May 21, 2004
The Honorable Spencer Abraham
Secretary of Energy
1000 Independence Avenue, SW
Washington, DC 20585-1000
Dear Secretary Abraham:
On May 21, 2004, the Defense Nuclear Facilities Safety Board (Board), in accordance with 42 U.S.C. § 2286d(a), unanimously approved Recommendation 2004-1, which is enclosed for your consideration. Recommendation 2004-1 deals with Oversight of Complex, High-Hazard Nuclear Operations.
After your receipt of this recommendation and as required by 42 U.S.C. § 2286d(a), the Board will promptly make it available to the public. The Board believes that the recommendation contains no information that is classified or otherwise restricted. To the extent this recommendation does not include information restricted by DOE under the Atomic Energy Act of 1954, 42 U.S.C. §§ 2161-68, as amended, please see that it is promptly placed on file in your regional public reading rooms. The Board will also publish this recommendation in the Federal Register.
John T. Conway
c: Mr. Mark B. Whitaker, Jr.
DEFENSE NUCLEAR FACILITIES SAFETY BOARD
RECOMMENDATION 2004-1 TO THE SECRETARY OF ENERGY
Pursuant to 42 U.S.C. § 228a(a)(5)
Atomic Energy Act of 1954, As amended.
Dated: May 21, 2004
In furtherance of its statutory duty to oversee the Department of Energy’s (DOE) protection of workers and the public from hazards at defense nuclear facilities operated for DOE and the National Nuclear Safety Administration (NNSA), the Defense Nuclear Facilities Safety Board (Board) conducted eight public hearings to examine DOE’s current and proposed methods of ensuring safety at its defense nuclear facilities.
In these hearings, the Board also sought to benefit from the lessons learned as a result of investigations conducted following the Columbia Space Shuttle disaster and the discovery of the deep corrosion in the reactor vessel head at the Davis-Besse Nuclear Power Plant. The Board received testimony from representatives of the Nuclear Regulatory Commission; the Naval Reactors Program; the Columbia Accident Investigation Board; the Deputy Secretary of Energy; the Administrator of NNSA; DOE’s Under Secretary of Energy, Science and Environment; DOE’s Assistant Secretary for Environment, Safety, and Health; and selected site managers of DOE’s facilities, senior contractor managers, and members of the public.
The overall objective of the hearings was to gather information that could be helpful in assessing DOE’s proposals for changing the methods it uses for contract management and nuclear safety oversight, as they have been controlled through the DOE Directives System. NNSA has proposed shifting responsibility for safety oversight from DOE Headquarters to the DOE field offices and site contractors. The key question the Board sought to address was: Will modifications proposed by DOE/NNSA to organizational structure and practices, as well as increased emphasis on productivity, improve or reduce safety, and increase or decrease the possibility of a high-consequence, low-probability nuclear accident?
DOE’s programs for national security and environmental protection are complex, with potentially high consequences if not safely performed. Mishandling of nuclear materials and radioactive wastes could result in unintended nuclear criticality, dispersal of radioactive materials, and even nuclear detonation. DOE has a long and successful history of nuclear operations, during which it has established a structure of requirements directed to achieving nuclear safety. That structure is based on such methods as defense in depth, redundancy of protective measures, robust technical competence in operations and oversight, extensive research and testing, a Directives System embodying nuclear safety requirements, Integrated Safety Management, and processes to ensure safe performance.
The United States owns the defense nuclear facilities at which its programs are carried
out by a government agency—DOE. Each such facility is operated by a contractor that was selected by DOE on the basis of being best suited to conduct the work for DOE at that site. Under the original Atomic Energy Act of 1946 and continuing to date in the Atomic Energy Act of 1954, as amended, the government officials in charge (i.e., the Secretary of Energy and other line officers) have a statutory responsibility to protect health and minimize danger to life or property. In any delegation of responsibility or authority to lower echelons of DOE or to contractors, the highest levels of DOE continue to retain safety responsibility. While this responsibility can be delegated, it is never ceded by the person or organization making the delegation. Contractors are responsible to DOE for safety of their operations, while DOE is itself responsible to the President, Congress, and the public.
This reality was highlighted during the course of the Board’s hearings. Many important lessons were cited in the testimony provided. These included the importance of a centralized and technically competent oversight authority, central control of technical safety requirements and waivers for departure from those requirements, an ability to operate in a decentralized mode when appropriate, a willingness to accept criticisms, the need for retention of technical expertise and capabilities at high levels of any organization in which technical failure could have high consequences, and an awareness that complacency can arise from a history of successes. DOE representatives testified that DOE’s attention to safety has continued to improve with better on-site oversight and self-assessment programs, use of Integrated Safety Management, careful attention to safety statistics, and stabilization and disposal of high risk nuclear materials. However, cause for concern with regard to the potential increase in the possibility of nuclear accidents was also evident in: (1) the increased emphasis on productivity at the possible expense of safety, (2) the loss of technical competency and understanding at high levels of DOE’s and NNSA’s organizational structure, (3) the apparent absence of a strong safety research focus, and (4) the reduced central oversight of safety.
Clearly, safety performance can benefit from attention to detail and lessons learned from small incidents and minor accidents. However, failures leading to high-consequence, low-probability accidents would likely have their roots in interactions between engineering failures and improper human actions. Because the consequences of large nuclear accidents would be unacceptable, the nuclear weapons complex cannot permit them to occur. While the potential for such accidents cannot be completely eliminated, their likelihood can be held to an insignificant level by rigorous attention to Integrated Safety Management with technical and operational excellence based on nuclear safety standards subject to rigorous oversight. In addition, nuclear safety must be founded on solid research, analysis, and testing to ensure an adequate understanding of energetic initiating mechanisms under off-normal conditions.
DOE has taken some preliminary steps toward its proposed changes in safety practices. These actions may have contributed to some unfortunate consequences, such as the following:
Proposed modifications to DOE and NNSA’s organizational structure, manpower, contract management, oversight policies and practices, and safety directives could have unintended consequences. These include reduction of defense in depth, potentially inconsistent safety-related decisions caused by decentralization of safety authority, emphasis on performance as opposed to safety, and reduction of technical capability at key points in the organizational structure. DOE and NNSA line managers could be left with inadequate awareness of safety issues.
As a result of testimony it has received, the Board is not convinced of the benefit of the changes to DOE’s and NNSA’s organizational structure and practices as they have been described. The Board cautions that if any such changes are made, they must be done formally and deliberatively, with due attention given to unintended safety consequences that could reduce the present high level of nuclear safety. DOE should take full advantage of lessons learned from safety problems discovered by National Aeronautic Space Administration and Nuclear Regulatory Commission, and it should learn from the success of the good organizational and safety practices championed by the Naval Reactors Program. The Board needs to be sure that any fundamental reorganization does not degrade nuclear safety, and that the likelihood of a serious accident, facility failure, construction problem, or nuclear incident will not be increased as a result of well-intentioned changes.
As a result of testimony received at the public hearings and the potential effects on safety at defense nuclear facilities outlined above, the Board recommends:
a. oversight responsibility includes the capability for examining, assessing, and auditing by all levels of the DOE organization,
b. the technical capability and appropriate experience for effective safety oversight is in place, and
c. corrective action plans consistent with recommendations resulting from internal DOE and NNSA reviews of the Columbia accident and the Davis-Besse incident are issued.
a. empower a central and technically competent authority responsible for operational and nuclear safety goals, expectations, requirements, standards, directives, and waivers;
b. ensure the continued integration and support of research, analysis, and testing in nuclear safety technologies; and
c. require that the principles of Integrated Safety Management serve as the foundation of the implementing mechanisms at the sites.
John T. Conway, Chairman