Probabilistic risk assessment
Encyclopedia
Probabilistic risk assessment (PRA) is a systematic and comprehensive methodology to evaluate risk
s associated with a complex engineered technological entity (such as an airliner
or a nuclear power plant
).
Risk in a PRA is defined as a feasible detrimental outcome of an activity or action. In a PRA, risk is characterized by two quantities:
Consequences are expressed numerically (e.g., the number of people potentially hurt or killed) and their likelihoods of occurrence are expressed as probabilities or frequencies (i.e., the number of occurrences or the probability of occurrence per unit time). The total risk is the expected loss: the sum of the products of the consequences multiplied by their probabilities.
The spectrum of risks across classes of events are also of concern, and are usually controlled in licensing processes – it would be of concern if rare but high consequence events were found to dominate the overall risk, particularly as these risk assessment is very sensitive to assumptions (how rare is a high consequence event?).
Probabilistic Risk Assessment usually answers three basic questions:
Two common methods of answering this last question are Event Tree Analysis
and Fault Tree Analysis
- for explanations of these, see safety engineering
.
In addition to the above methods, PRA studies require special but often very important analysis tools like human reliability
analysis (HRA) and common-cause-failure analysis (CCF). HRA deals with methods for modeling human error
while CCF deals with methods for evaluating the effect of inter-system and intra-system dependencies which tend to cause simultaneous failures and thus significant increases in overall risk.
In 2007 France
was criticised for failing to use a PRA approach to evaluate the seismic risk
s of French nuclear power plants
.
In the case of many accidents, probabilistic risk assessment models do not account for unexpected failure modes:
When it comes to future safety, nuclear designers and operators often assume that they know what is likely to happen, which is what allows them to assert that they have planned for all possible contingencies. Yet there is one weakness of the probabilistic risk assessment method that has been emphatically demonstrated with the Fukushima I nuclear accidents -- the difficulty of modeling common-cause or common-mode failures:
Risk
Risk is the potential that a chosen action or activity will lead to a loss . The notion implies that a choice having an influence on the outcome exists . Potential losses themselves may also be called "risks"...
s associated with a complex engineered technological entity (such as an airliner
Airliner
An airliner is a large fixed-wing aircraft for transporting passengers and cargo. Such aircraft are operated by airlines. Although the definition of an airliner can vary from country to country, an airliner is typically defined as an aircraft intended for carrying multiple passengers in commercial...
or a nuclear power plant
Nuclear power plant
A nuclear power plant is a thermal power station in which the heat source is one or more nuclear reactors. As in a conventional thermal power station the heat is used to generate steam which drives a steam turbine connected to a generator which produces electricity.Nuclear power plants are usually...
).
Risk in a PRA is defined as a feasible detrimental outcome of an activity or action. In a PRA, risk is characterized by two quantities:
- the magnitude (severity) of the possible adverse consequence(s), and
- the likelihood (probability) of occurrence of each consequence.
Consequences are expressed numerically (e.g., the number of people potentially hurt or killed) and their likelihoods of occurrence are expressed as probabilities or frequencies (i.e., the number of occurrences or the probability of occurrence per unit time). The total risk is the expected loss: the sum of the products of the consequences multiplied by their probabilities.
The spectrum of risks across classes of events are also of concern, and are usually controlled in licensing processes – it would be of concern if rare but high consequence events were found to dominate the overall risk, particularly as these risk assessment is very sensitive to assumptions (how rare is a high consequence event?).
Probabilistic Risk Assessment usually answers three basic questions:
- What can go wrong with the studied technological entity, or what are the initiators or initiating events (undesirable starting events) that lead to adverse consequence(s)?
- What and how severe are the potential detriments, or the adverse consequences that the technological entity may be eventually subjected to as a result of the occurrence of the initiator?
- How likely to occur are these undesirable consequences, or what are their probabilities or frequencies?
Two common methods of answering this last question are Event Tree Analysis
Event tree
Error tree is an inductive analytical diagram in which an event is analyzed using Boolean logic to examine a chronological series of subsequent events or consequences...
and Fault Tree Analysis
Fault tree analysis
Fault tree analysis is a top down, deductive failure analysis in which an undesired state of a system is analyzed using boolean logic to combine a series of lower-level events...
- for explanations of these, see safety engineering
Safety engineering
Safety engineering is an applied science strongly related to systems engineering / industrial engineering and the subset System Safety Engineering...
.
In addition to the above methods, PRA studies require special but often very important analysis tools like human reliability
Human reliability
Human reliability is related to the field of human factors engineering and ergonomics, and refers to the reliability of humans in fields such as manufacturing, transportation, the military, or medicine...
analysis (HRA) and common-cause-failure analysis (CCF). HRA deals with methods for modeling human error
Human Error
Human Error is the stage name of Rafał Kuczynski , a polish electronic musician, working mostly in the ambient music genre, produced only with a computer...
while CCF deals with methods for evaluating the effect of inter-system and intra-system dependencies which tend to cause simultaneous failures and thus significant increases in overall risk.
In 2007 France
France
The French Republic , The French Republic , The French Republic , (commonly known as France , is a unitary semi-presidential republic in Western Europe with several overseas territories and islands located on other continents and in the Indian, Pacific, and Atlantic oceans. Metropolitan France...
was criticised for failing to use a PRA approach to evaluate the seismic risk
Seismic risk
Seismic risk uses the results of a seismic hazard analysis, and includes both consequence and probability. Seismic risk has been defined, for most management purposes, as the potential economic, social and environmental consequences of hazardous events that may occur in a specified period of time...
s of French nuclear power plants
Nuclear power in France
Nuclear power is the primary source of electric power in France. In 2004, 425.8 TWh out of the country's total production of 540.6 TWh of electricity was from nuclear power , the highest percentage in the world....
.
Criticism
Theoretically, the probabilistic risk assessment method suffers from several problems:
Nancy Leveson of MIT and her collaborators have argued PDF that the chain-of-event conception of accidents typically used for such risk assessments cannot account for the indirect, non-linear, and feedback relationships that characterize many accidents in complex systems. These risk assessments do a poor job of modeling human actions and their impact on known, let alone unknown, failure modes. Also, as a 1978 Risk Assessment Review Group Report to the NRC pointed out, it is "conceptually impossible to be complete in a mathematical sense in the construction of event-trees and fault-trees … This inherent limitation means that any calculation using this methodology is always subject to revision and to doubt as to its completeness."
In the case of many accidents, probabilistic risk assessment models do not account for unexpected failure modes:
At Japan's Kashiwazaki Kariwa reactors, for example, after the 2007 Chuetsu earthquake some radioactive materials escaped into the sea when ground subsidence pulled underground electric cables downward and created an opening in the reactor's basement wall. As a Tokyo Electric Power Company official remarked then, "It was beyond our imagination that a space could be made in the hole on the outer wall for the electric cables."
When it comes to future safety, nuclear designers and operators often assume that they know what is likely to happen, which is what allows them to assert that they have planned for all possible contingencies. Yet there is one weakness of the probabilistic risk assessment method that has been emphatically demonstrated with the Fukushima I nuclear accidents -- the difficulty of modeling common-cause or common-mode failures:
From most reports it seems clear that a single event, the tsunami, resulted in a number of failures that set the stage for the accidents. These failures included the loss of offsite electrical power to the reactor complex, the loss of oil tanks and replacement fuel for diesel generators, the flooding of the electrical switchyard, and perhaps damage to the inlets that brought in cooling water from the ocean. As a result, even though there were multiple ways of removing heat from the core, all of them failed.
See also
- Benefit risk
- Common mode failure
- Cost risk
- Reference class forecastingReference class forecastingReference class forecasting is the method of predicting the future, through looking at similar past situations and their outcomes.Reference class forcasting predicts the outcome of a planned action based on actual outcomes in a reference class of similar actions to that being forecast. The theories...
- Risk assessmentRisk assessmentRisk assessment is a step in a risk management procedure. Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situation and a recognized threat...
- Extreme riskExtreme riskExtreme risks are risks of very bad outcomes or "high consequence", but of low probability. They include the risks of terrorist attack,biosecurity risks such as the invasion of pests, and extreme natural disasters such as major earthquakes.-Introduction:...
- Risk management toolsRisk management toolsRisk Management is a non-intuitive field of study, where the most simple of models consist of a probability multiplied by an impact. Even understanding individual risks is difficult as multiple probabilities can contribute to Risk total probability, and impacts can be "units" of cost, time, events...
- Transportation safety in the United StatesTransportation safety in the United StatesTransportation safety has steadily improved in the United States for many decades. Between 1920 and 2000, the rate of fatal automobile accidents per vehicle-mile decreased by a factor of about 17. Except for a pause during the 1960s, progress in reducing fatal accidents has been steady. Safety for...