When the first mass-produced computers hit the stage in the 1950s, nuclear engineers saw the opportunity to use them to help run accident scenarios. It was a good idea that took decades to become reality and the computer limitations created early uncertainty about reactor safety.
In 1954, Westinghouse experts put together a homemade digital computer that read punch tape. With a practiced ear, you could tell from the computer sounds which program was being run.
In 1959, Battelle Memorial Institute developed an early Loss-of-Coolant-Accident model for a heavy-water plutonium reactor. The program was run on an IBM-650/653, the first mass production computer ever developed. The 650 weighed more than a 1955 Cadillac Deville, had vacuum tubes, and used a punch-card reader. Even if it had the memory and someone willing to load the 50 million cards, it would take six months to boot up Microsoft Windows 7.
Fortunately, Battelle’s code was a mere 166 cards. It calculated the behavior of just one fuel rod (modern reactors have thousands of rods) and took minutes to produce one data point.
For the sake of speedier results, gross simplifications were made. For example, an ideal accident code would have broken a reactor cooling system into many small volumes and done extensive calculations on each one to accurately simulate the complex conditions that existed throughout the reactor core and piping. But to run it on mid-1960s computers could take days. As a result, Westinghouse’s FLASH code used just three volumes to represent the whole reactor system.
At least they had computers. Neither the Idaho National Labs, a center for accident-code development, nor the Atomic Energy Commission had them. INL relied on weekend visits to the University of Utah. At the AEC, engineer Norm Lauben begged time from the National Bureau of Standards. Norm drove to the Bureau’s headquarters in Gaithersburg, Md., in the morning to submit his job on the 12,000-line RELAP-3 code, and returned after lunch to pick up the results.
Engineers were confident that the codes would prove reactor designs were overly conservative. Their optimism proved unfounded.
When Westinghouse proudly unveiled its 70-volume SATAN code in 1970, AEC staffers discovered errors in the code indicating that the company’s Emergency Core Cooling System might fail in an accident. The problems of the SATAN code helped lead to a major rulemaking hearing in 1972 on the adequacy of both emergency cooling system designs and accident codes. Those hearings revealed just how embarrassingly uncertain and rudimentary the early codes were about what happened during an accident.
The AEC and later the NRC had to make a huge investment in creating more robust – and accurate – codes. Additional research that produced the RELAP-5 Code is still used today as an industry standard worldwide.
Tom Wellock NRC Historian
U.S. NRC Blog 
It is a very interesting article. Thanks for this great blog.
great info, it just shows how computers have been used to our advantage in designing things like reactors which could never have been done manually. The are also good for predicting and simulating scenarios with many factors as even a team of humans couldn’t produce as accurate results as a computer can.
At least they had computers. Neither the Idaho National Labs, a center for accident-code development, nor the Atomic Energy Commission had them. INL relied on weekend visits to the University of Utah. At the AEC, engineer Norm Lauben begged time from the National Bureau of Standards. – Agreed
Esto indica que el código defectuoso fue descubierto en 1970 y reescrito en 1972. El NRC palmaditas en sí y la AEC en la parte posterior para esto, pero me parece que su optimismo era injustificado y que estuvo a punto de cometer un error terrible que podría haber sido catastrófico.
This is an amazing admission. I was an intervenor in the Pilgrim Plymouth MA licensing in 1970 and MIT grad student Dan Ford and I brought up the possiblity of failure of the emergency core cooling system. Many others testified around this time about this possiblity including John Gofman and Frieda Berryhill. In my case we were dismissed as nuts. The plant was licensed.
This says the faulty code was discovered in 1970 and rewritten in 1972. The NRC pats itself and the AEC on the back for this but it seems to me that their optimism was unwarranted and they came close to making a terrible mistake which could have proved catastrophic.
Now, in the present, they again refuse to listen to those, including Chairman Jazcko, who urge caution after Fukushima and want safety measures upgraded quickly.
Is history about to repeat itself, the NRC once again acting with too much confidence, and a US nuclear catastrophe even more possible?
Thanks for you historical transparency. Remember the idea of using water spray inside non fractured containment vessel-and steam became a compressed layer smacked against the inside of the containment vessel with naught fire and heat quenching. Is Greg Gibson still with you-worked with him during his first years out of Georgia Tech in 1970?