NPR logo

How Safe Is Safe Enough? To Engineers, It Depends

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
How Safe Is Safe Enough? To Engineers, It Depends

How Safe Is Safe Enough? To Engineers, It Depends

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript


Whether it's a nuclear power plant or a bridge or an airplane, engineers have to design things to certain specifications, and they have to grapple with the question of how safe is safe enough.

NPR's Joe Palca has been talking with engineers about that question.

JOE PALCA: When humans first started building things, determining whether they would work as planned was mostly a matter of trial and error. Build a bridge, drive a chariot across it and see if the bridge collapsed.

Professor HENRY PETROSKI (Engineering, Duke University): And it really wasn't until the Renaissance, until Galileo, that there was what we would today call a rational approach to design through calculation.

PALCA: Henry Petroski is a professor of engineering at Duke University. He says now, computers and mathematical models can predict how a bridge will behave under different conditions. But Petroski says if you ask engineers to build a safe bridge or a safe nuclear plant, they ask you what you mean by that.

Prof. PETROSKI: The definition of safe is not strictly an engineering term. It's a societal term. Does it mean absolutely no loss of life? Does it mean absolutely no contamination by radiation? What exactly does safe mean?

PALCA: Once you settle that question, engineers still face the problem of deciding how to achieve whatever level of safety they're aiming for.

Michael Corradini is a professor of nuclear engineering at the University of Wisconsin. He says first, you design for normal operating conditions.

Professor MICHAEL CORRADINI (Nuclear Engineering, University of Wisconsin): And then with any engineering design, anything at all, you then say, okay, well, that's fine. That's what it operates on. But what if something happens that it doesn't - it experience some unusual conditions?

PALCA: So, for example, let's say you're designing a bridge for a place where gale force winds and heavy snows are virtually unheard of.

Prof. CORRADINI: But you still design for it so that the bridge safely performs its function, or if it fails, it fails gently, so there's no catastrophic effects.

PALCA: In other words, the bridge doesn't collapse. Wind and snow are one thing, but what about other kinds of safety threats? How well will a bridge do if terrorists try to blow it up? What happens if operators in a nuclear plant control room suddenly get sick? What if a meteorite falls on the plant?

Corradini says nuclear power plant designers try to think of everything.

Prof. CORRADINI: They have a listing of all the things that they think can go wrong, and how they can go wrong, and some sort of ordered list of which is more likely than others.

PALCA: And don't think I'm joking about the possibility of a meteorite falling on the plant.

Prof. CORRADINI: It's there somewhere; it's just a very low probability.

PALCA: But sometimes, when you set out to build a nuclear power plant, you don't know exactly what the likelihood of a particular calamity might be.

Professor YOTARO HATAMURA (Engineering, University of Tokyo): When we plan something, always we make assumption.

PALCA: Yotaro Hatamura is an emeritus professor of engineering at the University of Tokyo. He says engineers sometimes don't pay enough attention to history in making their assumptions. He favors what he calls backward thinking: The reactor core might survive an earthquake, but what about the pumps that provide cooling water to the reactor; or what about the back-up generators that provide emergency power to the pumps; or what about the fuel supply for the emergency generators?

He says accidents happen when engineers don't constantly test and revise the assumptions they've made about all the things that a nuclear plant needs to operate.

Prof. HATAMURA: We can avoid these accidents by thinking way - backward thinking.

PALCA: And backward thinking is to say, look at the previous steps...

Prof. HATAMURA: Yes.

PALCA: ...see if that worked properly.

Prof. HATAMURA: Yes.

PALCA: And if it didn't, change it so that you go forward with a better path.

Prof. HATAMURA: Yes.

PALCA: Hatamura says it's not always easy to look back and admit to problems that you should have thought of in the first place.

Prof. HATAMURA: (Foreign language spoken)

PALCA: We don't see what we don't want to see, Hatamura says. We don't want to think about scary things. That's just human nature.

Joe Palca, NPR News, Tokyo.

Copyright © 2011 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.