Risk Analysis: An International Journal
Resilience is the capability of a system to adjust its functionality during a disturbance or perturbation. The present work attempts to quantify resilience as a function of reliability, vulnerability, and maintainability. The approach assesses proactive and reactive defense mechanisms along with operational factors to respond to unwanted disturbances and perturbation. This article employs a Bayesian network format to build a resilience model. The application of the model is tested on hydrocarbon-release scenarios during an offloading operation in a remote and harsh environment. The model identifies requirements for robust recovery and adaptability during an unplanned scenario related to a hydrocarbon release. This study attempts to relate the resilience capacity of a system to the system's absorptive, adaptive, and restorative capacities. These factors influence predisaster and postdisaster strategies that can be mapped to enhance the resilience of the system.
Variability in Cross-Domain Risk Perception among Smallholder Farmers in Mali by Gender and Other Demographic and Attitudinal Characteristics
Previous research has shown that men and women, on average, have different risk attitudes and may therefore see different value propositions in response to new opportunities. We use data from smallholder farm households in Mali to test whether risk perceptions differ by gender and across domains. We model this potential association across six risks (work injury, extreme weather, community relationships, debt, lack of buyers, and conflict) while controlling for demographic and attitudinal characteristics. Factor analysis highlights extreme weather and conflict as eliciting the most distinct patterns of participant response. Regression analysis for Mali as a whole reveals an association between gender and risk perception, with women expressing more concern except in the extreme weather domain; however, the association with gender is largely absent when models control for geographic region. We also find lower risk perception associated with an individualistic and/or fatalistic worldview, a risk-tolerant outlook, and optimism about the future, while education, better health, a social orientation, self-efficacy, and access to information are generally associated with more frequent worry—with some inconsistency. Income, wealth, and time poverty exhibit complex associations with perception of risk. Understanding whether and how men's and women's risk preferences differ, and identifying other dominant predictors such as geographic region and worldview, could help development organizations to shape risk mitigation interventions to increase the likelihood of adoption, and to avoid inadvertently making certain subpopulations worse off by increasing the potential for negative outcomes.
The work in the article presents the development of an application guide based on feedback and comments stemming from various railway actors on their practices of SIL allocation to railway safety-related functions. The initial generic methodology for SIL allocation has been updated to be applied to railway rolling stock safety-related functions in order to solve the SIL concept application issues. Various actors dealing with railway SIL allocation problems are the intended target of the methodology; its principles will be summarized in this article with a focus on modifications and precisions made in order to establish a practical guide for railway safety authorities. The methodology is based on the flowchart formalism used in CSM (common safety method) European regulation. It starts with the use of quantitative safety requirements, particularly tolerable hazard rates (THR). THR apportioning rules are applied. On the one hand, the rules are related to classical logical combinations of safety-related functions preventing hazard occurrence. On the other hand, to take into account technical conditions (last safety weak link, functional dependencies, technological complexity, etc.), specific rules implicitly used in existing practices are defined for readjusting some THR values. SIL allocation process based on apportioned and validated THR values is finally illustrated through the example of “emergency brake” subsystems. Some specific SIL allocation rules are also defined and illustrated.
Fear of infectious disease often motivates people to protect themselves. But, it can also produce negative bio-social-psychological effects whose severity is on par with those of the disease. The WHO declaration of Zika as a world health crisis presented an opportunity to study factors that bring about fear. Beginning nine days after the WHO announcement, data were gathered from women aged 18–35 living in the southern United States (N = 719). Respondents reported experiencing fear of Zika at levels akin to those reported following other significant crises/disasters (e.g., the terrorist attacks of 9/11). Fear increased as a function of (1) personal, but not other-relevance, (2) frequency of media exposure, but not media content, and (3) frequency of interpersonal exposure and interpersonal content. It is argued that media and interpersonal message sources may be innately predisposed to amplify, rather than attenuate, risk.
Risk analysts are often concerned with identifying key safety drivers, that is, the systems, structures, and components (SSCs) that matter the most to safety. SSCs importance is assessed both in the design phase (i.e., before a system is built) and in the implementation phase (i.e., when the system has been built) using the same importance measures. However, in a design phase, it would be necessary to appreciate whether the failure/success of a given SSC can cause the overall decision to change from accept to reject (decision significance). This work addresses the search for the conditions under which SSCs that are safety significant are also decision significant. To address this issue, the work proposes the notion of a θ-importance measure. We study in detail the relationships among risk importance measures to determine which properties guarantee that the ranking of SSCs does not change before and after the decision is made. An application to a probabilistic safety assessment model developed at NASA illustrates the risk management implications of our work.
Mitigating Litigating: An Examination of Psychosocial Impacts of Compensation Processes Associated with the 2010 BP Deepwater Horizon Oil Spill
During the past four decades, a number of social science scholars have conceptualized technological disasters as a social problem. More specifically, research in this arena has identified individual and collective stress as a secondary trauma of processes intended to provide compensation and economic relief from disasters in general and, more specifically, technological disasters. Based on data from a 2013 household telephone survey of 1,216 residents of coastal Alabama, this article examines the relationship between psychosocial stress and compensation processes related to the 2010 BP Deepwater Horizon oil spill. We examine involvement with claims, settlement, and litigation activities; vulnerability and exposure to the spill; ties to resources; resource loss and gain; perceptions of risk and recreancy; and intrusive stress and avoidance behaviors as measured by the impact of event scale. Regression analysis reveals that the strongest contributors to intrusive stress were being part of the compensation process, resource loss, concerns about air quality, and income. Although being involved with compensation processes was a significant predictor of avoidance behaviors, the strongest contributors to avoidance behaviors were resource loss, air quality concern, income, being male, minority status, and community attachment. Beliefs that the compensation process was as distressing as the oil spill also significantly contributed to intrusive stress and avoidance behaviors. This research represents a step toward filling a gap in empirical evidence regarding the extent to which protracted compensation processes exacerbate adverse psychosocial impacts of disasters and hinder community recovery.
Climate change and its projected natural hazards have an adverse impact on the functionality and operation of transportation infrastructure systems. This study presents a comprehensive framework to analyze the risk to transportation infrastructure networks that are affected by natural hazards. The proposed risk analysis method considers both the failure probability of infrastructure components and the expected infrastructure network efficiency and capacity loss due to component failure. This comprehensive approach facilitates the identification of high-risk network links in terms of not only their susceptibility to natural hazards but also their overall impact on the network. The Chinese national rail system and its exposure to rainfall-related multihazards are used as a case study. The importance of various links is comprehensively assessed from the perspectives of topological, efficiency, and capacity criticality. Risk maps of the national railway system are generated, which can guide decisive action regarding investments in preventative and adaptive measures to reduce risk.
Fault trees are used in reliability modeling to create logical models of fault combinations that can lead to undesirable events. The output of a fault tree analysis (the top event probability) is expressed in terms of the failure probabilities of basic events that are input to the model. Typically, the basic event probabilities are not known exactly, but are modeled as probability distributions: therefore, the top event probability is also represented as an uncertainty distribution. Monte Carlo methods are generally used for evaluating the uncertainty distribution, but such calculations are computationally intensive and do not readily reveal the dominant contributors to the uncertainty. In this article, a closed-form approximation for the fault tree top event uncertainty distribution is developed, which is applicable when the uncertainties in the basic events of the model are lognormally distributed. The results of the approximate method are compared with results from two sampling-based methods: namely, the Monte Carlo method and the Wilks method based on order statistics. It is shown that the closed-form expression can provide a reasonable approximation to results obtained by Monte Carlo sampling, without incurring the computational expense. The Wilks method is found to be a useful means of providing an upper bound for the percentiles of the uncertainty distribution while being computationally inexpensive compared with full Monte Carlo sampling. The lognormal approximation method and Wilks’s method appear attractive, practical alternatives for the evaluation of uncertainty in the output of fault trees and similar multilinear models.
In the field of risk analysis, the normative value systems underlying accepted methodology are rarely explicitly discussed. This perspective provides a critique of the various ethical frameworks that can be used in risk assessments and risk management decisions. The goal is to acknowledge philosophical weaknesses that should be considered and communicated in order to improve the public acceptance of the work of risk analysts.
Risk Assessment of Salmonellosis from Consumption of Alfalfa Sprouts and Evaluation of the Public Health Impact of Sprout Seed Treatment and Spent Irrigation Water Testing
We developed a risk assessment of human salmonellosis associated with consumption of alfalfa sprouts in the United States to evaluate the public health impact of applying treatments to seeds (0–5-log10 reduction in Salmonella) and testing spent irrigation water (SIW) during production. The risk model considered variability and uncertainty in Salmonella contamination in seeds, Salmonella growth and spread during sprout production, sprout consumption, and Salmonella dose response. Based on an estimated prevalence of 2.35% for 6.8 kg seed batches and without interventions, the model predicted 76,600 (95% confidence interval (CI) 15,400–248,000) cases/year. Risk reduction (by 5- to 7-fold) predicted from a 1-log10 seed treatment alone was comparable to SIW testing alone, and each additional 1-log10 seed treatment was predicted to provide a greater risk reduction than SIW testing. A 3-log10 or a 5-log10 seed treatment reduced the predicted cases/year to 139 (95% CI 33–448) or 1.4 (95% CI <1–4.5), respectively. Combined with SIW testing, a 3-log10 or 5-log10 seed treatment reduced the cases/year to 45 (95% CI 10–146) or <1 (95% CI <1–1.5), respectively. If the SIW coverage was less complete (i.e., less representative), a smaller risk reduction was predicted, e.g., a combined 3-log10 seed treatment and SIW testing with 20% coverage resulted in an estimated 92 (95% CI 22–298) cases/year. Analysis of alternative scenarios using different assumptions for key model inputs showed that the predicted relative risk reductions are robust. This risk assessment provides a comprehensive approach for evaluating the public health impact of various interventions in a sprout production system.
Induced Earthquakes from Long-Term Gas Extraction in Groningen, the Netherlands: Statistical Analysis and Prognosis for Acceptable-Risk Regulation
Recently, growing earthquake activity in the northeastern Netherlands has aroused considerable concern among the 600,000 provincial inhabitants. There, at 3 km deep, the rich Groningen gas field extends over 900 km2 and still contains about 600 of the original 2,800 billion cubic meters (bcm). Particularly after 2001, earthquakes have increased in number, magnitude (M, on the logarithmic Richter scale), and damage to numerous buildings. The man-made nature of extraction-induced earthquakes challenges static notions of risk, complicates formal risk assessment, and questions familiar conceptions of acceptable risk. Here, a 26-year set of 294 earthquakes with M ≥ 1.5 is statistically analyzed in relation to increasing cumulative gas extraction since 1963. Extrapolations from a fast-rising trend over 2001–2013 indicate that—under “business as usual”—around 2021 some 35 earthquakes with M ≥ 1.5 might occur annually, including four with M ≥ 2.5 (ten-fold stronger), and one with M ≥ 3.5 every 2.5 years. Given this uneasy prospect, annual gas extraction has been reduced from 54 bcm in 2013 to 24 bcm in 2017. This has significantly reduced earthquake activity, so far. However, when extraction is stabilized at 24 bcm per year for 2017–2021 (or 21.6 bcm, as judicially established in Nov. 2017), the annual number of earthquakes would gradually increase again, with an expected all-time maximum M ≈ 4.5. Further safety management may best follow distinct stages of seismic risk generation, with moderation of gas extraction and massive (but late and slow) building reinforcement as outstanding strategies. Officially, “acceptable risk” is mainly approached by quantification of risk (e.g., of fatal building collapse) for testing against national safety standards, but actual (local) risk estimation remains problematic. Additionally important are societal cost–benefit analysis, equity considerations, and precautionary restraint. Socially and psychologically, deliberate attempts are made to improve risk communication, reduce public anxiety, and restore people's confidence in responsible experts and policymakers.
Current approaches to risk management place insufficient emphasis on the system knowledge available to the assessor, particularly in respect of the dynamic behavior of the system under threat, the role of human agents (HAs), and the knowledge available to those agents.
In this article, we address the second of these issues. We are concerned with a class of systems containing HAs playing a variety of roles as significant system elements—as decisionmakers, cognitive agents, or implementers—that is, human activity systems. Within this family of HAS, we focus on safety and mission-critical systems, referring to this subclass as critical human activity systems (CHASs).
Identification of the role and contribution of these human elements to a system is a nontrivial problem whether in an engineering context, or, as is the case here, in a wider social and public context. Frequently, they are treated as standing apart from the system in design or policy terms. Regardless of the process of policy definition followed, analysis of the risk and threats to such a CHAS requires a holistic approach, since the effect of undesirable, uninformed, or erroneous actions on the part of the human elements is both potentially significant to the system output and inextricably bound together with the nonhuman elements of the system.
We present a procedure for identifying the potential threats and risks emerging from the roles and activity of those HAs, using the 2014 flooding in southwestern England and the Thames Valley as a contemporary example.
Security of the systems is normally interdependent in such a way that security risks of one part affect other parts and threats spread through the vulnerable links in the network. So, the risks of the systems can be mitigated through investments in the security of interconnecting links. This article takes an innovative look at the problem of security investment of nodes on their vulnerable links in a given contagious network as a game-theoretic model that can be applied to a variety of applications including information systems. In the proposed game model, each node computes its corresponding risk based on the value of its assets, vulnerabilities, and threats to determine the optimum level of security investments on its external links respecting its limited budget. Furthermore, direct and indirect nonlinear influences of a node's security investment on the risks of other nodes are considered. The existence and uniqueness of the game's Nash equilibrium in the proposed game are also proved. Further analysis of the model in a practical case revealed that taking advantage of the investment effects of other players, perfectly rational players (i.e., those who use the utility function of the proposed game model) make more cost-effective decisions than selfish nonrational or semirational players.
This article analyzes the role of dynamic economic resilience in relation to recovery from disasters in general and illustrates its potential to reduce disaster losses in a case study of the Wenchuan earthquake of 2008. We first offer operational definitions of the concept linked to policies to promote increased levels and speed of investment in repair and reconstruction to implement this resilience. We then develop a dynamic computable general equilibrium (CGE) model that incorporates major features of investment and traces the time-path of the economy as it recovers with and without dynamic economic resilience. The results indicate that resilience strategies could have significantly reduced GDP losses from the Wenchuan earthquake by 47.4% during 2008–2011 by accelerating the pace of recovery and could have further reduced losses slightly by shortening the recovery by one year. The results can be generalized to conclude that shortening the recovery period is not nearly as effective as increasing reconstruction investment levels and steepening the time-path of recovery. This is an important distinction that should be made in the typically vague and singular reference to increasing the speed of recovery in many definitions of dynamic resilience.
A Mathematical Model for Pathogen Cross-Contamination Dynamics during the Postharvest Processing of Leafy Greens
We developed a probabilistic mathematical model for the postharvest processing of leafy greens focusing on Escherichia coli O157:H7 contamination of fresh-cut romaine lettuce as the case study. Our model can (i) support the investigation of cross-contamination scenarios, and (ii) evaluate and compare different risk mitigation options. We used an agent-based modeling framework to predict the pathogen prevalence and levels in bags of fresh-cut lettuce and quantify spread of E. coli O157:H7 from contaminated lettuce to surface areas of processing equipment. Using an unbalanced factorial design, we were able to propagate combinations of random values assigned to model inputs through different processing steps and ranked statistically significant inputs with respect to their impacts on selected model outputs. Results indicated that whether contamination originated on incoming lettuce heads or on the surface areas of processing equipment, pathogen prevalence among bags of fresh-cut lettuce and batches was most significantly impacted by the level of free chlorine in the flume tank and frequency of replacing the wash water inside the tank. Pathogen levels in bags of fresh-cut lettuce were most significantly influenced by the initial levels of contamination on incoming lettuce heads or surface areas of processing equipment. The influence of surface contamination on pathogen prevalence or levels in fresh-cut bags depended on the location of that surface relative to the flume tank. This study demonstrates that developing a flexible yet mathematically rigorous modeling tool, a “virtual laboratory,” can provide valuable insights into the effectiveness of individual and combined risk mitigation options.
A Systems-Based Risk Assessment Framework for Intentional Electromagnetic Interference (IEMI) on Critical Infrastructures
Modern infrastructures are becoming increasingly dependent on electronic systems, leaving them more vulnerable to electrical surges or electromagnetic interference. Electromagnetic disturbances appear in nature, e.g., lightning and solar wind; however, they may also be generated by man-made technology to maliciously damage or disturb electronic equipment. This article presents a systematic risk assessment framework for identifying possible, consequential, and plausible intentional electromagnetic interference (IEMI) attacks on an arbitrary distribution network infrastructure. In the absence of available data on IEMI occurrences, we find that a systems-based risk assessment is more useful than a probabilistic approach. We therefore modify the often applied definition of risk, i.e., a set of triplets containing scenario, probability, and consequence, to a set of quadruplets: scenario, resource requirements, plausibility, and consequence. Probability is “replaced” by resource requirements and plausibility, where the former is the minimum amount and type of equipment necessary to successfully carry out an attack scenario and the latter is a subjective assessment of the extent of the existence of attackers who possess the motivation, knowledge, and resources necessary to carry out the scenario. We apply the concept of intrusion areas and classify electromagnetic source technology according to key attributes. Worst-case scenarios are identified for different quantities of attacker resources. The most plausible and consequential of these are deemed the most important scenarios and should provide useful decision support in a countermeasures effort. Finally, an example of the proposed risk assessment framework, based on notional data, is provided on a hypothetical water distribution network.
Modeling Poliovirus Transmission in Pakistan and Afghanistan to Inform Vaccination Strategies in Undervaccinated Subpopulations
Due to security, access, and programmatic challenges in areas of Pakistan and Afghanistan, both countries continue to sustain indigenous wild poliovirus (WPV) transmission and threaten the success of global polio eradication and oral poliovirus vaccine (OPV) cessation. We fitted an existing differential-equation-based poliovirus transmission and OPV evolution model to Pakistan and Afghanistan using four subpopulations to characterize the well-vaccinated and undervaccinated subpopulations in each country. We explored retrospective and prospective scenarios for using inactivated poliovirus vaccine (IPV) in routine immunization or supplemental immunization activities (SIAs). The undervaccinated subpopulations sustain the circulation of serotype 1 WPV and serotype 2 circulating vaccine-derived poliovirus. We find a moderate impact of past IPV use on polio incidence and population immunity to transmission mainly due to (1) the boosting effect of IPV for individuals with preexisting immunity from a live poliovirus infection and (2) the effect of IPV-only on oropharyngeal transmission for individuals without preexisting immunity from a live poliovirus infection. Future IPV use may similarly yield moderate benefits, particularly if access to undervaccinated subpopulations dramatically improves. However, OPV provides a much greater impact on transmission and the incremental benefit of IPV in addition to OPV remains limited. This study suggests that despite the moderate effect of using IPV in SIAs, using OPV in SIAs remains the most effective means to stop transmission, while limited IPV resources should prioritize IPV use in routine immunization.