Until March 11, with the 25th anniversary of the Chernobyl accident approaching -- and memories of that disaster receding -- safety concerns no longer appeared to be the killer argument against nuclear power they once were. Instead, another fear, of climate change, looked like it might be driving a "nuclear renaissance" as states sought carbon-free energy sources. But the ongoing crisis at Japan's Fukushima Daiichi Nuclear Power Station will return safety to the forefront of the nuclear power debate. Even the most ardent industry advocates now recognize that the unfolding crisis inside two reactors there -- shown on live television and beamed around the world -- has left the future of their industry in doubt.
Nevertheless, the case for nuclear power remains strong. All forms of energy generation carry risks. Fossil fuels, which (for the time being at least) are nuclear energy's principal rival, carry the risk of catastrophic climate change. And as we're seeing in Japan, we haven't eliminated all the dangers associated with nuclear power, even though accidents are few and far between.
Good public policy involves balancing these risks. Persuading the public to accept the risks of nuclear energy will, however, not be easy. To do so, the nuclear industry will have to resist a strong temptation to argue that the accident in Japan was simply an extraordinarily improbable confluence of events and that everything is just fine. Instead, it must recognize and correct the deficiencies of its current approach to safety.
When it comes to safety, the nuclear industry emphasizes the concept of "defense in depth." Reactors are designed with layers of redundant safety systems. There's the main cooling system, a backup to it, a backup to the backup, a backup to the backup to the backup, and so on. A major accident can only occur if all these systems fail simultaneously. By adding extra layers of redundancy, the probability of such a catastrophic failure can -- in theory at least -- be made too small to worry about.
Defense in depth is a good idea. But it suffers from one fundamental flaw: the possibility that a disaster might knock out all of the backup systems. A reactor can have as many layers of defense as you like, but if they can all be disabled by a single event, then redundancy adds much less to safety than might first meet the eye.
This kind of failure occurred at Fukushima Daiichi on March 11. As soon as the earthquake struck, the reactors scrammed: The control rods, used to modulate the speed of the nuclear reaction, were inserted into the reactor cores, shutting off the nuclear reactions. So far so good. Nevertheless, the cores were still hot and needed to be cooled. This in turn required electricity in order to power the pumps, which bring in water to cool the fuel.
Unfortunately, one of the external power lines that was designed to provide electricity in just such a contingency was itself disrupted by the earthquake. This shouldn't have mattered because there was a backup. But, according to a news release issued by the power-plant operator, the malfunction in one external supply somehow caused off-site power to be lost entirely.
Once again, this shouldn't have been too much of an issue. There was a backup to the backup in the form of on-site diesel generators. And, sure enough, they kicked in. Fifty-five minutes later, however, they were swamped by the tsunami that followed the earthquake. From that moment on, plant operators were in a desperate struggle to prevent core melting.
Japanese regulators are certainly aware of the danger of earthquakes; they take safety extremely seriously. Like other buildings in Japan, nuclear reactors must be able to withstand earthquakes. The problem, as we now know, is that there is a significant chance of them falling victim to events more extreme than those they were designed to withstand.