U.S. NRC Blog

Transparent, Participate, and Collaborate

Understanding Nuclear Power Plant Risk

Mark Caruso
Senior Risk Analyst
Office of New Reactors

When it comes to the safety of using nuclear power to generate electricity, the NRC mission is protecting people from health risks by licensing and regulating nuclear power plant design and operation. In a perfect world there would be no risk at all. In the real world, we focus on managing and reducing risk below its already very low levels.

bikeridingFor instance, you can reduce the risk of a bicycle accident by ensuring you have working brakes and reflectors/lights. Wearing a helmet and leaving your headphones in a pocket while riding also reduce risk, but wrapping yourself in bubble wrap is probably going too far!

We all understand things in our lives that we consider “risks,” like riding a bicycle, by looking at how severe a bad outcome is and how likely that outcome is. The NRC asks three questions when considering risk:

  1. What can go wrong?
  2. How likely is it to go wrong?
  3. What are the consequences?

These three questions are called the risk triplet. Let’s apply the risk triplet to lifting a piano. What can go wrong? A crane could drop the piano while lifting it to a building’s upper floors. How likely is a piano drop? Since crane workers take lots of precautions that’s very unlikely. What could a falling piano do? If the piano did fall and you were unlucky enough to be underneath it…you can imagine the consequences! This event has a low likelihood and a high consequence. There are also high likelihood/low consequence events and high likelihood/high consequence events.

The NRC’s risk-management effort starts by identifying and eliminating high likelihood/high consequence events at U.S. nuclear power plants before moving to less-likely events.

Engineers use a method called probabilistic risk assessment (PRA) when analyzing risk at nuclear power plants. These assessments use engineering and math to find the answers to the risk triplet questions and create tools called the event tree and the fault tree. These trees map out possible ways and likelihoods of reaching a desirable or undesirable outcome in an organized way. Engineers use these maps to understand and manage nuclear power plant risk. An event tree starts with a trigger (initiating) event and then tracks the different possible resulting events that either reach or prevent an undesirable outcome.

In the sample PRA below, a skydiver jumping from a plane is the initiating event. The event tree follows what could normally occur next and then considers what happens if those events succeed or fail. For example, these events include attempting to deploy the main and reserve parachutes  

The desirable outcome occurs if either parachute opens successfully. The undesirable outcome occurs if both chutes fail to open. Since a skydiver would not normally start with the reserve parachute, this event tree contains three event sequences:

  1. Main parachute opens — desirable outcome
  2. Main parachute fails, reserve parachute opens — desirable outcome
  3. Both parachutes fail to open — undesirable outcome

Fault trees help determine a percentage between zero (outcome never occurs) and one hundred (outcome always occurs) for the outcome of each event sequence in the tree.

faulttreeA fault tree shows all the combinations of things that must go wrong to “fail” an event in an event tree. The diagram shows the ways a reserve parachute can fail to open. Think of a fault tree as a sort of family tree. Rectangles represent either “parent” or “child” events and circles represent pure “child” events. The “and” symbol between parent and child events indicates all child events must occur for their parent event to occur. The “or” symbol indicates any child event can cause their parent event. Engineers use the tree to identify the different combinations of child events leading to the event at the top of the tree. Historical parachute performance data helps provide a numerical value for the likelihood of each pure child event (e.g., dead battery). A mathematical formula combines individual event likelihoods to provide the numerical value of the likelihood of each combination of child events.

Event trees and fault trees are two basic parts of risk assessment, just like the brakes and gas pedal are basic parts of a car. In the same way all the other parts under the hood make the car work, risk assessments have lots of other moving parts that we could discuss in the future. The bottom line, however, is that risk assessments help the NRC and nuclear power plant engineers properly reduce already very small health risks, resulting in safely produced electricity at nuclear power plants.

31 responses to “Understanding Nuclear Power Plant Risk

  1. John May 28, 2017 at 1:52 pm

    In my opinion, Nuclear power plan is all time harm for human, animal, and environment.

  2. Darragh McCurragh March 13, 2015 at 4:48 pm

    The problem with your approaches “what can go wrong” and “how likely is it” is that you can never know every accident “path”, i.e. all the things that could lead to a fatal accident. You can make educated guesses. You can maybe guess 99% right (although there is no way of determining that percentage). Proof: all really bad accidents so far have not adhered to the “pathways” the were “pre-ordained” by the nuclear priesthood of safety engineers. Their phantasy was either still too limited and/or the nuclear power stations might not have conformed to specifications. The “likelihood” is also not determinable under today’s circumstances. To do that you would have to know the failure rates (e.g. MTTF) of all components in a given accident path. However, unlike with automobiles with their hundreds of thousands of years of component usage and their crash tests, most nuclear power stations are singular events with idiosyncratic builds. Every mathematician/statistician knows that all you can “calculate under such circumstances is something as nonsensical as “fails once every million years – plus or minus ten million years” … And again: all known accidents have not conformed in any way to any pre-calculated probabilities. Q.e.d.

  3. Erica Gray March 10, 2015 at 7:03 pm

    3/11/15 marks 4 years of the ongoing nuclear disaster in Fukushima Japan.
    This is real, not just a hypothesis!
    The NRC should be concentrating on closing down the nuclear power stations in seismic zones and in highly populated areas,
    Work on securing the waste….NOT making more of it!
    http://www.theguardian.com/environment/video/2015/mar/10/fukushima-japan-nuclear-video?CMP=share_btn_fb

  4. richard123456columbia March 4, 2015 at 10:18 am

    Regarding public perception of NRC and others allowable risk management, when we see a NPP built on a shore that has been hit with higher tsunamis then the safety wall to protect it, makes one question what is the acceptable risks allowed. We find out after Fukushima what risks they allow, using non submersible pumps that failed (Saving Money), under sized battery backup on many sites(Saving Money), we see a NPP that uses a inner tube to stop a flood from a river!!! There are NPP down stream from dams that are questionable with foundation problems. We see the fuel pools filled to the max taking more risk if a quake hits. We see barrels of nuclear waste at the bottom of oceans and waste draining into the oceans. We have seen 6 NPP’s fail badly and the risk because of age increasing. We see how vulnerable these plants are to attack and some are now in a war zone. I’ll quit here but there is much more. How can the public believe that NRC is handling risk properly or is it to complicated.

  5. msvivphd March 4, 2015 at 12:49 am

    I just read all the comments in this thread, and they are all intelligent ones from intelligent people. I find it a supreme pity that the NRC (which doesn’t know what it doesn’t know and all the things it is refusing to know) will not take them seriously. They will be relegated to the dust bin. The NRC has its mind made up; it is composed of “true believers” and it is no use confronting “true believers” with facts. The only slight chance we had for salutary change was Gregory Jascko (sp?.), but he was forced out. What you have left are the regular yes men and nuclear enthusiasts we’ve had since the days of the AEC and Lewis Strauss. We learn nothing because we’re incapable of learning.

  6. Mark L March 3, 2015 at 7:46 pm

    Nice Job Mark. Very simple description of a complex process.

  7. stock March 3, 2015 at 7:26 pm

    If the outcome of an event is infinitely negative, then no matter how small the risk, the expected value is infinitely negative. Accepting an infinitely negative expected value is nothing short of reckless insanity

    Example: destruction of humane genome is infinitely negative, there no amount of nuclear power can be allowed.

    Example: Carrington event causes 150 nuclear plants to melt down, Acute toxic poisoning of the planet and elimination of almost all life within 5 years, therefore no amount of nuclear power can be allowed.

    • Turd Ferguson March 4, 2015 at 9:26 am

      There you go again. The outcomes is not infinitely negative as you erroneously state unless you believe we are all doomed. The analysts and professionals at NRC are fulfilling their mission just fine.

      Moderator Note: Some verbiage removed to adhere to the comment guidelines

%d bloggers like this: