Today, children, we’re going to learn all about nuclear power plant safety physics. Or rather, about how nuclear power plants will kill you if you ignore safety physics. Are you sitting comfortably? Well too bad, I’m starting anyway.
Nuclear power is safe. Very safe. It’s not perfectly safe, and things can still go very, very wrong in a nuclear reactor — especially when you add panicky humans into the mix — but an awful lot of work has been invested in producing modern nuclear power plant designs that, if operated correctly, are physically impossible to break barring some unforeseen nightmare catastrophe of such force and power that a nuclear meltdown would be the least of your problems.
(As a brief aside here, if there’s one thing that gives me second thoughts about the safety of nuclear power it’s the fact that most of them are run by privatised energy companies with a definite incentive to try screw with these safe designs and operating procedures in order to improve their profit margin. Next time there’s a nuclear fuckup – and it probably will happen again at some point in the next fifty years because you can’t fulfil the energy requirements of rapacious decadent first world societies without taking risks that are eventually going to bite you in the ass – I would be willing to bet quite a substantial amount of money it’ll be either because corners were cut during the construction of the plant itself, compromising its safe design, or else because the company that owned it pushed it beyond its safe operating parameters in terms of regular maintenance and upkeep. YES TEPCO I’M TALKING TO YOU.)
Most of the time the safety features built into nuclear reactors work as designed; hundreds of not-exactly-cheap megawatts are pumped out of the plant and into your house, and nobody really gives it a second thought. It’s only when things go horribly, horribly wrong that anyone notices nuclear power plants in a big way, and that happens because one or more of these safety features have failed or weren’t implemented in a manner that would be darkly comical if it wasn’t resulting in the death or displacement of thousands of people. For example, the poster child for nuclear “accidents” is Chernobyl. From the perspective of a physicist, the design of the Chernobyl plant was like having a huge radioactive stack of nitroglycerin sitting in the middle of the Ukraine. The way it was operated on the night of the disaster was like somebody walking up to this stack of nitroglycerin and whacking it as hard as they could with an iron crowbar. It was an inherently flawed design that was just waiting for somebody to come along and do something stupid to it, and it’s worth examining the Chernobyl incident in detail to see just how the design features of the plant conspired to produce the worlds’ worst nuclear disaster.
The Chernobyl reactor used a comedy RMBK design. The RMBK reactor core uses graphite rods as the neutron moderator instead of light water. Like light water, graphite slows down neutrons to the point where they can split u-235 nucleii. Unlike light water, a graphite moderator outright absorbs a far lower percentage of neutrons, resulting in a much more efficient reaction because there’s a higher number of neutrons bouncing around inside the reactor. It’s so efficient, in fact, that you can use natural unenriched uranium as your reactor fuel instead of the more expensive enriched stuff. And because the fuel is so cheap, you can buy a lot of it and stuff it all together into a single reactor that produces loads of energy.
That’s one of the main draws of the RMBK design; it’s cheaper to run and you get more electricity out of it. This comes at the cost of making the reactor core absolutely massive. Seriously, look at that picture above. It’s huge. It’s so big, in fact, that building a proper containment structure around it would be prohibitively expensive, especially when the whole point of the thing is that it’s supposed to be nuclear power done on the cheap. Additionally the RMBK reactors had a secondary purpose, which was to produce plutonium-239 for nuclear weapons, and this necessitated being able to remove fuel rods from the reactor while it was still in operation. As a consequence the whole thing was sunk into a concrete pit on the floor and covered by a “biologic shield”, which is essentially a three-foot thick metal lid; this stopped immediate radiation escape while keeping the reactor core accessible to an overhead crane which removed and replaced the fuel rods, but it wasn’t even remotely capable of containing any potential explosive event that might occur in the core.
The RMBK reactor may not use water as a moderator but it does use it as a coolant. This means that the fuel rods and the moderator rods and the control rods are all constantly immersed in water. Again, water absorbs neutrons where graphite does not, meaning that the basic “safe” operation level of the reactor is one that automatically takes into account the presence of the water. If the water is removed for whatever reason so is its absorption effect, and the reactivity of the reactor will begin to increase exponentially as neutrons that would have been absorbed now interact with u-235 nucleii. This gives the RMBK design what is called a positive void coefficient, and it works like this: some of the coolant water boils into steam. Steam has bugger all neutron absorption ability due to having a far lower density than water, and so now you have an effective void inside the reactor that isn’t absorbing neutrons. This increases the reaction rate, which increases the reactor temperature, which boils more water, which increases the reaction rate, and so on. A positive void coefficient means that the reaction can spiral out of control very very quickly. Wikipedia says that the RMBK reactor design has the highest void coefficient of any commercial nuclear reactor in operation.
Finally there’s the issue of the control rods. These were stock neutron absorbers so there’s no problem with the rods themselves. The fault was with the way they were raised and lowered into the reactor core. Instead of electromagnets the initial RMBK design – and Chernobyl in particular – used a hydraulic system which could, in the event of the SCRAM button being pushed, lower the control rods into the reactor core at a whopping forty centimetres per second. Furthermore, the way the rods were structured was something like this:
Instead of having the control rod channels filled with cooling water (which would reduce the reactivity by absorbing neutrons) when they weren’t inside the reactor, each control rod instead had a graphite moderator tip that kept the reaction going at tip-top capacity. Between the two was a telescoping section that was also filled with water, making the setup of the control rod channel one of a 4.25m long graphite moderator buttressed at either end by 1.25 m of water. When the control rod was inserted into the reactor, the graphite tip was displaced downwards, shunting that water at the bottom out of the way. However, that 1.25 metres of water was absorbing neutrons; when replaced with the graphite as the control rods moved downwards the reaction rate at the bottom of the reactor actually increased temporarily – not really something you want when you’re trying to shut the damn thing down.
The Chernobyl disaster itself was caused (ironically) in an attempt to improve the working of the SCRAM system. Once a reactor is SCRAMed the nuclear reaction doesn’t stop right away. Continuing decay of leftover fission fragments inside the fuel rods creates thermal energy equal to about 7-8% of the reactor’s normal output, and so the rods still need to be cooled once the reactor has been shut down. This is why the situation at Fukushima went totally gonzo; they successfully SCRAMed the reactor but their cooling system failed and they couldn’t dump the remaining thermal energy, resulting in partial meltdowns of the fuel rods. Anyway, there was a gap of about sixty seconds between the SCRAM being activated and the diesel backup which powered the cooling pumps coming fully online, and the Chernobyl staff were trying to reduce this time lag by seeing if they could substitute power from the steam turbines as they wound down after a shutdown. A series of unfortunate events resulted in the reactor being in a configuration where the control rods were fully extracted from the reactor core prior to this test, which was the last element needed for everything to go horribly, horribly wrong.
The cooling system was successfully connected to the steam turbines, as planned. The steam turbines were shut off and the diesel generator started to pick up the load to power the coolant pumps, with some of the shortfall being provided by the turbines as they wound down. However, the diesel didn’t pick up the slack fast enough, and as the power provided by the turbines decreased the coolant pumps slowed down. As a result the cooling water took longer to circulate around the reactor and absorbed more thermal energy than it should have, and some of it vaporised and started the reactor off on the positive feedback loop described above. The sudden increase in reactivity clearly made the planet operators nervous because somebody in the control room hit the SCRAM button. The rods started to lower into the core verrrrrry slowly (taking 18-20 seconds to traverse the full 7 metre height of the core) which increased reactivity at the bottom of the core still further past the point of thermal tolerance for the fuel rods. They fractured under the thermal stress and the control rods became wedged about a third of the way into the reactor.
From this point on the reaction became unstoppable; reactivity and power output in the reactor started to spiral and the entirety of the coolant inside flashed to steam, causing a steam explosion which ripped the lid off of the core. With the loss of the remaining coolant there was nothing to stop the reactor undergoing runaway criticality. Now, this was not quite the same thing as what happens in nuclear weapons, which are designed to go critical and have lots of cunning features built in to improve their yield. Here the increase in reactivity was comparatively slow, which is why the fuel material in the reactor itself released that energy by exploding like a block of TNT rather than a fission bomb. With the critical mass now dispersed over a wide area the reaction finally ceased, but Chernobyl’s problems didn’t stop there; the graphite moderator blocks inside the reactor flashed into flame upon contact with the atmosphere and started spewing thick, highly radioactive smoke into the atmosphere. The steam explosion is what contaminated Chernobyl itself, but the graphite fire spread radioactivity into the western Soviet Union and eastern and northern Europe (the first inkling the West had that something bad had happened was when workers at a Swedish nuclear plant found radioactive particles on their clothing but couldn’t locate any leaks in their own reactor.)
And that’s how you fuck up building a nuclear power plant. In fairness to the Soviets, it’s easy to say it was a bad design in hindsight when so much of modern nuclear reactor design is based on avoiding another Chernobyl, and the reactor was working fine for nine years before the disaster. It was only the combination of a bad design and a significant element of human stupidity that led to the reactor exploding. In the case of Fukushima, it was the combination of an old design, the most powerful tsunami for a century and endemic corruption and inefficiency within the Japanese power industry. Nuclear power isn’t inherently unsafe; it’s only unsafe if you do it wrong. However, if we are going to build these things we should probably do it right, and next time I’m going to talk about how.