Agreed that no one wants a passive fail in these type designs; Three Mile Island Unit 2 was in operation for only three months before the accident took it off-line for all time.
Hmmm, reading those links and the most relevant of the items linked by the last, it sounds like:
The French may have done an inadequate job in the control system design; at the very least multiple other country's regulatory bodies are concerned about the same and very basic thing (module independence) and that sounds bad to me.
The other conclusion is that it was insane to start building 3? of these EPRs without getting all the way through the design process (!!!) let alone getting the first up and running. That's just appalling bad project management, which I think the U.K. regulator implied in its complaint (the "experts" knew of the control system architecture problems but management wasn't listening to them).
Hmmm, reading those links and the most relevant of the items linked by the last, it sounds like:
The French may have done an inadequate job in the control system design; at the very least multiple other country's regulatory bodies are concerned about the same and very basic thing (module independence) and that sounds bad to me.
The other conclusion is that it was insane to start building 3? of these EPRs without getting all the way through the design process (!!!) let alone getting the first up and running. That's just appalling bad project management, which I think the U.K. regulator implied in its complaint (the "experts" knew of the control system architecture problems but management wasn't listening to them).
France has been technically quite successful in their nuclear power program (ignoring the experimental Superphénix) and was finishing construction of their last operating plant as late as the last month of 1999. I wonder what happened (well, we can guess well enough).