Catastrophes are often triggered by small project mistakes. Usually, there are several insignificant causes, combining for a large effect. Horror stories from different industries allow keeping a fresh perspective on the may blind spots and biases we all harbor.

One of my favorites, Fission Stories by Dave Lochbaum  is a column featuring (sometimes hilarious) mistakes in the nuclear industry.

Wrench in the machine

Some lessons are obvious and well known: when designing for safety, treat the end users as, if not outright malicious, then very dumb: If not actively circumventing safety, as above, jamming critical safety valves to “make the job easier”,  they can at the very least make the worst possible choice due to lack of training or training.

This, however, is only half of the equation. The ultimate responsibility lies with the designer, as workers exposed to routine workarounds due to inefficiency of the original blueprint stop respecting the grand scheme of things altogether. In the example above, there were flow blockages in the system.

As outlined in the column, “The practice of forcing operators to cope with equipment not performing per design is called an “operator workaround” in the nuclear industry. ” The company did not want to treat the first signal of failure out of spec as a cause for concern, requiring repair or replacement on first occurrence.

The employee on the ground took it as a signal to disregard stringent safety and devise safety shortcuts.

Big buckets of critical mass

The Tokaimura plant uses highly enriched uranium that requires stringent security precautions when preparing the fuel to avoid critical mass ( i.e. boom).

The Accident caused 2 deaths due to worker irradiation on site and payment of $121 million in compensation to settle 6,875 claims from people exposed to radiation and affected agricultural and service businesses. It occurred when employees mixed entirely too much uranium fuel in a wide tank as opposed to the correct tall one, “geometrically designed to avoid criticality” ( see illustrative video below )

To they layperson, this is a bigger plunder than putting diesel in your petrol car, even though fuel tank and fuel cap has markings identifying the correct fuel. No, this is adding a burning match to said fuel tank.

The nuclear refueling procedure had a state license, outlining correct operation. We presume the workers should have known that said correct procedure is the only way to avoid operator death. Max amount of enriched fuel allowed in the mixing tank  at any one time was 2.4 kg. They added 16 kilograms, 6,6 times over the safety limit.

Were they overworked and simply too tired?  Did they become complacent and cavalier?Did they have checklists? Did they check off each step before continuing? Did the fuel mixing procedure involve component delivery that physically limited the amounts added so as to avoid mistakes?

No surprises to the cause, unfortunately: “The crew assigned to process the Joyo fuel that day was under time pressure: The crew chief was anxious to complete the current batch before a new team of workers arrived. Furthermore, […]the workers were apparently not aware of the mass limitations on the uranium to be added to the precipitation tank ” [source].

Further,  “a widely distributed but unauthorized manual permitted the use of buckets as a shortcut in the process”[souce].  And how about  “A manager at the facility who was exposed to radiation at the scene reportedly told the police he “forgot” about the dangers posed by a self-sustaining nuclear chain reaction”.

But wait, for the final blow: “According to prosecutors, JCO also developed plans to hide illegal equipment and production methods from inspections”.

by Blake Burkhart

Certainly many a  project manager can agree that the causes are universal:

• Unauthorized process shortcuts.
• Poor process design, no built-in safety.
• Time stress, unrealistic deadlines.
• Lack of investment in safety culture. ( Continual improvement, PMI )
• Refusing to lead by example, insuring leadership sticks to safety standards and rewards safety thinking. ( Management responsibility, in PMI parlance )
• Lack of realistic training, including complete recreation of procedures in war-gaming scenarios on site.

Talking about nuclear, we of course have to touch on the worst catastrophes – Chernobyl and Fukushima.  I started with the smaller incidents as there the cause and effect are easier to identify. Yet the pattern remains familiar.

Chernobyl – poor reactor design, lack of safety culture, hidden design flaws known but masked but the manufacturer,  violation of safety guidelines, human factor. [source]

Fukushima, as outlined by Synolakis and Kânoğlu: “There were design problems that led to the disaster that should have been dealt with long before the earthquake hit.”  The  cause was a “cascade of industrial, regulatory and engineering failures.”  [source]

Now let us not forget the elephant in the room that the nuclear industry does not want to address: multiple nuclear reactors are designed the way they are since they are direct descendants of  military reactors ( see Soviet RBMK )  or part of the infrastructure subsidizing military nuclear industry ( see Hinkley Point C in the UK [1] ).

This will be addressed in a later post, suffice to say for now that nuclear energy is a vital solution to energy requirements, and it deserves an improved   philosophical approach to design and implementation. Case in point, molten salt reactors.

1. source: [https://www.nytimes.com/2016/10/11/opinion/britains-nuclear-cover-up.html?smid=tw-share&_r=1]