From Jane Galt's blog, the question has come up about what might happen if a US commercial nuclear power plant were struck by a 747 loaded with a fertilizer-type bomb as was used in OKC by Timothy McVeigh (who might have had ties to al-Qaeda via Terry Nichols and Ramzi Yousef).
So what do I know about this? I'm an engineer who spent 10+ years working on 4 different US commercial nuclear power plant sites (7 units - 2 PWRs and 5 BWRs, out of ~100 units). So I know a little about the hardware, the people, the procedures and the regulations. I'm a bit out of date because I haven't worked in the business for a while, but you'll pardon me for assuming that regulations haven't been lightening. And no new sites have begun construction since I was starved out. There's no conflict of interest because I no longer work in the business and I don't even own any stock, and as a mechanical engineer I can profit no matter what form of energy we use. Enough disclosures, let's get started.
Returning to the question, no Updated Final Safety Analysis Report that I have ever seen addresses planeloads of fertilizer bombs explicitly. I think you can guess why. There are provisions for "missile protection", such as uprooted trees, but these would not have the energy of the postulated planeload of fertilizer bombs.
I could go into a long discussion of this, as I'm sure you know by now. Nuclear power plants are not built like office buildings or even the Pentagon. You're talking at least a foot of reinforced concrete for the primary containment building, with a steel liner inside that. Outside that there's the secondary containment which is far less substantial but would soak up some shock.
And then what would happen? Possibly just an indefinitely long shutdown of the reactor while damage is assessed and repaired. They'd have to detonate the bomb just right before the crash dispersed it, and they'd have to hit a target that's substantially smaller than the WTC.
If primary containment were breached, then the reactor would have to be shut down, and hopefully the piping would be intact to do so. That is likely, because that piping, electrical and instrumentation systems within primary containment are built to handle nasty things like earthquakes, pipe whip, and internally generated missiles. And they are subject to "environmental qualification" for steam, high radiation levels, temperature, etc..
Control and power systems are required to be redundant and physically separated such that the same event (fire, explosion, whatever) is not likely to disable both divisions. That physical separation is a lot more concrete, fire barriers et al.
Ordinarily the containment buildings are on the opposite end of the plant from the power lines, so one would expect that there wouldn't be much physical damage to these. That suggests that offsite power would still be available. But let's shut it off anyway. And let's assume that any other units onsite are shut down, so they can't provide any power either. Then what?
There are still two redundant trains of onsite power, most likely diesel generators. They'll be sitting in separate seismically qualified buildings of reinforced concrete some distance away from the containment, with about 7 days worth of fuel in tanks that are probably buried in reinforced concrete underground. They're tested at least monthly to show that they'll pick up plant loads in a prescribed order to make sure that essential plant motors and controls receive power as necessary for a shutdown.
Back to the containment. Let's say it's Osama's lucky day and we've breached secondary containment, primary containment, and a few more feet of the reinforced concrete that makes up biological shielding, the drywell, or whatever other such facilities an individual plant might have (I can't speak for every design out there, but there's quite a bit of standardization because only 4 companies have reactors running and they're all regulated by the same Federal agency). We've breached the primary loop so severely that the reactor cannot be brought to a cold shutdown and we have a partial core meltdown a la TMI.
The bad news is that this will be worse radiologically than TMI. The good news is that TMI wasn't that bad. We're not talking Chernobyl here - the reactor internals don't contain tons of graphite to stoke a huge fire and form immense clouds of particulates (and we don't have a government that will tell everyone that nothing happened when an accident is visible from outer space. ) You'd be talking steam, short half-life isotopes of nitrogen, gaseous fission products generated inside the failed fuel rods, and possibly other radioactive nasties that can become airborne (I can't think of any, and they're probably so dense that they wouldn't go far).
Meanwhile the emergency plan is running balls to the wall. It's highly likely that some plant personnel might be lost in the initial explosion, but most of the essential personnel would be inside seismically qualified reinforced concrete buildings on the far side of the stricken containment building. Experienced operators, engineers and fire brigade personnel are evaluating the damage and responding, and relief shifts are coming in. Subject matter experts from around the country are a phone call away. Alarms are sounding, local, state, and federal authorities are notified, radiological experts scatter to measure the radiological impact, emergency personnel identify shut-ins and arrange to escort them out of the area, iodine pills will already have been distributed and will be available upon request, and then there's whatever the state itself might do in addition to the above. Emergency planning was one of the worst problems with TMI, and led to requirements to perform the above. And it's not pure window-dressing - the plants conduct drills with Nuclear Regulatory Commission inspectors onsite to evaluate them, and they'd damned well better do well unless the plant manager wants a black eye or worse.
So what happens to the environs? It'll take some cleanup, and there will probably be some lost life expectancy due to high radiation exposure to staff. Milk will be thrown away as a precaution. Offsite there could be more lost life expectancy, but that will take years to show up.
So where's the body count? Where's the symbolic value? IMO they'll hit something else because these plants just don't have the marquee value. They passed near Haddam Neck, Beaver Valley, Susquehanna, Peach Bottom, TMI and Indian Point the last time.
I'm sure I've left something out, working off the cuff like this - it's worth what you're paying for it. Questions are welcome.
No comments:
Post a Comment