UCS Blog - All Things Nuclear (with images) - Latest 1

Why Freezing North Korea’s Weapons Programs Would Make Us Safer

Last week, China proposed a way to reduce tensions on the Korean peninsula: Pyongyang would freeze its missile and nuclear programs in exchange for Washington and Seoul halting their current round of military exercises. China also sees this as a way of starting talks between the US and North Korea, which it believes is necessary to resolve hostilities on the peninsula.

In comments in South Korea on Friday, Secretary of State Tillerson said “we do not believe the conditions are right to engage in any talks at this time. … [C]onditions must change before there is any scope for talks to resume, whether they be five-party or six-party.” Whether the last phrase means the US is consciously rejecting the idea of one-on-one talks with the North is not clear.

Tillerson also said he believes it is “premature” to talk about a freeze since a freeze would leave North Korea with significant military capabilities. His choice of words appears to leave the possibility of a freeze on the table.

A North Korean freeze on nuclear tests and missile flight tests would be highly beneficial—and readily verifiable. It would prevent Pyongyang from developing a long-range missile capable of hitting the US.

It is important, of course, to work to eliminate the capabilities North Korea currently has, but a sensible first step is to keep it from increasing its capabilities.

Musudan test launch (Source: KCNA)

Freezing North Korean Development Would Be Valuable

Over the last two decades, Pyongyang has developed technologies beyond what many thought it was capable of doing. It has developed nuclear weapons, an array of short- and medium-range missiles that could pose a significant threat to its neighbors, and a large satellite launcher that has placed two objects in orbit (although neither appears to have been operational once in orbit).

These weapon systems are not particularly sophisticated and in some cases are highly unreliable but, as Secretary Tillerson noted, they represent significant military capabilities.

And if these development programs continue, things will get considerably worse. The past shows North Korea’s ability to make slow but steady progress, and that will continue. After all, it is developing weapons systems that the US, Soviets, and others developed 50 years ago.

What could a freeze do?

A Freeze on Nuclear Tests

North Korea has now conducted five nuclear tests, the last of which indicated it has developed a nuclear device that can produce a yield similar to that of the Hiroshima and Nagasaki bombs.

Getting a nuclear device to explode under test conditions, however, is not the same as having a usable nuclear warhead. A deliverable warhead needs to be small enough, both in terms of physical size and mass, to be carried by North Korea’s ballistic missiles. It needs to work in a realistic environment, rather than just in a static test environment.  In particular, it must withstand the considerable forces of missile delivery, including acceleration, vibrations, and buffeting during launch and reentry.

If the North does not yet have a weapon that is small and rugged enough for delivery by ballistic missile, stopping additional nuclear tests could keep it from developing one. Even if it does have such a weapon, stopping testing would limit its ability to improve its design.

A testing freeze could be verified by the global network of seismic and other types of sensors that make up the International Monitoring System. This network is sensitive enough to have detected North Korea’s previous tests—including the 2006 test with an estimated yield of only about one kiloton.

A Freeze on Missile Tests

A freeze on missile flight testing would limit North Korea’s ability to build more capable and longer range missiles, and to determine the reliability of existing missiles or gain operational practice in firing them.

Today, North Korea’s longest range operational missile is the Nodong, with a range of about 1,300 km—much shorter than the roughly 9,000 km to the US west coast. It does not currently have a ballistic missile that could carry a nuclear warhead to long distances.

However, it is developing a number of the components it needs to produce such a missile.

For example:

  • North Korea appears to have had one successful flight test, with five or more failures, of its Musudan (Hwasong-10) missile, which uses a more advanced fuel than the North’s previous missiles. Developing a working missile would require additional tests. Besides giving Pyongyang a considerably longer range missile than it currently has, successfully developing this missile would open the way to modifying it for use as an upper stage of longer range missiles.
  • In the last year, Pyongyang has conducted ground tests of several new engines (April 2016, Sept. 2016, and March 2017). Some of these appear to use advanced fuels and have higher thrust than its current missile engines.
  • The North has paraded a prototype of a two-stage missile on a mobile launcher that could have a long range if it used the technology being tested in the Musudan missile. One of the engine ground tests mentioned above may be of an engine intended for the first stage of this missile.
  • Pyongyang is in early stages of testing a solid-fueled missile that could be launched from a mobile launcher on the ground or from a submarine. While the range appears to be similar to the Nodong, it would have a much shorter launch-preparation time if fired from mobile launchers on the ground, and could reach more distant targets if fired from a submarine at sea.
  • North Korea has not yet flight tested a reentry heat shield for a long-range missile, which is critical for successfully delivering a nuclear warhead. Over-designing the heat shield adds weight to the reentry vehicle, which reduces the range of the missile; under-designing it can cause overheating of the warhead that can damage it. Moreover, North Korea is likely to design a blunt reentry vehicle that reenters slowly to reduce the intensity of heating, and this can lead to very large inaccuracies—tens of kilometers or more.

Transforming these pieces into working missiles would require a series of flight tests. A freeze on missile testing would keep it from developing that capability.

A flight test ban would be completely verifiable. The US has a satellite network of infrared sensors that can detect launches essentially anywhere in the world. This system, for example, even detected the short-range Scud missiles launched at Israel during the first Gulf War. And the US is currently deploying a new generation of even more capable satellites for this job.

Would North Korea Be Willing to Freeze?  

No one knows.

It is worth remembering that North Korea observed a flight test moratorium from September 1999 through July 2006, which it began when its talks with the Clinton administration about missile and nuclear issues seemed to be moving ahead. It announced it was no longer bound by the moratorium in March 2005, in response to the Bush administration’s lack of diplomatic engagement on missile issues, and resumed testing the next year.

Things are different now, of course, and it’s not at all clear that Pyongyang would agree to a freeze. Kim Jong Un may be unwilling to stop until he has developed a credible long-range threat.

However, Kim clearly sees the US-South Korean military exercises as threatening, and offering to scale back those exercises may give the US significant leverage. Agreeing to talks once a freeze is in place could add leverage.

But whether or not North Korea would ultimately agree to a freeze, the US should not be the one to take this option off the table. A freeze would be an effective, meaningful step in limiting further development of North Korea’s nuclear and missile programs—and the US should be doing what it can to put a freeze in place.

New START is a Winner

U.S. military leaders continue to strongly support New START, the arms control treaty between the United States and Russia that limits each country to no more than 1,550 deployed, long-range nuclear weapons by 2018.

Gen. Hyten, Gen. Selva testify in support of New START before the House Armed Services Committee, March 8, 2017

The problem is that President Donald Trump is apparently unwilling to listen to their sage advice.

Back on January 28, in his first phone call with Russian President Vladimir Putin, President Trump reportedly attacked New START, calling it a “bad deal.” It seems any agreement this president did not personally negotiate is a loser.

And that is unfortunate, because according to the Reuters report that broke the story, Putin had raised the possibility of the two countries using New START’s built-in option to extend the treaty’s life by five years. Such an extension is definitely in the US national security interest: From boots-on-the-ground inspections to detailed data exchanges, the treaty provides verification and predictability that US military leaders consistently desire.

Strategic Commander is “Big Supporter”

Just last week, Air Force Gen. John Hyten, who as commander of the U.S. Strategic Command is responsible for all U.S. nuclear forces, was asked about New START in a Congressional hearing. He testified:

I’ve stated for the record in the past, and I’ll state again, that I’m a — a big supporter [of the treaty]. … when it comes to nuclear weapons and nuclear capabilities, that bilateral, verifiable arms control agreements are essential to our ability to provide an effective deterrent.

In the same hearing, Air Force Gen. Paul Selva, vice chairman of the Joint Chiefs of Staff, testified that when New START was considered by the Senate:

the Joint Chiefs reviewed the components of the treaty and — and endorsed it. It is a bilateral, verifiable agreement that gives us some degree of predictability on what our potential adversaries look like.

While it seems he doesn’t listen to military leaders like these, it not clear just who President Trump does listen to. Reuters reported the president stopped his call with Putin to ask someone unknown what the treaty was before telling the Russian leader that it was a bad deal.

And it doesn’t stop there. More recently, on February 23, the president repeated his criticism of New START, this time in an interview where he declared that the treaty is “a one-sided deal like all other deals we make. It’s a one-sided deal. It gave them things that we should have never allowed. … Just another bad deal that the country made.”

New START passed a high bar for Senate ratification

Before they can become the law of the land, treaties must pass a high bar: approval by two-thirds of U.S. Senate. The threshold was set to ensure that “bad deals” don’t happen. In the case of New START, 71 senators voted in favor of the treaty, including 13 Republicans. It became the first major arms control treaty negotiated by a Democratic president and endorsed by the Senate. Perhaps this, more than any other reason, is why President Trump dislikes the treaty.

But it took compelling reasons to get those 71 Senate votes, and then just as now, military leaders gave strong support to the treaty. Perhaps most compelling, seven former heads of U.S. Strategic Command wrote a letter to the Senate endorsing the treaty. After detailing several reasons why the treaty was in U.S. national security interests, the letter concluded,

The New START Treaty will contribute to a more stable U.S.-Russian relationship. We strongly endorse its early ratification and entry into force.

While overall the U.S.-Russian relationship has deteriorated, the New START agreement has been one bedrock of constancy. That is what military leaders sought when the treaty was first negotiated, and why they still support it now. President Trump should start listening to their advice, and stop attacking New START. Instead, he should respond to Putin’s suggestion and extend the treaty by five years.

North Korea Launches Four Missiles “Simultaneously”

Yesterday  North Korea launched four ballistic missiles into the Sea of Japan.

The missiles reportedly traveled an average of 1,000 km (620 miles), and landed within 300 to 350 km (185 to 220 miles) of Japan. The four launches were said to be “simultaneous,” leading to speculation they were intended to be a barrage attack to overwhelm a missile defense system.

Fig. 1. Approximate direction of launches (Source: Google Earth)

The missiles were launched from Tongchang-ri, in northwest North Korea, where the Sohae Satellite Launch Station is located. Missiles of this range would not need the facilities at Sohae, so it’s not known if there was a particular reason they were launched from this facility.

A South Korean briefing gave the apogee of the missile as 260 km (160 miles). That implies the missiles reached essentially their maximum range (unlike some recent North Korean tests that were tested on highly lofted trajectories, so that their maximum range would be longer than the range seen in the test).

That rules out anything like an ICBM.

Scud-ERs?

North Korea has three missiles that have ranges similar to this: Extended-Range Scud (“Scud-ER”), Nodong, and Pukguksong-2. The latter, which is solid-fueled, has been flight tested only twice (once from sea and once from land), and is probably not what the North launched since it has little information about its reliability and would be unlikely to try launching four simultaneously.

Instead, this set of tests instead looks very similar to a multiple-missile test North Korea conducted last September 5. In that case it launched three missiles in rapid succession from mobile launchers sitting on a road south of Pyongyang. These missiles flew about 1,000 km and landed off the coast of Japan.

A careful analysis of those launches indicate they were Extended-Range Scud (“Scud ER”) missiles, which are modifications of short-range Scud missiles, lengthened to carry additional fuel and lightened by making the body out of aluminum rather than the usual steel. This analysis suggests the missile could carry a warhead of roughly 500 kg to 1,000 km.

A video of those launches show that the first and second launches were less than a minute apart, and the second and third launches were separated by just seconds.

This analysis notes that these modifications lead to “the maximum performance that a single Scud-B engine can achieve in a missile.” They believe this is not a new missile, but may date back to 2000 or earlier.

More information may make clear whether the test was of Scud-ERs, Nodongs, or something unexpected.

China’s Changing Foreign Policy

The global security community is worried about President Trump. The report of the 54th annual Munich Security Conference suggests his election may lead to a “post truth post west, post order” world. Vice President Pence and other US government representatives failed to convince the conference otherwise.

That same day, Chinese President Xi Jinping, commenting on the meeting in Munich, confirmed his controversial defense of globalization at the World Economic Forum in Davos was not just an opportune swipe at the nationalist atavism of the new US administration.

It may mark the beginning of a new era in Chinese foreign policy.

Deng-Era Approach to Chinese Foreign Policy Outdated

Chinese Vice-Premier Deng Xiaoping speaks about the “third world” in his address to the United Nations in 1974.

During a February 17 meeting of China’s National Security Committee,  Xi, paraphrasing the Confucian classics, said, “The sage remains modest about his or her abilities, but exercises them when the time comes.” (君子藏器于身,待时而动) “At this moment,” Xi argued, China must “move past the policy of ‘keeping a low profile and nurturing ourselves’ (韬光养晦) to become more involved in international affairs, not only as a participant and contributor, but also as a benefactor and leader of the international system.”

Deng Xiaoping, who initiated and led the economic reforms that jumpstarted China’s economy in the 1980s, used the term “keeping a low profile and nurturing ourselves” to describe his approach to Chinese foreign policy. Although some US observers came to see the policy as coy, or sinister, many Chinese understood Deng’s description as a shift away from the anti-capitalist revolutionary activism of Mao Zedong toward a temporary accommodation with international capitalism in the interest of domestic economic development. President Jiang Zemin (1989-2002) and President Hu Jintao (2002-2012) conducted Chinese foreign affairs in the same general spirit with the same basic objective. International capital and technical expertise poured into China and its GDP grew from US$ 178 billion in 1979 to US$ 11 trillion in 2015.

Xi prefaced his argument for changing China’s approach to the world by noting, “After 38 years of rapid development, our country is now first in the world in manufacturing, first in trade, the second largest economy, and third in the use of foreign capital and in foreign investment. Our overall national capability has increased considerably. What was said about it in the past can no longer be said in the present day.”

The World is Changing

Deng worried how China might behave at this moment. He expressed concern that once China modernized it might forget about socialism and its allegiance to the “third world”, which, to him, was the large bloc of developing nations not aligned with either the Soviet Union or the United States. The pioneer of China’s opening to international trade loathed the idea that economic development might transform China into another major power that exploited and oppressed smaller and weaker nations. If it did, according to Deng, China would no longer be socialist.

Xi seems determined not only to preserve China’s socialist ideals but to put them into practice internationally. The world may be changing, as the Munich report suggests, but Xi is optimistic that a new and better international order is on the horizon.

“Today’s world is a changing world. It is a world of endless new opportunities and challenges, a world where the international system and international order are undergoing deep revision, and where comparative international strengths are undergoing profound change. Moreover, it is a world advancing towards change that is beneficial to peace and development.”

The Soviet Union has already collapsed. Now the second pole of the old Cold War order is wobbling. The authors of the Munich report fear US abdication of its role as “a provider of public goods and international security” impends a descent into nationalism, chaos and war. Xi, on the other hand, seems to be imagining that the time may have come for the leaders of the developing nations to reshape the international order.

A Global Anti-corruption Campaign?

Curiously, Xi reached back to a 2014 speech on Chinese domestic legal reform for a phrase to describe the principles that should guide the emerging new international system. Xi said, “The keys to governing a country are fairness and integrity.” (理国要道,在于公平正直). In 2014 Xi used this semi-classical Chinese idiom to explain his anti-corruption drive, which aimed to save Chinese socialism from the negative influences of opening China’s economy to international capitalism.  Xi used the exact same phrase in his February speech to China’s National Security Council. His speech echoes the critique of the global economy Xi articulated in his address to the World Economic Forum in Davos.

Fairness and justice are the objectives of global governance, as well as the common pursuit of all humanity. As humanity becomes more developed and the world becomes more civilized, the expectations of the people for fairness and justice become higher.”

The US economic crisis of 2008 was a turning point for China: a moment when its leaders realized they could no longer depend on the United States for responsible global economic governance. Xi appears to have concluded that the corruption plaguing China could not be remedied with reforms that imitate or adapt the practices of the United States. As the Chinese leader approaches his second five-year term in office, he also seems to have concluded that the flaws in US-led global economic system—what critics in the US disparagingly refer to as “neoliberalism“—are inherent in the way the United States has shaped the international order.

In this sense Xi may be embracing the populism, and anti-corporatism, of both the left and the right in the United States and in Europe. But instead of seeking a retreat to pre-globalization era nationalism, Xi embraces the essence of globalization: the practical reality that the individual national fates of the various peoples of the world are inherently interconnected. As Xi told China’s National Security Council,

Each nation coexists in the same world, humanity lives in the same village Earth, the same space and time where history and reality flow together, a community where you are part of my fate and I am part of yours. This is the inevitable trend of global development and an inexorable law of human development. The world needs a new order where cooperation leads to collective success and shared development; the construction of a community where humanity’s fate is shared.” 

The Road Ahead

Xi, unlike President Trump, does not want to tear apart or abandon the international institutions that already exist. In his words, “Reforming and perfecting the exiting international system does not require tearing up the kitchen and making a fresh start.” The nature of the reforms China may suggest is still unclear. Xi points to China’s own initiatives to finance and build basic infrastructure throughout Asia as an example. China’s continued support for the Paris Agreement on climate change is another important indicator.

If Xi is attempting to initiate a new era in Chinese foreign policy, the concepts in his speech in Davos and his speech to China’s National Security Council on the occasion of the Munich Security Conference should be codified in the final report of the Chinese Community Party Congress later this year. Depending on the outcome of what is anticipated to be a contentious fight over China’s political future, Xi may emerge as a significant force for change not only at home but internationally as well.

The NRC and Nuclear Safety Culture: Do As I Say, Not As I Do

Many times over the past 20 years the Nuclear Regulatory Commission (NRC) has intervened when evidence strongly suggested a nuclear power plant had nuclear safety culture problems. The evidence used by the NRC to trigger its interventions was readily available to the plant owners, but the owners had downplayed or rationalized away the evidence until the NRC forced them to face reality.

The evidence used by the NRC to detect these nuclear safety culture problems included work force surveys indicating a sizeable portion of workers reluctant to raise safety concerns and allegations received by NRC from workers about reprisals and harassment they experienced after raising safety concerns.

Ample evidence strongly suggests that the NRC itself has nuclear safety culture problems. The NRC’s Office of the Inspector General (OIG) has surveyed the safety culture and climate within the NRC every three years for the past two decades. The latest survey was conducted during 2015 and released in March 2016. Figure 1 from the OIG’s 2015 survey along with data from the annual Federal Employee Viewpoint Surveys and other sources show safety culture problems as bad as—it not considerably worse—than the worst safety culture problems identified at Millstone, Davis-Besse, and yes, even the TVA reactors.

FIg. 1 (Source: Nuclear Regulatory Commission Office of the Inspector General)

After the OIG’s 2009 survey of the NRC’s safety culture and climate, UCS submitted a request under the Freedom of Information Act for all records related to the actions taken by the agency in response to the survey. We obtained many records which described very few actions. And regardless of the number of actions, the OIG’s 2015 survey showed that the NRC’s safety culture was worse than in 2009 (see the last column on the right in Figure 1).

Why would the NRC take steps to remedy safety culture problems at nuclear plants yet have taken no steps to remedy its own safety culture problems? The answer is the same as to the question of why the plant owners failed to take steps to correct safety culture problems before the NRC intervened—they did not perceive the problems to exist. Likewise, Figure 2 shows that the NRC’s senior management does not perceive safety culture within the agency to need remediation.

Fig. 2 (Source: Nuclear Regulatory Commission Office of the Inspector General)

The OIG employs a consultant to conduct the triennial safety culture surveys. I attended a briefing several years ago by the consultant on the survey results. The consultant reported surveying many other federal agencies and large private corporations. The consultant pointed out that the gap between results by senior management and by the overall workforce was wider at NRC than at any other federal or private entity it had surveyed.

Just as plant owners failed to correct the problem they could not see, NRC senior management cannot fix the agency’s “invisible” safety culture problems. The NRC intervened to enable owners to see, and then fix, their safety culture problems. Someone needs to intervene to help NRC senior management see the agency’s safety culture problems so they can take the corrective measures they have often compelled plant owners to take.

UCS recently issued a report on the NRC’s safety culture problems and its history of inducing safety culture fixes at nuclear plants. And The Bulletin posted my commentary about the NRC safety culture report.

If I found a lamp washed up on a beach and rubbed it to release a genie who granted me three wishes, my first wish would be for irradiated fuel to be transferred from dangerous, overcrowded spent fuel pools into more safe and secure dry storage as soon as practical. But my second wish would be for the NRC to undertake the reforms needed to achieve and sustain a positive nuclear safety culture at the agency. My third wish would be for a thousand additional wishes, so don’t worry that I squandered my first two.

Kudos to NRC for Lessons-Learned Review at Columbia Fuel Fabrication Facility

Disaster by Design/Safety by Intent #63

Safety by Intent

Westinghouse Electric Corporation notified the Nuclear Regulatory Commission (NRC) on July 14, 2016, that workers at its Columbia Fuel Fabrication Facility (CFFF) in South Carolina found significant accumulation of uranium in a ventilation system. The amount of enriched uranium exceeded limits established at the facility as protection against inadvertent criticality.

The uranium accumulated in process vent scrubber S-1030 shown towards the upper left side of Figure 1.

Fig. 1 (Source: Nuclear Regulatory Commission)

The NRC dispatched an Augmented Inspection Team (AIT) to the site to investigate the causes and corrective actions for the event. The NRC sends Special Inspection Teams and Augmented Inspection Teams to investigate discoveries like the one reported at CFFF that have the potential for increasing the risk of an accident.

The AIT concluded in its report dated October 26, 2016, that “Westinghouse failed to provide adequate levels of oversight, enforcement, and accountability to the organizations directly involved with configuration management, operations, and maintenance of the wet ventilation systems.” Specifically, Westinghouse had assumed that only minute quantities of uranium could collect in that portion of the ventilation system and took no actions to either validate or confirm that key assumption.

To this point, both Westinghouse and NRC followed established practices. Upon discovery a condition above the reporting threshold, Westinghouse notified the NRC. Upon receiving notification from Westinghouse about a condition above its normal response threshold, the NRC dispatched an Augmented Inspection Team.

The NRC’s Extra Effort

The NRC did not stop with its AIT probe into whatever problems Westinghouse had that resulted in the event at CFFF. Two days after issuing the AIT report, the NRC chartered a team to examine lessons the agency could learn from the event. This second team was not tasked with supplemental Westinghouse bashing. That had been the AIT’s role. The lessons-learned team was tasked with assessing whether the NRC could make changes in its efforts so as to lessen the likelihood events like the CFFF would recur. Specifically, the lessons learned team was asked to evaluate the NRC’s license review process, inspection program, operating experience program, organization of oversight groups, and knowledge management programs.

It is commendable that the NRC undertook this introspective review. The review would either confirm that the agency is effective applying its resources or recommend ways to reallocate resources for increased effectiveness.

The NRC’s Extra Safety Gains

The AIT verified that Westinghouse had taken or would be taking appropriate corrective actions to lessen the likelihood of recurrence of this problem at its CFFF. The lessons-learned task force identified steps the NRC could take in all five focus areas to lessen the likelihood that such an event could recur at any NRC-licensed fuel cycle facility.

The team concluded that the NRC’s license review process and its inspection program allocated resources based on perceived risk significance. In other words, items with high and moderate risk significance received more attention than items having low risk consequences. The team did not find this triage system unacceptable. It is imperative to properly focus limited resources. But the team did make recommendations on ways NRC’s reviewers and inspectors could verify that items deemed low risk truly have low risk.

The team characterized the agency’s operating experience and knowledge management programs as being more supplemental than integral parts of business. Some of the NRC staff interviewed by the team used the programs extensively; other staffers were aware of the programs but had not used them. The team made several recommendations intended to integrate the operating experience and knowledge management programs into day-to-day work practices. For example, the team recommended training on using the operating experience database to lower the height and shorten the duration of the learning curve needed for users to become proficient with this tool.

The NRC’s Safety Backstop

In theory, NRC’s reviewers and inspectors should find no safety problems. NRC’s licensees—the owners of nuclear power plants and fuel cycle facilities—are responsible under the law for complying with regulations intended to manage risk to workers and the public.

In practice, NRC’s reviewers and inspectors could, and do, find safety problems. Not because NRC’s licensees are deliberately violating safety regulations, but compliance is a dynamic challenge.

By undertaking the lessons learned review of the CFFF event, the NRC makes its safety backstop more robust and reliable. The recommendations made by the team will, when implemented, improve the effectiveness of NRC’s reviewers and inspectors. The NRC’s reviewers and inspectors were already good, but the agency’s efforts to make them better result in making workers and the public safer.

It may not be the ultimate win-win situation, but it’s got to be among the top ten.

—–

UCS’s Disaster by Design/Safety by Intent series of blog posts is intended to help readers understand how a seemingly unrelated assortment of minor problems can coalesce to cause disaster and how effective defense-in-depth can lessen both the number of pre-existing problems and the chances they team up.

Fake News about Chinese Nuclear Weapons

On the left, a still from a video shot at an intersection in the Chinese city of Daqing. On the right, a picture of the Russian Topol-M taken during a military parade in Moscow. Both are carried on eight-axel TEL vehicles, indicating they are approximately the same size.

A video recently discovered on a Chinese internet service appears to show a new Chinese road-mobile missile making a turn at an intersection in the city of Daqing. The discovery generated sensational claims about changes in Chinese nuclear strategy. However, a careful search of Chinese sources shows that none of those claims can be substantiated. Some are obvious distortions.

The Dongfeng (DF)-41 Missile

Multiple foreign media sources claimed the missile in the video was a new nuclear-armed long-range ballistic missile called the DF-41. The Chinese government does not comment on the composition and capabilities of its nuclear missile force and has neither confirmed nor denied the existence of the DF-41.

The missile seen in the video appears slightly larger than the DF-31A long-range ballistic missiles China displayed in a national military parade in 2015. The U.S. National Air and Space Intelligence Center states the DF-31A has a range of 11,000+ kilometers and could deliver a single Chinese nuclear warhead, estimated to weigh approximately 500kg, to targets within the continental United States.

Almost all of the reported information about the existence and characteristics of the DF-41 can be traced to a handful of foreign media sources that have a questionable track record when reporting on Chinese missile technology. However, the U.S. Department of Defense recently reported China “is developing a new road-mobile ICBM, the CSS-X-20 (DF-41) capable of carrying MIRVs.”

Although foreign media sources routinely claim the DF-41 could carry 10 or 12 nuclear warheads, the missile seen in the video could not. It’s too small given the mass of Chinese warheads. Similar in size and appearance to the Russian Topol-M, which can carry a payload of 1,200 kg approximately 10,500 km, the missile in the video may be able to carry two Chinese warheads, but it most likely is designed, like the DF-31A, to carry a single warhead and a set of countermeasures to confuse missile defenses.

If the missile seen in the video is the new road-mobile missile discussed in the Pentagon report, it purportedly has a slightly longer range than the DF-31A. This would allow China to reach US targets it could previously reach only with a liquid-fueled, silo-based missile called the DF-5—which was also displayed during the 2015 military parade. Because silo-based missiles are more vulnerable to a preemptive first strike, having a road-mobile missile with the same range as the DF-5 increases Chinese confidence in their ability to retaliate.

False Claims About Chinese Nuclear Strategy

On January 24, Popular Mechanics published a story with a still from the video that claimed the Chinese government “publicly announced the deployment” of the DF-41 and that announcement “is likely a warning to U.S. President Donald Trump, who is known for sharply worded anti-Chinese rhetoric and has announced plans for a new ballistic missile system.” Two days later The Independent ran the same story with the same claims. The Sun, the Daily Caller, the International Business Times, the Moscow Times, Quora.com, ZeroHedge.com, STRATFOR, TASS, RT, and Sputnik International all ran stories about the alleged Chinese nuclear missile “deployment” and what it supposedly revealed about the intentions of the Chinese government.

Breitbart ran the same story with the same claims on January 27, but with the added twist that the so-called deployment of the missile in Heilongjiang province, which shares a border with the Russia, is a prelude to an “approaching Clash of Civilizations world war” where “Russia and the United States will be allied against China.”

The sole basis of the claim that China announced the existence and deployment of the DF-41 is a commentary in the English-language edition of China’s Global Times. The commentary is a response to the publication of images from the posted video in the Hong Kong and Taiwan media, which in turn seem to have their origins in a French website. Yet, the Global Times clearly states,”there has been no authoritative information on whether China has a Dongfeng-41 strategic missile brigade, how many such brigades it has and where they are deployed.” The Chinese commentary is critical of President Trump, and does express the hope that the existence of the DF-41 “will be revealed officially soon.” But that is a far cry from the “official announcement” described in many of the foreign news reports on the posted video.

Fake News about Nuclear Weapons is a Cause for Concern

The fabrication and distribution of misinformation about the size, capability and intent of China’s nuclear arsenal is nothing new. Several years ago an adjunct faculty member at Georgetown University cited Chinese-language blog posts to recast decades-old rumors from a Hong Kong tabloid as a “leaked Chinese military document” that allegedly proved China’s nuclear arsenal was ten times larger than existing US estimates. His assertions and sources are demonstrably not credible. Yet, Dr. Peter Navarro, an adviser to President Trump, repeated these alternative facts about the size of China’s nuclear arsenal in a recent book on Chinese military strategy.

President Trump recently directed Secretary of Defense Mattis to initiate a review of the US nuclear posture. This follows a series of statements in the wake of the November election that indicated Mr. Trump supported a major build-up of US nuclear forces. While the new U.S. president’s comments on the need for US nuclear modernization are not unprecedented, his ability to push modernization plans through a Republican-led Congress, despite the enormous projected costs, may be enhanced by exaggerated perceptions of a Chinese nuclear threat to the United States.

As the debate on US nuclear weapons policy takes shape under the direction of Secretary Mattis, who may have reservations about the need for a US nuclear build-up, it is important that US decisions be made on the basis of the best available information, rather than the alternative facts now circulating in Washington.

North Korea’s February Missile Launch

North Korea reportedly launched a medium-range missile Sunday morning local time (about 6 pm Saturday on the US east coast).

People are speculating about what missile it could have been. Based on the range, there are at least two candidates, which would be distinguishable by US intelligence if it was able to observe the launch.

Fig. 1

The missile was apparently launched eastward from the Panghyon air base near Kusong, northwest of Pyongyang and traveled 500 km, splashing down in the Sea of Japan. According to the South Korean military, it flew on a lofted trajectory, reaching an apogee of about 550 km.

A missile flown on this trajectory would have a range of 1,200-1,250 km if flown on a standard trajectory with the same payload (Fig. 1).

Nodong or KN-11?

That range is similar to that of the North Korean Nodong missile, which was first tested in the early 1990s and has been launched repeatedly since then. Another launch of the Nodong would not be particularly useful for advancing Pyongyang’s missile program, so if that was what was launched it would have had a political motivation.

However, as Jeffrey Lewis points out, the trajectory is very similar to the trajectory the submarine-launched KN-11 missile flew in its first successful test last August. While similar in range to the Nodong, the KN-11 has the advantage that it uses solid rather than liquid fuel, which means it would take less preparation time before a launch. The North is likely to be interested in developing and testing a land-based version of the missile.

If this is what was launched, it would represent a useful developmental step for North Korea, no matter what may have driven the timing of the launch.

The KN-11 would have a clear fingerprint that would distinguish it from the Nodong (or the Musudan, see below), since it has two stages rather than one, and that difference would be clear if US, Japanese, etc., sensors were able to observe the test.

Other options?

Some of the reports have speculated the test was of a Musudan missile, but I haven’t seen anything about the test that supports that. The Musudan range is considerably longer. The one successful Musudan launch, which took place last June, suggested a maximum range of about 3,000 km, although a recent analysis suggest that the range is probably less than 2,500 km if it carries a payload similar to the mass of a nuclear warhead. (Note that repeated claims that the Musudan can reach up to 4,000 km are not credible.)

It’s also worth noting that North Korea apparently fired several extended-range Scud missiles last September, which have a similar but somewhat shorter range than seen in the test, depending on the payload. These are also single stage and could be distinguished from a KN-11 test.

Of course, the North may surprise us with something else entirely.

Missile Defense Agency to Choose Preferred Location for Third GMD Site

Sometime in early 2017, and it could be any day now, one of the communities on the map below (designated by red dots) will get big news from the Missile Defense Agency (MDA). Congress mandated the MDA to choose a preferred location in case the United States decides to build an additional deployment site for the Ground-based Midcourse (GMD) System missile defense.

The site studies were on track to wrap up at the end of 2016. We’ve updated our fact sheet on it, posted here.

Fig. 1. Sites being studied as a potential third site for the GMD system: Fort Custer Training Center, near Battle Creek, MI.; Camp Ravenna Joint Military Training Center, near Akron, OH; and Fort Drum, NY. (Source: Google Earth)

There’s no military requirement for an additional missile defense site. Nor was the idea of building a third site (in addition to the two existing ones in Alaska and California) the result of a rigorous study of what would best improve the system’s ability to intercept ballistic missile threats to the homeland.

But you can count on Congress to run with this idea and push as hard as it can.

Fig. 2. Workers preparing an interceptor in Alaska (Source: Missile Defense Agency)

Every year since 2012, Congress has attempted to dedicate/earmark money to build such a site, despite Pentagon budgets that never included a dime for it. When asked, missile defense officials have said repeatedly that they have higher priorities for their next dollar. And they are skeptical about what starting this expensive project would do to their priorities in a constrained budget environment, including improving the reliability and effectiveness of the existing system. Improving reliability and effectiveness would be a good thing. The GMD system has been plagued with serious reliability problems and has a poor test record.

However, congressional delegations (with a few exceptions) from Michigan, New York and Ohio have crossed party lines and asked the Missile Defense Agency to support locating the site in their respective states. Their support appears to be largely driven by an interest in creating jobs. Each proposed site is in an economically depressed area, and many in the local communities are understandably eager for an infusion of federal cash to generate new job opportunities.

But is this an effective way to create jobs?

Let’s talk about money. This would be an expensive project. The Congressional Budget Office estimated that a new site would cost at least $3.6 billion to build and operate over the first five years. This includes ground equipment ($1.2 billion); developing the site, building the facilities, and constructing the silos ($1 billion); the cost of buying 20 interceptors ($1.3 billion), and operations costs ($100 million). For the full complement of 60 interceptors, it would cost at least $2.6 billion more.

Note, however, that the interceptors would not be built at the new sites, and neither the $1.3 billion for the first 20 interceptors nor money for extra interceptors would be spent locally. For example, Raytheon builds the GMD system’s kill vehicles in a facility outside Tucson, which it recently expanded to increase its capacity. The GMD interceptor’s boosters are also produced primarily in Arizona, at Orbital ATK’s facility outside of Phoenix.

So support for local industry and jobs for constituents may partially explain why Sen. John McCain, who usually provides a healthy dose of skepticism about defense expenditures, has endorsed the plan to build a third site.

Turning back to the potential sites in the Midwest, these above estimates indicate that under this plan, the Pentagon would spend at most about $2.3 billion in the local community. While that sounds enticing, studies show that military spending is not a particularly effective way to generate good paying jobs. Investing a comparable amount in clean energy technologies, health care or education is likely create a much larger number of jobs across all pay ranges than military spending.

The GMD site studies provided detailed information about what kinds of jobs would be created by building a new site. While it varies from site to site, the estimate is that construction, would generate 600 to 800 temporary jobs. A large fraction of those jobs, 15 to 50 percent, could be filled by workers from outside the region, depending on the skills of local residents.

After construction, the site would require an operations staff of 650 to 850 people. About 85 percent of the permanent staff jobs would be filled by workers from elsewhere due to the fact these positions demand specialized expertise.

The facility would indirectly generate a larger number of jobs, mainly low-to-median wage service jobs spurred by the economic activity. During construction, estimates range from 1,800 to 2,300 indirect jobs, while after the facility is completed, an estimated 300 to 400 indirect jobs would remain.

How does that compare to other types of investment?

Investing in wind projects would be a good bet—and both Michigan and New York are among the top 20 states for wind energy potential. As I noted a few years ago, a 2008 study by the National Renewable Energy Laboratory, which looked at the economic impact of building wind turbines in Colorado, estimated that developing 1,000 megawatts of wind-generated power would create 1,700 full-time equivalent jobs (including engineering and manufacturing jobs), and operation and maintenance would provide 300 permanent jobs in rural areas. In a 2013 report, Lawrence Livermore Laboratories calculated an average cost of building wind power to be $1,940 per kilowatt (and this cost is dropping). So these wind industry jobs would cost an initial outlay of around $2 billion, comparable to the investment in a third GMD site, and would continue to provide a return on investment.

For roughly the same amount of money, Hemlock Semiconductor, in Saginaw County, Michigan created 1,000 new jobs, spending $2.5 billion over five years on manufacturing facilities that produce materials for solar panels.

Building a third GMD missile defense site isn’t the result of a considered study of priorities to strengthen U.S. security, nor is it a sensible next step to improve strategic missile defense capabilities. It is symptomatic of a broader problem with strategic missile defense: Congress is not providing adequate oversight nor the necessary skepticism.

Regardless, we expect Congress to continue to push for a new site anyway once a preferred site is selected. However, if Congress has an extra few billion dollars available for one of these locations, it is fair to ask that it be spent in a way that provides economic security for the chosen community and a much better return on investment.

Nuclear Safety Performance at Pilgrim

The Nuclear Regulatory Commission (NRC) held a public meeting on Tuesday, January 31, 2017, in Plymouth, Massachusetts. A large crowd of over 300 individuals (perhaps thousands more by White House math) attended, including me. Elected officials in Massachusetts—the attorney general, the governor, the entire US Congressional delegation, and state senators and representatives—had requested the meeting. Many of these officials, or their representatives, attended the meeting.

The elected officials asked the NRC to conduct a public meeting to discuss the contents of an email from the leader of an NRC inspection team at Pilgrim to others within the agency regarding the results from the first week’s efforts. An NRC staffer forwarded this email to others within the agency, and inadvertently to Diane Turco of the Cape Downwinders, a local organization. The contents of the leaked email generated considerable attention.

Unique NRC Meeting
During my nearly two decades at UCS, I have attended dozens, perhaps hundreds (maybe even millions by White House accounting) of NRC meetings. The Plymouth meeting was unique. It was the only NRC meeting I’ve attended to discuss an email.

And it was the only NRC meeting I’ve attended where public speaking slots were chosen by raffle. In all prior meetings, members of the public raised their hands to be called upon by the NRC staff, queued behind a microphone in the room in order to speak, or added their names to a list to speak in the order specified by the sign-up sheet. At this meeting, the NRC used a raffle system. I received Ticket #4 (see Figure 1), giving me an opportunity to “win” a chance to speak for up to 3 minutes (or 180 seconds, whichever came first) during the meeting.

Fig. 1 (Source: Nuclear Regulatory Commission)

Fig. 2 (Source: Nuclear Regulatory Commission)

My ticket, along with at least 74 other tickets, was placed into a fishbowl. Brett Klukan, an attorney in NRC Region I, drew tickets from the bowl to establish the speaker order. Because the fishbowl was clear glass, Brett gazed at the ceiling to avoid charges of cherry-picking preferred ticket numbers (see Figure 2). Brett then wrote the number drawn on a whiteboard without showing the number to anyone else, somewhat offsetting the averted gaze tactic since he could have jotted down any number he wished.Unique NRC Discussion

Brett Klukan opened the meeting by introducing the NRC panelists and covering some ground rules for the meeting. The ground rules included a decorum standard—any audience member disrupting the meeting three times would be asked to leave. If the individual did not leave voluntarily, Brett explained that law enforcement officers (and there were numerous uniformed officers in the room and in the hallway outside) would escort the person from the room.

Brett then turned the meeting over to the NRC panel of Dan Dorman, the Regional Administrator for NRC’s Region I, Bill Dean, the NRC’s Director of the Office of Nuclear Reactor Regulation, Raymond Lorson, the Director of the Division of Reactor Safety in Region I, and Don Jackson, the leader of the NRC inspection team at Pilgrim and author of the email.

Don went through the leaked email, which he had written, updating the audience on each issue and supplementing the email with results from the team’s efforts since that initial week. I had expected the NRC to talk about what systems, components, and administrative processes the inspection team examined, but anticipated the NRC would not discuss results until the team’s report was approved and publicly released. But Don candidly provided the results, too. More than once, Don explained that the team identified an apparent violation of NRC’s regulations—in fact, he stated that 10 to 15 potential violations had been identified.

After the NRC panel finished their remarks, the meeting moved to comments and questions from the public. I was the third member of the audience to speak to the NRC. Figure 3 shows Brett Klukan at the podium to the left, the NRC panel in the center, and several members of the audience turning to look at the speaker standing at the microphone located towards the back of the room out of view to the far right.

Fig. 3 (Source: Nuclear Regulatory Commission)

I asked the NRC four questions. After I posed the four questions, the NRC panel answered. My questions and the NRC’s answers:

UCS Question #1

The NRC’s 20-member inspection team covered a lot of ground, but still examined a small fraction of the safety systems at Pilgrim. Based on the large number of safety violations in the small sample the team examined, what assurance can the NRC provide about the state of the majority of safety systems the team did not examine?

NRC Answer: The NRC’s reactor oversight process (ROP) features periodic inspections of safety systems at Pilgrim with the team inspection being supplemental to those activities. If there were problems in those other safety systems, the periodic inspections would reveal them.

UCS Response: Don Jackson described his team identifying 10 to 15 apparent violations of federal safety regulations in the small sample of safety systems they examined—violations that apparently were NOT revealed previously by the ROP’s periodic inspection efforts. Those routine inspection efforts failed to identify violations among the small sample, strongly suggesting that the routine inspection efforts also fail to find violations in the larger sample.

UCS Question #2

Don Jackson explained that the text in his email about the staff at Pilgrim appearing overwhelmed or shocked referred to their reaction to the arrival of the NRC’s 20-member inspection team. Does the NRC believe that this staff might also be overwhelmed or shocked in response to an accident?

NRC Answer: Don Jackson explained that his email comments referred primarily to the plant’s support staff (e.g, engineers, maintenance workers, etc.) rather than about the control room operators. Don said that his assessment of the operators at Pilgrim during their duties in the control room and during exercises on the control room simulator gave him complete confidence that the operators would be able to successfully respond to an accident.

UCS Response: Even if Don’s assessment is correct (and the operators losing control of the reactor during a routine startup causing it to automatically shut down to avoid fuel damage, the operators mis-operating numerous safety components following Winter Storm Juno and the operators not receiving proper training on the use of the high pressure coolant injection system leaves room for doubt), it is incomplete. The response to an accident involves considerably more than the handful of operators on duty at the time. NRC’s regulations require dozens of other plant workers to staff the Technical Support Center, the Operations Support Center, and the Emergency Operations Facility. The work force freaking out because 20 NRC inspectors arrive on site—by an appointment made weeks in advance—suggests that work force could be equally stressed out responding to an unannounced accident.

UCS Question #3

Dan Dorman mentioned the NRC planned to conduct another public meeting in late March about this inspection and to release the team’s final report in mid-April. Would it be possible for the NRC to issue the final report before the public meeting to allow the public to review the report and participate meaningfully in the meeting?

NRC Answer: Don Jackson mentioned that the report for a recent team inspection at another nuclear plant was over 350 pages due to all the information it contained. He said it would take sustained effort for the report by the team for their inspection at Pilgrim to be issued by mid-April, with no real opportunity for putting it out sooner.

UCS Response: There are two items both under full control of the NRC—the public meeting and the team inspection report. I have no reason to doubt Don’s word that mid-April is the soonest that the report can be released. I have every reason to doubt why the NRC must hold the public meeting in late March. The NRC could conduct the public meeting in late April, or early May, or mid-May, or late-May, or early June, or any time after they release the team’s report. The only reason for the NRC to conduct a public meeting about a non-existent report is because that’s the way they prefer to do it.

UCS Question #4

Audience members for this meeting are given three strikes before they are out of the meeting. How many strikes has the NRC given Pilgrim before it is out?

NRC Answer: Bill Dean began to answer the question, but Dan Dorman interrupted him. Dan labeled the question rhetorical and directed Brett to proceed with the next speaker.

UCS Response: I appreciate NRC bringing back Bert the turtle with this Duck and Cover gimmick. To be sure, I’d have better appreciated the NRC’s explanation why audience members get dragged out of the room after three strikes while Pilgrim does not get shut down after 10 to 15 violations of federal safety regulations. But this is America where everyone has the right to chicken out. My apologies if I put the NRC in a fowl mood.

To Be (Shut Down) or Not to Be (Shut Down)

The recurring theme during the meeting was whether the known performance problems warranted the shutdown of Pilgrim (either permanently or until the problem backlog was eliminated) or if Pilgrim could continue operating without exposing the community to undue risk.

Best I could tell, the meeting did not change any participant’s viewpoint. If one entered the room believing Pilgrim was troubled but sufficiently safe, one left the room with this belief intact. If one entered the room feeling Pilgrim’s problems posed too great a hazard, one probably left the room with even stronger convictions.

The meeting was somewhat like a court trial in that two reasonably supported but entirely opposite arguments were presented. The meeting was unlike a court trial in that instead of a jury, only time may decide which argument is right.

The Argument for Pilgrim Continuing to Operate

The team inspection led by Don Jackson is a direct result of an increasing number of problems at Pilgrim that caused the NRC to drop its performance assessment from Column 1 of the ROP’s Action Matrix into Column 2, 3 and eventually 4. The NRC developed the ROP in the late 1990s in response to high-profile troubled nuclear plants like Millstone, Salem, and Cooper.

The Action Matrix has five columns. A reactor with performance so bad that the NRC places it into Action Matrix Column 5 cannot operate until the NRC is satisfied enough of the problems have been corrected to permit restart.

Dan Dorman and Don Jackson tried to explain during the meeting that it was not the number of problems that determined placement into Column 5, it was the severity of the problems that mattered. They said several times that the 10 to 15 apparent violations identified by the team reinforced the NRC’s determination that Pilgrim was a Column 4 performer, but did not cause them to feel movement into Column 5 was warranted.

The Action Matrix is like our legal system. Persons guilty of a single misdemeanor generally receive lesser sanctions than persons guilty of multiple misdemeanors who in turn generally receive lesser sanctions than persons guilty of a single felony. Persons guilty of multiple felonies tend to be those receiving the severest sanctions and incarceration.

Pilgrim got into Column 4 as the result of several violations identified by NRC inspectors that were classified as White, the second least severe classification in the NRC’s Green, White, Yellow, and Red system. The data suggest performance shortcomings warranting regulatory attention, but it doesn’t suggest a trip to nuclear jail.

The Argument for Pilgrim Shutting Down

The NRC panelists stated several times during the meeting that they did not see any immediate safety concern that required Pilgrim to be shut down. Those assurances would be more meaningful and credible had the panelists or their NRC colleagues periodically seen an immediate safety concern, even from a distance.

The last time the NRC saw an immediate safety concern and ordered an operating reactor to shut down was March 31, 1987 when the agency ordered the Unit 2 and 3 reactors at the Peach Bottom nuclear plant in Pennsylvania to be shut down (the Unit 1 reactor had already been permanently shut down). Dan Dorman and Ray Lorson did not join the NRC staff until 1991. Don Jackson did not come to the NRC until 2003. Of the four NRC panelists, only Bill Dean was with the agency the last time an immediate safety concern was spotted.

Yet there have been times since 1987 when immediate safety concerns have existed:

Davis-Besse Safety Blindspot

In the fall of 2001, the NRC staff drafted an order that would require the Davis-Besse nuclear plant to be shut down. To justify the order, the NRC staff assembled the strongest circumstantial case one could hope to build that an operating reactor was unsafe. The NRC staff evaluated the reactor against five criteria in Regulatory Guide 1.174 (RG 1.174). All five criteria had to be satisfied for a reactor to be considered safe. The NRC staff determined that one criterion was not met and the other four criteria were most likely not met. Absent dead bodies or a mushroom cloud, you cannot build a stronger case that an operating reactor is unsafe.

Fig. 4 (Source: Nuclear Regulatory Commission)

But NRC senior managers shelved the order and allowed Davis-Besse to continue operating. When the reactor finally shut down, workers discovered the reactor was less safe than the NRC staff had feared. Per the NRC, Davis-Besse came closer to a meltdown than any reactor since the Three Mile Island accident in March 1979 (much closer than Peach Bottom ventured in March 1987).

Worse still, when interviewed by the NRC’s Office of the Inspector General, the NRC senior managers stated, under oath, stood behind their decision. They claimed they needed absolute proof that an operating reactor was unsafe before they would order it shut down. Somehow, failing to meet five of five safety principles does not constitute absolute proof to the NRC. Perhaps not meeting eight or nine out of five safety principles would suffice.

Oconee Safety Blindspot

In June 2010, the NRC issued a confirmatory action letter (CAL) to the owner of the Oconee nuclear plant in South Carolina. The CAL required that the owner take fifteen steps to reduce risk of failure at the upriver Jocassee Dam (which was also owned by Oconee’s owner) and to lessen the flooding vulnerability at Oconee should the dam fail.

The NRC staff discovered that the failure rate for the Jocassee Dam was as high as other hazards that Oconee was protected against. Thus, failure of the dam could not be dismissed as incredible or overly speculative.

The NRC staff further estimated that if the Jocassee Dam failed, flooding at the Oconee site created a 100 percent chance of causing all three operating reactors to melt down, all cooling of the spent fuel pools to be lost, and all three reactor containments to fail.

The high risk of flooding causing three operating reactors to melt down prompted the NRC to issue the CAL to Oconee’s owner nine months before flooding caused three operating reactors at Fukushima to melt down.

The hazard was real enough to cause NRC to require the owner to take steps to lower the risk, but not real enough to warrant the reactors to shut down until the risk was better managed.

Most galling is the fact that the NRC withheld information about this hazard from the public. Their June 2010 CAL was issued in secret. When the NRC conducted their annual public meeting in the Oconee community in April 2011—about six weeks after flooding melted three operating reactors at Fukushima—they said nothing about the CAL being issued to better manage flooding vulnerabilities at Oconee. The public cannot trust an agency that withholds relevant information from them.

It may be true that the NRC would order an operating reactor to be shut down if it saw an immediate safety concern. But it’s been nearly thirty years since the NRC noticed an immediate safety concern at an operating reactor. Since then, the NRC has noticed very serious safety problems at Davis-Besse and Oconee, yet allowed those reactors to continue operating.

The Davis-Besse and Oconee cases occurred after the NRC adopted the ROP and its Action Matrix. None of the safety problems that led to the NRC staff drafting a shutdown order for Davis-Besse or issuing a CAL for flood protection problems at Oconee were considered in the ROP. Thus these safety problems were entirely invisible as far as the Action Matrix was concerned.

The NRC should not rely on a safety yardstick that ignores significant safety issues.

UCS’s Argument about Pilgrim

Because the NRC has demonstrated its ability to jettison safety standards when an operating reactor doesn’t measure up, and because it has not recently demonstrated an ability to spot an immediate safety concern, it is entirely reasonable for the community around Pilgrim to have anxiety about the plant’s known performance problems. Shutting down Pilgrim would lessen that anxiety.

Should public anxiety be used as a pretext for shutting down an operating reactor?

Absolutely not.

Instead, the public should have trust and confidence in the NRC to protect them from Pilgrim’s problems. But the NRC has not done much to warrant such trust and confidence by the NRC. If public anxiety is high, it’s because public trust and confidence in the NRC is low.

Public trust and confidence in the NRC should be the proper context for a troubled reactor continuing to operate.

That proper context is missing.

The NRC must take steps to restore public trust and confidence. They should consistently establish and enforce safety regulations. NRC senior managers must stop looking for absolute proof that operating reactors are unsafe and instead look for absolute proof that operating reactors comply with federal safety regulations.

And when NRC senior managers see safety problems, they must disclose that finding to the public. Hiding such information, as they did with the flooding vulnerabilities at Oconee, provides the public with a distorted view. And such antics provide the public with zero reason to trust anything the NRC utters. When you cherry-pick what you say and when you say it, you stop being a credible authority.

If the NRC allows Pilgrim to continue operating and the reactor has an accident, will the agency be able to honestly look victims and survivors in the eye and say they did everything they could to protect them?

Nuclear Regulatory Crusader

To many, the acronym NRC stands for Nuclear Regulatory Commission. At times, NRC has been said to stand for Nobody Really Cares, Nuclear Rubberstamp Committee, and Nielsen Ratings Commission.

In regard to Larry Criscione, it may stand for Nuclear Regulatory Crusader.

(Source: NRC)

Larry is an engineer working for the U.S. Nuclear Regulatory Commission (NRC). Last year, Larry received the Joe A. Callaway Award for Civic Courage from The Safeek Nader Trust. Joe Callaway established the award in 1990 to recognize individuals who, with integrity and at some personal risk, take a public stance to advance truth and justice.

In March 2011, the three operating reactors at the Fukushima Daiichi nuclear plant in Japan melted down after a tsunami generated by a large earthquake flooded the site and disabled primary and backup power supplies to emergency equipment. In public, the NRC denied that reactors operating in the U.S. were vulnerable to such hazards.

In private, the NRC knew otherwise.

Flooding Risk at Oconee

In June 2010—nine months before Fukushima—the NRC issued a Confirmatory Action Letter to the owner of the Oconee nuclear plant in South Carolina requiring more than a dozen measures be taken. The measures were intended to lessen the chances that the Jocassee Dam fails and to increase the chances that the three operating reactors at Oconee survive should the dam fail anyway.

An evaluation showed that if the dam—located about 21 miles upriver from Oconee—failed, the site would be inundated with about 12.5 to 16.8 feet of flood water. The site was protected by a flood wall about seven feet tall, so it mattered little whether the actual depth was 12.5, 13, 14, 15, or 16.8 feet.

The NRC estimated that if the dam failed and flooded the site, there was a 100 percent chance that all three reactors would meltdown.

But the NRC issued the Confirmatory Action Letter secretly and did not tell the public about the hazard it required Oconee’s owner to lessen. After Fukushima tragically demonstrated the hazard posed by flooding, the NRC continued to cover-up measures taken and planned to lessen the flooding vulnerability at Oconee.

Larry and the OIG

So, Larry sent a 19-page letter dated September 18, 2002, to the NRC Chairman chronicling this history and asking four things:

  1. The NRC’s Office of General Counsel (OGC) should review the documents related to flooding at Oconee and the associated federal regulations to determine whether the documents could be made publicly available.
  1. The NRC’s Office of Nuclear Security and Incident Response (NSIR) should review the information on flooding hazards redacted from documents released to the public in response to Freedom of Information Act (FOIA) requests to determine whether additional information could be made publicly available.
  1. Based on the OGC and NSIR reviews, ensure that all flooding hazard documents that can be made publicly available are publicly available.
  1. The NRC’s Office of the Inspector General (OIG) should investigate whether the agency has been inappropriately marking documents as containing “Security-Related Information.”

Exercising his rights under the Lloyd-La Follette Act of 1912, Larry copied U.S. Congressional staff members on the email transmitting his letter to the NRC Chairman.

Larry’s letter was obtained by a reporter and featured in a Huffington Post article dated October 19, 2012.

As Larry had requested, the NRC’s OIG investigated handling of documents about flooding hazards. But rather than investigate whether NRC had improperly withheld information as he contended, OIG investigated whether Larry had improperly released information. As detailed in our 2015 report on the NRC and nuclear power safety, OIG made Larry an offer—he could voluntarily resign from the NRC or they would turn over his case to the Department of Justice (DOJ) for prosecution.

Larry did not resign.

OIG did refer the case to DOJ.

DOJ did not prosecute.

Through FOIA, UCS obtained DOJ’s response to NRC declining to prosecute Criscione. Under the Primary Reasons for Declination section, DOJ checked one box—No Federal Offense Committed.

Fortunately for Larry, not breaking the law is not yet against the law.

Thanks to Larry’s selfless efforts, the flooding hazards at Oconee have been made public. Larry had been right about the NRC inappropriately withholding information from the public. When lawyers and investigators were all through, the information he sought to have publicly released was publicly released. The NRC lacked legal grounds to continue hiding it.

More importantly, NRC’s mangers may think twice—or at least once—before withholding dam safety information in the future.

Unfortunately for Larry, he experienced unnecessary stress and expense defending himself against baseless OIG investigations. The Callaway Award does not fully offset those unfortunate consequences. But it helps show Larry and others who have our backs that not everyone wants to twist a dagger in their backs.

A video of the award presentation and Larry’s acceptance speech has been posted to YouTube.

Bottom Line

Doing the right thing when it’s relatively easy fails to accurately measure courage.

Larry Criscione did the right thing when it was a very hard thing to do. He could have remained silent like so many of his co-workers opted to do. He faced a strenuous courage test and aced it.

Is North Korea Planning a Missile Launch?

A press story from South Korea reports that the North may be preparing for a missile test launch, possibly in the next few days. Some suggest this could be intended as fireworks for Donald Trump’s inauguration.

While this story talks about the test being of a long-range missile (an “ICBM”) the few details that have been made public don’t seem to support that—although not much is known at this point.

The press story said that the South Korean military has reported seeing two missiles on mobile launchers. It reports that the missiles are less than 15 meters in length.

The KN-14 missile, which was seen in on October 2015 parade and is thought to be a prototype for a long-range missile, is estimated to be about 17 meters long—which would appear to rule it out.

Moreover, while there has been a ground test of an engine that might be used for this missile, it’s not clear how close this missile is to actual flight testing. Since the initial flight test of this new missile has a relatively low chance of success, Pyongyang may not want to risk a test failure if the timing is meant to send a message around the inauguration.

Musudan?

It seems more likely that what was seen are Musudan (Hwasong-10) missiles, which are also carried on mobile launchers and are about 12 meters long. This missile had a successful launch in June 2016, following a string of five failures. It may have suffered two additional failures in October. So another launch of this missile also carries risk of failure.

The Musudan has a range of about 3,000 km, based on the June test. This is far short of ICBM range, which technically is considered anything over 5,500 km, but would need to be 8,000-9,000 km for a North Korean missile to reach the US west coast.

However, one report quoted a military official as saying that the missile observed was “different from a conventional Musudan missile in its length and shape,” so until we get more information the jury is still out on what Pyongyang may be planning.

Not-so-Fabulous Five

To some, “Fabulous Five “ brings back memories of the 1991 recruits for the University of Michigan’s basketball team—Chris Webber, Jalen Rose, Juwan Howard, Jimmy King, and Ray Jackson. The five powered Michigan to the NCAA Division I championship games in 1992 and 1993.

Others may recall the “Fab Five,” a made-for-TV movie about a 2006 cheerleader scandal at a high school in Texas.

No one hearing “Fabulous Five” thinks about the performance of the nuclear reactors owned and operated by Entergy between 2011 and 2015. The performance during those five years was anything but fabulous, unless fabulously bad counts.

Performance Reports

Every quarter, the Nuclear Regulatory Commission (NRC) takes operating data submitted by plant owners and findings by the NRC’s inspectors to assign each reactor to one of five columns in the agency’s Action Matrix. When performance meets or exceeds NRC’s expectations, a reactor is placed in Column 1. If performance levels drop, a reactor gets placed into Columns 2, 3, or 4 depending on the depth and breadth of the performance decline. When performance drops so low that operation is not permissible until problems are corrected, a reactor falls into Column 5. The NRC began using this rating system in the fourth quarter of 2000.

Back in 2000, there were 105 reactors operating in the United States. Several reactors permanently shut down and one reactor commenced operating for a current total of slightly under 100 operating reactors. Entergy operated 11 reactors during much of that period, with one reactor permanently shutting down in recent years. Based on the average Action Matrix column placement, Entergy’s reactors generally outperformed the U.S. reactor fleet between 2000 and 2010 as shown in Figure 1. (Action Matrix column placement is like golf scores—low numbers win.) But the performance of Entergy’s reactors significantly declined beginning in 2011.

Fig. 1 (

Fig. 1 (Source: Union of Concerned Scientists)

Performance Plunge

Figure 2 shows a closer look at this five-year period. For the first and second quarters of 2011, all eleven of Entergy’s reactors were placed by the NRC into Action Matrix Column 1. Those ratings reflect top performance—the NRC does not issue 1-plus scores. By fourth quarter 2014—just 14 quarters later—the average Entergy reactor was in Action Matrix Column 2. The performance difference between Entergy’s reactors and all U.S. reactors was wider than ever, and not in Entergy’s favor.

Fig. 2 (

Fig. 2 (Source: Union of Concerned Scientists)

But 10 to 11 reactors is a smaller sample than 98 to 105 reactors. Perhaps one poorly performing reactor is dragging down the Entergy fleet. Figure 3 belies that notion. Only two of Entergy’s eleven reactors remained in Column 1 each and every quarter between 2011 and 2015: Indian Point Unit 2 and Vermont Yankee. The other nine reactors visited Columns 2, 3, and 4.

Fig. 3 (

Fig. 3 (Source: Union of Concerned Scientists)

The individual Entergy reactor ratings are hard to discern. Only people who do extremely well on ink blot tests and those who can relax their minds to see prancing unicorns or frolicking grizzly bears emerge from squiggly line drawings can get much out of Figure 3. The rest of us can hopefully gain these insights from Figure 4. This figure shows the percentage of U.S. and Entergy reactors placed into Column 1 each quarter by the NRC from 2011 to 2015. For the first and second quarters of 2011, 100 percent of Entergy’s reactors resided in Column 1—a feat the U.S. reactor fleet has never achieved. But by the fourth quarter of 2014, only 30 percent of Entergy’s reactors remained in Column 1. It was clearly not a case of one bad apple spoiling the bushel, but a fleet with bushels of reactor performance problems.

Fig. 4 (

Fig. 4 (Source: Union of Concerned Scientists)

Bottom Line

The NRC rates performance for each individual reactor. For example, the NRC has rated performance for Indian Point Unit 2 as being in an Action Matrix column while placing Indian Point Unit 3 in another column, despite the reactors being side-by-side at the same site under the same management. Such granularity has its advantages. Like snowflakes, no two reactors are identical and their differences can, and do, factor into performance differences.

The NRC does not connect these individual dots to see the bigger picture. Thirty percent of Entergy’s fleet rated outside of Column 1 cannot be explained by a faulty design, an incapable senior manager, or poor relationships between work force and management. Bad luck might explain an underperforming reactor or two. But bad luck does not cause performance to drop at 70 percent of the Entergy fleet. At times, individual snowflakes team up to cause blizzards.

When its performance assessments reveal broad underperformance by the owner of a fleet of nuclear reactors, the NRC must determine whether bad corporate behavior is spoiling the bushel of reactors. The NRC need not give aptitude tests to Chief Nuclear Officers or examine budget allocations. The NRC could simply issue a “Show Cause” order to the owner requiring a formal response as to why so many of its reactors have performance problems.

When many among a fleet of ships is listing, taking on water, or steaming off-course, it would be irresponsible to wait until a ship sinks before asking the Admiral of the Fleet “what’s up?” NRC cannot wait for a reactor to meltdown before asking Entergy to explain why so many of its reactors are experiencing so many problems.

UCS to the NRC: Stop Dragging Your Feet on Important Nuclear Security Updates

Yesterday, UCS sent a letter to Nuclear Regulatory Commission (NRC) chairman Stephen Burns urging the NRC to quickly issue new versions of two outdated security documents that play a critical role in defining how nuclear plants can be adequately protected against terrorist attacks.

 NRC)

NRC Chair Burns (Source: NRC)

The NRC requires nuclear power plants to be protected against radiological sabotage. The design basis threat, or DBT, specifies the characteristics of the attackers that a nuclear plant’s security plan must be designed to protect against (e.g., how many attackers and what sort of equipment they may have). The DBT includes both physical attacks and cyber attacks, and specifies that the attackers can include both outsiders and insiders.

In addition, the 2005 Energy Policy Act requires that every three years the NRC must stage mock attacks (known as “force-on-force” exercises) at each nuclear power plant to demonstrate that plant security forces can protect against the DBT.

As is the case for many of its other regulations, the NRC issues documents that provide guidance to nuclear reactor owners on acceptable means for meeting these security requirements. The NRC periodically reviews these guidance documents and updates them when appropriate. However, the NRC is taking far longer than usual to revise two important security guidance documents, which have not been updated since 2007 and 2009.

Why?

Because the nuclear industry is blocking the way. As I note in the letter, “finalizing the revisions has been unnecessarily delayed due to extensive, persistent and … unreasonable objections raised by the Nuclear Energy Institute (NEI) and the power reactor licensees to the changes proposed by the NRC staff.”

 

Trump and the Nuclear Codes: How To Launch a Nuclear Weapon

There has been a lot of talk about the fact that after his inauguration, Donald Trump will have his finger on the “button” used to launch nuclear weapons. But the president does not actually have a “button.”

Instead when he becomes president he will be given nuclear codes that enable him to launch a nuclear strike.

What does that actually mean?

The Nuclear Football: Speed Matters

The US nuclear launch system is built for speed: it is designed to allow the president to be notified of warning of an incoming attack, be briefed on the specifics, decide what to do, and launch the response, all in less than the 30 minute flight time of an attacking long-range missile.

This demanding timeline was established during the Cold War to allow US land-based missiles to be launched on warning of an attack, before the attacking missiles could land and destroy them in their silos. It persists today despite the fact that most US nuclear weapons are deployed on submarines at sea, which are invulnerable to such an attack; quick launch of land-based missiles is therefore no longer needed for deterrence.

 Smithsonian Inst.)

The football (Source: Smithsonian Inst.)

The short timeline means in practice the president may have less than a minute to be briefed by military officers and his advisors, and have fewer than 10 minutes to decide whether to order a launch.

Warning of attack could come when the president is essentially anywhere, with no time to get to the White House situation room or the Pentagon.

The only way to make this system work is to ensure everything the president needs to order a launch is never far from his side. So he is constantly escorted by a military officer carrying a 45-pound “nuclear briefcase”—typically called the “football.” The football contains, among other things, a secure communications system and the “black book” that lists the menu of preset launch options the Pentagon has drawn up.

The Nuclear Codes: Who’s Who

The president could also, in principle, use the football to order a nuclear strike that was not in response to an attack.

No matter why he ordered a launch, the president needs a way to convince those in the military who actually carry out the launch order that he really is the president and not, for example, a Russian hacker.

That’s where the “nuclear codes” come in. They aren’t codes to actually launch missiles, but to allow the president to prove he is authorized to order a launch.

The codes are a list of letters on essentially a 3×5 card, called the “biscuit,” which are updated daily. To prove he is the president, he must be able to provide the right code from the list on the card. The card may be carried in the football, although some presidents have chosen to carry it with them.

Once the president has provided the proper codes for the day, no one has the authority to stop the launch process.

The Nuclear Launch Order

Once the president has provided the correct identification codes and his launch option over a secure communication line, officers in the Pentagon’s “war room,” or National Military Command Center (NMCC), send out encrypted messages, called the Emergency Action Messages (EAMs).

 Dept. of Defense)

Missile launch officers (Source: Dept. of Defense)

The EAMs are the actual launch orders giving the details of the launch. The EAMs would go, for example, to the officers in the various underground Launch Control Centers who would launch US land-based missiles.

The EAMs specify the launch plan, including the targets and number of warheads to be launched, and the time of the launch. They also contain launch authorization codes that allow the launch crews to confirm that the order is real by comparing it to codes they have in their safes. These are called “sealed-authentication system” (SAS) codes.

Once the EAM arrives, ICBM crews can launch their missiles in 60 seconds and submarine crews can launch in 12 minutes. In that time, the US could launch some or all of the roughly 900 nuclear weapons it keeps ready for immediate launch. The remaining deployed weapons in the US arsenal would take longer to launch. These include aircraft carrying bombs and cruise missiles, and missiles on submarines at sea but out of range of their targets.

Watts Bar Hokey Pokey is Not Okey Dokey

Fission Stories #200

The Watts Bar Nuclear Plant near Spring City, Tennessee has two pressurized water reactors (PWRs) like that shown in Figure 1. Water flowing through the reactor core gets heated to over 500°F, but does not boil because pressure of over 2,000 pounds per square inch prevents it. The heated water flows through tubes inside the steam generators. Heat conducted through the thin metal walls of the tubes boils water surrounding the tubes. The steam flows through a turbine that spins a generator to make electricity.

Fig. 1(

Fig. 1(Source: Nuclear Regulatory Commission)

PWRs feature emergency core cooling systems (see Figure 2) intended to provide makeup water should a pipe connected to the reactor vessel break and rapidly drain the pressurized water from the vessel. Accumulators located inside the containment building are metal tanks partially filled with water. The remaining space inside the accumulator above the water level is filled with nitrogen gas. The nitrogen gas is pressurized. If a pipe breaks, the pressure inside the reactor vessel will decrease as water jets out the broken pipe ends. When the reactor vessel pressure drops below about 600 pounds per square inch, the accumulator water will be “pushed” into the reactor vessel. The charging, safety injection, and residual heat removal pumps located outside containment will start up and supplement the water makeup function.

Fig. 2 (

Fig. 2 (Source: Nuclear Regulatory Commission)

The emergency core cooling (ECC) accumulators and pumps are designed to maintain adequate cooling of the reactor core for breaks of small, medium, or large diameter pipes connected to the reactor vessel. As shown in Figure 3, the size of the break determines how quickly the transition from the high head injection (e.g., charging pumps) systems to the low pressure systems.

Fig. 3 (

Fig. 3 (Source: Nuclear Regulatory Commission)

Each PWR at Watts Bar has two charging pumps. Each charging pump is powered by an electric motor and is designed to provide 150 gallons per minute of makeup flow at the high pressure conditions. The charging pumps are located within the auxiliary building that is adjacent to the reactor containment building. Because it gets warm in Tennessee during the summer and the running motors on the charging pumps give off more heat, air conditioning units called room coolers are installed in the auxiliary building to protect the charging pumps from overheating damage. (The irony is duly noted—the components installed to protect the reactor core from overheating damage are vulnerable to overheating damage themselves.)

Each room cooler consists of a bladed fan that blows air across metal tubes filled with cooling water. The air gets cooled down as it flows past the tubes. The fan is spun by an electric motor. A belt wraps around the motor shaft and fan shaft so that when the former rotates, the latter rotates too.

Revisions and re-revisions

On November 3, 1995, the shaft for a fan on one of the charging pump room coolers for Watts Bar Unit 1 was discovered to be damaged. Workers determined that the fan belt had been tightened too much, causing the fan shaft’s damage. The maintenance procedure for the room coolers was revised to include more guidance for properly installing and tensioning the fan belt. The procedure revision was a CAPR—corrective action to prevent recurrence.

And it did prevent recurrence, at least until 2011. A revision to the maintenance procedure in 2011 removed the guidance on proper tensioning of the fan belt.

Charging pump room cooler 1B-B was found broken on December 4, 2015. Workers disassembled the unit, repaired or replaced its broken parts, and reassembled it.

Charging pump room cooler 1B-B was found broken on August 3, 2016. Workers determined that the fan belt had been tightened too much which put more strain on the fan bearing causing it to degrade.

The corrective action was to re-revise the maintenance procedure to reinsert the guidance about properly installing and tensioning the fan belt. Workers also checked all other coolers at Watts Bar that had their fan belts tensioned during the 2011 revision to the maintenance procedure to ensure they were properly tightened.

Report to the Commission

The charging pumps provide high pressure makeup to the reactor vessel should a broken pipe cause a loss of coolant accident. If the pipe has a large diameter, the reactor vessel pressure will quickly drop down to the range where the accumulators and the residual heat removal pumps can supply the necessary makeup water. Following breaks of smaller diameter pipes, the reactor pressure will also decrease, albeit at a slower rate. An evaluation by Westinghouse, the vendor for the PWRs at Watts Bar, concluded that the charging pumps might be needed for up to 7.5 days during an accident.

An engineering evaluation by the owner concluded that a charging pump running without its associated room cooler would fail in about 74 hours due to overheating of its electric motor. Because the faulty room cooler could have prevented the charging pump from operating for the entire duration of its safety mission, the owner reported the problem to the NRC.

Our Takeaway

Workers at Watts Bar danced the nuclear hokey pokey. They started with the fan belt guidance out of the procedure, then took the step of putting the guidance into the procedure, back-stepped to remove the guidance, and re-took the step of placing the guidance back into the procedure. When it was in the procedure, the fan belt guidance seemed to protect against room cooler failures. Perhaps it’s time to stop the hokey pokey now that the useful guidance is once again in the procedure.

Right now, the nuclear industry seeks to significantly reduce costs through its Delivering the Nuclear Promise initiative while the Nuclear Regulatory Commission seeks to downsize through its Project AIM efforts. The lesson of this Watts Bar episode should not be lost upon the promisers and projectors. The workers who removed the fan belt tensioning guidance in 2011 were likely unaware of the reason it had been added back in 1995. Before the promisers and projectors discontinue this practice or eliminate that activity, they need to make really sure they are not undoing past fixes. Perhaps it is no longer necessary to do that thing, or perhaps it can be done more efficiently. But the reasons why practices were started need to be fully understood before they can be safely discontinued or streamlined.

In other words, put on the thinking caps and take off those hokey pokey dancing shoes.

Fission Stories” is a column by Dave Lochbaum. For more information on nuclear power safety, see the nuclear safety section of UCS’s website and our interactive map, the Nuclear Power Information Tracker.

Frazzled at FitzPatrick

Fission Stories #199

The James A. FitzPatrick nuclear plant near Oswego, New York has one boiling water reactor (BWRs) with a Mark I containment design. Water flowing through BWR cores is heated to boiling with the steam flowing through turbine/generator to make electricity. Steam exits the turbines and flows past thousands of tubes within the condenser. Water from the lake flowing inside the tubes cools the steam and transforms it into water. The condensed steam is pumped to the reactor vessel to make more steam.

Fig. 1 (Source: Nuclear Regulatory Commission)

The operators reduced the reactor power level on January 22, 2016, to 65 percent for scheduled maintenance. At 10:17 pm on January 23, the operators had increased the reactor power level to 89 percent on the way back to full power following completion of the maintenance. An alarm alerted them that the water level at the intake structure had dropped nearly two feet below normal. Environmental conditions formed chips of ice, called frazil ice, in the lake. Water being drawn into the plant caused ice to collect on the traveling screens at the intake structure. The traveling screens are metal mesh plates that rotate on rollers to prevent debris in the lake water from being drawn into the plant. Ice accumulating on the traveling screen partially blocked the incoming flow. As a result, the water level inboard of the traveling screens dropped lower than the lake’s level. If that level dropped too low, the circulating water pumps would pull in air instead of water (Fig. 2).

Fig. 2 (

Fig. 2 (Source: Nuclear Regulatory Commission)

By procedure, the operators responded to the alarm by reducing the reactor power level to 75 percent and turning off one of the three pumps that circulate lake water through the condenser (Fig. 3). Reducing the incoming water flow rate reduced the amount of ice drawn onto the traveling screens. But the water level at the intake structure continued dropping until it reached four feet below normal. Per procedure, the operators manually scrammed the reactor at 10:40 pm.

Fig. 3 (

Fig. 3 (Source: Nuclear Regulatory Commission)

Scramming the reactor caused control rods to fully insert within seconds to terminate the nuclear chain reaction. The rapid power reduction significantly reduced the amount of steam flowing to the turbine/generator, leading to the turbine being turned off and the generator taken offline.

With the reactor operating, electricity produced by the generator flowed out through the switchyard to the offsite power grid. Electricity from the generator also flowed through a transformer to supply power to equipment throughout the plant.

The plant’s design called for the power supply to swiftly transfer from the generator’s output to the offsite power grid through two other transformers. But the cold weather hardened the lubricating oil for electrical breaker 10042 in the switchyard, causing it to open more slowly than desired. The slowed breaker prevented the swift transfer. Instead, supply was transferred about three seconds later by a backup logic circuit. That momentary power interruption caused non-essential equipment throughout the plant to stop running; most notably, the other two circulating water pumps at the intake structure.

Fig. 4 (

Fig. 4 (click to enlarge) (Source: Nuclear Regulatory Commission)

With no lake water flowing through the tubes inside the condenser, the operators manually closed the two isolation valves in the main steam lines between the reactor vessel and the turbine/generator. Steam continued to be produced by the reactor core’s decay heat. This steam had no place to go and caused the pressure inside the reactor vessel to rise. When the pressure rose about 10 percent above normal pressure, safety/relief valves (SRVs) automatically opened to discharge steam through a pipe into the water of the suppression chamber (also called the torus due to his donut shape.) When the pressure dropped sufficiently low, the SRVs automatically reclosed. The SRVs cycled opened and closed to control reactor pressure (Fig. 5)

Fig. 5 (

Fig. 5 (Source: Nuclear Regulatory Commission)

HPCI Use and Misuse

By procedure, the operators started the High Pressure Coolant Injection (HPCI) system in pressure control mode. The HPCI system uses a turbine supplied with steam from the reactor vessel to spin a pump that transfers makeup water from the Condensate Storage Tank to the reactor vessel. The steam exiting the HPCI turbine flows into the suppression chamber water. HPCI system operation prevents the SRVs from cycling opened and closed. The SRVs have a nasty habit of sticking open, so minimizing the times they open lessens the chances they stay open.

The normal source of water for the HPCI system is the Condensate Storage Tank. But if this tank’s water level drops too low or the water level inside the suppression chamber rises too high, valves will automatically close and open to swap the supply from the Condensate Storage Tank to the suppression chamber.

More than an hour after the scram, the water level within the suppression chamber was approaching the swap-over setpoint. Procedures directed the operators to bypass the automatic swap-over for this plant condition. The control room supervisor recognized this need and directed the operators to take this step. But they failed to complete the task before the HPCI pump suction was automatically transferred over to the suppression chamber.

Procedures only permitted HPCI to be operated in pressure control mode when it took water from the Condensate Storage Tank. So, the operators had to shut down the HPCI system and revert back to the undesirable reliance on SRVs cycling to control reactor pressure.

The NRC issued a green finding, the least severe among its green, white, yellow, and red violation classification scheme, for the failure to properly implement procedures resulting in the avoidable need to rely on the unreliable SRVs for pressure control.

RHR Use and Misuse

More than twenty-four hours later, the operators sought to place the Residual Heat Removal (RHR) system in shutdown cooling mode. The RHR system is like a Swiss army knife—it can makeup water to the reactor vessel, cool water in the reactor vessel, cool the containment atmosphere, cool the torus water and airspace, and cool the spent fuel pool (Fig. 6).

 Nuclear Regulatory Commission)

Fig. 6 (Source: Nuclear Regulatory Commission)

The shutdown cooling mode uses one or two of the RHR pumps to take water from a recirculation system pipe connected to the reactor vessel, route it through heat exchangers where lake water cools it down, and return the cooled water to the recirculation system pipe so it flows into the reactor vessel (Fig. 7).

 Nuclear Regulatory Commission)

Fig. 7 (Source: Nuclear Regulatory Commission)

The procedure directed the operators to flush the RHR system piping before placing the system in shutdown cooling mode. The RHR system is normally in standby and stagnant water inside its pipes is “dirty” water compared to the nearly pure water circulating through the reactor vessel. Workers used the condensate transfer system to drain water from the RHR system pipes and replace it with “clean” water. Workers opened valve 10RHR-274 to perform this flushing activity.

The procedure directed operators to close 10RHR-274 before placing the RHR system into the shutdown cooling mode. But the operators failed to close this valve. When properly aligned, the RHR shutdown cooling mode merely circulates water from the reactor vessel through heat exchangers and back to the vessel, neither removing nor adding water inventory. With the improper alignment caused by the open valve, the RHR shutdown cooling mode added water to the reactor vessel. And not just a little bit of additional water.

The normal water level inside the reactor vessel is about 196 inches (16 1/3 feet) above the top of the reactor core. A rule-of-thumb is that about 200 gallons of water is needed to raise or lower the vessel level by one inch. So, nearly 40,000 gallons of water must drain out or boil off for the normal water level to drop to the reactor core’s level, even more to uncover the core.

Fig. 8 (

Fig. 8 (Source: Nuclear Regulatory Commission)

By running RHR shutdown cooling mode with the valve mistakenly open, the operators added water to the reactor vessel at FitzPatrick until water poured into the main steam lines. The main steam lines are located about 86 inches (over 7 feet) above the normal water level. It took nearly 17,200 gallons of water to increase the vessel level to the point of sending water down the main steam pipes.

As shown in Fig. 8, the level of the main steam line nozzles is above the upper scales of the Narrow Range and Wide Range water level instruments—the gauges the operators are trained to monitor frequently. Even if distracted, an alarm sounds in the control room when the vessel level rises just a few inches (not feet) above normal.

Sending water through the main steam lines could have disabled the HPCI system, the Reactor Core Isolation Cooling (RCIC) system (a smaller version of HPCI), and the SRVs. These systems and components are designed for steam, not water. Overfilling the reactor vessel could have taken away all of the high pressure safety systems for the reactor.

The NRC issued a green finding, the least severe among its green, white, yellow, and red violation classification scheme, for the failure to follow procedures resulting in loss of vessel level and potential impairment of multiple safety systems.

Our Takeaway

The HPCI swap-over miscue is a reminder of the trap one can fall into when given plenty of time to accomplish a short-term task. It did not take very long to install the bypass on the automatic swap-over. The operators had many tasks to perform besides installing the bypass. It was tempting to undertake seemingly higher priority tasks during the ample time before the swap-over point was reached. But time expired before the bypass was installed.

The RHR shutdown cooling miscue is a reminder about the importance of follow-up. Operators must maintain situational awareness, especially after the situation changes. In this case, placing the RHR system in shutdown cooling mode should have been followed by close monitoring of reactor water parameters to confirm that the temperature began decreasing and the level remained constant. Early awareness that something was wrong would have enabled intervention to minimize the consequences.

This one event revealed problems with the operators planning and implementing tasks. If operator performance is deficient when ample time is available and stress levels are low, how would the operators perform during an accident? The NRC’s Green findings would likely become Yellow or Red as the consequences of miscues become more significant.

So, the proper response to NRC’s slaps on the wrists is not to purchase wrist guards to lessen the sting of future slaps, but to take steps necessary to avoid future slaps, or worse.

Fission Stories” is a column by Dave Lochbaum. For more information on nuclear power safety, see the nuclear safety section of UCS’s website and our interactive map, the Nuclear Power Information Tracker.

Peter Navarro: Trump’s “China Policy Czar” ?

President-elect Trump named Peter Navarro to head the as-yet-uncreated White House National Trade Council. What does this portend?

Michael Wessel, a long-serving member of the US-China Economic and Security Review Commission (USCC), argued the United States government needs “to put somebody in charge” of US China policy “who looks at both the economic and national security implications of the US-China relationship and recognizes that they are inextricably intertwined.” Navarro definitely fits that description.

Navarro’s China: “The Planet’s Most Efficient Assassin”

It is not clear what this council will do or how it might influence US-China relations. What is clear is that Dr. Navarro believes that trade with China is a zero-sum game the United States is losing. Moreover, the Harvard-educated economist also believes that “an authoritarian and increasingly militaristic China” is using its supposed trade advantage to execute “a hegemonic agenda” that could lead to a nuclear war with the United States.

 

 Death by China.

Dr. Peter Navarro pictured next to a poster advertising a film based on his book: Death by China.

Dr. Navarro authored a trilogy of books that articulate his view of the “inextricably intertwined” relationship between the China trade and the possibility of nuclear war. In those books he argues that China is “the greatest single threat facing the United States” and that “every ‘Walmart dollar’ we Americans spend on artificially cheap Chinese imports” increases that threat. He describes China as a “budding colonial empire” with “lethal appetites” for energy and raw materials that are feeding “the extremely rapid and often chaotic industrialization of the most populous country on the planet.” Most importantly, he argues that China’s rapid modernization has “put it on a collision course with the rest of the world.”

Navarro writes that unless this course is altered the United States and China are “inexorably headed for conflict—and perhaps even a nuclear cliff.” He claims that China “now houses a rapidly growing arsenal of nuclear-tipped ballistic missiles” that are aimed at the United States and most of China’s neighbors, including non-nuclear weapons states like the Philippines and Vietnam. He suggests China may already have thousands of such missiles hidden in an “underground great wall.” Alarmingly, Navarro seems convinced that China’s leaders would “opt for nuclear war” and “ride things out in China’s many bomb shelters” if they cannot prevail in a conventional conflict with the United States.

Few economists would agree that all the benefits of the global China trade accrue to one side, or, in Navarro’s words, that “China has boomed at the expense of much of the rest of the world.” To the contrary, many believe China’s economic development is now the single greatest contributing factor to global economic growth.

Similarly,  Navarro’s characterization of China’s nuclear capabilities draws on a discredited analysis based on questionable sources and methods that are not accepted by US intelligence agencies or security experts.

Nevertheless, his appointment suggests he has the confidence of President-elect Trump, who seems to be using the transition period to signal a dramatic shift in US China policy.

Implications for US China Policy

Navarro’s prescription for change is a policy of economic and military containment. It is based on the following diagnosis from University of Chicago professor John Mearsheimer.

“What really makes China so scary today is the fact that it has so many people, and it’s also becoming an incredibly wealthy country so that our great fear is that China will turn into a giant Hong Kong. And if China has a per capita GNP that’s anywhere near Hong Kong’s GNP, it will be one formidable military power. So a much more attractive strategy would be to do whatever we can to slow down China’s economic growth – because if it doesn’t grow economically, it can’t turn that wealth into military might and become a potential hegemon in Asia.”

Navarro anticipates that US allies, and US consumers, will oppose containment because of the economic costs, which would be higher prices for US consumers and significant disruptions to Asia’s economy. But he believes he can eventually persuade the people of the United States and the policy-makers of Asia that trading with China is equivalent to “helping to finance a Chinese military buildup that may well mean to do us and our countries harm.”

Given this, it is not unreasonable to expect that Dr. Navarro will use the bully pulpit of the White House National Trade Council to make this case for an economic boycott of China.

On the military side Navarro imagines the United States can only keep the peace if it is able to work with its allies to “demonstrate a collective level of capabilities that, on the one hand, are not directly threatening to China, yet on the other hand are unassailable by any imaginable display of Chinese force.” He recommends “using attack submarines” to build an “undersea Great Wall” on China’s periphery. Navarro also supports the deployment of “substantially larger numbers” of “both the F-35 fifth generation fighter and the new Long-Rang Strike Bomber.” Most importantly, he argues that the Chinese leadership must be made to believe that the United States has the “will and resolve” to “use nuclear weapons if they must” to stop conventional Chinese aggression.

It is difficult to believe that China would not find these recommendations “directly threatening.” While the new trade council Navarro will lead is unlikely to deal with military issues, his views may still influence the thinking of others within the administration.

How Might China Respond?

Should the Trump administration act on Dr. Navarro’s recommendations for a policy of economic and military containment, it will most likely strengthen the credibility of China’s defense and foreign policy analysts who perceived the Obama administration’s “pivot to Asia”  as a means of containment. To them, Navarro’s recommendations are a logical acceleration of an already well established anti-Chinese drift in US policy.

Chinese voices who argue for greater engagement with the United States—and greater accommodation of US concerns— are more likely to be marginalized.

US exporters, especially those in the technology sector,  are likely to be effected by increased Chinese efforts to make their economy less reliant on the United States. Already substantial Chinese domestic investment in indigenous technical development is likely to increase.

The Chinese space program offers an interesting guide to the potential consequences. Many of the same US China analysts Dr. Navarro cites in his books were associated with US congressional efforts in the late 1990s to block US contact with the Chinese space community. The restrictive policies they enacted grew more severe over the past two decades. Yet, during that time China made dramatic advances in space science, technology and applications. It also expanded its relationships with other international partners, such as the European Space Agency. US efforts to “contain” the Chinese space sector arguably made it stronger than it otherwise might have been by stimulating the development of domestic Chinese capabilities and alternative international partnerships.

China is unlikely to be overly concerned about Navarro’s recommendations on credible US nuclear threats. For the time being, at least, Chinese strategists assign one and only one purpose to China’s nuclear forces, which is to prevent a nuclear attack on China. Traditionally they have believed that the requirements for preventing such an attack are rather low. Retaliation with as little as a single Chinese nuclear strike against one US city is believed to be enough to deter any US president from attacking China with nuclear weapons.

Navarro, and others around President-elect Trump, may put great stock in the strategic value of his unpredictably but this is unlikely to shake China’s faith in the deterrent effect of its potential to retaliate.

Chinese adaptations to any changes in the US nuclear posture will be focused on assuring the ability of its nuclear forces to survive a US first strike. That may include a modest increase in the size of Chinese nuclear force. But one of the more troubling proposals already under consideration is upgrading the alert status of China’s forces so they can be launched on warning on an incoming US attack. The early warning systems needed to implement such a policy are known to give false warning, especially in the early years of their operation.

Navarro’s recommendations, if acted upon, could cause Chinese leaders to expedite the development and deployment of an early warning system, increasing the risk of an accidental or mistaken Chinese nuclear launch against the United States.

End of the (Weekly) Line

It began on July 6, 2010, with commentary about a flood inside the Unit 2 containment building at Indian Point. Fission Stories were weekly commentaries about nuclear power plant problems. Fission Stories #198 ended the series on September 29, 2015.

In March 2013, the weekly Fission Stories were supplemented by Nuclear Energy Activist Toolkit (NEAT) commentaries. The NEAT commentaries were more educational than advocacy, seeking to explain technology and regulatory processes rather than critique them. NEAT #64 ended the series on September 22, 2015.

The Disaster by Design/Safety by Intent weekly commentaries began on October 6, 2015, with a summary of how U.S. nuclear plants are vulnerable to flooding.

After nearly 325 posts, UCS is retiring the weekly commentaries. Instead, we are reactivating the Fission Stories and Nuclear Energy Activist Toolkit commentaries to join the Disaster by Design/Safety by Intent. When we come across something that warrants commentary, we will use whichever of these templates fits best and post it. The result may be multiple postings in one week or multiple weeks between postings.

This change gives us the freedom of posting commentaries that are more timely and topical rather than finding topics that match the current theme. Hopefully, this will result in better use of our resources and, more importantly, better meet your needs.

We truly appreciate those who have read these commentaries over the years and look forward to sharing our perspectives with you in the future via this revised format.

You can sign up for an RSS feed and be notified of new AllThingsNuclear posts by clicking here. (Note: If you get a screen full of html code when you follow this link, try using a different browser.)

Reflections on the IAEA Nuclear Security Conference: More Participants, Less Focus

Last week I had the opportunity to attend the conference on nuclear security in Vienna sponsored by the International Atomic Energy Agency (IAEA). The conference was enormous, with 2,000 participants from 130 countries. The US official delegation alone had over 100 people. I heard (but have not substantiated) that the ministerial meeting that preceded the technical meeting attracted a larger number of national delegations than any other IAEA conference in its history. By one measure—inclusivity—the conference seems to have been a success.

However, that success came at a price: a reduction of focus on the most serious nuclear threat—the theft of fissile materials (highly-enriched uranium (HEU) and plutonium) that terrorists could use to make improvised nuclear weapons.

The greatest threat: Nuclear-weapon-usable materials

 DOE)

HEU (Source: DOE)

Addressing the threat of theft of these materials was the original purpose of the Nuclear Security Summits that began in 2010 under President Obama and ended in April this year. Countries attending these meetings were encouraged to reduce or eliminate their civil stocks of HEU (and to a more limited extent, plutonium) by shipping them to the US or Russia.

As there is little optimism that the incoming Trump administration will continue a comparable effort, many hope that a successor ­to these Nuclear Security Summits will continue under the IAEA’s mantle. The conference last week was the first to occur after the final Summit in April, and was regarded as the potential launching point for an enduring successor.

Only a relatively small number of countries possess significant quantities of weapon-usable uranium or plutonium (and the number has decreased as the result of the Nuclear Security Summits). Attendance at the Summits was limited to around 50 states that collectively possess 98% of the world’s civil fissile materials (if Russia, who declined to attend the final Summit in 2016, is included).

Radiological threats

However, many more countries have nuclear power plants and research and test reactors than stocks of fissile materials, and even more have radioactive sources for use in medicine and industrial applications. To get more member states actively involved, the IAEA had to broaden the scope of what it considered “nuclear” security to include what is more commonly referred to as “radiological” security. This would range from preventing the sabotage of nuclear power plants to preventing the theft and dispersal of radioactive sources, encompassing a wide spectrum of radiological consequences.

While the risk of radiological attacks is a significant concern, even the most severe radiological terrorism events would be less devastating than the detonation of a crude nuclear weapon, at least in terms of immediate deaths, injuries, and destruction of infrastructure. To lump all these issues together under the general rubric of “nuclear security” distracts from a focus on the greatest dangers.

Even worse, some nations used this broader agenda to divert attention from their greatest security problems. For instance, the French devoted their ministerial statement largely to radiological source security, and failed to address the risks associated with the large stockpile of plutonium within France, or France’s continuing efforts to promote spent fuel reprocessing (which produces plutonium) around the world.

Different threats need different venues

Nuclear terrorism, nuclear power plant sabotage and malevolent use of radiological sources are very different threats and require different measures to protect against them. Optimally they should be addressed in distinct venues.

On the other hand, the scope of the conference should not be so narrow that it excludes issues that do have an important nexus with fissile material security.

Consider one of the actions announced by the United States in its ministerial declaration at the conference: namely, the commitment to make 6 metric tons of excess plutonium that the United States had previously decided to directly dispose of available to the IAEA for monitoring and inspection. Since IAEA safeguards are not intended to protect material against terrorist theft, but to verify that the owner nation is not misusing the material for nuclear weapons purposes, some attendees questioned the relevance of this announcement to the purpose of the conference.

However, as UCS has long pointed out, direct disposal of excess plutonium poses fewer opportunities for theft than the main alternative approach, converting the plutonium to MOX fuel and using it in nuclear reactors. To the extent that the US declaration strengthens the political legitimacy of the direct disposal option, it will further diminish the prospects for the MOX approach and ultimately will avoid an increase in the risk of theft of US excess plutonium by terrorists. It could also provide a model for other countries, like France and Japan, who have accumulated worthless and dangerous stockpiles of plutonium.

Pages