UCS Blog - All Things Nuclear (with images) - Latest 1

New Update of the UCS Satellite Database

A fresh version of the UCS Satellite Database has been posted. It includes launches through the end of 2016. Apologies for the delay this time; we will be back on schedule and have a new one shortly.

Here are some of the more interesting satellites new to the database:
Rendezvous and proximity operations
GSSAP 3 and 4, the new pair of Geosynchronous Space Situational Awareness satellites (Fig. 1). The four GSSAP satellites, operated by the US Air Force, are built to surveil other GEO satellites using rendezvous and proximity operations (RPOs). Satellites that perform rendezvous and proximity operations get a lot of attention, as this technology can be used for surveillance and inspection, repair and refueling, but also for interfering with another satellite as an anti-satellite weapon. While the US appears to be significantly ahead in sophistication, Russia and China continue development of these capabilities.

Fig. 1 (Source: Air Force)

Position, navigation, and timing
The European Union augmented its Galileo position, navigation, and timing constellation with four new satellites, to bring the total on-orbit to 18, enough to move from a test system to one providing initial services (Fig. 2). This was the first time that the Galileo satellites were launched by a European rocket, the Ariane V, rather than a Soyuz. Full operational capability for the constellation is planned by 2020. The Galileo system is meant to provide a civilian and European alternative to the US Global Positioning System and Russian Glonass systems.

Fig. 2 (Source: European Space Agency)

Cutting-edge science and “unhackable” satellite communications
And China launched the Quantum Science Satellite, an experiment to test out quantum entanglement over long distances to better understand basic physics and to potentially develop quantum key distribution-based secure satellite communications (Fig. 3). If initial experiments are successful, the goal is to demonstrate this over long distances, between collaborating (and competing) labs in China and Austria.

Fig. 3 (Reprinted by permission from Macmillan Publishers Ltd: Nature, Vol. 492, Issue 7427. Copyright 2012.)

Watts Bar Lacks a Proper Safety Culture

The Nuclear Regulatory Commission (NRC) issued a Chilled Work Environment Letter to the Tennessee Valley Authority (TVA) on March 23, 2016, about safety culture problems at the Watts Bar nuclear plant. TVA promised to take steps to restore a proper safety culture at the plant.

Nearly 13 months later, has a proper safety culture been restored at Watts Bar?

No, according to a report issued April 19, 2017, by the TVA Office of the Inspector General (TVA OIG).

Fig. 1. (Source: D. Lochbaum)

The TVA OIG report paints a very disturbing picture of conditions at Watts Bar. I monitored safety culture problems at Millstone (1996-2000), Davis-Besse (2002-2004), and Salem/Hope Creek (2004-2005). The problems described in the TVA OIG report are comparable to the unacceptable conditions that existed at Millstone and Davis-Besse. A difference is that the NRC did not allow Millstone or Davis-Besse to operate until those safety culture problems were corrected to an acceptable level.

The TVA OIG report explains why TVA keeps reporting that the chilled work environment at Watts Bar was confined to the Operations Department and did not contaminate other work organizations at the site: The TVA Office of the General Counsel instructed the Employee Concerns Program and others within TVA not to use “chilled work environment” and to use “degraded work environment” instead. So, while TVA cannot find chilled work environments outside Operations, they find “degraded work environments” almost every place they look. But through an artifice of semantics conjured up by TVA’s attorneys, no chilled work environments are being found.

The TVA OIG didn’t buy the semantics: “Additionally, when 75 percent of a work group at a nuclear utility perceives that they are working in a chilled environment as is the case with ECP at TVA, it would seem reasonable to conclude that there is a chilled work environment in that group and unreasonable to pass it off as a ‘degraded work environment’.”

How bad is the chilled work environment at Watts Bar? The TVA OIG report indicates that 75% of the Employee Concerns Program (ECP) staff did not feel safe to raise concerns without fear of retaliation. ECP is supposed to be the organization that workers with safety concerns can go for help resolving them. When the helpers feel chilled, how can they truly help workers?

The ECP hired two individuals from outside TVA in February 2016 to conduct an independent investigation of the work environment at Watts Bar. According to the TVA OIG, this investigation was independent and forthright, but the ensuing report was anything but independent. The TVA OIG reviewed emails and interviewed the independent investigators and found that “the term ‘chilled work environment’ was edited out of the text of the report by ECP personnel.” In fact, the independent investigators did not write the six-page Executive Summary for “their” report—ECP wrote it. ECP wrote that a “degraded work environment” rather than a “chilled work environment” existed at Watts Bar. TVA OIG reported being unable to find “degraded work environment” being used within TVA or elsewhere prior to this “independent” report.

One of the two independent investigators told the TVA OIG that TVA management “did not like the fact that he stated that TVA management contributed to the poor SCWE [safety conscious work environment]” at Watts Bar. He was not invited back to participate in subsequent debriefing activities which “he attributed to management’s reaction to his report-out to them of the results from Phase I.” In other words, TVA shot the messenger.

The TVA OIG report states that “both the independent investigation commissioned by TVA and the SRTR [Special Review Team Report] were inappropriately influenced by TVA management” and that “the independent investigators were told by TVA ECP what they could and could not put in their report and the Executive Summary of that report was written by ECP, not the independent investigators.”

As to whether the chilled work environment issues were confined to the Operations Department, “Through personnel interviews conducted by OIG investigators, it was learned that many instances of HIRD [harassment, intimidation, retaliation, and/or discrimination] have occurred or have been alleged to have occurred in Operations and in other departments at WBN [Watts Bar Nuclear].” More specifically, surveys conducted during 2016 after workers raised concerns that led to the NRC’s Chilled Work Environment Letter being issued reveal safety culture issues outside of the Operations Department at Watts Bar.

Maintenance Department: 36% of workers feel free to report problems and concerns. 55% of workers believe they could report problems and concerns without fear of retaliation. 91% of the workers witnessed behavior contrary to a healthy nuclear safety culture.

Chemistry Department: 50% of workers feel free to report problems and concerns. 50% of workers believe they could report problems and concerns without fear of retaliation. 50% of the workers witnessed behavior contrary to a healthy nuclear safety culture.

Security Department: 34% of workers believe they could report problems and concerns without fear of retaliation. 67% of the workers witnessed behavior contrary to a healthy nuclear safety culture.

Engineering Department: 67% of workers believe they could report problems and concerns without fear of retaliation. 66% of the workers witnessed behavior contrary to a healthy nuclear safety culture.

Radiation Protection Department: 78% of the workers witnessed behavior contrary to a healthy nuclear safety culture.

The TVA OIG explicitly states “TVA’s continuing denials have been found to be incorrect by the NRC and independent assessors: a chilled work environment exists in at least several departments at WBN and within the ECP program itself.”

The TVA OIG makes an interesting observation regarding the 51 actions that TVA identified as necessary to correct the problems expressed in the NRC’s Chilled Work Environment Letter—none of them pertain to TVA’s upper management. The TVA OIG states “It is certainly worth considering whether this might be at least a contributor, if not a root cause, of the failure of any of the CAPRs [corrective actions to prevent recurrence], remediation plans, and the like to correct the continuing recurrence of chilled work environments at TVA over the past decade.” Indeed!

Watts Bar Needs a Proper Safety Culture

The TVA OIG report makes it extremely clear that Watts Bar lacks a proper safety culture and that lack is broader than just within the Operations Department.

Watts Bar needs a proper safety culture because it is the fundamental foundation for nuclear safety overall. If workers do not raise safety concerns—either out of fear of retaliation or out of distrust that management will correct them—the inventory of unresolved safety concerns increases over time. Nuclear power plants are robust and require a large number of failures and malfunctions before an incident morphs into a disaster. The rising number of unresolved safety concerns reduces the number of failures needed to facilitate such transformations.

Proper safety cultures cannot be acquired from eBay or Amazon. Senior managers must make it happen. If TVA’s senior managers can’t or won’t make it happen, either TVA needs new senior managers or NRC needs to write TVA another letter—a stronger letter perhaps along the lines of a Show Cause Order compelling TVA’s lawyers to explain why Watts Bar can continue to operate safely with “degraded work environments” all over the site.

In the meantime, if Watts Bar experiences a disaster, it won’t be an accident. It’ll be an outcome of operating a nuclear power reactor with a safety culture documented to be woefully inadequate.

No President Should Be Able to Start a Nuclear War Single-Handedly

Among the general craziness of the 2016 presidential campaign, you can be forgiven if you missed one particular crazy piece of information: the president of the United States currently has the authority to order the launch of nuclear weapons without input from anyone. This has actually been the case for decades, but the campaign brought it to the attention of the general public, many of whom were hearing it for the first time and were understandably surprised, and even somewhat alarmed, at the idea.

Moreover, the president’s sole authority holds even if he is ordering a first strike—an attack that is not in response to a nuclear attack on the United States or its allies, but rather the first use of nuclear weapons, either in an ongoing conflict or to initiate a new one. This last case may be extremely unlikely, but there is currently no law that rules it out.

As former Vice President Dick Cheney said in a 2008 interview, the president “could launch the kind of devastating attack the world has never seen. He doesn’t have to check with anybody, he doesn’t have to call Congress, he doesn’t have to check with the courts.”

The usual policy for working with nuclear weapons requires that two people be present and in agreement before undertaking any procedure. The president should not be exempt from this rule when deciding to launch a first strike. Photo: mako

If, like me, you think this situation makes no sense, then there is some good news—Senator Ed Markey (D-MA) and Representative Ted Lieu (D-CA) are trying to change it. They recently introduced the Restricting First Use of Nuclear Weapons Act of 2017, which would prohibit the president from launching a first nuclear strike without a declaration of war by Congress. This common-sense step would prevent the president, the sole individual with the authority to launch U.S. nuclear weapons, from single-handedly starting a nuclear war.

While the 2016 campaign may have been the catalyst, the underlying problem is independent of who is in office. No single individual should have the authority to launch a nuclear war without extensive discussion, debate, and consideration of all the possible implications. As former Secretary of Defense William Perry has said, “a decision that momentous for all of civilization should have the kinds of checks and balances on Executive powers called for by our Constitution.”

Check out our fact sheet available on the Markey-Lieu bill, or read on for more information on why it is so important.

Current Situation

As it stands, the president could wake up tomorrow and simply notify the military that he had decided to order a nuclear strike. There is no requirement that he consult with anyone. He could choose to talk to advisers first, but whether or not he did, no one could stop him if he decided to go forward.

Once he made his decision, the president would use a card, often called the “biscuit,” that he or an aide carries at all times, to read a code to authenticate his identity to the senior officer on duty in the Pentagon’s “war room.” The war room would then prepare the order to send to launch crews on submarines and at command centers for land-based missiles. The time from when the president gives the launch order to when the crews receive it would be only minutes. Land-based missiles would be launched within about five minutes of the president’s order, while it might take about fifteen minutes for submarine-based missiles to launch. And once launched, these missiles cannot be recalled.

In 1974, President Richard Nixon—the last president to draw attention to the significant downsides of this system—noted, “I can go back into my office and pick up the telephone and in 25 minutes 70 million people will be dead.” Later that year in the thick of the Watergate scandal Nixon was emotionally unstable and drinking heavily, leading Secretary of Defense James Schlesinger to instruct the Joint Chiefs of Staff that “any emergency order coming from the president”—such as a nuclear launch order—should go through him or Secretary of State Henry Kissinger first. Schlesinger had no real authority to do so, however, and it is not clear what might have happened if such an order had actually come. The same would be true today—there is still no military or civilian official or group with the authority to countermand a presidential order to launch nuclear weapons.

What Would the Bill Do?

The Markey-Lieu bill states that “Notwithstanding any other provision of law, the President may not use the Armed Forces of the United States to conduct a first-use nuclear strike unless such strike is conducted pursuant to a declaration of war by Congress that expressly authorizes such strike.” The bill defines a first-use nuclear strike as “an attack using nuclear weapons against an enemy that is conducted without the President determining that the enemy has first launched a nuclear strike against the United States or an ally of the United States.”

Why Does the President Have Sole Authority?

The main reason the president has had sole authority to launch a nuclear strike is the perceived need to ensure a swift response to an incoming nuclear attack. During the Cold War, U.S. leaders feared a “bolt from the blue” attack by the Soviet Union, which could destroy US land-based missiles if they were not launched quickly. A decision about whether to launch a retaliatory strike would need to be made in the ten minutes or so between the time the incoming attack was detected, data analyzed and conveyed to the president, and when the missiles landed.

The nuclear command system was therefore designed for speed rather than deliberation. Its main purpose was to allow the president to launch U.S. nuclear weapons quickly, before they could be destroyed on the ground. This was always dangerous, and has long been unnecessary as well, since the U.S. has submarine-launched missiles that are invulnerable to such an attack and ensure that the U.S. can maintain a deterrent. UCS believes that the United States should end this risky practice by removing its land-based missiles from hair-trigger alert and eliminating rapid response options from its war plans.

However, until the president and the military agree to end these prompt launch options, the Markey-Lieu bill does not affect them. It also intentionally and specifically does not restrict the president’s ability to immediately order the use of U.S. nuclear weapons in response to a nuclear attack.

The situation the bill addresses is the decision to launch a first strike—when the United States is the first to use nuclear weapons against an adversary. In this case time constraints on decision making do not apply, so the streamlined decision process that might be needed in a retaliatory strike is not required. Regardless of whether the decision is to unleash a nuclear first strike as the first move in a conflict, or to use nuclear weapons first in escalating an ongoing conflict, the president would have time to consult with advisers and Congress before making such a potentially world-altering decision.

A Nuclear First Strike Is an Act of War

Make no mistake about it, as the bill states, “By any definition of war, a first-use nuclear strike from the United States would constitute a major act of war.” Nuclear weapons have unparalleled destructive power; their use would break a taboo of more than seventy years. The Constitution clearly establishes that the power to declare war belongs to the Congress alone. Therefore, this bill simply makes explicit an existing Constitutional requirement on the president.

Moreover, bringing Congress into the process would lessen the chance that such a decision could be made irrationally or impulsively. The decision to use nuclear weapons is potentially the most important decision this nation could make, with grave consequences for every citizen of the United States and the world. A decision to use them first should be undertaken only with the utmost caution and—especially in a democracy—should not be left up to any single individual.

Columbia Generating Station: NRC’s Special Inspection of Self-Inflicted Safety Woes

Energy Northwest’s Columbia Generating Station near Richland, Washington has one General Electric boiling water reactor (BWR/5) with a Mark II containment design that began operating in 1984. In the late morning hours of Sunday, December 18, 2016, the station stopped generating electricity and began generating problems.

The Nuclear Regulatory Commission (NRC) dispatched a special inspection team to investigate the event after determining it could have increased the risk of reactor core damage by a factor of ten. The NRC team sought to understand the problems occurring during this near-miss as well as assess the breadth and effectiveness of the solutions proposed by the company for them.

Trouble Begins Offsite

The plant was operating at full power when the main generator output breakers opened at 11:24 am due to an electrical transient within the Ashe substation. The Ashe substation is owned and maintained by the Bonneville Power Authority and serves as the connection between electricity produced at the plant and the offsite power grid. At least three electrical breakers at the Ashe substation were supposed to have opened to de-energize the faulted transmission line(s). Had they done so, the loss of the transmission lines could have triggered protective devices at the Columbia Generating Station to automatically trip the main generator. But cold weather kept the breakers from functioning properly. Instead of the protective systems at the Columbia Generating Station responding on a system level (i.e., the de-energized transmission line(s) triggering a main generator trip), they responded at the component level (i.e., the main generator output breaker sensed the electrical transient and opened).

The turbine control valves automatically closed because the main generator was no longer fully loaded with its output breakers opened. The closure of the turbine control valves automatically tripped the reactor. The control rods fully inserted within seconds to stop the nuclear chain reaction. The output breakers, turbine control valves, and control rods all functioned per the plant’s design (see Figure 1).

Fig. 1 (Source: Nuclear Regulatory Commission annotated by UCS)

Before the trip, the main generator was producing electricity at 25,000 volts. The main transformer increased the voltage up to 500,000 volts for transmission out to the offsite power grid. The auxiliary transformers reduced the voltage to 4,160 volts and 6,900 volts for supply to equipment in the plant. The output breakers that opened to start this event are represented by the square box in the upper left corner of Figure 2.

Fig. 2 (Source: Nuclear Regulatory Commission annotated by UCS)

Trouble Begins Onsite – Loss of Heat Sink and Normal Makeup

The main generator was disconnected from the offsite power grid but continued to supply electricity through the auxiliary transformers to plant equipment. Because steam was no longer flowing to the turbine, the voltage and frequency of the electricity dropped. The voltages flowing to in-plant equipment dropped low enough to cause electrical breakers to automatically open at 11:25 am to protect motors and other electrical equipment from damage caused by under-voltage. For example, an electric motor requires an electrical current of a certain voltage in order to operate. Electrical current of lower voltage may not be enough to enable the motor to run, but that current flowing through the motor may be enough to heat it up and damage it. One of the de-energized loads caused the Main Steam Isolation Valves (MSIVs) to close. Their closure meant that steam produced by the reactor’s decay heat no longer flowed to the condenser where it got cooled by water from the plant’s cooling towers. Instead, the steam bottled up in the reactor vessel and piping until it increased the pressure to the point where the safety/relief valves opened to discharge steam to the suppression pool (see Figure 3).

The closure of the MSIVs also stopped the normal flow of makeup cooling water to the reactor vessel. The feedwater system uses steam-driven turbines connected to pumps to supply makeup cooling water to the reactor vessel. But the steam supply for the feedwater pumps is downstream of the now-closed MSIVs. The condensate and condensate booster pumps upstream of the feedwater pumps have electric motors and continued to be available. But collectively they only pump water at about two-thirds of the pressure inside the reactor vessel, meaning they could not supply makeup water unless the pressure inside the reactor vessel decreased by nearly one-third its normal pressure.

Fig. 3 (Source: Nuclear Regulatory Commission annotated by UCS)

Troubles Onsite Grow – Loss of Normal Power for Safety Buses

At 11:28 am, the safety buses SM7 and SM8 tripped on low voltage, causing their respective emergency diesel generators to start and provide power to these vital buses. This was not supposed to happen during this event. By procedure, the operators were directed to manually trip the turbine and generator following the automatic trip of the reactor. They tripped the turbine at 11:27 am, but never tripped the main generator. Tripping the main generator as specified in the procedures would have immediately caused electrical breakers to close and other electrical breakers to open to swap the supply of electricity to plant equipment from the auxiliary transformers to the startup transformers as shown in Figure 4. The startup transformers reduce 230,000 volt electricity from the offsite power grid to 4,160 volts and 6,900 volts for use by plant equipment when the main generator is unavailable. With electricity to plant equipment from the startup transformers, the MSIVs would have remained open and makeup cooling water supplied by the feedwater pumps as normally provided.

Fig. 4 (Source: Nuclear Regulatory Commission annotated by UCS)

Even More Trouble Onsite – Loss of Backup Makeup

The operators manually started the Reactor Core Isolation Cooling (RCIC) system (not shown on the Figure 3, but a smaller version of the High Pressure Coolant System) at 11:32 am to provide makeup cooling water because the feedwater system was unavailable. The RCIC systems’ primary function is to supply makeup cooling water when the feedwater system cannot do so. Like the feedwater pumps, the RCIC pump is connected to a steam-driven turbine. Unlike the feedwater pumps, the RCIC pump’s turbine is supplied with steam from the reactor vessel through a connection upstream of the closed MSIVs. The RCIC pump transfers water from a large storage tank to the reactor vessel.

The operators failed to follow the procedure when starting the RCIC system. The procedure called for them to close the steam admission valve (V-45) and then open the trip valve (V-1) as soon as V-45 was fully closed (see Figure 5). But they did not open V-1. The failure to open V-1 disabled the control system designed to bring the RCIC turbine up to desired speed in 12 seconds. Instead, the RCIC turbine tried to obtain the desired speed instantly. Too much steam too soon caused the RCIC turbine to automatically trip on high speed. This trip guards against the spinning turbine blades coming apart due to excessive forces.

It took about 13 minutes for workers to go down into the RCIC room in the reactor building’s basement and reset the mis-positioned valves to allow the system to be properly started. In that time, the water level inside the reactor vessel dropped about a foot as it boiled away. That still left 162 inches (13.5 feet) of water above the top of fuel in the reactor core. The operators had several hours to restore makeup cooling water flow before the reactor core started uncovering and overheating.

Fig. 5 (Source: Nuclear Regulatory Commission annotated by UCS)

The operators manually started the High Pressure Core Spray (HPCS) system at 12:09 pm to provide makeup cooling water with the feedwater and RCIC systems both unavailable. The main HPCS pump (HPCS-P-1) has an electric motor. The pump transfer water from the large storage tank to the reactor vessel. While RCIC is designed to supply makeup water to compensate for inventory boiled off after the reactor shuts down, the HPCS system is designed to also compensate for water being lost through a small-diameter (about 2 inches) pipe that drains cooling water from the reactor vessel. Consequently, the HPCS system flow rate is about ten times greater than the RCIC system flow rate. And whereas the RCIC system flow rate can be throttled to match the makeup need, the HPCS system makeup flow is either full or zero.

The HPCS system refilled the reactor vessel soon after it was started. The operators closed the HPCS system injection valve (V-4) after about a minute. The minimum flow valve (V-12) automatically opened to direct the pump flow to the suppression pool instead of to the reactor vessel (see Figure 6). The HCPS system ran in “idle” mode for the next 3 hours and 42 minutes.

Fig. 6 (Source: Nuclear Regulatory Commission annotated by UCS)

Yet More Trouble Onsite – Water Leaking into Reactor Building

On December 18, workers discovered that the restricting orifice (RO) downstream of V-12 had leaked an estimated 4.7 gallons per minute into the reactor building while the HPCS system had operated. The NRC team learned that the gasket material used in this restricting orifice had been the subject of an industry operating experience report in 2007. A condition report was written at Columbia Generating Station in 2008 to have engineering assess the operating experience report and gasket materials used at the plant. In early 2010, the condition report was closed out based on engineering’s evaluation to use the gasket material recommended in the industry report. But the “bad” gaskets were not replaced.

Operating experience cited in the 2007 industry report revealed that the original gasket material was vulnerable to erosion. The report described two adverse consequences from the material’s erosion. First, pieces of the gasket could be carried by the water into the reactor vessel where the material impacting the fuel rods could damage their cladding. Second, gasket erosion could allow leakage. The 2007 industry report thus forecast the problem experienced at Columbia Generating Station in December 2016. The solution recommended by the 2007 report was not implemented until after the forecast problem has occurred.

NRC Sanctions

The NRC’s special inspection team identified three safety violations at the Columbia Generating Station. Two violations involved the operators failing to follow written procedures: (1) the failure to trip the main generator which resulted in the unnecessary closure of the MSIVs, and (2) the failure to properly start the RCIC system which resulted in the unnecessary trip of its turbine. The third violation was associated with the continued use of gasket material determined nearly a decade earlier to be improper for this application.

UCS Perspective

Self-inflicted problems turned a fairly routine incident into a near-miss. Luck stopped it from progressing further.

The problem started offsite due to causes outside the control of the plant’s owner. Those uncontrollable causes resulted in the main generator output breakers opening as designed.

By procedure, the operators were supposed to trip the main generator. Failing to do so resulted in the unnecessary closure of the MSIVs and the loss of the normal makeup cooling flow to the reactor vessel.

By procedure, the operators were supposed to manually start the RCIC system to provide backup cooling water flow to the reactor vessel. But they failed to properly start the system and it immediately tripped.

Procedures are like recipes—positive outcomes are achieved only when they are followed.

The operators resorted to using the HPCS system. It took about a minute for the HPCS system to recover the reactor vessel water level—the operators left it running in “idle” for the next three hours and 42 minutes during which time about 5 gallons per minute leaked into the reactor building. The leak was through eroded gasket material that had been identified as improper for this application nearly a decade earlier, but never replaced.

Defense-in-depth is a nuclear safety hallmark. That hallmark works best when operators don’t bypass barriers and when workers patch known holes in barriers. Luckily, other barriers remained effective to thwart this near-miss from becoming a disaster. But luck is a fickle factor that needs to be minimized whenever possible.

Managing Nuclear Worker Fatigue

The Nuclear Regulatory Commission (NRC) issued a policy statement on February 18, 1982, seeking to protect nuclear plant personnel against impairment by fatigue from working too many hours. The NRC backed up this policy statement by issuing Generic Letter 82-12, “Nuclear Power Plant Staff Working Hours,” on June 15, 1982. The Generic Letter outlined guidelines such as limiting individuals to 16-hour shifts and providing for a break of at least 8 hours between shifts. But policy statements and guidelines are not enforceable regulatory requirements.

Fig. 1 (Source: GDJ’s Clipart)

UCS issued a report titled “Overtime and Staffing Problems in the Commercial Nuclear Power Industry” in March 1999 describing how the NRC’s regulations failed to adequately protect against human impairment caused by fatigue. Our report revealed that workers at one nuclear plant in the Midwest logged more than 50,000 overtime hours in one year.

Barry Quigley, then a worker at a nuclear plant in the Midwest, submitted a petition for rulemaking to the NRC on September 28, 1999. The NRC issued regulations in the 1980s intended to protect against human impairment caused by drugs and alcohol. Nuclear plant workers were subject to initial, random follow-up, and for-cause drug and alcohol testing. Quiqley’s petition sought to extend the fitness-for-duty requirements to include limits on working hours. The NRC revised its regulations on March 31, 2008, to require that owners implement fatigue management measures. The revised regulations permit individuals to exceed the working hour limits, but only under certain conditions. Owners are required to submit annual reports to the NRC on the number of working hour limit waivers granted.

The NRC’s Office of Nuclear Regulatory Research recently analyzed the first five years of the working hour limits regulation. The analysis reported that in 2000, the year when the NRC initiated the rulemaking process, more than 7,500 waivers of the working hour limits suggested by Generic Letter 82-12 were being issued at some plants while about one-third of the plants granted over 1,000 waivers annually. In 2010, the first year the revised regulations were in effect, a total of 3,800 waivers were granted for the entire fleet of operating reactors. By 2015, the number of waivers for all nuclear plants had dropped to 338. The Grand Gulf nuclear plant near Port Gibson, Mississippi topped the 2015 list with 69 waivers. But 54 (78%) of the waivers were associated with the force-on-force security exercise.

The analysis indicates that owners have learned how to manage worker shifts within the NRC’s revised regulations. Zero waivers are unattainable due to unforeseen events like workers calling in sick and tasks unexpectedly taking longer to complete. The analysis suggests that the revised regulations enable owners to handle such unforeseen needs without the associated controls and reporting being an undue burden.

The regulatory requirements adopted by the NRC to protect against sleepy nuclear plant workers should let people living near nuclear plants sleep a little better.

North Korea’s 5 April 2017 Missile Launch

North Korea launched a missile from its east coast into the Sea of Japan at 6:12 am local time on March 5 (5:42 pm on April 4 US eastern time).

US Pacific Command initially identified it as a KN-15 missile, called Pukguksong-2 in North Korea, which is a two stage solid-fueled missile with an estimated range of 1,200 km based on its previous test in February.

Subsequently, however, Pacific Command said it believed the missile was instead an older Scud, and that it may have tumbled, or “pinwheeled,” during flight.

South Korean sources reported the missile flew only about 60 km before splashing down, and reached a maximum altitude of 189 km. And based on Pacific Command’s statement, the flight time was eight to nine minutes.

I used those numbers to investigate the trajectory with a computer model I have of several missiles.

Short-range Scud missile

I found that a Scud missile, with a nominal range of 300 km, could roughly match these numbers if the warhead was lightened somewhat (from 1,000 kg to about 700 kg) and if it was launched on a very lofted trajectory, with a burnout angle only about 5 degrees from vertical. On a 300-km range trajectory, this angle would be roughly 45 degrees (see Fig. 1).

If the missile did not tumble during reentry, I calculate the flight time would be about 7.5 minutes. However, taking account of the additional atmospheric drag due to the tumbling body can increase the flight to about 9 minutes.

Fig. 1

Other possibilities

In the calculation above, the Scud burns to completion and then begins to pinwheel (the short-range Scud does not separate the warhead from the missile body at burnout).

Longer range missiles could also follow this trajectory if the engines failed partway through powered flight, as long as the missile was on a highly lofted trajectory (5 degrees from vertical) and stopped accelerating after reaching a speed of 1.7-1.8 km/s. It may have been an engine failure that caused the missile to tumble. If the engines did not burn to completion, the warhead may have remained attached to the missile body even for a longer range missile that would separate the warhead under normal operation.

The fact that the missile flew on a nearly vertical trajectory suggests there may have been a problem with the guidance system. If the missile was liquid fueled, North Korea may have shut down the engine when it realized there was a problem. A solid fueled engine could not be shut down in the same way.

Is the missile had been a KN-15, the engine would have had to fail about halfway through the burn of the second stage engine. It seems surprising that initial reports identified the missile as a KN-15, since I would have expected sensors could tell whether or not the missile had undergone staging. In addition, the plumes from liquid and solid missiles are different in appearance, so depending on what sensors viewed the launch they should have been able to differentiate a liquid from solid missile. Analyzing these issues may have been what led Pacific Command to change its mind about what type of missile was launched.

Why fire a Scud?

If Pyongyang decided to launch a missile to attract attention in advance of the Trump-Xi summit that starts tomorrow, it may have decided to launch some type of Scud because these are well tested and it could be relatively assured the launch would be successful. The missile may have been a Scud-ER like the four it launched simultaneously in early March.

That fact that it appears to have failed illustrates how uncertain the missile business can be.

Leak at the Creek: Davis-Besse-like Cooling Leak Shuts Down Wolf Creek

The Wolf Creek Generating Station near Burlington, Kansas has one Westinghouse four-loop pressurized water reactor that began operating in 1985. In the early morning hours of Friday, September 2, 2016, the reactor was operating at full power. A test completed at 4:08 am indicated that leakage into the containment from unidentified sources was 1.358 gallons per minute (gpm). The maximum regulatory limit for was such leakage was 1.0 gpm. If the test results were valid, the reactor had to be shut down within hours. Workers began running the test again to either confirm the excessive leak or determine whether it may have been a bad test. The computer collects data over a two-hour period and averages it to avoid false indications caused by momentary instrumentation spikes and other glitches. (It is standard industry practice to question test results suggesting problems but accept without question “good” test results.)

The retest results came in at 6:52 am and showed the unidentified leakage rate to be 0.521 gpm, within the legal limit. Nevertheless, management took the conservative step of entering the response procedure for excessive leakage. At 10 am, the operators began shutting down the reactor. They completed the shutdown by tripping the reactor from 30 percent power at 11:58 am.

Wolf Creek has three limits on reactor cooling water leakage. There’s a limit of 10 gpm from known sources, such as a tank that collects water seeping through valve gaskets. The source of such leakage is known and being monitored for protection against further degradation. There’s a stricter limit of 1 gpm from unknown sources. While such leakage is usually found to be from fairly benign sources, not knowing it to be so imposes a tighter limitation. Finally, there’s the strictest limit of zero leakage, not even an occasional drop or two, from the reactor coolant pressure boundary (i.e., leaks through a cracked pipe or reactor vessel weld. Reactor coolant pressure boundary leaks can propagate very quickly into very undesirable dimensions; hence, there’s no tolerance for them. Figure shows that the unknown leakage rate at Wolf Creek held steady around one-tenth (0.10) gallon per minute during July and August 2016 but significantly increase in early September.

Fig. 1 (Source: Freedom of Information Act response to Greenpeace)

The reactor core at Wolf Creek sits inside the reactor vessel made of metal six or more inches thick (see Figure 2). The reactor vessel sits inside the steel-reinforced concrete containment structure several feet thick. The dome-shaped top, or head, of the reactor vessel is bolted to its lower portion. Dozens of penetrations through the head permit connections between the control rods within the reactor core and their motors housed within a platform mounted on the head. Other penetrations allow temperature instruments inside the reactor vessel to send readings to gauges and computers outside it.

Fig. 2 (Source: Nuclear Regulatory Commission)

Wolf Creek has 78 penetrations through its reactor vessel head, including a small handful of spares. Workers entered containment after the reactor shut down looking for the source(s) of the leakage. They found cooling water spraying from penetration 77 atop the reactor vessel head. The leak sprayed water towards several other penetrations as shown in Figure 3. Penetration 77 allowed a thermocouple within the vessel to send its measurements to instrumentation.

Fig. 3 (Source: Wolf Creek Nuclear Operating Corporation)

The spray slowed and then stopped as the operators cooled the reactor water temperature below the boiling point. Workers performed a closer examination of the leakage source (see Figure 4) and its consequences. The reactor cooling water at Wolf Creek is borated. Boric acid is dissolved in the water to help control the nuclear chain reaction in the core as uranium fuel is consumed. Once water leaked from the vessel evaporated, boric acid crystals remained behind, looking somewhat like frost accumulation.

Fig. 4 (Source: Freedom of Information Act response to Greenpeace)

The spray from leaking Penetration 77 blanketed many neighbors with boric acid as shown in Figure 5. The vertical tubes are made from metal that resists corrosion by boric acid. The reactor vessel (the grayish dome-shaped object on the left side of the picture) is made from metal that is considerably less resistant to boric acid corrosion. The inner surface of the reactor vessel is coated with a thin layer of stainless steel for protection against boric acid. The outer surface is only protected when borated water doesn’t leak onto it.

Fig. 5 (Source: Freedom of Information Act response to Greenpeace)

The white-as-frost blankets coating the penetrations indicated little to no corrosion damage. But rust-colored residue in the Figure 6 pictures is a clear sign of corrosion degradation to the reactor vessel head by the boric acid. It may not be déjà vu all over again, but it’s too much Davis-Besse all over again. Boric acid corroded the Davis-Besse reactor head all the way down to the thin stainless steel liner. The NRC determined Davis-Besse to have come closer to an accident than any other US reactor since the March 1979 meltdown at Three Mile Island.

Fig. 6 (Source: Freedom of Information Act response to Greenpeace)

Fortunately, the degradation appears much worse in the pictures than it actually was. Actually, fortune had an ally at Wolf Creek that was missing at Davis-Besse. Both reactors exhibited signs that reactor cooling water was leaking into containment. The indicated leak rates at both reactors were below regulatory limits, except for one anomalous indication at Wolf Creek. Managers at Davis-Besse opted to dismiss the warning signs and keep the reactor operating. Managers at Wolf Creek heeded the danger signs and shut down the reactor. It’s not that they erred on the side of caution—putting nuclear safety first must never be considered an error. It’s that they avoided making the Davis-Besse mistake of putting production ahead of safety.

Wolf Creek restarted on November 21, 2016, after repairing Penetration 77, removing the boric acid, and verifying no significant damage to other penetrations and the reactor vessel head. But they also conducted refueling activities—already planned to require 55 days—during that 80-day period. The NRC closely monitored the response to the leakage and its repair and found no violations.

Davis-Besse chose production over safety but got neither. The reactor was shut down for over two years, generating no revenue but lots of costly repair bills. The reactor vessel head and other components inside the containment extensively damaged by boric acid corrosion were replaced. Many senior managers at the plant and in the corporate officers were also replaced. And the NRC fined the owner a record $5,450.000 fine for numerous safety violations.

Nuclear Safety Snapshot

Figure 7 shows the reactor vessel head at Wolf Creek without any boric acid blankets and corrosion. But the image I’ll remember about this event is neither this picture, nor the picture of the hole in Penetration 77, nor the picture of the boric acid blankets on adjacent penetrations, and nor the picture of rust-colored residue. It’s the mental picture of operators and managers at Wolf Creek who, when faced with Davis-Besse-like cooling water leak indications, responded unlike their counterparts by shutting the reactor down and fixing the problem rather than rationalizing it away. It’s an easy decision when viewed in hindsight but a tough one at the time it was made.

Davis-Besse made headlines, lots and lots of headlines, for exercising very poor judgment. Wolf Creek may not warrant headlines for using good judgment, but they at least deserve to be on the front page somewhere below the banner headline and feature article about today’s bad guys.

Fig. 7 (Source: Freedom of Information Act —response to Greenpeace)

Nuclear Safety Video

Unfortunately, the picture of Wolf Creek responding well to a safety challenge is a snapshot in time that does not assure success in facing tomorrow’s challenges.

Fortunately, the picture of Davis-Besse responding poorly to a safety challenge is also a snapshot in time that does not assure failure in facing future challenges.

Nuclear safety is dynamic, more like a video than a snapshot. That video is more likely to have a happy ending when the lessons of what worked well along with lessons from what didn’t work factor into decision-making. Being pulled away from bad choices is helpful. Being pushed towards good choices is helpful, too. Nuclear safety works best when both forces are applied.

The NRC and the nuclear industry made quite the hullabaloo about Davis-Besse. Why have they been so silent about Wolf Creek? It’s a swell snapshot that could help the video turn out swell, too.

Why Freezing North Korea’s Weapons Programs Would Make Us Safer

Last week, China proposed a way to reduce tensions on the Korean peninsula: Pyongyang would freeze its missile and nuclear programs in exchange for Washington and Seoul halting their current round of military exercises. China also sees this as a way of starting talks between the US and North Korea, which it believes is necessary to resolve hostilities on the peninsula.

In comments in South Korea on Friday, Secretary of State Tillerson said “we do not believe the conditions are right to engage in any talks at this time. … [C]onditions must change before there is any scope for talks to resume, whether they be five-party or six-party.” Whether the last phrase means the US is consciously rejecting the idea of one-on-one talks with the North is not clear.

Tillerson also said he believes it is “premature” to talk about a freeze since a freeze would leave North Korea with significant military capabilities. His choice of words appears to leave the possibility of a freeze on the table.

A North Korean freeze on nuclear tests and missile flight tests would be highly beneficial—and readily verifiable. It would prevent Pyongyang from developing a long-range missile capable of hitting the US.

It is important, of course, to work to eliminate the capabilities North Korea currently has, but a sensible first step is to keep it from increasing its capabilities.

Musudan test launch (Source: KCNA)

Freezing North Korean Development Would Be Valuable

Over the last two decades, Pyongyang has developed technologies beyond what many thought it was capable of doing. It has developed nuclear weapons, an array of short- and medium-range missiles that could pose a significant threat to its neighbors, and a large satellite launcher that has placed two objects in orbit (although neither appears to have been operational once in orbit).

These weapon systems are not particularly sophisticated and in some cases are highly unreliable but, as Secretary Tillerson noted, they represent significant military capabilities.

And if these development programs continue, things will get considerably worse. The past shows North Korea’s ability to make slow but steady progress, and that will continue. After all, it is developing weapons systems that the US, Soviets, and others developed 50 years ago.

What could a freeze do?

A Freeze on Nuclear Tests

North Korea has now conducted five nuclear tests, the last of which indicated it has developed a nuclear device that can produce a yield similar to that of the Hiroshima and Nagasaki bombs.

Getting a nuclear device to explode under test conditions, however, is not the same as having a usable nuclear warhead. A deliverable warhead needs to be small enough, both in terms of physical size and mass, to be carried by North Korea’s ballistic missiles. It needs to work in a realistic environment, rather than just in a static test environment.  In particular, it must withstand the considerable forces of missile delivery, including acceleration, vibrations, and buffeting during launch and reentry.

If the North does not yet have a weapon that is small and rugged enough for delivery by ballistic missile, stopping additional nuclear tests could keep it from developing one. Even if it does have such a weapon, stopping testing would limit its ability to improve its design.

A testing freeze could be verified by the global network of seismic and other types of sensors that make up the International Monitoring System. This network is sensitive enough to have detected North Korea’s previous tests—including the 2006 test with an estimated yield of only about one kiloton.

A Freeze on Missile Tests

A freeze on missile flight testing would limit North Korea’s ability to build more capable and longer range missiles, and to determine the reliability of existing missiles or gain operational practice in firing them.

Today, North Korea’s longest range operational missile is the Nodong, with a range of about 1,300 km—much shorter than the roughly 9,000 km to the US west coast. It does not currently have a ballistic missile that could carry a nuclear warhead to long distances.

However, it is developing a number of the components it needs to produce such a missile.

For example:

  • North Korea appears to have had one successful flight test, with five or more failures, of its Musudan (Hwasong-10) missile, which uses a more advanced fuel than the North’s previous missiles. Developing a working missile would require additional tests. Besides giving Pyongyang a considerably longer range missile than it currently has, successfully developing this missile would open the way to modifying it for use as an upper stage of longer range missiles.
  • In the last year, Pyongyang has conducted ground tests of several new engines (April 2016, Sept. 2016, and March 2017). Some of these appear to use advanced fuels and have higher thrust than its current missile engines.
  • The North has paraded a prototype of a two-stage missile on a mobile launcher that could have a long range if it used the technology being tested in the Musudan missile. One of the engine ground tests mentioned above may be of an engine intended for the first stage of this missile.
  • Pyongyang is in early stages of testing a solid-fueled missile that could be launched from a mobile launcher on the ground or from a submarine. While the range appears to be similar to the Nodong, it would have a much shorter launch-preparation time if fired from mobile launchers on the ground, and could reach more distant targets if fired from a submarine at sea.
  • North Korea has not yet flight tested a reentry heat shield for a long-range missile, which is critical for successfully delivering a nuclear warhead. Over-designing the heat shield adds weight to the reentry vehicle, which reduces the range of the missile; under-designing it can cause overheating of the warhead that can damage it. Moreover, North Korea is likely to design a blunt reentry vehicle that reenters slowly to reduce the intensity of heating, and this can lead to very large inaccuracies—tens of kilometers or more.

Transforming these pieces into working missiles would require a series of flight tests. A freeze on missile testing would keep it from developing that capability.

A flight test ban would be completely verifiable. The US has a satellite network of infrared sensors that can detect launches essentially anywhere in the world. This system, for example, even detected the short-range Scud missiles launched at Israel during the first Gulf War. And the US is currently deploying a new generation of even more capable satellites for this job.

Would North Korea Be Willing to Freeze?  

No one knows.

It is worth remembering that North Korea observed a flight test moratorium from September 1999 through July 2006, which it began when its talks with the Clinton administration about missile and nuclear issues seemed to be moving ahead. It announced it was no longer bound by the moratorium in March 2005, in response to the Bush administration’s lack of diplomatic engagement on missile issues, and resumed testing the next year.

Things are different now, of course, and it’s not at all clear that Pyongyang would agree to a freeze. Kim Jong Un may be unwilling to stop until he has developed a credible long-range threat.

However, Kim clearly sees the US-South Korean military exercises as threatening, and offering to scale back those exercises may give the US significant leverage. Agreeing to talks once a freeze is in place could add leverage.

But whether or not North Korea would ultimately agree to a freeze, the US should not be the one to take this option off the table. A freeze would be an effective, meaningful step in limiting further development of North Korea’s nuclear and missile programs—and the US should be doing what it can to put a freeze in place.

New START is a Winner

U.S. military leaders continue to strongly support New START, the arms control treaty between the United States and Russia that limits each country to no more than 1,550 deployed, long-range nuclear weapons by 2018.

Gen. Hyten, Gen. Selva testify in support of New START before the House Armed Services Committee, March 8, 2017

The problem is that President Donald Trump is apparently unwilling to listen to their sage advice.

Back on January 28, in his first phone call with Russian President Vladimir Putin, President Trump reportedly attacked New START, calling it a “bad deal.” It seems any agreement this president did not personally negotiate is a loser.

And that is unfortunate, because according to the Reuters report that broke the story, Putin had raised the possibility of the two countries using New START’s built-in option to extend the treaty’s life by five years. Such an extension is definitely in the US national security interest: From boots-on-the-ground inspections to detailed data exchanges, the treaty provides verification and predictability that US military leaders consistently desire.

Strategic Commander is “Big Supporter”

Just last week, Air Force Gen. John Hyten, who as commander of the U.S. Strategic Command is responsible for all U.S. nuclear forces, was asked about New START in a Congressional hearing. He testified:

I’ve stated for the record in the past, and I’ll state again, that I’m a — a big supporter [of the treaty]. … when it comes to nuclear weapons and nuclear capabilities, that bilateral, verifiable arms control agreements are essential to our ability to provide an effective deterrent.

In the same hearing, Air Force Gen. Paul Selva, vice chairman of the Joint Chiefs of Staff, testified that when New START was considered by the Senate:

the Joint Chiefs reviewed the components of the treaty and — and endorsed it. It is a bilateral, verifiable agreement that gives us some degree of predictability on what our potential adversaries look like.

While it seems he doesn’t listen to military leaders like these, it not clear just who President Trump does listen to. Reuters reported the president stopped his call with Putin to ask someone unknown what the treaty was before telling the Russian leader that it was a bad deal.

And it doesn’t stop there. More recently, on February 23, the president repeated his criticism of New START, this time in an interview where he declared that the treaty is “a one-sided deal like all other deals we make. It’s a one-sided deal. It gave them things that we should have never allowed. … Just another bad deal that the country made.”

New START passed a high bar for Senate ratification

Before they can become the law of the land, treaties must pass a high bar: approval by two-thirds of U.S. Senate. The threshold was set to ensure that “bad deals” don’t happen. In the case of New START, 71 senators voted in favor of the treaty, including 13 Republicans. It became the first major arms control treaty negotiated by a Democratic president and endorsed by the Senate. Perhaps this, more than any other reason, is why President Trump dislikes the treaty.

But it took compelling reasons to get those 71 Senate votes, and then just as now, military leaders gave strong support to the treaty. Perhaps most compelling, seven former heads of U.S. Strategic Command wrote a letter to the Senate endorsing the treaty. After detailing several reasons why the treaty was in U.S. national security interests, the letter concluded,

The New START Treaty will contribute to a more stable U.S.-Russian relationship. We strongly endorse its early ratification and entry into force.

While overall the U.S.-Russian relationship has deteriorated, the New START agreement has been one bedrock of constancy. That is what military leaders sought when the treaty was first negotiated, and why they still support it now. President Trump should start listening to their advice, and stop attacking New START. Instead, he should respond to Putin’s suggestion and extend the treaty by five years.

North Korea Launches Four Missiles “Simultaneously”

Yesterday  North Korea launched four ballistic missiles into the Sea of Japan.

The missiles reportedly traveled an average of 1,000 km (620 miles), and landed within 300 to 350 km (185 to 220 miles) of Japan. The four launches were said to be “simultaneous,” leading to speculation they were intended to be a barrage attack to overwhelm a missile defense system.

Fig. 1. Approximate direction of launches (Source: Google Earth)

The missiles were launched from Tongchang-ri, in northwest North Korea, where the Sohae Satellite Launch Station is located. Missiles of this range would not need the facilities at Sohae, so it’s not known if there was a particular reason they were launched from this facility.

A South Korean briefing gave the apogee of the missile as 260 km (160 miles). That implies the missiles reached essentially their maximum range (unlike some recent North Korean tests that were tested on highly lofted trajectories, so that their maximum range would be longer than the range seen in the test).

That rules out anything like an ICBM.

Scud-ERs?

North Korea has three missiles that have ranges similar to this: Extended-Range Scud (“Scud-ER”), Nodong, and Pukguksong-2. The latter, which is solid-fueled, has been flight tested only twice (once from sea and once from land), and is probably not what the North launched since it has little information about its reliability and would be unlikely to try launching four simultaneously.

Instead, this set of tests instead looks very similar to a multiple-missile test North Korea conducted last September 5. In that case it launched three missiles in rapid succession from mobile launchers sitting on a road south of Pyongyang. These missiles flew about 1,000 km and landed off the coast of Japan.

A careful analysis of those launches indicate they were Extended-Range Scud (“Scud ER”) missiles, which are modifications of short-range Scud missiles, lengthened to carry additional fuel and lightened by making the body out of aluminum rather than the usual steel. This analysis suggests the missile could carry a warhead of roughly 500 kg to 1,000 km.

A video of those launches show that the first and second launches were less than a minute apart, and the second and third launches were separated by just seconds.

This analysis notes that these modifications lead to “the maximum performance that a single Scud-B engine can achieve in a missile.” They believe this is not a new missile, but may date back to 2000 or earlier.

More information may make clear whether the test was of Scud-ERs, Nodongs, or something unexpected.

China’s Changing Foreign Policy

The global security community is worried about President Trump. The report of the 54th annual Munich Security Conference suggests his election may lead to a “post truth post west, post order” world. Vice President Pence and other US government representatives failed to convince the conference otherwise.

That same day, Chinese President Xi Jinping, commenting on the meeting in Munich, confirmed his controversial defense of globalization at the World Economic Forum in Davos was not just an opportune swipe at the nationalist atavism of the new US administration.

It may mark the beginning of a new era in Chinese foreign policy.

Deng-Era Approach to Chinese Foreign Policy Outdated

Chinese Vice-Premier Deng Xiaoping speaks about the “third world” in his address to the United Nations in 1974.

During a February 17 meeting of China’s National Security Committee,  Xi, paraphrasing the Confucian classics, said, “The sage remains modest about his or her abilities, but exercises them when the time comes.” (君子藏器于身,待时而动) “At this moment,” Xi argued, China must “move past the policy of ‘keeping a low profile and nurturing ourselves’ (韬光养晦) to become more involved in international affairs, not only as a participant and contributor, but also as a benefactor and leader of the international system.”

Deng Xiaoping, who initiated and led the economic reforms that jumpstarted China’s economy in the 1980s, used the term “keeping a low profile and nurturing ourselves” to describe his approach to Chinese foreign policy. Although some US observers came to see the policy as coy, or sinister, many Chinese understood Deng’s description as a shift away from the anti-capitalist revolutionary activism of Mao Zedong toward a temporary accommodation with international capitalism in the interest of domestic economic development. President Jiang Zemin (1989-2002) and President Hu Jintao (2002-2012) conducted Chinese foreign affairs in the same general spirit with the same basic objective. International capital and technical expertise poured into China and its GDP grew from US$ 178 billion in 1979 to US$ 11 trillion in 2015.

Xi prefaced his argument for changing China’s approach to the world by noting, “After 38 years of rapid development, our country is now first in the world in manufacturing, first in trade, the second largest economy, and third in the use of foreign capital and in foreign investment. Our overall national capability has increased considerably. What was said about it in the past can no longer be said in the present day.”

The World is Changing

Deng worried how China might behave at this moment. He expressed concern that once China modernized it might forget about socialism and its allegiance to the “third world”, which, to him, was the large bloc of developing nations not aligned with either the Soviet Union or the United States. The pioneer of China’s opening to international trade loathed the idea that economic development might transform China into another major power that exploited and oppressed smaller and weaker nations. If it did, according to Deng, China would no longer be socialist.

Xi seems determined not only to preserve China’s socialist ideals but to put them into practice internationally. The world may be changing, as the Munich report suggests, but Xi is optimistic that a new and better international order is on the horizon.

“Today’s world is a changing world. It is a world of endless new opportunities and challenges, a world where the international system and international order are undergoing deep revision, and where comparative international strengths are undergoing profound change. Moreover, it is a world advancing towards change that is beneficial to peace and development.”

The Soviet Union has already collapsed. Now the second pole of the old Cold War order is wobbling. The authors of the Munich report fear US abdication of its role as “a provider of public goods and international security” impends a descent into nationalism, chaos and war. Xi, on the other hand, seems to be imagining that the time may have come for the leaders of the developing nations to reshape the international order.

A Global Anti-corruption Campaign?

Curiously, Xi reached back to a 2014 speech on Chinese domestic legal reform for a phrase to describe the principles that should guide the emerging new international system. Xi said, “The keys to governing a country are fairness and integrity.” (理国要道,在于公平正直). In 2014 Xi used this semi-classical Chinese idiom to explain his anti-corruption drive, which aimed to save Chinese socialism from the negative influences of opening China’s economy to international capitalism.  Xi used the exact same phrase in his February speech to China’s National Security Council. His speech echoes the critique of the global economy Xi articulated in his address to the World Economic Forum in Davos.

Fairness and justice are the objectives of global governance, as well as the common pursuit of all humanity. As humanity becomes more developed and the world becomes more civilized, the expectations of the people for fairness and justice become higher.”

The US economic crisis of 2008 was a turning point for China: a moment when its leaders realized they could no longer depend on the United States for responsible global economic governance. Xi appears to have concluded that the corruption plaguing China could not be remedied with reforms that imitate or adapt the practices of the United States. As the Chinese leader approaches his second five-year term in office, he also seems to have concluded that the flaws in US-led global economic system—what critics in the US disparagingly refer to as “neoliberalism“—are inherent in the way the United States has shaped the international order.

In this sense Xi may be embracing the populism, and anti-corporatism, of both the left and the right in the United States and in Europe. But instead of seeking a retreat to pre-globalization era nationalism, Xi embraces the essence of globalization: the practical reality that the individual national fates of the various peoples of the world are inherently interconnected. As Xi told China’s National Security Council,

Each nation coexists in the same world, humanity lives in the same village Earth, the same space and time where history and reality flow together, a community where you are part of my fate and I am part of yours. This is the inevitable trend of global development and an inexorable law of human development. The world needs a new order where cooperation leads to collective success and shared development; the construction of a community where humanity’s fate is shared.” 

The Road Ahead

Xi, unlike President Trump, does not want to tear apart or abandon the international institutions that already exist. In his words, “Reforming and perfecting the exiting international system does not require tearing up the kitchen and making a fresh start.” The nature of the reforms China may suggest is still unclear. Xi points to China’s own initiatives to finance and build basic infrastructure throughout Asia as an example. China’s continued support for the Paris Agreement on climate change is another important indicator.

If Xi is attempting to initiate a new era in Chinese foreign policy, the concepts in his speech in Davos and his speech to China’s National Security Council on the occasion of the Munich Security Conference should be codified in the final report of the Chinese Community Party Congress later this year. Depending on the outcome of what is anticipated to be a contentious fight over China’s political future, Xi may emerge as a significant force for change not only at home but internationally as well.

The NRC and Nuclear Safety Culture: Do As I Say, Not As I Do

Many times over the past 20 years the Nuclear Regulatory Commission (NRC) has intervened when evidence strongly suggested a nuclear power plant had nuclear safety culture problems. The evidence used by the NRC to trigger its interventions was readily available to the plant owners, but the owners had downplayed or rationalized away the evidence until the NRC forced them to face reality.

The evidence used by the NRC to detect these nuclear safety culture problems included work force surveys indicating a sizeable portion of workers reluctant to raise safety concerns and allegations received by NRC from workers about reprisals and harassment they experienced after raising safety concerns.

Ample evidence strongly suggests that the NRC itself has nuclear safety culture problems. The NRC’s Office of the Inspector General (OIG) has surveyed the safety culture and climate within the NRC every three years for the past two decades. The latest survey was conducted during 2015 and released in March 2016. Figure 1 from the OIG’s 2015 survey along with data from the annual Federal Employee Viewpoint Surveys and other sources show safety culture problems as bad as—it not considerably worse—than the worst safety culture problems identified at Millstone, Davis-Besse, and yes, even the TVA reactors.

FIg. 1 (Source: Nuclear Regulatory Commission Office of the Inspector General)

After the OIG’s 2009 survey of the NRC’s safety culture and climate, UCS submitted a request under the Freedom of Information Act for all records related to the actions taken by the agency in response to the survey. We obtained many records which described very few actions. And regardless of the number of actions, the OIG’s 2015 survey showed that the NRC’s safety culture was worse than in 2009 (see the last column on the right in Figure 1).

Why would the NRC take steps to remedy safety culture problems at nuclear plants yet have taken no steps to remedy its own safety culture problems? The answer is the same as to the question of why the plant owners failed to take steps to correct safety culture problems before the NRC intervened—they did not perceive the problems to exist. Likewise, Figure 2 shows that the NRC’s senior management does not perceive safety culture within the agency to need remediation.

Fig. 2 (Source: Nuclear Regulatory Commission Office of the Inspector General)

The OIG employs a consultant to conduct the triennial safety culture surveys. I attended a briefing several years ago by the consultant on the survey results. The consultant reported surveying many other federal agencies and large private corporations. The consultant pointed out that the gap between results by senior management and by the overall workforce was wider at NRC than at any other federal or private entity it had surveyed.

Just as plant owners failed to correct the problem they could not see, NRC senior management cannot fix the agency’s “invisible” safety culture problems. The NRC intervened to enable owners to see, and then fix, their safety culture problems. Someone needs to intervene to help NRC senior management see the agency’s safety culture problems so they can take the corrective measures they have often compelled plant owners to take.

UCS recently issued a report on the NRC’s safety culture problems and its history of inducing safety culture fixes at nuclear plants. And The Bulletin posted my commentary about the NRC safety culture report.

If I found a lamp washed up on a beach and rubbed it to release a genie who granted me three wishes, my first wish would be for irradiated fuel to be transferred from dangerous, overcrowded spent fuel pools into more safe and secure dry storage as soon as practical. But my second wish would be for the NRC to undertake the reforms needed to achieve and sustain a positive nuclear safety culture at the agency. My third wish would be for a thousand additional wishes, so don’t worry that I squandered my first two.

Kudos to NRC for Lessons-Learned Review at Columbia Fuel Fabrication Facility

Disaster by Design/Safety by Intent #63

Safety by Intent

Westinghouse Electric Corporation notified the Nuclear Regulatory Commission (NRC) on July 14, 2016, that workers at its Columbia Fuel Fabrication Facility (CFFF) in South Carolina found significant accumulation of uranium in a ventilation system. The amount of enriched uranium exceeded limits established at the facility as protection against inadvertent criticality.

The uranium accumulated in process vent scrubber S-1030 shown towards the upper left side of Figure 1.

Fig. 1 (Source: Nuclear Regulatory Commission)

The NRC dispatched an Augmented Inspection Team (AIT) to the site to investigate the causes and corrective actions for the event. The NRC sends Special Inspection Teams and Augmented Inspection Teams to investigate discoveries like the one reported at CFFF that have the potential for increasing the risk of an accident.

The AIT concluded in its report dated October 26, 2016, that “Westinghouse failed to provide adequate levels of oversight, enforcement, and accountability to the organizations directly involved with configuration management, operations, and maintenance of the wet ventilation systems.” Specifically, Westinghouse had assumed that only minute quantities of uranium could collect in that portion of the ventilation system and took no actions to either validate or confirm that key assumption.

To this point, both Westinghouse and NRC followed established practices. Upon discovery a condition above the reporting threshold, Westinghouse notified the NRC. Upon receiving notification from Westinghouse about a condition above its normal response threshold, the NRC dispatched an Augmented Inspection Team.

The NRC’s Extra Effort

The NRC did not stop with its AIT probe into whatever problems Westinghouse had that resulted in the event at CFFF. Two days after issuing the AIT report, the NRC chartered a team to examine lessons the agency could learn from the event. This second team was not tasked with supplemental Westinghouse bashing. That had been the AIT’s role. The lessons-learned team was tasked with assessing whether the NRC could make changes in its efforts so as to lessen the likelihood events like the CFFF would recur. Specifically, the lessons learned team was asked to evaluate the NRC’s license review process, inspection program, operating experience program, organization of oversight groups, and knowledge management programs.

It is commendable that the NRC undertook this introspective review. The review would either confirm that the agency is effective applying its resources or recommend ways to reallocate resources for increased effectiveness.

The NRC’s Extra Safety Gains

The AIT verified that Westinghouse had taken or would be taking appropriate corrective actions to lessen the likelihood of recurrence of this problem at its CFFF. The lessons-learned task force identified steps the NRC could take in all five focus areas to lessen the likelihood that such an event could recur at any NRC-licensed fuel cycle facility.

The team concluded that the NRC’s license review process and its inspection program allocated resources based on perceived risk significance. In other words, items with high and moderate risk significance received more attention than items having low risk consequences. The team did not find this triage system unacceptable. It is imperative to properly focus limited resources. But the team did make recommendations on ways NRC’s reviewers and inspectors could verify that items deemed low risk truly have low risk.

The team characterized the agency’s operating experience and knowledge management programs as being more supplemental than integral parts of business. Some of the NRC staff interviewed by the team used the programs extensively; other staffers were aware of the programs but had not used them. The team made several recommendations intended to integrate the operating experience and knowledge management programs into day-to-day work practices. For example, the team recommended training on using the operating experience database to lower the height and shorten the duration of the learning curve needed for users to become proficient with this tool.

The NRC’s Safety Backstop

In theory, NRC’s reviewers and inspectors should find no safety problems. NRC’s licensees—the owners of nuclear power plants and fuel cycle facilities—are responsible under the law for complying with regulations intended to manage risk to workers and the public.

In practice, NRC’s reviewers and inspectors could, and do, find safety problems. Not because NRC’s licensees are deliberately violating safety regulations, but compliance is a dynamic challenge.

By undertaking the lessons learned review of the CFFF event, the NRC makes its safety backstop more robust and reliable. The recommendations made by the team will, when implemented, improve the effectiveness of NRC’s reviewers and inspectors. The NRC’s reviewers and inspectors were already good, but the agency’s efforts to make them better result in making workers and the public safer.

It may not be the ultimate win-win situation, but it’s got to be among the top ten.

—–

UCS’s Disaster by Design/Safety by Intent series of blog posts is intended to help readers understand how a seemingly unrelated assortment of minor problems can coalesce to cause disaster and how effective defense-in-depth can lessen both the number of pre-existing problems and the chances they team up.

Fake News about Chinese Nuclear Weapons

On the left, a still from a video shot at an intersection in the Chinese city of Daqing. On the right, a picture of the Russian Topol-M taken during a military parade in Moscow. Both are carried on eight-axel TEL vehicles, indicating they are approximately the same size.

A video recently discovered on a Chinese internet service appears to show a new Chinese road-mobile missile making a turn at an intersection in the city of Daqing. The discovery generated sensational claims about changes in Chinese nuclear strategy. However, a careful search of Chinese sources shows that none of those claims can be substantiated. Some are obvious distortions.

The Dongfeng (DF)-41 Missile

Multiple foreign media sources claimed the missile in the video was a new nuclear-armed long-range ballistic missile called the DF-41. The Chinese government does not comment on the composition and capabilities of its nuclear missile force and has neither confirmed nor denied the existence of the DF-41.

The missile seen in the video appears slightly larger than the DF-31A long-range ballistic missiles China displayed in a national military parade in 2015. The U.S. National Air and Space Intelligence Center states the DF-31A has a range of 11,000+ kilometers and could deliver a single Chinese nuclear warhead, estimated to weigh approximately 500kg, to targets within the continental United States.

Almost all of the reported information about the existence and characteristics of the DF-41 can be traced to a handful of foreign media sources that have a questionable track record when reporting on Chinese missile technology. However, the U.S. Department of Defense recently reported China “is developing a new road-mobile ICBM, the CSS-X-20 (DF-41) capable of carrying MIRVs.”

Although foreign media sources routinely claim the DF-41 could carry 10 or 12 nuclear warheads, the missile seen in the video could not. It’s too small given the mass of Chinese warheads. Similar in size and appearance to the Russian Topol-M, which can carry a payload of 1,200 kg approximately 10,500 km, the missile in the video may be able to carry two Chinese warheads, but it most likely is designed, like the DF-31A, to carry a single warhead and a set of countermeasures to confuse missile defenses.

If the missile seen in the video is the new road-mobile missile discussed in the Pentagon report, it purportedly has a slightly longer range than the DF-31A. This would allow China to reach US targets it could previously reach only with a liquid-fueled, silo-based missile called the DF-5—which was also displayed during the 2015 military parade. Because silo-based missiles are more vulnerable to a preemptive first strike, having a road-mobile missile with the same range as the DF-5 increases Chinese confidence in their ability to retaliate.

False Claims About Chinese Nuclear Strategy

On January 24, Popular Mechanics published a story with a still from the video that claimed the Chinese government “publicly announced the deployment” of the DF-41 and that announcement “is likely a warning to U.S. President Donald Trump, who is known for sharply worded anti-Chinese rhetoric and has announced plans for a new ballistic missile system.” Two days later The Independent ran the same story with the same claims. The Sun, the Daily Caller, the International Business Times, the Moscow Times, Quora.com, ZeroHedge.com, STRATFOR, TASS, RT, and Sputnik International all ran stories about the alleged Chinese nuclear missile “deployment” and what it supposedly revealed about the intentions of the Chinese government.

Breitbart ran the same story with the same claims on January 27, but with the added twist that the so-called deployment of the missile in Heilongjiang province, which shares a border with the Russia, is a prelude to an “approaching Clash of Civilizations world war” where “Russia and the United States will be allied against China.”

The sole basis of the claim that China announced the existence and deployment of the DF-41 is a commentary in the English-language edition of China’s Global Times. The commentary is a response to the publication of images from the posted video in the Hong Kong and Taiwan media, which in turn seem to have their origins in a French website. Yet, the Global Times clearly states,”there has been no authoritative information on whether China has a Dongfeng-41 strategic missile brigade, how many such brigades it has and where they are deployed.” The Chinese commentary is critical of President Trump, and does express the hope that the existence of the DF-41 “will be revealed officially soon.” But that is a far cry from the “official announcement” described in many of the foreign news reports on the posted video.

Fake News about Nuclear Weapons is a Cause for Concern

The fabrication and distribution of misinformation about the size, capability and intent of China’s nuclear arsenal is nothing new. Several years ago an adjunct faculty member at Georgetown University cited Chinese-language blog posts to recast decades-old rumors from a Hong Kong tabloid as a “leaked Chinese military document” that allegedly proved China’s nuclear arsenal was ten times larger than existing US estimates. His assertions and sources are demonstrably not credible. Yet, Dr. Peter Navarro, an adviser to President Trump, repeated these alternative facts about the size of China’s nuclear arsenal in a recent book on Chinese military strategy.

President Trump recently directed Secretary of Defense Mattis to initiate a review of the US nuclear posture. This follows a series of statements in the wake of the November election that indicated Mr. Trump supported a major build-up of US nuclear forces. While the new U.S. president’s comments on the need for US nuclear modernization are not unprecedented, his ability to push modernization plans through a Republican-led Congress, despite the enormous projected costs, may be enhanced by exaggerated perceptions of a Chinese nuclear threat to the United States.

As the debate on US nuclear weapons policy takes shape under the direction of Secretary Mattis, who may have reservations about the need for a US nuclear build-up, it is important that US decisions be made on the basis of the best available information, rather than the alternative facts now circulating in Washington.

North Korea’s February Missile Launch

North Korea reportedly launched a medium-range missile Sunday morning local time (about 6 pm Saturday on the US east coast).

People are speculating about what missile it could have been. Based on the range, there are at least two candidates, which would be distinguishable by US intelligence if it was able to observe the launch.

Fig. 1

The missile was apparently launched eastward from the Panghyon air base near Kusong, northwest of Pyongyang and traveled 500 km, splashing down in the Sea of Japan. According to the South Korean military, it flew on a lofted trajectory, reaching an apogee of about 550 km.

A missile flown on this trajectory would have a range of 1,200-1,250 km if flown on a standard trajectory with the same payload (Fig. 1).

Nodong or KN-11?

That range is similar to that of the North Korean Nodong missile, which was first tested in the early 1990s and has been launched repeatedly since then. Another launch of the Nodong would not be particularly useful for advancing Pyongyang’s missile program, so if that was what was launched it would have had a political motivation.

However, as Jeffrey Lewis points out, the trajectory is very similar to the trajectory the submarine-launched KN-11 missile flew in its first successful test last August. While similar in range to the Nodong, the KN-11 has the advantage that it uses solid rather than liquid fuel, which means it would take less preparation time before a launch. The North is likely to be interested in developing and testing a land-based version of the missile.

If this is what was launched, it would represent a useful developmental step for North Korea, no matter what may have driven the timing of the launch.

The KN-11 would have a clear fingerprint that would distinguish it from the Nodong (or the Musudan, see below), since it has two stages rather than one, and that difference would be clear if US, Japanese, etc., sensors were able to observe the test.

Other options?

Some of the reports have speculated the test was of a Musudan missile, but I haven’t seen anything about the test that supports that. The Musudan range is considerably longer. The one successful Musudan launch, which took place last June, suggested a maximum range of about 3,000 km, although a recent analysis suggest that the range is probably less than 2,500 km if it carries a payload similar to the mass of a nuclear warhead. (Note that repeated claims that the Musudan can reach up to 4,000 km are not credible.)

It’s also worth noting that North Korea apparently fired several extended-range Scud missiles last September, which have a similar but somewhat shorter range than seen in the test, depending on the payload. These are also single stage and could be distinguished from a KN-11 test.

Of course, the North may surprise us with something else entirely.

Missile Defense Agency to Choose Preferred Location for Third GMD Site

Sometime in early 2017, and it could be any day now, one of the communities on the map below (designated by red dots) will get big news from the Missile Defense Agency (MDA). Congress mandated the MDA to choose a preferred location in case the United States decides to build an additional deployment site for the Ground-based Midcourse (GMD) System missile defense.

The site studies were on track to wrap up at the end of 2016. We’ve updated our fact sheet on it, posted here.

Fig. 1. Sites being studied as a potential third site for the GMD system: Fort Custer Training Center, near Battle Creek, MI.; Camp Ravenna Joint Military Training Center, near Akron, OH; and Fort Drum, NY. (Source: Google Earth)

There’s no military requirement for an additional missile defense site. Nor was the idea of building a third site (in addition to the two existing ones in Alaska and California) the result of a rigorous study of what would best improve the system’s ability to intercept ballistic missile threats to the homeland.

But you can count on Congress to run with this idea and push as hard as it can.

Fig. 2. Workers preparing an interceptor in Alaska (Source: Missile Defense Agency)

Every year since 2012, Congress has attempted to dedicate/earmark money to build such a site, despite Pentagon budgets that never included a dime for it. When asked, missile defense officials have said repeatedly that they have higher priorities for their next dollar. And they are skeptical about what starting this expensive project would do to their priorities in a constrained budget environment, including improving the reliability and effectiveness of the existing system. Improving reliability and effectiveness would be a good thing. The GMD system has been plagued with serious reliability problems and has a poor test record.

However, congressional delegations (with a few exceptions) from Michigan, New York and Ohio have crossed party lines and asked the Missile Defense Agency to support locating the site in their respective states. Their support appears to be largely driven by an interest in creating jobs. Each proposed site is in an economically depressed area, and many in the local communities are understandably eager for an infusion of federal cash to generate new job opportunities.

But is this an effective way to create jobs?

Let’s talk about money. This would be an expensive project. The Congressional Budget Office estimated that a new site would cost at least $3.6 billion to build and operate over the first five years. This includes ground equipment ($1.2 billion); developing the site, building the facilities, and constructing the silos ($1 billion); the cost of buying 20 interceptors ($1.3 billion), and operations costs ($100 million). For the full complement of 60 interceptors, it would cost at least $2.6 billion more.

Note, however, that the interceptors would not be built at the new sites, and neither the $1.3 billion for the first 20 interceptors nor money for extra interceptors would be spent locally. For example, Raytheon builds the GMD system’s kill vehicles in a facility outside Tucson, which it recently expanded to increase its capacity. The GMD interceptor’s boosters are also produced primarily in Arizona, at Orbital ATK’s facility outside of Phoenix.

So support for local industry and jobs for constituents may partially explain why Sen. John McCain, who usually provides a healthy dose of skepticism about defense expenditures, has endorsed the plan to build a third site.

Turning back to the potential sites in the Midwest, these above estimates indicate that under this plan, the Pentagon would spend at most about $2.3 billion in the local community. While that sounds enticing, studies show that military spending is not a particularly effective way to generate good paying jobs. Investing a comparable amount in clean energy technologies, health care or education is likely create a much larger number of jobs across all pay ranges than military spending.

The GMD site studies provided detailed information about what kinds of jobs would be created by building a new site. While it varies from site to site, the estimate is that construction, would generate 600 to 800 temporary jobs. A large fraction of those jobs, 15 to 50 percent, could be filled by workers from outside the region, depending on the skills of local residents.

After construction, the site would require an operations staff of 650 to 850 people. About 85 percent of the permanent staff jobs would be filled by workers from elsewhere due to the fact these positions demand specialized expertise.

The facility would indirectly generate a larger number of jobs, mainly low-to-median wage service jobs spurred by the economic activity. During construction, estimates range from 1,800 to 2,300 indirect jobs, while after the facility is completed, an estimated 300 to 400 indirect jobs would remain.

How does that compare to other types of investment?

Investing in wind projects would be a good bet—and both Michigan and New York are among the top 20 states for wind energy potential. As I noted a few years ago, a 2008 study by the National Renewable Energy Laboratory, which looked at the economic impact of building wind turbines in Colorado, estimated that developing 1,000 megawatts of wind-generated power would create 1,700 full-time equivalent jobs (including engineering and manufacturing jobs), and operation and maintenance would provide 300 permanent jobs in rural areas. In a 2013 report, Lawrence Livermore Laboratories calculated an average cost of building wind power to be $1,940 per kilowatt (and this cost is dropping). So these wind industry jobs would cost an initial outlay of around $2 billion, comparable to the investment in a third GMD site, and would continue to provide a return on investment.

For roughly the same amount of money, Hemlock Semiconductor, in Saginaw County, Michigan created 1,000 new jobs, spending $2.5 billion over five years on manufacturing facilities that produce materials for solar panels.

Building a third GMD missile defense site isn’t the result of a considered study of priorities to strengthen U.S. security, nor is it a sensible next step to improve strategic missile defense capabilities. It is symptomatic of a broader problem with strategic missile defense: Congress is not providing adequate oversight nor the necessary skepticism.

Regardless, we expect Congress to continue to push for a new site anyway once a preferred site is selected. However, if Congress has an extra few billion dollars available for one of these locations, it is fair to ask that it be spent in a way that provides economic security for the chosen community and a much better return on investment.

Nuclear Safety Performance at Pilgrim

The Nuclear Regulatory Commission (NRC) held a public meeting on Tuesday, January 31, 2017, in Plymouth, Massachusetts. A large crowd of over 300 individuals (perhaps thousands more by White House math) attended, including me. Elected officials in Massachusetts—the attorney general, the governor, the entire US Congressional delegation, and state senators and representatives—had requested the meeting. Many of these officials, or their representatives, attended the meeting.

The elected officials asked the NRC to conduct a public meeting to discuss the contents of an email from the leader of an NRC inspection team at Pilgrim to others within the agency regarding the results from the first week’s efforts. An NRC staffer forwarded this email to others within the agency, and inadvertently to Diane Turco of the Cape Downwinders, a local organization. The contents of the leaked email generated considerable attention.

Unique NRC Meeting
During my nearly two decades at UCS, I have attended dozens, perhaps hundreds (maybe even millions by White House accounting) of NRC meetings. The Plymouth meeting was unique. It was the only NRC meeting I’ve attended to discuss an email.

And it was the only NRC meeting I’ve attended where public speaking slots were chosen by raffle. In all prior meetings, members of the public raised their hands to be called upon by the NRC staff, queued behind a microphone in the room in order to speak, or added their names to a list to speak in the order specified by the sign-up sheet. At this meeting, the NRC used a raffle system. I received Ticket #4 (see Figure 1), giving me an opportunity to “win” a chance to speak for up to 3 minutes (or 180 seconds, whichever came first) during the meeting.

Fig. 1 (Source: Nuclear Regulatory Commission)

Fig. 2 (Source: Nuclear Regulatory Commission)

My ticket, along with at least 74 other tickets, was placed into a fishbowl. Brett Klukan, an attorney in NRC Region I, drew tickets from the bowl to establish the speaker order. Because the fishbowl was clear glass, Brett gazed at the ceiling to avoid charges of cherry-picking preferred ticket numbers (see Figure 2). Brett then wrote the number drawn on a whiteboard without showing the number to anyone else, somewhat offsetting the averted gaze tactic since he could have jotted down any number he wished.Unique NRC Discussion

Brett Klukan opened the meeting by introducing the NRC panelists and covering some ground rules for the meeting. The ground rules included a decorum standard—any audience member disrupting the meeting three times would be asked to leave. If the individual did not leave voluntarily, Brett explained that law enforcement officers (and there were numerous uniformed officers in the room and in the hallway outside) would escort the person from the room.

Brett then turned the meeting over to the NRC panel of Dan Dorman, the Regional Administrator for NRC’s Region I, Bill Dean, the NRC’s Director of the Office of Nuclear Reactor Regulation, Raymond Lorson, the Director of the Division of Reactor Safety in Region I, and Don Jackson, the leader of the NRC inspection team at Pilgrim and author of the email.

Don went through the leaked email, which he had written, updating the audience on each issue and supplementing the email with results from the team’s efforts since that initial week. I had expected the NRC to talk about what systems, components, and administrative processes the inspection team examined, but anticipated the NRC would not discuss results until the team’s report was approved and publicly released. But Don candidly provided the results, too. More than once, Don explained that the team identified an apparent violation of NRC’s regulations—in fact, he stated that 10 to 15 potential violations had been identified.

After the NRC panel finished their remarks, the meeting moved to comments and questions from the public. I was the third member of the audience to speak to the NRC. Figure 3 shows Brett Klukan at the podium to the left, the NRC panel in the center, and several members of the audience turning to look at the speaker standing at the microphone located towards the back of the room out of view to the far right.

Fig. 3 (Source: Nuclear Regulatory Commission)

I asked the NRC four questions. After I posed the four questions, the NRC panel answered. My questions and the NRC’s answers:

UCS Question #1

The NRC’s 20-member inspection team covered a lot of ground, but still examined a small fraction of the safety systems at Pilgrim. Based on the large number of safety violations in the small sample the team examined, what assurance can the NRC provide about the state of the majority of safety systems the team did not examine?

NRC Answer: The NRC’s reactor oversight process (ROP) features periodic inspections of safety systems at Pilgrim with the team inspection being supplemental to those activities. If there were problems in those other safety systems, the periodic inspections would reveal them.

UCS Response: Don Jackson described his team identifying 10 to 15 apparent violations of federal safety regulations in the small sample of safety systems they examined—violations that apparently were NOT revealed previously by the ROP’s periodic inspection efforts. Those routine inspection efforts failed to identify violations among the small sample, strongly suggesting that the routine inspection efforts also fail to find violations in the larger sample.

UCS Question #2

Don Jackson explained that the text in his email about the staff at Pilgrim appearing overwhelmed or shocked referred to their reaction to the arrival of the NRC’s 20-member inspection team. Does the NRC believe that this staff might also be overwhelmed or shocked in response to an accident?

NRC Answer: Don Jackson explained that his email comments referred primarily to the plant’s support staff (e.g, engineers, maintenance workers, etc.) rather than about the control room operators. Don said that his assessment of the operators at Pilgrim during their duties in the control room and during exercises on the control room simulator gave him complete confidence that the operators would be able to successfully respond to an accident.

UCS Response: Even if Don’s assessment is correct (and the operators losing control of the reactor during a routine startup causing it to automatically shut down to avoid fuel damage, the operators mis-operating numerous safety components following Winter Storm Juno and the operators not receiving proper training on the use of the high pressure coolant injection system leaves room for doubt), it is incomplete. The response to an accident involves considerably more than the handful of operators on duty at the time. NRC’s regulations require dozens of other plant workers to staff the Technical Support Center, the Operations Support Center, and the Emergency Operations Facility. The work force freaking out because 20 NRC inspectors arrive on site—by an appointment made weeks in advance—suggests that work force could be equally stressed out responding to an unannounced accident.

UCS Question #3

Dan Dorman mentioned the NRC planned to conduct another public meeting in late March about this inspection and to release the team’s final report in mid-April. Would it be possible for the NRC to issue the final report before the public meeting to allow the public to review the report and participate meaningfully in the meeting?

NRC Answer: Don Jackson mentioned that the report for a recent team inspection at another nuclear plant was over 350 pages due to all the information it contained. He said it would take sustained effort for the report by the team for their inspection at Pilgrim to be issued by mid-April, with no real opportunity for putting it out sooner.

UCS Response: There are two items both under full control of the NRC—the public meeting and the team inspection report. I have no reason to doubt Don’s word that mid-April is the soonest that the report can be released. I have every reason to doubt why the NRC must hold the public meeting in late March. The NRC could conduct the public meeting in late April, or early May, or mid-May, or late-May, or early June, or any time after they release the team’s report. The only reason for the NRC to conduct a public meeting about a non-existent report is because that’s the way they prefer to do it.

UCS Question #4

Audience members for this meeting are given three strikes before they are out of the meeting. How many strikes has the NRC given Pilgrim before it is out?

NRC Answer: Bill Dean began to answer the question, but Dan Dorman interrupted him. Dan labeled the question rhetorical and directed Brett to proceed with the next speaker.

UCS Response: I appreciate NRC bringing back Bert the turtle with this Duck and Cover gimmick. To be sure, I’d have better appreciated the NRC’s explanation why audience members get dragged out of the room after three strikes while Pilgrim does not get shut down after 10 to 15 violations of federal safety regulations. But this is America where everyone has the right to chicken out. My apologies if I put the NRC in a fowl mood.

To Be (Shut Down) or Not to Be (Shut Down)

The recurring theme during the meeting was whether the known performance problems warranted the shutdown of Pilgrim (either permanently or until the problem backlog was eliminated) or if Pilgrim could continue operating without exposing the community to undue risk.

Best I could tell, the meeting did not change any participant’s viewpoint. If one entered the room believing Pilgrim was troubled but sufficiently safe, one left the room with this belief intact. If one entered the room feeling Pilgrim’s problems posed too great a hazard, one probably left the room with even stronger convictions.

The meeting was somewhat like a court trial in that two reasonably supported but entirely opposite arguments were presented. The meeting was unlike a court trial in that instead of a jury, only time may decide which argument is right.

The Argument for Pilgrim Continuing to Operate

The team inspection led by Don Jackson is a direct result of an increasing number of problems at Pilgrim that caused the NRC to drop its performance assessment from Column 1 of the ROP’s Action Matrix into Column 2, 3 and eventually 4. The NRC developed the ROP in the late 1990s in response to high-profile troubled nuclear plants like Millstone, Salem, and Cooper.

The Action Matrix has five columns. A reactor with performance so bad that the NRC places it into Action Matrix Column 5 cannot operate until the NRC is satisfied enough of the problems have been corrected to permit restart.

Dan Dorman and Don Jackson tried to explain during the meeting that it was not the number of problems that determined placement into Column 5, it was the severity of the problems that mattered. They said several times that the 10 to 15 apparent violations identified by the team reinforced the NRC’s determination that Pilgrim was a Column 4 performer, but did not cause them to feel movement into Column 5 was warranted.

The Action Matrix is like our legal system. Persons guilty of a single misdemeanor generally receive lesser sanctions than persons guilty of multiple misdemeanors who in turn generally receive lesser sanctions than persons guilty of a single felony. Persons guilty of multiple felonies tend to be those receiving the severest sanctions and incarceration.

Pilgrim got into Column 4 as the result of several violations identified by NRC inspectors that were classified as White, the second least severe classification in the NRC’s Green, White, Yellow, and Red system. The data suggest performance shortcomings warranting regulatory attention, but it doesn’t suggest a trip to nuclear jail.

The Argument for Pilgrim Shutting Down

The NRC panelists stated several times during the meeting that they did not see any immediate safety concern that required Pilgrim to be shut down. Those assurances would be more meaningful and credible had the panelists or their NRC colleagues periodically seen an immediate safety concern, even from a distance.

The last time the NRC saw an immediate safety concern and ordered an operating reactor to shut down was March 31, 1987 when the agency ordered the Unit 2 and 3 reactors at the Peach Bottom nuclear plant in Pennsylvania to be shut down (the Unit 1 reactor had already been permanently shut down). Dan Dorman and Ray Lorson did not join the NRC staff until 1991. Don Jackson did not come to the NRC until 2003. Of the four NRC panelists, only Bill Dean was with the agency the last time an immediate safety concern was spotted.

Yet there have been times since 1987 when immediate safety concerns have existed:

Davis-Besse Safety Blindspot

In the fall of 2001, the NRC staff drafted an order that would require the Davis-Besse nuclear plant to be shut down. To justify the order, the NRC staff assembled the strongest circumstantial case one could hope to build that an operating reactor was unsafe. The NRC staff evaluated the reactor against five criteria in Regulatory Guide 1.174 (RG 1.174). All five criteria had to be satisfied for a reactor to be considered safe. The NRC staff determined that one criterion was not met and the other four criteria were most likely not met. Absent dead bodies or a mushroom cloud, you cannot build a stronger case that an operating reactor is unsafe.

Fig. 4 (Source: Nuclear Regulatory Commission)

But NRC senior managers shelved the order and allowed Davis-Besse to continue operating. When the reactor finally shut down, workers discovered the reactor was less safe than the NRC staff had feared. Per the NRC, Davis-Besse came closer to a meltdown than any reactor since the Three Mile Island accident in March 1979 (much closer than Peach Bottom ventured in March 1987).

Worse still, when interviewed by the NRC’s Office of the Inspector General, the NRC senior managers stated, under oath, stood behind their decision. They claimed they needed absolute proof that an operating reactor was unsafe before they would order it shut down. Somehow, failing to meet five of five safety principles does not constitute absolute proof to the NRC. Perhaps not meeting eight or nine out of five safety principles would suffice.

Oconee Safety Blindspot

In June 2010, the NRC issued a confirmatory action letter (CAL) to the owner of the Oconee nuclear plant in South Carolina. The CAL required that the owner take fifteen steps to reduce risk of failure at the upriver Jocassee Dam (which was also owned by Oconee’s owner) and to lessen the flooding vulnerability at Oconee should the dam fail.

The NRC staff discovered that the failure rate for the Jocassee Dam was as high as other hazards that Oconee was protected against. Thus, failure of the dam could not be dismissed as incredible or overly speculative.

The NRC staff further estimated that if the Jocassee Dam failed, flooding at the Oconee site created a 100 percent chance of causing all three operating reactors to melt down, all cooling of the spent fuel pools to be lost, and all three reactor containments to fail.

The high risk of flooding causing three operating reactors to melt down prompted the NRC to issue the CAL to Oconee’s owner nine months before flooding caused three operating reactors at Fukushima to melt down.

The hazard was real enough to cause NRC to require the owner to take steps to lower the risk, but not real enough to warrant the reactors to shut down until the risk was better managed.

Most galling is the fact that the NRC withheld information about this hazard from the public. Their June 2010 CAL was issued in secret. When the NRC conducted their annual public meeting in the Oconee community in April 2011—about six weeks after flooding melted three operating reactors at Fukushima—they said nothing about the CAL being issued to better manage flooding vulnerabilities at Oconee. The public cannot trust an agency that withholds relevant information from them.

It may be true that the NRC would order an operating reactor to be shut down if it saw an immediate safety concern. But it’s been nearly thirty years since the NRC noticed an immediate safety concern at an operating reactor. Since then, the NRC has noticed very serious safety problems at Davis-Besse and Oconee, yet allowed those reactors to continue operating.

The Davis-Besse and Oconee cases occurred after the NRC adopted the ROP and its Action Matrix. None of the safety problems that led to the NRC staff drafting a shutdown order for Davis-Besse or issuing a CAL for flood protection problems at Oconee were considered in the ROP. Thus these safety problems were entirely invisible as far as the Action Matrix was concerned.

The NRC should not rely on a safety yardstick that ignores significant safety issues.

UCS’s Argument about Pilgrim

Because the NRC has demonstrated its ability to jettison safety standards when an operating reactor doesn’t measure up, and because it has not recently demonstrated an ability to spot an immediate safety concern, it is entirely reasonable for the community around Pilgrim to have anxiety about the plant’s known performance problems. Shutting down Pilgrim would lessen that anxiety.

Should public anxiety be used as a pretext for shutting down an operating reactor?

Absolutely not.

Instead, the public should have trust and confidence in the NRC to protect them from Pilgrim’s problems. But the NRC has not done much to warrant such trust and confidence by the NRC. If public anxiety is high, it’s because public trust and confidence in the NRC is low.

Public trust and confidence in the NRC should be the proper context for a troubled reactor continuing to operate.

That proper context is missing.

The NRC must take steps to restore public trust and confidence. They should consistently establish and enforce safety regulations. NRC senior managers must stop looking for absolute proof that operating reactors are unsafe and instead look for absolute proof that operating reactors comply with federal safety regulations.

And when NRC senior managers see safety problems, they must disclose that finding to the public. Hiding such information, as they did with the flooding vulnerabilities at Oconee, provides the public with a distorted view. And such antics provide the public with zero reason to trust anything the NRC utters. When you cherry-pick what you say and when you say it, you stop being a credible authority.

If the NRC allows Pilgrim to continue operating and the reactor has an accident, will the agency be able to honestly look victims and survivors in the eye and say they did everything they could to protect them?

Nuclear Regulatory Crusader

To many, the acronym NRC stands for Nuclear Regulatory Commission. At times, NRC has been said to stand for Nobody Really Cares, Nuclear Rubberstamp Committee, and Nielsen Ratings Commission.

In regard to Larry Criscione, it may stand for Nuclear Regulatory Crusader.

(Source: NRC)

Larry is an engineer working for the U.S. Nuclear Regulatory Commission (NRC). Last year, Larry received the Joe A. Callaway Award for Civic Courage from The Safeek Nader Trust. Joe Callaway established the award in 1990 to recognize individuals who, with integrity and at some personal risk, take a public stance to advance truth and justice.

In March 2011, the three operating reactors at the Fukushima Daiichi nuclear plant in Japan melted down after a tsunami generated by a large earthquake flooded the site and disabled primary and backup power supplies to emergency equipment. In public, the NRC denied that reactors operating in the U.S. were vulnerable to such hazards.

In private, the NRC knew otherwise.

Flooding Risk at Oconee

In June 2010—nine months before Fukushima—the NRC issued a Confirmatory Action Letter to the owner of the Oconee nuclear plant in South Carolina requiring more than a dozen measures be taken. The measures were intended to lessen the chances that the Jocassee Dam fails and to increase the chances that the three operating reactors at Oconee survive should the dam fail anyway.

An evaluation showed that if the dam—located about 21 miles upriver from Oconee—failed, the site would be inundated with about 12.5 to 16.8 feet of flood water. The site was protected by a flood wall about seven feet tall, so it mattered little whether the actual depth was 12.5, 13, 14, 15, or 16.8 feet.

The NRC estimated that if the dam failed and flooded the site, there was a 100 percent chance that all three reactors would meltdown.

But the NRC issued the Confirmatory Action Letter secretly and did not tell the public about the hazard it required Oconee’s owner to lessen. After Fukushima tragically demonstrated the hazard posed by flooding, the NRC continued to cover-up measures taken and planned to lessen the flooding vulnerability at Oconee.

Larry and the OIG

So, Larry sent a 19-page letter dated September 18, 2002, to the NRC Chairman chronicling this history and asking four things:

  1. The NRC’s Office of General Counsel (OGC) should review the documents related to flooding at Oconee and the associated federal regulations to determine whether the documents could be made publicly available.
  1. The NRC’s Office of Nuclear Security and Incident Response (NSIR) should review the information on flooding hazards redacted from documents released to the public in response to Freedom of Information Act (FOIA) requests to determine whether additional information could be made publicly available.
  1. Based on the OGC and NSIR reviews, ensure that all flooding hazard documents that can be made publicly available are publicly available.
  1. The NRC’s Office of the Inspector General (OIG) should investigate whether the agency has been inappropriately marking documents as containing “Security-Related Information.”

Exercising his rights under the Lloyd-La Follette Act of 1912, Larry copied U.S. Congressional staff members on the email transmitting his letter to the NRC Chairman.

Larry’s letter was obtained by a reporter and featured in a Huffington Post article dated October 19, 2012.

As Larry had requested, the NRC’s OIG investigated handling of documents about flooding hazards. But rather than investigate whether NRC had improperly withheld information as he contended, OIG investigated whether Larry had improperly released information. As detailed in our 2015 report on the NRC and nuclear power safety, OIG made Larry an offer—he could voluntarily resign from the NRC or they would turn over his case to the Department of Justice (DOJ) for prosecution.

Larry did not resign.

OIG did refer the case to DOJ.

DOJ did not prosecute.

Through FOIA, UCS obtained DOJ’s response to NRC declining to prosecute Criscione. Under the Primary Reasons for Declination section, DOJ checked one box—No Federal Offense Committed.

Fortunately for Larry, not breaking the law is not yet against the law.

Thanks to Larry’s selfless efforts, the flooding hazards at Oconee have been made public. Larry had been right about the NRC inappropriately withholding information from the public. When lawyers and investigators were all through, the information he sought to have publicly released was publicly released. The NRC lacked legal grounds to continue hiding it.

More importantly, NRC’s mangers may think twice—or at least once—before withholding dam safety information in the future.

Unfortunately for Larry, he experienced unnecessary stress and expense defending himself against baseless OIG investigations. The Callaway Award does not fully offset those unfortunate consequences. But it helps show Larry and others who have our backs that not everyone wants to twist a dagger in their backs.

A video of the award presentation and Larry’s acceptance speech has been posted to YouTube.

Bottom Line

Doing the right thing when it’s relatively easy fails to accurately measure courage.

Larry Criscione did the right thing when it was a very hard thing to do. He could have remained silent like so many of his co-workers opted to do. He faced a strenuous courage test and aced it.

Is North Korea Planning a Missile Launch?

A press story from South Korea reports that the North may be preparing for a missile test launch, possibly in the next few days. Some suggest this could be intended as fireworks for Donald Trump’s inauguration.

While this story talks about the test being of a long-range missile (an “ICBM”) the few details that have been made public don’t seem to support that—although not much is known at this point.

The press story said that the South Korean military has reported seeing two missiles on mobile launchers. It reports that the missiles are less than 15 meters in length.

The KN-14 missile, which was seen in on October 2015 parade and is thought to be a prototype for a long-range missile, is estimated to be about 17 meters long—which would appear to rule it out.

Moreover, while there has been a ground test of an engine that might be used for this missile, it’s not clear how close this missile is to actual flight testing. Since the initial flight test of this new missile has a relatively low chance of success, Pyongyang may not want to risk a test failure if the timing is meant to send a message around the inauguration.

Musudan?

It seems more likely that what was seen are Musudan (Hwasong-10) missiles, which are also carried on mobile launchers and are about 12 meters long. This missile had a successful launch in June 2016, following a string of five failures. It may have suffered two additional failures in October. So another launch of this missile also carries risk of failure.

The Musudan has a range of about 3,000 km, based on the June test. This is far short of ICBM range, which technically is considered anything over 5,500 km, but would need to be 8,000-9,000 km for a North Korean missile to reach the US west coast.

However, one report quoted a military official as saying that the missile observed was “different from a conventional Musudan missile in its length and shape,” so until we get more information the jury is still out on what Pyongyang may be planning.

Not-so-Fabulous Five

To some, “Fabulous Five “ brings back memories of the 1991 recruits for the University of Michigan’s basketball team—Chris Webber, Jalen Rose, Juwan Howard, Jimmy King, and Ray Jackson. The five powered Michigan to the NCAA Division I championship games in 1992 and 1993.

Others may recall the “Fab Five,” a made-for-TV movie about a 2006 cheerleader scandal at a high school in Texas.

No one hearing “Fabulous Five” thinks about the performance of the nuclear reactors owned and operated by Entergy between 2011 and 2015. The performance during those five years was anything but fabulous, unless fabulously bad counts.

Performance Reports

Every quarter, the Nuclear Regulatory Commission (NRC) takes operating data submitted by plant owners and findings by the NRC’s inspectors to assign each reactor to one of five columns in the agency’s Action Matrix. When performance meets or exceeds NRC’s expectations, a reactor is placed in Column 1. If performance levels drop, a reactor gets placed into Columns 2, 3, or 4 depending on the depth and breadth of the performance decline. When performance drops so low that operation is not permissible until problems are corrected, a reactor falls into Column 5. The NRC began using this rating system in the fourth quarter of 2000.

Back in 2000, there were 105 reactors operating in the United States. Several reactors permanently shut down and one reactor commenced operating for a current total of slightly under 100 operating reactors. Entergy operated 11 reactors during much of that period, with one reactor permanently shutting down in recent years. Based on the average Action Matrix column placement, Entergy’s reactors generally outperformed the U.S. reactor fleet between 2000 and 2010 as shown in Figure 1. (Action Matrix column placement is like golf scores—low numbers win.) But the performance of Entergy’s reactors significantly declined beginning in 2011.

Fig. 1 (

Fig. 1 (Source: Union of Concerned Scientists)

Performance Plunge

Figure 2 shows a closer look at this five-year period. For the first and second quarters of 2011, all eleven of Entergy’s reactors were placed by the NRC into Action Matrix Column 1. Those ratings reflect top performance—the NRC does not issue 1-plus scores. By fourth quarter 2014—just 14 quarters later—the average Entergy reactor was in Action Matrix Column 2. The performance difference between Entergy’s reactors and all U.S. reactors was wider than ever, and not in Entergy’s favor.

Fig. 2 (

Fig. 2 (Source: Union of Concerned Scientists)

But 10 to 11 reactors is a smaller sample than 98 to 105 reactors. Perhaps one poorly performing reactor is dragging down the Entergy fleet. Figure 3 belies that notion. Only two of Entergy’s eleven reactors remained in Column 1 each and every quarter between 2011 and 2015: Indian Point Unit 2 and Vermont Yankee. The other nine reactors visited Columns 2, 3, and 4.

Fig. 3 (

Fig. 3 (Source: Union of Concerned Scientists)

The individual Entergy reactor ratings are hard to discern. Only people who do extremely well on ink blot tests and those who can relax their minds to see prancing unicorns or frolicking grizzly bears emerge from squiggly line drawings can get much out of Figure 3. The rest of us can hopefully gain these insights from Figure 4. This figure shows the percentage of U.S. and Entergy reactors placed into Column 1 each quarter by the NRC from 2011 to 2015. For the first and second quarters of 2011, 100 percent of Entergy’s reactors resided in Column 1—a feat the U.S. reactor fleet has never achieved. But by the fourth quarter of 2014, only 30 percent of Entergy’s reactors remained in Column 1. It was clearly not a case of one bad apple spoiling the bushel, but a fleet with bushels of reactor performance problems.

Fig. 4 (

Fig. 4 (Source: Union of Concerned Scientists)

Bottom Line

The NRC rates performance for each individual reactor. For example, the NRC has rated performance for Indian Point Unit 2 as being in an Action Matrix column while placing Indian Point Unit 3 in another column, despite the reactors being side-by-side at the same site under the same management. Such granularity has its advantages. Like snowflakes, no two reactors are identical and their differences can, and do, factor into performance differences.

The NRC does not connect these individual dots to see the bigger picture. Thirty percent of Entergy’s fleet rated outside of Column 1 cannot be explained by a faulty design, an incapable senior manager, or poor relationships between work force and management. Bad luck might explain an underperforming reactor or two. But bad luck does not cause performance to drop at 70 percent of the Entergy fleet. At times, individual snowflakes team up to cause blizzards.

When its performance assessments reveal broad underperformance by the owner of a fleet of nuclear reactors, the NRC must determine whether bad corporate behavior is spoiling the bushel of reactors. The NRC need not give aptitude tests to Chief Nuclear Officers or examine budget allocations. The NRC could simply issue a “Show Cause” order to the owner requiring a formal response as to why so many of its reactors have performance problems.

When many among a fleet of ships is listing, taking on water, or steaming off-course, it would be irresponsible to wait until a ship sinks before asking the Admiral of the Fleet “what’s up?” NRC cannot wait for a reactor to meltdown before asking Entergy to explain why so many of its reactors are experiencing so many problems.

Pages