Skip to main content

Risk assessment post-Fukushima: Going beyond the ‘design-basis event’

Dan Farber, professor of law | March 12, 2012

A conventional approach to safety is based on the concept of design events.  A building code might say, for example, that a building should be able to survive a 7.0 earthquake.  This approach has been basic to the regulation of nuclear reactors.  As the interim report of the post-Fukushima NRC task force explains:

[The regulation[ also requires that design bases . . .  reflect (1) appropriate consideration of the most severe of the natural phenomena that have been historically reported for the site and surrounding region, with sufficient margin for the limited accuracy and quantity of the historical data and the period of time in which the data have been accumulated, (2) appropriate combinations of the effects of normal and accident conditions with the effects of the natural phenomena, and (3) the importance of the safety functions to be performed. [p. 25]

The report points out two flaws with this approach.  The first issue is selection of the design-basis event. At Fukushima, the design-basis tsunami was chosen too optimistically and without full consideration of the historical record.  [p. viii] It is also difficult to ensure uniform treatment since the method for picking the design-basis event may vary between facilities. [p. 20]  Selection of the design-basis event may be arbitrary.  For instance, as Doug Kysar has explained, the planner for the New Orleans flood control system excluded some historic hurricanes from their calculations on the theory that those hurricanes were outliers.

Second, this approach does not encourage planning for the unexpected. As the Task Force explains:

Whether through extraordinary circumstances or through limited knowledge of the possibilities, plants can be challenged beyond their established design bases protection. In such circumstances, the next layer of defense-in-depth, mitigation, is an essential element of adequate protection of public health and safety. Mitigation is provided for beyond-design-basis events and severe accidents, both of which involve external challenges or multiple failures beyond the design basis. [p.20]

Finally, use of the design-basis event may be misunderstood to imply that the facility is risk-free.  It is notorious that communities often build up behind levees that are designed to block the 100-year storm.  The public believes that no breach can be expected for a century, whereas the standard actually means that there is a one-percent chance of flooding every year.

Design-basis planning is a crude tool.  It may be adequate in some settings but not in major projects that are subject to potential catastrophic failures. The Task Force advises greater use of probabilistic risk analysis, to consider a broader range of risks, and also the use of “defense in depth” to deal with contingencies beyond the design-basis event.  [p. 21]  It would be wise to heed these recommendations, not only in the area of reactor safety, but also in other contexts such as flood planning for urban areas and deepwater drilling.

Cross-posted from the environmental law and policy blog Legal Planet.

Comments to “Risk assessment post-Fukushima: Going beyond the ‘design-basis event’

  1. Your post seems to imply that US nuclear reactors aren’t designed with probabilistic methods. This simply isn’t true. In the very report you cited it states:

    “The Task Force finds that the Commission’s longstanding defense-in-depth philosophy, supported and modified as necessary by state-of-the-art probabilistic risk assessment techniques, should continue to serve as the primary organizing principle of its regulatory framework.”

    The key phrase is “should continue”. Nuclear power plants do the most intricate, complicated, state-of-the-art probabilistic seismic hazard assessments ever attempted. Most of the cutting-edge research in this field is done specifically with nuclear power plants in mind. A lot of that research is done here at UC Berkeley. Perhaps one of those researchers (in the Civil Engineering Department) should be blogging on this subject, instead of the above author, who apparently has no genuine expertise in this field.

  2. Eighty percent of the floodwater came through 3 floodwalls built by the Corps of Engineers. which failed at 1/2 their design specs, so a proper “design basis” is irrelevant to the Federal Flood of New Orleans 8/29/05.

    Just saying, it wasn’t hurricane Katrina.

    You should walk across campus and talk to Prof Bob Bea, or at the very least see the documentary “The Big Uneasy.”

    • Yes, Prof. Bea, and also Prof. Seed, (both in the Civil Engineering Dept.) are two of the best when it comes to Hurricane Katrina and engineering failures in general.

      The Katrina levee failures were a result of engineering mistakes, lack of funding, and local opposition to levee improvements. It didn’t have anything to do with the “design basis”, as the above post correctly points out.

Leave a Reply

Your email address will not be published. Required fields are marked *

Security Question *