Professional Documents
Culture Documents
to
“Risk Assessment” 2.ed., 2020
Version 1.0
Contents
Preface 3
1 Introduction 4
5 Risk Acceptance 15
6 Measuring Risk 16
7 Risk Management 17
8 Accident Models 18
10 Hazard Identification 24
1
17 Security Assessment 33
2
Preface
Many concepts and topics are presented in the book, but it is mainly the au-
thors’ views that are highlighted. To get a broader view, we recommend you to
consult additional sources of information. Our objective in this supplement is to
point out some sources where you can start this process – and also to give some
guidance related to the various topics. The references suggested do not always
support our view of risk assessment. You are encouraged to compare and make
your own judgments. We have suggested a set of additional sources, but we do
not claim that these are the “best” sources to be found.
The note is far from complete and will be extended when our time schedule
is not so stressed. Ideas for additional material is always welcome and may be
sent by email to Stein Haugen.
This note lists all the chapters of the book and we have tried to place the
material in chapters that are relevant. Observe that the section structure of this
note does not follow the structure in the book.
This file includes many links to Internet resources. If a link is broken, please
send an email to Stein Haugen. In most cases, you may find the correct file by
searching the Internet.
3
Chapter 1
Introduction
SAE - Engineering Society for Advancing Mobility in Land, Sea, Air, and
Space
4
AFNOR - French Standards
Standards Australia
• Human Factors
5
• Journal of Risk and Governance
• Natural Hazards
• Nuclear Safety
• Risk Analysis
• Risk Management
• Safety Science
• Structural Safety
Relevant Conferences
A large number of safety, or risk, conferences are arranged every year. We have
listed some of these conferences, but the list is far from complete. The confer-
ences are listed alphabetically and the list does not indicate any priority.
• Center for Chemical Process Safety conferences
6
• European Safety and Reliability Conference – ESREL
Relevant Societies
A large number of societies/associations are available for people working with
safety and/or risk problems. You may find a lot of valuable information on their
web pages. The following list is very incomplete.
• “American Chemical Society” (Chemical Safety)
7
• “Royal Society for the Prevention of Accidents” (RoSPA)
• Herriot Watt University, Edinburgh (Great Britain): Safety and Risk Man-
agement
• UCLA Samueli (USA): B. John Garrick Institute for the Risk Sciences
• ALD Services
• BayesFusion
• DNV GL
• evision software
8
• “‘HUGIN”
• Item Software
• Quentic
• ReliaSoft
• Reliass
• Relyence
• SCRAM
Important Accidents
This section lists some important accidents that have happened after we submit-
ted the manuscript (mid 2019).
2020
• 8th of January: The Ukrainian Airline Flight 752 from Tehran to Kiev (Kyiv)
– a three years old Boeing 737-800 – with 176 persons on board was shot
down by a missile just after take-off from Tehran airport, Iran. All passen-
gers and staff were killed in the accident. The missile was launched by the
Iranian Air Defence. The Iranian authorities admitted having shot down
the plane, but claimed that it was due to an unintentional human error.
It is reason to believe this claim because an event of this type would – of
necessity – have only negative consequences for Iran.
2019
• November: Fire at petrochemical terminal in Deer Park southeast of Hous-
ton, TX. The terminal had a storage of 13.1 million barrels. No injuries, but
significant pollution. The terminal was owned by Intercontinental Termi-
nals Company (ITC). Much more information on the Internet.
9
Chapter 2
Terminology
A number of glossaries related to safety and risk are available. The following
may be useful:
• The Society for Risk Analysis provides a Risk Analysis Glossary that is
freely available.
• ISO Browsing Platform makes it possible to search for terms in all ISO
standards.
• The IADC Lexicon is made for the oil and gas industry, but contains many
terms that are relevant for other applications.
Additional Reading
A good, comprehensive, and free introduction to Bayesian probability and Bayesian
methods is:
10
• Bayesian Inference for NASA Probabilistic Risk and Reliability Analysis. (Dez-
fuli et al., 2009)
Another View
The authors found the following reference to be of great interest:
11
Chapter 3
Additional Reading
• What is Risk Assessment?
• ABS: Guidenace notes on risk assessment applications for the marine and
offshore oil and gas industries
12
Chapter 4
Systems
• OHS Body of Knowledge: Systems
The two last references contain much more information than what is required at
this stage of this chapter of the book.
Functional Analysis
• SADT – Structured Analysis & Design Technique (Presentation by Yuling
Li)
• For more information about IDEF, you may start by reading the Wikipedia
entry and the references therein.
Complexity
• Ladyman, J. and Lambert, J. (2012): “What is a Complex System?”
13
• Heylighen, F., Cilliers, P. and Gershenson, C.: “Complexity and Philoso-
phy”
14
Chapter 5
Risk Acceptance
Additional Reading
• The Tolerability of Risk from Nuclear Power Stations, HSE (1992) is a funda-
mental report in this area and should be studied by all people interested in
risk acceptance and risk tolerability. The report can be downloaded from
the UK Office of Nuclear Regulation.
• DNV GL: “Risk Acceptance Criteria and Risk Based Damage Stability. Final
Report, part 1: Risk Acceptance Criteria”
• Fischhoff, B., Lichtenstein, S., and Keeney, R.L. (1981) “Acceptable Risk”,
Cambridge University Press, Cambridge, UK.
15
Chapter 6
Measuring Risk
Additional Reading
• Jonkman, B., van Gelder, P. and Vrijling, H. (2002): “An overview of quan-
titative risk measures and their application for calculation of flood risk”
16
Chapter 7
Risk Management
Additional reading
• Guide to Integrated Risk Management (Canada)
17
Chapter 8
Accident Models
We have split the recommendations for further reading into two overlapping
sections. For several of the references, it may be difficult to judge which section
they belong to.
Accident Models
• Qureshi, Z. H. (2008): A review of accident modelling approaches for com-
plex critical sociotechnical systems, Defence Science and Technology Or-
ganisation, Australia.
• Hopkins, Andrew: “An AcciMap of the Esso Australia Gas Plant Explosion”
Accident Investigation
• OSH Wiki: “Accident investigation techniques”
18
• Sklet, Snorre: “Methods for accident investigation”
19
Chapter 9
Accident Databases
A range of databases and data sources provide brief descriptions and character-
istics of accidents and incidents that have occurred.
• PSID - Process Safety Incident Database (is operated by the Center for Chem-
ical Process Safety CCPS)
• Aviation accident database & synopses (is operated by the National Trans-
portation Safety Board, USA)
20
• IRTAD - International Road Traffic and Accident Database (OECD)
• WOAD - World Offshore Accident Database (is operated by Det Norske Ver-
itas DNV)
• Accident statistics for fixed offshore units on the UK Continental Shelf (UK
HSE report)
• Accident statistics for mobile offshore units on the UK Continental Shelf (UK
HSE report)
• AirSafe.com
• PlaneCrashInfo
Failure Categories
Complicated items often have a high number of functions and thereby an even
higher number of potential failure modes. Many of the potential failure modes
were identified as part of the FMECAs performed during item design and devel-
opment and may relate to many different applications. It is obvious that poten-
tial failure modes that are relevant to operational availability, warranty, life cycle
cost, etc., may not at all be relevant in a risk analysis.
In a risk assessment, reliability data (e.g., failure rate estimates) are mainly
used to determine the probability or frequency of the initiating event (and other
events) and the reliability of the various safety barriers. As discussed in Chap-
ter14, barrier failures are often classified as:
A specific failure can therefore be an DU, DD, SU, or an SD failure. These four
categories of failures may be briefly explained as follows:
21
without being detected. The last requirements means that the barrier fail-
ure remains undetected until the barrier is tested/inspected or demanded
in a critical situation. When a barrier is tested annually and a DU failure is
revealed in the test, this means that the barrier may have been unavailable
as a safety barrier for up to a year. A DU failure is the most critical failure
of a barrier in a risk analysis.
DD failure. A failure is dangerous and detected (DD) when it prevents the bar-
rier from performing its safety function, but is detected almost immedi-
ately. This means that precautions may be taken (e.g., the process may be
stopped or operating personnel may be posted to perform the function of
the barrier). The DD failure usually needs to be repaired and the repair
action may be dangerous both for the maintenance crew and for the study
object. The repair may sometimes be performed on-line, by inhibiting the
failed item – which may result in a higher risk during the repair action. In
other cases, the study object may be stopped during the repair.
SU failure. A safe and undetected failure does not directly cause any problems
for the safety function of the barrier and this failure will remain undetected
until the item is inspected or tested. An SU failure may lead to increased
risk during the repair action.
SD failure. A safe and detected failure does not directly influence the safety
function of the barrier. Depending on the operational criticality of the
DD failure, a repair action may be immediate or delayed. In any case, the
increased risk during the repair action needs to be considered.
The formulas developed in IEC 61508 and in Rausand (2014) are based on these
four failure categories.
A Caveat
The failure modes found in datasources (e.g., OREDA, 2015) do not at all comply
with this failure classification and it may often be difficult to transfer the data
found in the datasources to your specific risk assessment application. When us-
ing such data, you should consult technical specialists to verify that the estimates
you are using in the analysis are realistic and relevant.
Additional reading
• NUREG/CR-6823 (2002): Handbook of parameter estimation for probabilis-
tic risk assessment
22
• IAEA-TECHDOC-1048 (1998): Collection and classification of human reli-
ability data for use in probabilistic safety assessments
23
Chapter 10
Hazard Identification
FMECA
• Ford: FMEA Handbook
HAZOP
• PrimaTech: HAZOP
24
• What is HAZOP?
SWIFT
• Swift toolkit
STPA
• Nancy Leveson has a website that contains a lot of information about STPA
- information can be found here.
25
Chapter 11
Bayesian Networks
• Bayesian networks - an introduction
26
Markov Methods
• Brown: Markov Models and Reliability
27
Chapter 12
28
Chapter 13
Common-Cause Failures
• NUREG/CR-5485: “Guidelines on Modeling Common-Cause Failures in
Probabilistic Risk Assessment”
29
Chapter 14
Additional Reading
• U.S. DoE: “Hazard and Barrier Analysis Guidance Document”
30
Chapter 15
Additional Reading
• HSE: Review of human reliability assessment methods
31
Chapter 16
• Paltrinieri, N. and Khan, F.: “Dynamic Risk Analysis in the Chemical and
Petroleum Industry: Evolution and Interaction with Parallel Disciplines in
the Perspective of Industrial Application”, Butterworth Heinemann, 2016
32
Chapter 17
Security Assessment
Additional Reading
• Survey of Cyber Security Standards.
Important Organizations
We have listed some main organizations or centers that are engaged in cyber
security problems. A lot of valuable information may be found on the home
pages of these organizations/centers.
• Australia
33
– National Security
– Australian Cyber Security Growth Network (AustCyber)
• Canada
• Norway
• United Kingdom
• United States
34
Chapter 18
Additional Reading
• US DoD: “MIL-STD-882E System Safety”
35
Chapter 19
Additional Reading
• Abrahamson: “Uncertainty in Quantitative Risk Analysis - Characterisa-
tion and Methods of Treatment”
36
Chapter 20
Agricultural Risk
• Introduction to Risk Management
Aviation
• The “System Safety Handbook” of the U.S. Federal Aviation Administration
(FAA) may be worth spending some hours reading.
Food
• Hazard Analysis and Risk-Based Preventive Controls for Human Food:
Guidance for Industry
37
• Terrorism and the Chemical Infrastructure: Protecting People and Reduc-
ing Vulnerabilities
Further Reading
• Risk-Informed Decision Making: A Survey of United States Experience
• Safety of offshore oil and gas operations: Lessons from past accident anal-
ysis
38
Project Risk
• Project Risk Management Handbook
39
Appendix A
40
Bibliography
Dezfuli, H., Kelly, D., Smith, C., Vedros, K., and Galyean, W. (2009). Bayesian
inference for NASA probabilistic risk and reliability analysis. Technical Re-
port NASA/SP-2009-569, U.S. National Aeronautics and Space Administration,
Washington, DC.
HSE (1992). The Tolerability of Risk from Nuclear Power Stations. HMSO, London.
NASA (2002). Fault tree handbook with aerospace applications. Handbook, U.S.
National Aeronautics and Space Administration, Washington, DC.
OREDA (2015). Offshore and Onshore Reliability Data. OREDA Participants, DNV
GL, 1322 Høvik, Norway, 6th edition.
41