On the Development of Threshold Criteria for Action for Light Water Reactors

A survey of recently proposed threshold criteria for regulatory action on light water reactors (LWRs) is presented together with some commentary. This is followed by a new proposal for threshold action criteria which includes some different risk attributes than are found in previous criteria. Some preliminary risk values are suggested for the criteria and then evaluated in terms of a few hypothetical accident scenarios. Finally, several licensing issues are examined in terms of various threshold action criteria.     

Risk Criteria for Nuclear Power Plants: A Pragmatic Proposal1

Criteria are proposed for both an acceptable upper bound of nuclear power plant risk and a lower bound as a design target. Recognizing that the public risk associated with a power plant can be estimated only by probabilistic analysis of the design features, the spread between the lower design target and the upper bound provides a margin for uncertainty in th probabilistic estimate. The combination of a low probabilistic design target and this margin provides a reasonable expectation that the overall performance will be in the domain of an acceptable risk level. Because the exposure to potential risk is chiefly in the locality of the nuclear station, it is also proposed that compensatory benefits should be provided locally and that these be included as a cost of operation. It is suggested that the upper bound be set at a risk level equivalent to those risks of routine living which are normally accepted, i.e., about 10^-4 deaths per year per person (100 deaths/yr/million). The proposed lower design target is 10^-8 (0.1 deaths/yr/million), about one-hundredth of the minimal risk from the natural hazards all people are exposed to.     

The Risk Criteria for Assessment of Temporary Changes in a Nuclear Power Plant

Risk criterion is a term that may distinguish between what is considered as an acceptable level of safety and what is not. One of the ways of determining quantitative risk criteria for temporary changes in a nuclear power plant considering probabilistic safety assessment is presented. Risk criteria are based on timing and on time duration of the change. Several examples of temporary changes in a nuclear power plant were examined to evaluate the criteria. Results show that it is possible to determine a set of risk criteria for temporary changes. Risk criteria can represent a standpoint for risk-informed decision making.     

Risk Management and Decision Rules for Light Water Reactors

A quantitative approach to risk management for accidents in light water nuclear power reactors is proposed to serve as one focus for discussion. In this proposal risk management is divided into two major tasks: the predominantly social and political task of setting the safety goals and the technical task of estimating the risks and deciding whether the safety goals have been met. The proposed safety goals include limits on the following: risk to the individual of early death or delayed cancer death; overall societal risk of early or delayed death; and the frequency of core melt accidents as well as the frequency of containment failure, given a core melt. Also included are a small element of risk aversion and an "as low as reasonably achievable" (ALARA) approach with a cost-effectviness criterion which includes both economic and health effects.     

Challenges to the Acceptance of Probabilistic Risk Analysis

This paper discusses a number of the key challenges to the acceptance and application of probabilistic risk analysis (PRA). Those challenges include: (a) the extensive reliance on subjective judgment in PRA, requiring the development of guidance for the use of PRA in risk-informed regulation, and possibly the development of robust or reference prior distributions to minimize the reliance on judgment; and (b) the treatment of human performance in PRA, including not only human error per se but also management and organizational factors more broadly. All of these areas are seen as presenting interesting research challenges at the interface between engineering and other disciplines.     

On the Meaning and Use of the Risk Appetite Concept

The risk appetite concept has been given considerable attention recently in enterprise risk management contexts. A number of definitions exist, most with a link to risk acceptability, but also values and goals. The usefulness of the concept is, however, disputed; some authors argue that we can in fact do better without it. In this article, we provide a thorough discussion of what the risk appetite concept is actually trying to express and how it best can be used in the relevant decision making. The main purposes of the article are (i) to argue that the risk appetite concept, suitably interpreted, has a role to play in risk management, (ii) to show that the risk appetite concept is well supported by some types of risk perspectives and not by others, and (iii) to show how the risk appetite concept is linked to other related concepts, such as risk seeking and risk acceptability. The risk perspectives studied range from expected value and probability based definitions of risk to views on risk, that are founded on uncertainties.     

VaR风险度量下的安全第一标准

本文给出了在绩效--VaR风险有效前沿上,满足安全第一标准的最优证券组合的求解方法和相关结果.这些结果可以使金融机构和投资者在满足其给定安全标准的前提下选取到最优的证券组合.     

The Use of Individual and Societal Risk Criteria Within the Dutch Flood Safety Policy—Nationwide Estimates of Societal Risk and Policy Applications

The Dutch government is in the process of revising its flood safety policy. The current safety standards for flood defenses in the Netherlands are largely based on the outcomes of cost‐benefit analyses. Loss of life has not been considered separately in the choice for current standards. This article presents the results of a research project that evaluated the potential roles of two risk metrics, individual and societal risk, to support decision making about new flood safety standards. These risk metrics are already used in the Dutch major hazards policy for the evaluation of risks to the public. Individual risk concerns the annual probability of death of a person. Societal risk concerns the probability of an event with many fatalities. Technical aspects of the use of individual and societal risk metrics in flood risk assessments as well as policy implications are discussed. Preliminary estimates of nationwide levels of societal risk are presented. Societal risk levels appear relatively high in the southwestern part of the country where densely populated dike rings are threatened by a combination of river and coastal floods. It was found that cumulation, the simultaneous flooding of multiple dike rings during a single flood event, has significant impact on the national level of societal risk. Options for the application of the individual and societal risk in the new flood safety policy are presented and discussed.     

Public Acceptance of Fully Automated Driving: Effects of Social Trust and Risk/Benefit Perceptions

Automated driving (AD) is one of the most significant technical advances in the transportation industry. Its safety, economic, and environmental benefits cannot be realized if it is not used. To explain, predict, and increase its acceptance, we need to understand how people perceive and why they accept or reject AD technology. Drawing upon the trust heuristic, we tested a psychological model to explain three acceptance measures of fully AD (FAD): general acceptance, willingness to pay (WTP), and behavioral intention (BI). This heuristic suggests that social trust can directly affect acceptance or indirectly affect acceptance through perceived benefits and risks. Using a survey (N = 441), we found that social trust retained a direct effect as well as an indirect effect on all FAD acceptance measures. The indirect effect of social trust was more prominent in forming general acceptance; the direct effect of social trust was more prominent in explaining WTP and BI. Compared to perceived risk, perceived benefit was a stronger predictor of all FAD acceptance measures and also a stronger mediator of the trust–acceptance relationship. Predictive ability of the proposed model for the three acceptance measures was confirmed. We discuss the implications of our results for theory and practice.     

Use of an ISO 14000 Option in Implementing EPA's Rule on Risk Management Programs for Chemical Accidental Release Prevention

EPA's rule of Risk Management Programs for Chemical Accidental Release Prevention applies to facilities that manufacture, process, use, store, or otherwise handle regulated substances at or above specified threshold quantities. EPA estimates that approximately 66,000 facilities nationwide will be regulated under the rule. This paper examines the use of a structured ISO 14000 mechanism as option-regulated facilities could elect for implementation of the rule. Under the ISO 14000 option, facilities would commit to additional obligations regarding information disclosure, discussions with potentially affected publics, and timely correction of deficiencies noted in annual ISO 14000 audits of their compliance with the Risk Management Program they submit to the EPA under the rule. In return, facilities would be granted significant relief in regard to both EPA audit frequency and the penalties that might be applied for any items of noncompliance with the rule noted during the course of implementing agency reviews of the facility. The paper concludes with a discussion of the advantages and disadvantages of this option to potentially affected stakeholders.     

An Evaluation of Alternative Safety Criteria for Nuclear Power Plants

Safety criteria for frequency of nuclear-reactor accidents and for reactor-induced risk to individuals and to society are evaluated on the basis of their comprehensiveness, clarity, recognition of uncertainty, practicability, defensibility, simplicity, and internal consistency. Many criteria were found to be comprehensive and practicable; few completely satisfied the other evaluation standards. A consensus inferred from the most favorably evaluated criteria would allow between 1.0time10^-4 and 1.0time10^-3 core melts per reactor year, between 1.0time10^-6 and 2.0time10^-5 fatalities per reactor year per individual, and a total exposure in the United States of between 1000 and 10,000 person rems per reactor year. This consensus is consistent with the criteria proposed in NUREG0880.     

The Importance of Multiple Performance Criteria for Understanding Trust in Risk Managers

Effective risk management requires balancing several, sometimes competing, goals, such as protecting public health and ensuring cost control. Research examining public trust of risk managers has largely focused on trust that is unspecified or for a single goal. Yet it can be reasonable to have a high level of trust in one aspect of a target's performance but not another. Two studies involving redevelopment of contaminated land (Study 1) and drinking water standards (Study 2) present preliminary evidence on the value of distinguishing between performance criteria for understanding of trust. Study 1 assessed perceptions of several trust targets (councilors, developers, scientists, residents) on their competence (capacity to achieve goals) and willingness to take action under uncertainty for four criteria. Study 2 assessed competence, willingness, and trust for five criteria regarding a single government agency. In both studies overall trust in each target was significantly better explained by considering perceptions of their performance on multiple criteria than on the single criterion of public health. In Study 1, the influence of criteria also varied plausibly across trust targets (e.g., willingness to act under uncertainty increased trust in developers on cost control and councilors on local economic improvement, but decreased it for both targets on environmental protection). Study 2 showed that explained variance in trust increased with both dimension‐ and trust‐based measures of criteria. Further conceptual and methodological development of the notion of multiple trust criteria could benefit our understanding of stated trust judgments.     

Eliciting and Combining Decision Criteria Using a Limited Palette of Utility Functions and Uncertainty Distributions: Illustrated by Application to Pest Risk Analysis

Utility functions in the form of tables or matrices have often been used to combine discretely rated decision‐making criteria. Matrix elements are usually specified individually, so no one rule or principle can be easily stated for the utility function as a whole. A series of five matrices are presented that aggregate criteria two at a time using simple rules that express a varying degree of constraint of the lower rating over the higher. A further nine possible matrices were obtained by using a different rule either side of the main axis of the matrix to describe situations where the criteria have a differential influence on the outcome. Uncertainties in the criteria are represented by three alternative frequency distributions from which the assessors select the most appropriate. The output of the utility function is a distribution of rating frequencies that is dependent on the distributions of the input criteria. In pest risk analysis (PRA), seven of these utility functions were required to mimic the logic by which assessors for the European and Mediterranean Plant Protection Organization arrive at an overall rating of pest risk. The framework enables the development of PRAs that are consistent and easy to understand, criticize, compare, and change. When tested in workshops, PRA practitioners thought that the approach accorded with both the logic and the level of resolution that they used in the risk assessments.     

An Integrated Methodology for Assessment and Selection of the Project Risk Response Actions

In a systematic process of project risk management, after risk assessment is implemented, the risk analysts encounter the phase of assessment and selection of the project risk response actions (RA). As indicated by many researchers, there are less systematic and well-developed solutions in the area of risk response assessment and selection. The present article introduces a methodology including a modeling approach with the objective of selecting a set of RA that minimizes the undesirable deviation from achieving the project scope. The developed objective function comprises the three key success criteria of a project, namely, time, quality, and cost. Our model integrates overall project management into the project risk response planning (P2RP). Furthermore, the proposed model stresses on an equivalent importance for both "risk" and "response." We believe that applying the proposed model helps the project risk analyst in most effective and efficient manner dealing with his or her complicated RA selection problems. The application of the proposed model was implemented in projects in the construction industry in which it showed tremendous time, cost, and quality improvements.     

Risk Communication in the Real World

Rigorous health risk assessments of site-specific projects are generally little understood by nontechnical decision makers and the public and often appear to them to obfuscate a straightforward answer to their fundamental question: “Is the project safe?” The focus on risk, usually out of context of benefits, deprives the reader of the opportunity to make a fully informed decision on the proposal. While the risk assessment tools may need to be refashioned, confidence in the analytical process can be improved, partly through more citizen involvement, as well as through more effective communication of the conservatism of the assumptions, the thoroughness of the process, and the significance of the results in comparison to other commonly accepted involuntary exposures and risks.     

On the Benefits of Risk Pooling in Inventory Management

We analyze the benefits of inventory pooling in a multi‐location newsvendor framework. Using a number of common demand distributions, as well as the distribution‐free approximation, we compare the centralized (pooled) system with the decentralized (non‐pooled) system. We investigate the sensitivity of the absolute and relative reduction in costs to the variability of demand and to the number of locations (facilities) being pooled. We show that for the distributions considered, the absolute benefit of risk pooling increases with variability, and the relative benefit stays fairly constant, as long as the coefficient of variation of demand stays in the low range. However, under high‐variability conditions, both measures decrease to zero as the demand variability is increased. We show, through analytical results and computational experiments, that these effects are due to the different operating regimes exhibited by the system under different levels of variability: as the variability is increased, the system switches from the normal operation to the effective and then complete shutdown regimes; the decrease in the benefits of risk pooling is associated with the two latter stages. The centralization allows the system to remain in the normal operation regime under higher levels of variability compared to the decentralized system.     

On the Use of Hierarchical Probabilistic Models for Characterizing and Managing Uncertainty in Risk/Safety Assessment

A general probabilistically-based approach is proposed for both cancer and noncancer risk/safety assessments. The familiar framework of the original ADI/RfD formulation is used, substituting in the numerator a benchmark dose derived from a hierarchical pharmacokinetic/pharmacodynamic model and in the denominator a unitary uncertainty factor derived from a hierarchical animal/average human/sensitive human model. The empirical probability distributions of the numerator and denominator can be combined to produce an empirical human-equivalent distribution for an animal-derived benchmark dose in external-exposure units.     

On Some Recent Definitions and Analysis Frameworks for Risk,Vulnerability, and Resilience

Recently, considerable attention has been paid to a systems‐based approach to risk, vulnerability, and resilience analysis. It is argued that risk, vulnerability, and resilience are inherently and fundamentally functions of the states of the system and its environment. Vulnerability is defined as the manifestation of the inherent states of the system that can be subjected to a natural hazard or be exploited to adversely affect that system, whereas resilience is defined as the ability of the system to withstand a major disruption within acceptable degradation parameters and to recover within an acceptable time, and composite costs, and risks. Risk, on the other hand, is probability based, defined by the probability and severity of adverse effects (i.e., the consequences). In this article, we look more closely into this approach. It is observed that the key concepts are inconsistent in the sense that the uncertainty (probability) dimension is included for the risk definition but not for vulnerability and resilience. In the article, we question the rationale for this inconsistency. The suggested approach is compared with an alternative framework that provides a logically defined structure for risk, vulnerability, and resilience, where all three concepts are incorporating the uncertainty (probability) dimension.     

Use of Advances in Technology for Maritime Risk Assessment

The maritime industry is moving toward a "goal-setting" risk-based regime. This opens the way to safety engineers to explore and exploit flexible and advanced risk modeling and decision-making approaches in the design and operation processes. In this article, following a brief review of the current status of maritime risk assessment, a design/operation selection framework and a design/operation optimization framework are outlined. A general discussion of control engineering techniques and their application to risk modeling and decision making is given. Four novel risk modeling and decision-making approaches are then outlined with illustrative examples to demonstrate their use. Such approaches may be used as alternatives to facilitate risk modeling and decision making in situations where conventional techniques cannot be appropriately applied. Finally, recommendations on further exploitation of advances in general engineering and technology are suggested with respect to risk modeling and decision making.     

On the Complex Definition of Risk: A Systems-Based Approach

The premise of this article is that risk to a system, as well as its vulnerability and resilience, can be understood, defined, and quantified most effectively through a systems-based philosophical and methodological approach, and by recognizing the central role of the system states in this process. A universally agreed-upon definition of risk has been difficult to develop; one reason is that the concept is multidimensional and nuanced. It requires an understanding that risk to a system is inherently and fundamentally a function of the initiating event, the states of the system and of its environment, and the time frame. In defining risk, this article posits that: (a) the performance capabilities of a system are a function of its state vector; (b) a system's vulnerability and resilience vectors are each a function of the input (e.g., initiating event), its time of occurrence, and the states of the system; (c) the consequences are a function of the specificity and time of the event, the vector of the states, the vulnerability, and the resilience of the system; (d) the states of a system are time-dependent and commonly fraught with variability uncertainties and knowledge uncertainties; and (e) risk is a measure of the probability and severity of consequences. The above implies that modeling must evaluate consequences for each risk scenario as functions of the threat (initiating event), the vulnerability and resilience of the system, and the time of the event. This fundamentally complex modeling and analysis process cannot be performed correctly and effectively without relying on the states of the system being studied.