1 - How Three Mile Island Sold Rob Austin on Nuclear
Bret Kugelmass: How did you get into the nuclear industry?
Rob Austin: Rob Austin received a Bachelor’s degree in history from Davidson College, followed by a year in law school at Georgetown. Afterwards, Austin received a degree in engineering from Florida Atlantic University, where he studied acoustics and underwater sound propagation. Rob Austin then went to Electric Boat, the primary submarine designer and contractor for the U.S. Navy. Electric Boat got its start around the Civil War period, built diesel electric boats in World War I and II, and was then chosen by Admiral Rickover to be the constructor for the first nuclear submarine, the USS Nautilus, which was launched in the mid-1950’s. Austin’s role at Electric Boat was working on the design for the Virginia-class attack submarine in mitigating sound from the engine room. His real exposure to nuclear came when he worked for Duke Engineering and Services, a subsidiary of Duke Power, which was acquired by Framatome. Austin was working on the non-nuclear side of energy, but knew Framatome would prioritize nuclear. He started researching Three Mile Island and Chernobyl and walked away with a fascination of the promise of nuclear and how it has been misunderstood by the general public. The partial meltdown at Three Mile Island could have and should have been avoided, but the design of the plant and containment worked and prevented the spread of radiation. The industry looked at Three Mile Island to determine how they could improve and make the technology better since the plant was now non-recoverable. There is a disparity between what happens at these accidents and what the public seems to think happened.
2 - Avoiding Digital Obsolescence in Existing Reactors
Bret Kugelmass: How did you end up pursuing a career in the nuclear space?
Rob Austin: Rob Austin managed major electrical and digital upgrades at nuclear stations across the U.S. while working for Framatome. Most of the plants were built with analog controls and electronics, or very early generation digital. The U.S. plants have invested and adopted digital controls on their non-safety related systems since they are more reliable than analog systems. Most plants have digitally-controlled turbine generator systems and feedwater systems. They have been slow in embracing digital on the safety-related systems, such as reactor protection systems and safeguard systems. International upgrades took place to prevent obsolescence of components and parts that are no longer manufactured or supported. Plants may also consider a digital upgrade because digital controls are traditionally more reliable than analog controls. New digital systems don’t last as long, however, these controllers are rugged and have a longer life than consumer electronics. Plants can handle digital obsolescence by becoming more agile as they upgrade so they are able to adopt newer technology as it becomes available. If digital controllers are expected to last ten years and the plant is licensed for sixty years, spares can be purchased to anticipate equipment replacement.
3 - Digitization in Nuclear Plant Systems
Bret Kugelmass: How can you build something with so much computational power, but also expect it to last 100 years?
Rob Austin: The required complexity of digital controls for nuclear plants must be considered and it must only be as complex as it needs to be. Safety-related systems that measure a reactor and provide a response during an abnormal incident need to be planned ahead for, not the larger IT structure of the plant, such as how drawings are managed or how teams communicate. The overall electrohydraulic design of the plants were designed to be robust and reliable. Flux or neutron measurement provides the state of the core, and coolant flow and temperature provide the thermal output and power of the reactor. Plants have multiple systems for control and protection, which provides a higher plant resiliency. The driver for upgrading to digital may be so some plants can develop an obsolescence strategy and maintain their current systems. A safety-related control system should not be affecting the economic bottom line of the plant, so systems that do affect the bottom line should have a focus on modernization. These include tasks that are currently done by manual labor and automating them. The primary concern for upgrades in the U.S. is how to do it economically. The nuclear industry has a tendency to take items developed in other industries and add on additional requirements or compliance checks, which adds significant cost to the project.
4 - Software Common Cause Failure
Bret Kugelmass: What is software common cause failure?
Rob Austin: Critical nuclear protection systems are redundant, with two or three chains of the same instruments going to the same actuators for the same safety function. The concern with moving the software systems is taking temperature values to a digital device which would examine the temperature using software. If there was a flaw in the software, it would carry across all redundant instruments, which is known as software common cause failure. The Electric Power Research Institute (EPRI) has done a lot of research into the operating experience of systems that are installed, as well as the risk impacts. One or two edge cases had software common cause failure, but the conclusion was that the existing methods of qualifying and developing software is good enough to ensure that this doesn’t occur. If it does occur, normally a plant will rely upon operators to take notice and take action. EPRI has learned that there must be a lot of time spent up front to consider upgrades and understand the requirements before going in to execute upgrades.
5 - Automation and Data Collection in Power Plants
Bret Kugelmass: Are there new risks presented by going digital from a cybersecurity standpoint?
Rob Austin: Cyber systems have layers and barriers of defense. The actual protection and control systems of the plant do not have a direct internet connection and U.S. plants have no way to communicate in to those systems. The systems communicate out, but there is no interface going back in. Portable media is strictly controlled in the plant to ensure there is no malware. The information systems host the maintenance scheduling program. There is a normal corporate IT security, which utilities are very serious about. The nuclear industry has a questioning attitude and if something looks off, somebody will say something. The Electric Power Research Institute’s (EPRI) main focus in plant modernization is in applying process improvements and technology to dramatically reduce the operation and maintenance costs of an existing plant. Rob Austin has visited many non-nuclear generating plants and consistently noticed that facilities were automated and there were not many people present. Nuclear plants could be much more automated than they are right now. Maintenance could be based upon equipment conditions, utilizing sensors and wireless connectivity. EPRI’s focus in on the existing fleet, since those are the plants the U.S. has now. The key to increase operational efficiency is to risk inform the processes in the plant. This requires focusing resources effectively and applying resources to activities which are most risk-significant in the plant. Technology can be used to automate and make an operation more reliable and more effective. Permanently installed transmitters save time and effort of data collection, but there is also more information coming in about the life of the component. Information collected from the stations can be improved to better inform how they are managed going forward.