has forgotten what probability theory is.

Having multiple means of cooling a reactor sounds like a good idea, but that will only reduce the probability of disaster.

But his point is that making assumptions based on probabilities calculations based on other assumptions is the problem. Anything with a physically plausible likelihood of happening is worth considering how to guard against, and nobody should settle on "good enough" without at least laying out the associated probabilities and any assumptions that went into those calculations. At least not where catastrophic repercussions are the _likely_ outcome of miscalculation.

Of course the regulators have to be willing to challenge assumptions, and ferret them out when probabilities are presented without accompanying substantiation.

Re:Error in translation? (3, Insightful)

ceoyoyo (59147) | about 2 years ago | (#39591459)

So the solution is a proper application of probability theory. Probability theory didn't fail. We failed to use it.

Re:Error in translation? (5, Insightful)

RightwingNutjob (1302813) | about 2 years ago | (#39591749)

Too many people learn risk management like this:

The probability of a widget failing is 0.001. The cost of a widget failing for us is $1000. Therefore, we should budget $1 per widget to cover the expected failures.

Trouble is, this only makes sense if you make 10000 widgets. Then you expect 0.001 x 10000 x 1000= 1000x(10 +/- sqrt(10)) failures (assuming widget failures are independent and uncorrelated events, which means the expected number of failures follow a Poisson distribution), so if yo budget
$20000 = 1000 x (~10 + 3*sqrt(10)), you'll be covered 99% of the time.

Note that "99% of the time" means that if you make 100 production runs of 10000 widgets, and budget $20000 for covering failures on each run, you'll be good for 99 of those 100 runs, and you might be over budget on the 100th.

When you make exactly one widget, and it costs you $1000 if it fails, and you estimate that the probability of failure is 0.001, and you budget exactly $1 to cover failures, what you've done is you've wasted $1, and you're still not covered, because if your one widget fails, you don't have the budget to cover it.

There was exactly one Fukushima plant, and when you talk about risk analysis for something like that, anything that is remotely likely to cause a catastrophic failure needs to be fully accounted for, because there is no such thing as an amortized catastrophic failure. It either works or it blows up in your face, not a small percentage of your face.

Re:Error in translation? (4, Insightful)

Sir_Sri (199544) | about 2 years ago | (#39591295)

Got it in 1.

The article even states, all of this would have been avoided if it had maintained even one connection to the grid. They had 5. Now they may have all failed at once because they were basically all the same and they weren't really redundant, but past this layer they had multiple generators at each reactor so even if the external power did fail there was something to go on.

He is sort of right, in the same way security researchers in computing systems talk about never assuming a system is secure. You need layers of defences, detection, prevention, repair, redundancy etc. But I don't think anyone disputes that, nor is there any evidence they didn't have those things. They may have implemented them badly, maliciously, but they picked a probability of failure and said 'that's good enough for the money we have'.

There are lots of theories about designing reactors that are fundamentally more safe, they won't have runaway heating for example (a by product of how uranium undergoes nuclear reactions, and how the reactors are built to deal with that). I'm not sure anyone is suggesting we should somehow not consider those designs superior in some way. But no matter what you design you can only build so much redundancy into the system. If your error tolerance is 1/10K years, then why not 1/100k years? Why not 1/1M years? With any physical thing there is a probability of something going really wrong. Suggesting otherwise is lying. You choose your risk tolerance. Ultimately the people who pay the bills have to decide what the risk is worth. If a nuclear reactor cost 100 billion dollars, and had a 1 in a billion chance of failing per year is that good enough? It could still get hit by a 1 in a billion event after all.

Re:Error in translation? (4, Insightful)

Baloroth (2370816) | about 2 years ago | (#39591625)

The risk tolerance should be for an event that causes significantly more damage in and of itself than the reactor meltdown would. Someone above mentioned an asteroid collision. An asteroid of significant size would cause far more damage than the destroyed reactor would. You can also make the engineering such that even in extreme failure conditions, the amount of radioactive spreading is minimal (although, again, an asteroid would pretty much splatter the uranium everywhere).

I would argue that the Fukushima disaster actually did meet this criterion: far more people were killed by the earthquake/tsunami than will ever be killed by the radiation (in fact, the disaster probably killed more people than all the nuclear reactor accidents ever put together) released, and the cleanup will be a fairly small fraction of the total cost of the disaster. Obviously, they could have been better designed and survived even this (a modern reactor would have), but the simple fact is a disaster bad enough to take out a well-designed nuclear reactor will dwarf the damage caused by the reactor malfunction itself.

The PR disaster is a different story.

Re:Error in translation? (1)

NeutronCowboy (896098) | about 2 years ago | (#39591607)

I don't know. I seriously think the guy thinks that probability theory is the wrong approach. To some extent, I agree: arguing that there's no need for a seawall of more than 10m because the highest flooding recorded was 10m is.... dangerous, to say the least. A seawall is a cheap structure that is easy to maintain. Make it 15m and call it a day.

However, the decision on where to stop building the seawall IS a decision based on probability theory. Because otherwise, why stop at 15? Why not 20? 100? Or why stop at a LNG and solar plant to provide local electricity? Why not build a battery bank that holds 2 weeks of charge for the entire nuclear complex? The way that he is constructing his argument, his argument is that every failure mode has to be addressed. That's just not possible. The reason why is simple enough: because the cost of those systems is enormous compared to the fractional increase in security you get from it. For anyone keeping track: this is probability theory applied to ROI. How much money do you put into a system, and what's the expected benefit, given a number of scenarios?

I think the lesson to take from the Fukushima meltdown is this: when deciding on safety features, make sure that that the simple stuff is overbuilt. You don't want to have a meltdown occur because you saved a few $100K on cement, rebars and construction labor.

Bullshit (0)

Anonymous Coward | about 2 years ago | (#39591063)

Corner cutting company policy results in result-based choice of assumptions. The theory is fine (and something that is unlikely can still happen, so even with correct assumptions there can be disasters.)

Or use a different type of reactor.... (5, Informative)

blunttrauma (601130) | about 2 years ago | (#39591137)

Or use a different type of reactor that doesn't rely on electricity for cooling. See any of Kirk Sorensen's liquid-fluoride thorium reactor talks on YouTube. His talk at Ted is a good 10,000 overview and only 10 minutes long: http://www.youtube.com/watch?v=N2vzotsvvkw [youtube.com]

Re:Or use a different type of reactor.... (0)

Anonymous Coward | about 2 years ago | (#39591381)

You mean the reactors that have no practical way that they can be built?

Re:Or use a different type of reactor.... (0)

Anonymous Coward | about 2 years ago | (#39591671)

Read up on the history of the development of the Nuclear Reactor. Starting at Oak Ridge National Lab in 1946-7.

Re:Or use a different type of reactor.... (0)

Anonymous Coward | about 2 years ago | (#39591713)

And weren't around 50 years ago when this reactor was built...

Re:Or use a different type of reactor.... (0)

Anonymous Coward | about 2 years ago | (#39591799)

No he meant a scaled up, more modern version of what they had already running at Oak Ridge for about 5 years in the 1960s.

What the hell? (2, Insightful)

VAElynx (2001046) | about 2 years ago | (#39591211)

Probability theory HASN'T failed us
For one ,it doesn't declare an accident as impossible.
For two, accidents are unlikely - over the 58 years nuclear reactors exist (1954 in Obninsk was first) there hasn't been much significant disasters despite their wide usage. Hell, air travel has probably killed more people and noone's into banning airplanes.

Re:What the hell? (5, Insightful)

mlts (1038732) | about 2 years ago | (#39591785)

Where the rubber meets the road is deaths per terawatt hours. Even with the disaster, nuclear remains well lower (0.04) than any of the other mainstream energy sources (coal's world average is 161, oil is 36).

With nuclear having 900 times fewer deaths than oil, this shows that something is being done right.

The problem is that with all the fear around nuclear reactors, no new, safe ones are built, so we are left with maintaining venerable designs designed barely after WWII with far fewer safety features.

The insanity of this shows when one compares this with other industries. It would be ridiculous to claim that aircraft are fundamentally unsafe and banning any new design to be made, only allowing biplanes from WWI to keep in the skies. Or saying how pathetic an automobile is while barring anything newer than a steam engine.

Which lesson? (4, Funny)

fahrbot-bot (874524) | about 2 years ago | (#39591215)

I'm guessing the first?
  1. Never get involved in a land war in Asia.
  2. Never go against a Sicilian when death is on the line.

That's an important lesson, but... (4, Insightful)

Omnifarious (11933) | about 2 years ago | (#39591239)

But I think the most important lesson is that neither the nuclear power industry nor the regulators of that industry can be trusted to be at all truthful about the scope and scale of problems. They both have strong incentives to minimize the perception of such. This, more than anything, is the biggest and most important lesson that has broad applicability to almost any regulated industry.

Re:That's an important lesson, but... (0)

Anonymous Coward | about 2 years ago | (#39591417)

This is all much ado about nothing.

3 Mile Island failed, leaked a little gas, and how did it affect America? Not at all.

Chernobyl failed, melted down, and how did it affect America? Not at all.

Fukushima failed, melted down, and how did it affect America? Not at all.

Yes, there will be failures, and the failures will be expensive (in money and lives) for the plant operators, but in the big picture the impact is bupkus for average Americans. The cheap energy they produce is much more important. I support nuclear power *despite* and knowing full well there *will* be failures.

Re:That's an important lesson, but... (0)

element-o.p. (939033) | about 2 years ago | (#39591633)

Let me make sure I understand you correctly...if it doesn't affect America, it doesn't matter? Wow. Just...wow.

Then you go on: "The cheap energy they produce is much more important." Ummm...how much energy did Fukushima export to America? Chernobyl? No, the failures didn't significantly impact us, but neither did the energy production. Nevertheless, you say the energy produced is important, but the effects of the disasters aren't? Cognitive dissonance much?

"I support nuclear power *despite* and knowing full well there *will* be failures." What if the failure was in *your* back yard? I'm not arguing that nuclear power is *NOT* a better choice than most, if not all, of the alternatives, but your post comes across sounding like you don't care who has to deal with the failures as long as it isn't America. I'm American, yet I'm still offended by that attitude.

Re:That's an important lesson, but... (1)

lgw (121541) | about 2 years ago | (#39591741)

You need to replace the batteries on your sarcasm detector every 6 months. Best to do it when you adjust your clocks for daylight saving time, easiest way to remember.

Re:That's an important lesson, but... (1)

Ryanrule (1657199) | about 2 years ago | (#39591457)

"regulators of that industry" They both have strong incentives to minimize the perception of such. Why?

Probability in reliability engineering (4, Insightful)

Beryllium Sphere(tm) (193358) | about 2 years ago | (#39591241)

A few voices in reliability engineering and safety engineering (not the same thing!) have warned that if you start producing figures that show that you can go a million years or more without an accident, that doesn't mean your product is safe, it means you've overlooked something.

Not even an anvil can live up to some of the probability estimates people have come up with for deployed systems.

That said, there's still such a thing as intellectual dishonesty. Large scale blackouts in industrialized societies are a known phenomenon (1965 eastern US, etc.) and should have been taken into account even if Japan weren't prone to natural disasters. Rumor has it that there's a plaque in the hills above Fukushima that says in effect "Water has come up this high in the past, don't build anything you care about lower than this level".

Prevention vs Cost of being Wrong (1)

LordZardoz (155141) | about 2 years ago | (#39591253)

Part of the article reminds me of the 'Captain Hindsight' from the Cthulhu / Coon and Friends episode of Southpark. The article basically says that the risk assumptions were incorrect and they should have prepared better and made better assumptions in order to prevent the meltdown.

I disagree in part with the premise article.

There are two approaches to taking something that poses a risk, and making it safe. The choices are prevention and mitigation In this case, the problem is that a Nuclear Reactor poses a risk of dangerous meltdown. The typical safety measures are to make sure that a melt down will not happen (prevention). That approach generally works, and all risk management calculations are based on the prevention working.

Prevention is great up until it fails. If we change the discussion to sex / pregnancy, prevention of the sort described in the article is using a Condom. Its great when it works, but condoms break. If the penalty for pregnancy is death, your still taking one hell of a risk.

I think that nuclear power is a technology worth pursuing, but I think that the safety measures should start from 'if this thing melts down as soon as we turn it on, what can we do to contain the damage'? If a nuclear power plant can be designed in a manner that guarantees that a meltdown event does not endanger anyones safety, then it can be called entirely safe.

Otherwise, they are only safe until they fail.


Re:Prevention vs Cost of being Wrong (0)

Anonymous Coward | about 2 years ago | (#39591593)

Not "if this thing melts down", it should be *when* this thing melts down. The wording is important. Always assume a man-made system will fail at any moment, because systems either fail or are dismantled. They never last forever.

Too many protective measures (4, Interesting)

rtaylor (70602) | about 2 years ago | (#39591255)

Fukushima taught me that Japanese Nuclear reactors may be too protected.

19,300 people died as a result of the tsunami. Fukushima has had minimal impact by comparison (573 related deaths thus far).

Diverting all of the safety protections away from the reactors (guaranteeing full meltdown of all 4) to add to safety protections around shoreline towns, oil refineries, chemical factories, could have saved thousands of lives reducing the 19,300 total.

Re:Too many protective measures (0)

Anonymous Coward | about 2 years ago | (#39591301)

There's more important things to protect than human lifes. There can be more humans, but there is only one earth.

Re:Too many protective measures (1)

Anonymous Coward | about 2 years ago | (#39591427)

Where do you think we got the uranium in the first place?

Re:Too many protective measures (0)

Anonymous Coward | about 2 years ago | (#39591657)

Fukushima has had minimal impact by comparison (573 related deaths thus far).

[Citation Needed]

Re:Too many protective measures (0)

Anonymous Coward | about 2 years ago | (#39591677)

I know I will be modded down (for some reason slashdot readers are nuclear-fan-boys), but someone need to tell you guys:

A tsunami + earthquake on a ultra-populated archipelago killing 19,300 is really low.
But a single failure (4 core but still one system) killing 573 (plus long-term deaths) is a lot.

Ow, yes, and one more thing: there is a lot of land that will be not usable for decades. Even the salt of the water from the tsunami don't do such thing.

Re:Too many protective measures (3, Insightful)

Entropius (188861) | about 2 years ago | (#39591711)

This is an excellent post.

There was basically the biggest earthquake that the earth is capable of making, a tremendous tsunami that killed 20k people, and a 50-year-old power plant had some problems that added a couple of percent to the death toll? This is a tragedy, certainly, and we need to work on making reactors that don't do that. But it is hardly a condemnation of nuclear power.

Re:Too many protective measures (2, Informative)

LavouraArcaica (2012798) | about 2 years ago | (#39591725)

A good source: http://www.yomiuri.co.jp/dy/national/T120204003191.htm [yomiuri.co.jp] Ow, I posted it before but i forgot to login: I know I will be modded down (for some reason slashdot readers are nuclear-fan-boys), but someone need to tell you guys: A tsunami + earthquake on a ultra-populated archipelago killing 19,300 is really low. But a single failure (4 core but still one system) killing 573 (plus long-term deaths) is a lot. Ow, yes, and one more thing: there is a lot of land that will be not usable for decades. Even the salt of the water from the tsunami don't do such thing.

Re:Too many protective measures (1)

higuita (129722) | about 2 years ago | (#39591731)

yeh, right... the atomic bombs killed a lot more than 19,300, directly killed by the detonation range from 40000 to 75000... long term deads where even higher:

90,000–166,000 killed in Hiroshima
60,000–80,000 killed in Nagasaki

and the nuclear fallout would spread all over the world...nope, you need to protect the nuclear reactors... better yet, dont even build then, long term analysis points to renewable energies as a better solutions, specially if we manage to do local and micro production instead of a huge central one

BAH! (1)

Lluc (703772) | about 2 years ago | (#39591257)

Probability theory did not fail you. You failed at using probability theory. You provided garbage inputs to your probability of disaster, expected values of earthquake sizes, and expected costs of the disaster; so you have garbage results. These results provided you with false comfort in your low safety margins. End of story.

The Black Swan (3, Informative)

The Living Fractal (162153) | about 2 years ago | (#39591267)

Events like that have been dubbed as Black Swans by author Nassim Taleb... The lesson is essentially as stated: probability theory only works for certain types of scenarios. He calls the realm of these scenarios 'mediocristan' and the realm of scenarios where extreme events can take place 'extremistan'. Examples: Average distribution of human height is relatively predictable, and in mediocristan. But try to predict how much wealth one person has from one to the next and you'll suddenly run into a billionaire and completely destroy your nice little data set from the last thousand people you looked at.

Re:The Black Swan (4, Informative)

Entropius (188861) | about 2 years ago | (#39591379)

That has nothing to do with probability theory. It turns out that you can predict how much wealth people have from one to the next very neatly. Failure comes in when you assume that the distribution is Gaussian. It's not; it's log-normal. The billionaire is no more an outlier in that distribution than a pauper.

Problem SPOTTED (0)

Anonymous Coward | about 2 years ago | (#39591277)

'Management Guru'

Nothing to see here, move along.

Bad design (0)

byteherder (722785) | about 2 years ago | (#39591299)

This should be a study of how the bad design of a nuclear reactor can negate disaster planning.

Q: How did this reactor overheat?
A: They could not get power to the cooling pump because the diesel generators were flooded.

YOU HAVE A WHOLE F***** POWER PLANT. Route some power to the pumps. Who is the idiot that designed this.

Re:Bad design (0)

Anonymous Coward | about 2 years ago | (#39591623)

Once they scrammed the reactors, they would no longer be generating power. Thus the need for an external power source. (After scramming, the reactors take a long time to cool.)

The Real Most Important Lesson (1)

K. S. Kyosuke (729550) | about 2 years ago | (#39591319)

The real most important lesson here is that you don't want to have anything to do with human factor if you want safety - human factor as in building a nuclear power plant in an earthquake/tsunami plagued region according to plans for your general US power plant not designed to handle either of those, human factor as in building the emergency (including sea water floods) electrical systems in the basement, human factor as in not checking critical power boards for 11 years...

I don't think there is anything wrong with probability theory, now matter how clever a theory is, it will never protect you from idiots failing to apply it properly.

Re:The Real Most Important Lesson (1)

PoolOfThought (1492445) | about 2 years ago | (#39591641)

You're right. They should really include the probability of some idiot(s) not performing some task(s) that was assumed to be done in the probability calculation. Then they can atleast get a better sets of bounds...

The mathematician could then either report something more like "if a, b, c, d, and e are all done on schedule per the specs then the probability of x event is .0034, but if we actually take into account the probability of these items getting done according to the specifications then the new probability of x event is .1921... in a perfect system where the the design in safe in pretty good shape, but someone is going to f-ck this up... so we need an even better design that either eliminates part or all of 'a,b,c,d,e' or that makes some other improvement that allows for screwups."

Some things have to survive ANYTHING (3, Insightful)

msobkow (48369) | about 2 years ago | (#39591343)

One of the big reasons mil-spec software and equipment costs so much is it has to be designed to function no matter what happens. In no other industry is there a requirement for a monitor to take a .50 caliber shell and keep running, for example, or for hard drives to survive multi-story drops while running (which is what happens when a ship crashes down a wave.)

I am absolutely stunned that reactors aren't designed to the same stringent "failure is not an option" standard, given the consequences of a failure. It can and should be done if you're going to risk meltdowns. Every possibility you can think of needs to be accounted for.

After all, we're not talking about just poisoning the people around a failed facility -- we're talking about the possibility of leaving kilometers of land completely uninhabitable for decades.

Wrongheaded.... (5, Insightful)

NoKaOi (1415755) | about 2 years ago | (#39591369)

Modern reactors already do the things this guy is suggesting. This guy is decades late to the party. I'm sure there will be 100 comments saying this by the time I hit submit, but the real lesson should be to build new plants with modern reactors, so that once built the old ones can be decommissioned *after* the new ones are built. The kind of attitude this guy has (I'm sure his real motivation is just to get attention) obviously scares people into not wanting new nuke plants built.

On the other hand, he's not very specific in the TFA. Perhaps is real life he has suggested a specific way to retrofit existing reactors with backup generators? Or is he just regurgitating crap that we were reading the day after the tsunami?

And Business Breakthrough University? SERIOUSLY? WTF is that? It reminds me of all those high priced fat loss pills that were developed by places like the "fat loss institute." Apparently anyone can file a DBA with the word institute or university in it. Does anybody really regard this clown as Japan's top management guru? Or am I wrong and this guy is actually dean of an accredited university?

Re:Wrongheaded.... (2)

amazeofdeath (1102843) | about 2 years ago | (#39591599)

I agree with your assessment of TFA. I even went further after reading the fine article: There were 4 commenters, all basically scared of nuclear power, and showing their ignorance in their comments. I wrote a reply to address all of them, but unfortunately I'm not socially networked, so I couldn't actually post it. Sucks to live outside Google, Facebook, Disqus, and so on, I guess. Well, at least I can rant here.

Re:Wrongheaded.... (0)

Anonymous Coward | about 2 years ago | (#39591681)

Apparently not a slouch (from Wikipedia): ..."he earned a BS from Waseda University, an MS from the Tokyo Institute of Technology, and a doctorate in nuclear engineering from the Massachusetts Institute of Technology"

or maybe (2)

nimbius (983462) | about 2 years ago | (#39591409)

nuclear plants, just like any other type of powerplant in the past 50 years requiring a superfund site cleanup at taxpayer expense, arent designed to withstand natural disaster in the pursuit of human health and safety.
the safeguards are in place in order to continue to sustain profits and return dividends well into the inevitable federal investigation and limited financial penalty levied against them. At which time the scientific concept of probability will be regurgitated and mourned about as fervently as a dead cat. It is in this case statistical probability is being used to placate people in much the same way as god is used to placate those into faith over reason.

Re:or maybe (1)

Xiaran (836924) | about 2 years ago | (#39591531)

If the government is not writing the shutdown cost as a deposit into the license then you live in some kind of third world hellhole.

Meta-lesson (2)

dumky2 (2610695) | about 2 years ago | (#39591445)

The most important lesson is the same as that from the financial crisis: when you create perverse incentives, people and companies take irresponsible risks. The result is predictable when you socialize risk by letting governments take on the downside by insuring nuclear disasters, protecting deposits and providing various forms of bailouts. Such de-coupling of profits, losses, responsibility and accountability lead to increasing and un-mitigated risk-taking.

Bad Prior (0)

Anonymous Coward | about 2 years ago | (#39591469)

No it just showed that they made inappropriate assumptions about the prior distribution of catastrophic events.

There are lots of ways to incorporate uncertainty into this sort of model via Laplace smoothing, or other techniques.

Probability theory still works.

How the TSA will read this. (-1)

Anonymous Coward | about 2 years ago | (#39591495)

Airport security should have multiple, reliable ways to prevent terrorism

In for summer 2012, it's 2 brand new radioactive devices!
Guaranteed to give you cancer and not do shit to stop terrorists.

wrong again (2)

Tom (822) | about 2 years ago | (#39591533)

Stupid lesson.

Probability isn't failing us, human understanding of it is. Imagine something that can happen to you or someone else, doesn't matter what. It's one of those "once in a million years" things. How often do you think it really happens? Yepp, that's right, all the time. With a world population of over 7 billion, this "once in a million years" event happens to about 20 people every day.

As for nuclear reactor blowups, they actually happened pretty much on schedule. Someone did the math not too long ago. While the statistical security is impressive (something like "one catastrophic event every 20,000 years"), considering the number of world-wide nuclear reactors and the time they've been running, statistically speaking we're pretty much right on the money.

The only place where probability theory fails us is with the dreaded black swans - the events that are not only highly unlikely, but so extraordinary that nobody really thought of them. A tsunami in Japan isn't exactly one of them. They have so many tsunamis there that they have a dedicated tsunami warning system.

One MIT Engineer to Another (5, Informative)

Anonymous Coward | about 2 years ago | (#39591547)

I am an MIT trained nuclear engineer than specializes in Probabilistic Risk Assessment. The first thing we should note is the PRA has had many benefits for the nuclear industry. Once you calculate the risk, and understand the contributors, you understand how to make things safer.


The thesis of this article has a few problems, though the conclusion isn't horribly off base. The first problem is that he believe probability theory was applied to ignore the risk of the tsunami. The opposite is true. In fact, probabilistic hazard assessment of the tsunami showed the site to be horribly under prepared in 2006 (10% chance of exceeding the design basis in 50 years or about 1 in 500 per year [which is high for nuclear reactors]). There were even more studies in later years before the tsunami hit. This was just plain bad management and shows what may happen when you ignore updated risk information.


The main point though, that no matter how unlikely a single event is (in this case a tsunami), you ought to have some countermeasures, is not bad. That is why PRA is used in combination with deterministic defense-in-depth measures at well designed, operated, and managed nuclear reactors. Mobile emergency diesels should be available to all reactors and are in the United States. This is a feature that Fukushima did not have. At the end of the day though, ceoyoyo is right. Even with multiple methods of cooling a reactor, you can not eliminate the possibility of core melt and release of radionuclides to the public. You can only ensure the release is acceptably infrequent. This brings us full circle to the fact that using probability theory to focus on the high risk stuff is good and that Fukushima failed to do this.

That being said, even in the case of passively cooled reactors such as fast reactors, massive earthquakes (1 in 1,000,000 per year or less), could destroy the water tank or piping required for passive cooling to take place. I would argue that while one should not ignore earthquakes and other rare external events below a certain probability. The burden would be onerous to use events below 1 in 100,000 per year as a design basis. This is in line with previous regulatory safety goal and can be seen in use in debate over the transition break size rule. A plug for my journal article is below. If you are wondering which author I am, the hint is that I am not the NRC commissioner.


It's the humans, stupid (0)

Anonymous Coward | about 2 years ago | (#39591551)

No, the lesson is that humans will:

* underestimate danger
* underestimate cost
* over-estimate value

The humans are the weak link.

Did probability really fail us? (0)

Max Threshold (540114) | about 2 years ago | (#39591603)

The argument that probability failed us overlooks the fact that, although the Fukushima reactor was totally destroyed, the entire nuclear incident wasn't that big a deal. Compared to Chernobyl, it was nothing. Compared to the other damage caused by the tsunami, it was nothing. The real lesson here is that, thanks to design improvements since Chernobyl, a reactor can fail catastrophically and still not cause significant harm. I'm willing to bet that the ecological damage and human suffering caused by this worst-case scenario was significantly less than the damage caused by generating the power that the reactor generated over its lifetime via other means. And newer reactors are even better: less likely to fail, and less likely to cause significant damage if they do.

He's just wrong (1)

erroneus (253617) | about 2 years ago | (#39591687)

All of the warnings and precautions were recommended and rejected. There's a long list of extremely surprising things that Japan simply failed to do. Among these includes the ability to source power from other operating plants. They have no "power grid" to speak of either. It is obvious and demonstrable that in some cases the decision makers did the right things (see the neighboring plant that survived just fine) while others didn't. This all comes down to decision makers favoring saving money over nuclear safety. It's not that there was any systemic failure. The failure can be traced back to individual decision makers who elected not to do certain things.

If we get into a discussion about things like this some time in the future, I will be sure to include some intimate details about how a certain nuclear energy company is addressing requirements set forth by the NRC in response to Fukushima. I wish I could tell the world now but I need to stay employed. But once the deal is "in the past" I'll be sure to share some rather interesting experience and insight. Until then, I will say that it is VERY "unJapanese" to suggest that there was anything to learn from Fukushima.

You didn't figure this out from Challenger? (2)

rbmyers (587296) | about 2 years ago | (#39591701)

This news is going on two decades old. No wonder Slashdot is losing market share.

This is why (1)

Brian Feldman (350) | about 2 years ago | (#39591727)

You need experienced software engineers on a team that's designing a complex, safety-critical system, even if it's not "software." We are the people most familiar with failure scenarios of systems.

World Ignoring Most Important Lesson From Futurama (0)

Shompol (1690084) | about 2 years ago | (#39591735)

"All the President's Heads" finds Professor Farnsworth sprucing up his family tree, eager to show anyone willing to listen - and plenty who aren't - all the amazing people he's descended from...
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account