Safety Moment #41: The Survivability of Utilities

Suvivability of utilities

This Safety Moment discusses the importance of keeping utilities operating during an emergency. The material here is taken from the ebook 52 Process Safety Moments.

If a facility suffers from a major event such as an explosion or large fire it is generally critical that the utility systems remain functional. Examples include:

  • Maintaining a supply of instrument air to the instrumentation and control systems.
  • Ensuring a supply of cooling water to prevent the occurrence of over-pressure in reactors and distillation columns.
  • Keeping electrical power supplied to fire-water pumps and other critical equipment.

Fault Tree Terminology

Other articles and safety moments, such as Ford’s Missing AND Gate, have stressed the importance of identifying common cause effects, i.e., those situations where a single cause can two or more supposedly independent systems to fail. In Fault Tree language, a common cause effect negates the value of an AND Gate, or the power of redundancy.

Maintaining the integrity of the utility systems can also be expressed in terms of fault tree terminology, as shown in the sketch.

AND Gate for utility backup

Expressing the logic in words:

  • IF the Initiating Event happens 
  • AND the Utilities are operational
  • THEN the situation can be controlled


The Fukushima-Daiichi nuclear power plant incident in the year 2011 illustrates the importance of keeping utilities (and backup systems in general) operating during an emergency.

In order to prevent a meltdown of the reactor core nuclear it is essential that a flow of cooling water through the reactor is maintained. So, in addition to the primary, electrically-powered cooling water pumps, the plant is provided with multiple backup pump systems. Many of the backups are diesel-powered, and will work even if there is a total power failure.

At Fukushima Daiichi the Tohoku earthquake caused the primary cooling water system to fail. The backup cooling water systems took over, as intended.

But . . .

The earthquake also generated a tsunami, the water from which overwhelmed all the utilities and backup systems, so everything shut down. The consequence was that many of the reactors suffered severe core damage, and radiation leaked into the atmosphere and the Pacific Ocean. Even yet, the situation is far from being under control.

Fukushima Daiichi tsunami

. . . . .

You are welcome to use this Safety Moment in your workplace. But there are restrictions — please read Use of Safety Moments.

Copyright © Ian Sutton. 2018. All Rights Reserved.