The blame should not be with the operators, but with decision makers who signed off on a fatally flawed plant design. Really, you'd think it was common sense: if you absolutely need these generators in case of a disaster, like a flood, don't put the generators and their gear/infrastructure at a lower flood level! Much the same mistake was repeated many times in Houston, and came to light after Hurricane Ike.
Other things that came to light that were shown in the video:
Completely passive backup cooling systems that were dependent on actively-actuated valves for proper functioning. (Should have defaulted open in case of a power failure.)
Dependence on sensors that would fail without power.
Dependence on sensors that would provide dangerously misleading readings in precisely the most dangerous situation. (Water already boiled away)
I think it's a good video to watch if you are doing operations of any kind that requires worst-case thinking and planning.
But the issues you mention (and others) have been solved by the aviation industry. Nuke plants and the Deepwater Horizon oil rig could have benefited immensely from consultation with airframe engineers. A lot of those faults that doomed them could have been inexpensively corrected.
I always remember the backup generators in New Orleans that were put in the basements. Precisely the time you'd need the backup generators was when the basements were flooding. Oops.
In hindsight it is obvious, but at the time of construction, you would have to justify spending money to protect against both a 9.0 earthquake (pretty rare) and a tsunami larger than one ever recorded at the same time. Which can only happen if you have the 9.0 quake right off your coastline.
At the time the plants were built, there was no geologist on the planet that believed Japan could even have a 9.0 quake, or a 30 meter tsunami (which you needed the quake for anyway). Thus, at the time, the plant was over designed for all possible scenarios.
This is why defense in depth is important. Even without anticipating a 9.0 earthquake, they could have anticipated that their floodwalls would fail for an unspecified reason, and desighned the plant to be resiliant to flooding in the event of flood wall failure.
Other things that came to light that were shown in the video:
Completely passive backup cooling systems that were dependent on actively-actuated valves for proper functioning. (Should have defaulted open in case of a power failure.)
Dependence on sensors that would fail without power.
Dependence on sensors that would provide dangerously misleading readings in precisely the most dangerous situation. (Water already boiled away)
I think it's a good video to watch if you are doing operations of any kind that requires worst-case thinking and planning.