I wonder if any reactor-design groups do "fuzz testing" on simulated models, checking that they can recover from very weird states even if it's not clear how the state could have been reached in the first place.
For example, having one section just arbitrarily xenon-poisoned, while another is arbitrarily too hot.
Russian atomic regulator downright shut down the project to design a light water breeder reactor, saying that it's not going to be licensed. Light water breeder reactors are barely theoretically possible, but they require trade-offs to limit the amount of water within the reactor core. So the trade-offs result in a positive void coefficient. It's supposed to be offset by other safety features, but better be safe than sorry.
They’re tend do be more physical than “arbitrarily xenon-poisoned” but represent a variety of extreme and nominal states to form an operating envelope, and then healthy margins are applied on top of that.
https://en.wikipedia.org/wiki/Chernobyl_disaster#Safety_test
The other half of the reasons Chernobyl failed were human reasons.
It is very important when analyzing large systematic failures to not leave these things out.
1. The failure to scale the education quickly enough. Nation-scale nuclear energy was new when the RBMK line was introduced. The demand for nuclear engineers skyrocketed, and it was impossible to train the required amount of professionals to the same standards as nuclear scientists in just a few years. Meanwhile, the RBMK assumed deeper knowledge of its design than they had.
2. The system that made academicians (the official Academy of Sciences title) equivalent to mid-to-large caliber politicians within their area of expertise. As a result, Dollezhal's pride ran unchecked and prevented him from addressing well-known design flaws (that already caused the 1975 accident).
Both reasons are not unique to USSR at all and can be learned from. (something that is often ignored because "it can't happen here")
The soviets did not fail to educate their workforce, the soviets intentionally left their workforce in the dark.
Deviating from procedures prevents as many accidents as it causes. Safety cannot be based on adherence to procedure. Safe systems must be designed to take advantage of (and be protected against, I suppose) human ingenuity.
The biggest, stupidest action was trying to operate a reactor very clearly experiencing xenon poisoning including the many unsafe things they did to try to overcome the poisoning. I'm pretty sure modern reactors still shut down for 24 hours to avoid the xenon issue. This was well known, even without the design flaws this was a huge risk, and anyone with an ounce of sense would have known not to do what they did leading up to attempting to scram the reactor.
Yes, and guess who was behind that? This it not either-or. I'm already talking about that in 2, which is a high-level cause. Dollezhal's NIKIET specifically refused to admit their problems and sign the document pointing out RBMK's flaws, and got away with things like this multiple times. This was a consequence of a very few selected engineers and scientists having full carte blanche and basically acting as limited-scale politicians within their sphere of influence. This was not the problem of the nuclear industry in particular, this also applied to all critical industries like aerospace where the "chosen ones" immediately started fighting for their place under the sun, stalling their field.
You’re absolutely right, the issue was secrecy, not “years of education” or whatever GP claimed.
Not sure what time period this took place, but if you're referring to the US Navy Nukes, then about ~20 years ago Nukes needed a high ASVAB score 95+ (top 5% of test takers) I think it's a bit lower now--and there are other test they can combine scores with--since they all leave for high paying jobs after their enlistment ends. The standard now may not be what it was for simply being a Nuke; but to also be a Submariner (volunteer position), he would have also had to learn all of the submarine systems (mechanical, electrical, navigation, weapons, safety etc) and then a board of senior submariners decide if he was proficient enough to serve on a submarine. You may be being a little harsh calling your BIL "Dumb as a box of rocks", if he accomplished all that.
It can hardly get more explicit than this scene: https://www.youtube.com/watch?v=jBwSuSuGhyk
>Deviating from procedures prevents as many accidents as it causes.
And they weren't doing some small deviation from procedure. They were doing something that was expressly forbidden and they knew why it was forbidden. In the time leading up to the accident it would be difficult to distinguish between what they were doing and trying to intentionally cause a meltdown. In a reactor experiencing xenon poisoning instead of shutting down for 24 hours (procedure) they removed every nuclear reaction moderating mechanism they could.
This isn't a smart little deviation, it's pouring gasoline on a fire and hoping for a good outcome. It is hard to describe how stupid this was.
It generally requires operators to know how the systems work in great detail which would have avoided the specific Chernobyl incident.
Hence the above comment doesn't fit with the discussion. The level of "bad" being done by the engineers was right out of the "never do this" list of actions. Unfortunately there's a lot of evidence that bravado or "experience" is what led to them thinking that they knew better.
Not following procedure is fine if it's turn it left not right. It's not good when instead of turning a valve they take a hammer to it. That's throwing instructions away and so makes any sensible discussion from there on mute.
Going on and on about the merits of not following procedure in a discussion that started with a disaster which could have triggered a global mass extinction event is not the appropriate response. They were doing things which were very well known to be dangerous, which they themselves knew to be dangerous, that had been known to be dangerous since literally the first nuclear reactor at the Manhattan Project some 40 years previous.
I can only hope you’re never involved in safety critical systems. Procedures simply can’t account for multiple independent failures at the same time in complex systems without defaulting to individual judgment, the problem space just grows too large.
In that exact situation you could swap many people inside the USSR into those roles and likely get a similar result. The specific people who decided to cover up RBMK’s flaws were responding to the same incentives as the people who covered up an earlier serious incident at Chernobyl on September 9th 1982 etc.
The U.S.S.R. had a lot of nuclear issues, and there’s arguably more to learn from the indirect causes than the direct ones.
That being said yes. Lots of lessons to be learned including, why did you build a system that allows them to do this?
Cause is easy to attribute, identifying who was irresponsible and blame less so. In this case it was caused by the operators.