The problem with fault tolerance is that it allows the normalization of deviance, since something is always failing, but it's okay because there is always a backup (until there isn't).
The bigger issue with nuclear power is that we can trust humans to keep up the level of effort to keep it working without a fault for a few decades, maybe centuries if we're lucky, but there's no way you can operate a plant for a millennia without a catastrophic accident, but accidents take much more than a thousand years to clean up. So it's all totally imbalanced unless you just assume we'll have fusion in fifty years, so nothing matters. But I don't think we can assume that anymore.
> The problem with fault tolerance is that it allows
We do that with airplanes. Think about it - you're flying at 30,000 feet, 500 mph, 50 degrees below zero, no land in sight over the North Atlantic, in a tin balloon loaded to the gills with fuel and two flaming engines.
The machines are designed to tolerate fault, but the FAA is designed to not let you take off unless you do a checklist that proves all the engines are working, not just the one you need for a crippled landing. So the system as a whole requires that the FAA not give in to the pressure from industry to sign off on less fault tolerance. It's a difficult issue for systemantics.
With wing mounted engines on two-engine airliners, there is physically no way to take off on one from other than a dry lake bed. The thrust from the operating engine will introduce more yaw on the airplane than the rudder, nosewheel steering, and wheel brakes can counteract.
Even tail mounted engines (with a shorter coupling arm to the centerline) will typically have a Vmcg (roughly, speed at which lateral control on the ground is lost with one engine inoperative) that will preclude takeoff on one (physically, not by regulations) from available runways.
Really? You know of examples of passenger planes taking off with only one engine turning? Or of any twin engine airplane doing this deliberately (other than a test flight or desperate emergency, like the volcano is gonna blow any moment).
i was lalking about the situation of planes taking off in barely flyable/safe situations that would not be allowed by modern faa regulations, which it think is larger point that was being argued, not debating about the single engine or propeller case
Airplanes are highly standardized. Dozens and hundreds of essentially the same model are built. A few of them are built specifically to test in various ways and even crash and burn, and make sure they behave reasonably in such situations.
Civilian nuclear reactors are mostly built by a handful, rarely by a dozen. This makes learning from past mistakes and taking preventative measures across the fleet hard.
I think France has partly solved it exactly by having a small number of standardized reactors, and a number of nuclear plants which can be run in a reasonably uniform way.
Not really. Every one coming off the line is different. They are constantly being improved. Every part on the airplane is carefully tracked, from manufacturing lot to which airplane each is installed on. Everything is designed by engineers, not custom made on the spot by a mechanic.
Yes, French nuclear powerplants were standardized and built in batches ("séries", in French).
This does not magically creates conditions for a perfect design and building process. See for example https://theecologist.org/2016/sep/29/sizewell-b-and-27-other...
Planes aren't perfectly safe (my brother was killed when SR111 crashed in 1998 after failures).
Anyone preferring not being exposed to a plane crash can abstain to travel in planes. Anyone preferring not being exposed to nuclear reactors boo-boos and hot waste has no real way to do so.
The failure points aren't always the aspects engineered by anyone related to airplane manufacture. Swiss Air 111 may have come down due to a fault/failure in wiring for its add-on entertainment system.
Not just tolerance of failure. Also strict incident investigations and reporting requirements, including for "near misses"; also a strong safety culture made possible by strong unions and strict seniority-based promotion rules; also...
Pilots can't get ahead by cutting corners, and (to a somewhat lesser extent) it's hard for maintenance people to be pressurised to sign off on unsafe work.
Indeed, but also no incentive for bypassing safety checks that are redundant most of the time (which is how you get the normalisation of deviance that eventually leads to catastrophe). Sometimes that's the right tradeoff.
All metrics are gameable. I think I once saw a study that suggested that every metric applied to professionals ended up having a net negative effect on actual productivity - by and large people understand their job and want to do it well, and while a metric may incentivise the few that don't, it also ends up distracting the majority.
I think we need to look at what France is doing. They seem to have a good safety culture as a society, 90% of their power is nuclear and has been for decades they’ve never had a serious accident. Other examples, they have also never had a serious high speed train accident. They seem to be able to build these things considerably cheaper than we are able to in Britain and way cheaper than you can in America. They are a first world country with equivalent living conditions to the UK so unlike comparisons with China where many people blame poor working conditions and under regulation for cheapness, you can’t make the same argument against France. By the way I don’t know if that’s true about regulations in China (who does) but it is an argument that many people make that is a lot more easily refuted by just comparing with France instead.
Complex systems should be assumed to run in a partially broken state. Accidents are more things getting broken quicker than failsafes and operators can react to.
That’s not to say I like nuclear power - IMHO opportunity cost is too high. I could build, operate and decommission a renewable solar or wind plant in the time it takes to plan a new nuclear plant.
The bigger issue with nuclear power is that we can trust humans to keep up the level of effort to keep it working without a fault for a few decades, maybe centuries if we're lucky, but there's no way you can operate a plant for a millennia without a catastrophic accident, but accidents take much more than a thousand years to clean up. So it's all totally imbalanced unless you just assume we'll have fusion in fifty years, so nothing matters. But I don't think we can assume that anymore.