CUNY B r o o k l y n  C o l l e g e            Department of Computer and Information Science
CIS 763X: Software Methodology
with Dr. D. Kopec                           Fall, 2000

Back tondividual Class Presentations
Three Mile Island

Presentation in Three Parts:

Nuclear Reactors,  Three Mile Island,  The Accident

Presented by David Y. Fishfeld


 

Three Mile Island Unit 2 Nuclear Power Plant


Nuclear Power Plants are always plagued with start up problems because the system is very complex and the technology is new. It is really a hybrid of two systems, one –the reactor, complex and technologically new to the world, and the second – a conventional, older system for drawing away heat to turn turbines.
 

Nuclear Reactors

The fission of atoms generates extreme heat that is used to boil water into steam to drive turbines which generate electricity. The reaction is in essence a controlled nuclear bomb. Fission occurs when an atom breaks down to smaller atoms and particles. The control rods, which absorb neutrons, control the rate of fission and the temperature is controlled by a cooling system, which removes heat from the reactor, without this the reactor will overheat, causing more fission to occur, and thus release more heat, etc.
 

Three Mile Island March 28, 1979

The accident was the combined result of mechanical failure and human error. The system was so complex that even today there are arguments among professionals whether human intervention during the accident had any repercussion to the accident.
The maintenance force was overworked and understaffed due to budget cuts.

The accident began in the secondary cooling system. There are two cooling systems, as can be seen in the above picture, the primary cooling system contains water under high pressure and temperature that circulates through the core where the nuclear reaction is taking place. This hot water goes to a steam generator and heats water in a secondary system, see the simpler diagram on the cover. This water is kept at high pressure, so it remains as water, until steam is needed. The steam drives the turbines to generate electric power. This water is not radioactive, the water of the primary system is. To drive the precision turbines the water must be pure. Resins get into the water and are removed by a condensate polisher system; this removes particles that are precipitated out. This polisher system may have leaked and began the cascading effects that led to the accident.
 

The Accident

Murphy’s Law: Anything that can go wrong will go wrong.
Moisture went into the instrument air system of the plant, interrupting air pressure to two valves on two feedwater pumps; this told the indicators that there was a problem. In reality there was none. The result was that the pumps shut down. There was no more water flowing in the secondary cooling system through the steam generator, thus, no more water cooling the primary system, which cools the core. When this flow stopped, an ASD (automatic safety device) turns on, the turbine shut down. The problem now is that the heat from the Primary cooling system isn’t transferring its heat that it obtained from the core. Now emergency feedwater pumps came on, to replace the water in the primary system that will boil off since it was not cooled by the Secondary system. The pumps came on, and this is what was indicated on the operator’s control panel, however a valve in each pipe was left in the closed position from maintenance done 2 days prior.  This obviously was a human error.  There were two indicators on the control board that indicated the valves were closed, and one was covered by a repair tag.  The operators assumed the valves were opened since they had no reason to think otherwise. There is a dispute among experts if the pumps would have made a difference anyway, there was a limited supply of water and worse problems were showing up.

Since there was no cooling system cooling the core, the reactor “scrammed” which means the graphite control rods which control the reaction are dropped into the core to absorb the neutrons and stop the fission process. The decaying radioactive heat can still produce enough electricity to power 18,000 homes. This heat builds up high temperature and pressure that would normally have been cooled by the cooling system. The ASDs to handle this were as follows: A pilot operated relief valve (Porv), relieves the pressure from the core by channeling the water from the core through a pressurizer and then through its top into a drain pipe into a sump. After the core’s pressure was sufficiently relieved the valve should have closed, it didn’t. This created a hole in the core system, the water from the Primary cooling system was pouring out. This valve had been faulty on previous occasions so an indicator for it was installed on the control board. This indicator was broken.

With all that water leaving, pressure dropped in the coolant system. this caused another ASD to turn on, the HPI, High Pressure Injection, which injects water at a high pressure into the core in order to cool it down, since the secondary system wasn’t cooling the water from the Primary system and hence the core. There are dangers to doing this. One is that you can ‘shock’ the core, and cause cracks in it and its containment vessel. Another, is that the all this water will flood the pressurizer. This is a vessel that has water on the bottom and steam on the top and is used to control the pressure in the core by heating the water at the bottom. If it is flooding there would be no steam, only water, this is called ‘going solid’, pressure would surge in the core and coolant pipes can burst leading to a loss of coolant accident, a LOCA, possibly causing a meltdown. So the operators new that going solid was bad and were warned by both the vendor and user of the system, so they cut down on the HPI. They didn’t realize they already had a Loss Of Coolant Accident because of the stuck open valve. There were two indicators which measured pressure in the reactor, one in the core and one in the pressuriser, however one said pressure was low and the one in the pressurizer said it was very high. They chose to believe the one that said pressure was high, since the HPI was on and the coolant pumps were on. They didn’t know about the two closed valves and the PORV that was open, still emptying water from the system. It took a few hours before the computer printed its message that there may be a problem with the PORV. Eventually the stuck valve was discovered, and closed. Much damage had already been done with the partially uncovered core, another half hour would have meant a complete core melt down. (Later it was found that up to 50% of the core melted. Source: Pbs web page)

The fuel rods are comprised of enriched uranium in pills stacked in a thin liner. Water circulates through this so that it would not melt. With temperature so high, it reacts with the water producing hydrogen. This creates pockets of hydrogen, which with oxygen and a spark can lead to an explosion. There was a jump in an indicator that told the pressure of the containment building. The pressure reached half the tolerance level for the building. This meant that a there was probably a hydrogen explosion. The hydrogen bubble is also dangerous without exploding, since it can prevent the flow needed for cooling.

Eventually the open Porv was discovered and closed, and a complete meltdown was averted. The complexity of the system made it impossible to follow in real time what was happening. Perhaps the tolerance level for many components was too low. If there was no leak in the condensate polisher system then the accident would have been averted –however something else would have come up that the closed valves on the emergency feedwater pumps may have come into play. Perhaps proper maintenance would have averted the disaster. The underlying fact is that there were just so many valves and pipes and interacting systems that it was impossible to cover all those possibilities and examine each one. The more complex any device is, the more apt it is to break down.
 
 
 

Questions for discussion:

  1. What was the reason behind the accident of Three Mile Island?
  2. Could the accident have been avoided?
  3. Would you trust to have a Nuclear Facility near you? (Brooklyn College has a particle accelerator)

 
 
 

Comments and suggestions e-mail to Sergey D.