Technological Risk Assessment and Management: GIS, simulation models and real-time expert systems Dr. Kurt Fedra Environmental Software & Services Gumpoldskirchen, AUSTRIA kurt@ess.co.at www.ess.co.at ABSTRACT Technological and environmental risk analysis is a major application domain for geospatial analysis. At the same time, risk assessment and risk management include the analysis of complex distributed, dynamic and probabilistic processes and emergency management and decision support problems in real-time that go beyond the capabilities of basic GIS technology. Effective risk assessment and management calls for the integration of several ICT tools around basic GIS functionality (RiskWare: http://www.ess.co.at/RISK). The central component is a shared georeferenced object data base of sources of risk such as petro-chemical installations or transportation corridors for hazardous materials, the physiography of the environment, sensitive target areas and population distribution, as well as emergency response resources (fire fighters, hospitals, specific equipment such as oil booms). These basic georeferenced data bases together with real-time or scenario information e.g., on meteorological and oceanographic conditions provides the inputs to a range of spatially distribute fate and transport models that describe various accident types (release of hazardous substances, fire, explosion, atmospheric and aquatic dispersion) both for specific events as well as probabilistically, for risk assessment. Model output is generated as GIS layers and displayed as topical maps, animated to capture the dynamics of an emergency developing over time. For emergency response or emergency training scenarios, a rule-based forward chaining expert system manages the integration of the tools in real-time, data acquisition from external information resources (from satellite imagery to meteorological stations or forecasts), and the communication of the emergency response teams, using its knowledge base to derive decision support from the model based forecasts of the evolution of an emergency. A web-based interface supports distributed and mobile users in the field with a simple and easy to use dialog and (geo)graphical displays. Sharing the same data bases and analytical tools for risk assessment, emergency management, and emergency training not only ensures consistency, but also the efficient re-use of expensive information resources. Technological and Environmental Risk Management An important application domain for spatial analysis is technological and environmental risk assessment and management (Fedra 1998). This application domain requires the integration of complex and stochastic simulation models and real-time DSS tools with spatial data. Integrated risk assessment has at least two major roots. A technological source oriented one, typified by fault trees and event models, originating with the process engineering and nuclear communities; and a receptor oriented one, typified by fate and transport models and environmental impact assessment, originating with the environmental and health disciplines. Somewhere in between are the natural hazards of storms, floods, avalanches, forest fires and earthquakes that are addressing both the probabilities and frequencies of occurrence and the impacts on man and the environment. All these example demonstrate that technological and environmental risk has an obvious spatial dimension. Floods, mudslides and avalanches as much as toxic spills, or explosions, transportation of dangerous goods or hazardous waste management all are spatially distributed problems, and the models to describe them are spatially distributed. Spatial dimensions in risk assessment cover closely related aspects: the source of risk is located or distributed in space, like a chemical process plant or a transportation system; the original phenomenon of an accident or incident is spatially distributed (like the blast from an explosion or a toxic plume), and the impacts are spatially distributed due to the interaction of the original phenomenon and the receiving system, population, infrastructure, and natural environment, affected by it. Sources of Risk: inventories, probabilities, impacts Major technical installations are potential sources of risk. The possibility of human error, technical malfunctions, and increasing concern with terrorist attacks, all can lead to accidental release of hazardous substances to the environmental with dramatic consequences: fires, explosions, and chemical contamination of air, water, and soils can lead to large scale destruction, fatalities, and long-term damage. The primary consideration here are the inventories and transportation corridors of potentially hazardous substances, their location, magnitude, storage conditions, and safeguarding. A first step in risk assessment is thus to map these sources and compile their numerous attributes, and more difficult, keep these inventories up to date. Together with the technical data on hazardous substances inventories, administrative and operational information is stored in a hierarchical object oriented data structure of containers, operating units, and plants or installations (Figure 1,2). A second element for risk assessment is the probability of a release. For technical equipment, data like mean time between failures can be used to estimate failure probabilities; practical experience shows. However, that it is human error rather than technical malfunctions that is behind nearly all major incidents (see, e.g., Reason, J. 1990). Obviously, this makes accident  Figure 1: Sources of risk, chemical installation data base  Figure 2: a georeferenced plant object. probabilities extremely difficult to predict, as these relate, by definition, to low-frequency but high consequence events. As an alternative approach, QRA and risk regulations (96/82/EC, 2003/105/EC; EC (2003, 1997) uses concepts such as major accident scenarios, foreseeable accidental conditions etc., which are highly subjective. To assess the consequences and impacts of major accidents, we nor only need tools to predict the physical and chemical consequences of accidental releases, fires, explosions, or dispersion, but also assess the vulnerability and thus potential damage to the surrounding environment, infrastructure, and population, which again leads back to GIS and more or less conventional overlay analysis. Examples of accident scenario analysis with results displayed as animated topical map can be found at the project home page for HITERM, an Esprit project funded by the http://www.ess.co.at/HITERM. Within the framework of HPCN Information Management and Decision Support, the HITERM project has expanded the application of high-performance computing and networking (HPCN) to decision support in new domains: the central focus is the interface between technological risk management and the environment. Using distributed parallel computing, the project aimed at reaching better-than real time performance for the simulation of accidental release of hazardous substances into the atmosphere, ground and surface water, using state-of-the-art 3D simulation models (Figure 3).  Figure 3: near-field dynamic 3D model with building obstacles Spatial Risk Analysis Spatial dimensions in risk assessment cover closely related aspects: the source of risk is located or distributed in space, like a chemical process plant or a transportation system; the original phenomenon of an accident or incident is spatially distributed (like the blast from an explosion or a toxic plume), and the impacts are spatially distributed due to the interaction of the original phenomenon and the receiving system affected by it. We can distinguish:
Seveso II (96/82 EC (1997) "…called on the Commission to include in Directive 82/501/EEC provisions concerning controls on land use planning when new installations are authorised and when urban development takes place around existing installations", which has a clear spatial dimension. The directive then makes explicit provisions for landuse planning, referring to the location of new establishments, modifications to existing, and new developments such as transport links, locations frequented by the public and residential areas in the vicinity of existing establishments, where the location or developments are such as to increase the risk or consequences of a major accident. Fate and transport modeling The modeling of technological accidents involves several steps, often represented by cascading models. The primary step is the release term, estimating the amount of substance released to the environment. This depends on the original inventory, storage or transport conditions, and nature of the accident and thus damage to the original container, its pressure and temperature, and the physico-chemical conditions of the substance in questions (Fedra, 1995). Depending on the nature of the substance (flammable, explosive, corrosive, toxic or some combination of the above) a number of possible pathways have to be considered. They include evaporation of pools of spilled liquids, direct gaseous release to the environment, spills to soil and surface water including the marine environment. While explosions including BLEVE (Boiling Liquid Expanding Vapor Explosions) and fires (Figure 4) are described in terms of pressure and temperature or radiative heat, fate and transport models try to predict ambient concentrations of toxics in space and time for both the atmospheric and the aquatic environments. Transport models for the atmospheric and aquatic environment are usually dynamic, represent the transient conditions of accidental release scenario, and spatially explicit, 3D.  Figure 4: a spatially explicit chemical fire model Several model systems to describe accident scenarios do exist (Fedra, 1998). Most of them, however, are designed for quantitative risk analysis rather than emergency management. For the latter case, a high degree of automatic integration with the data as well as easy and intuitively understandable results are of critical importance, This is yet another area where the power of embedded GIS capabilities linked to the simulation models becomes apparent: risk communication. 96/82 EC requires that Member States shall ensure that the safety report is made available to the public, with possible restrictions for reasons of industrial, commercial or personal confidentiality, public security or national defense. It also requires that information on safety measures and on the requisite behavior in the event of an accident is supplied, without their having to request it, to persons liable to be affected by a major accident; It shall also be made permanently available to the public. A web accessible information system would be an effective solution. Clearly, some of this information is spatial in nature and thus best communicated in the form of topical maps, that is, with the help of a GIS. One specific function for GIS and in particular a web based map servers is as a source of information for concerned citizens: web based GIS server and associated data bases can support the easy retrieval (in the form of a topical map) of all risk related information such as installations and substances stored within a certain radius of a persons home. Up-to-date information on plant locations and substances stored in the system is also being made available to those involved in emergency response such as fire fighters. For the different models, spatial domains range from the very near field around a source and including building obstacles to regional coverage using topography and surface roughness for the generation of wind fields and parametrization of turbulent diffusion. In the aquatic environment, cases covered include spill into rivers and surface water, groundwater contamination (usually connected to a representation of the soil system or unsaturated, vadose zone, and the marine environment, usually for oil spills. In addition to the transport and diffusion part, the models also describe chemical reaction or decay of substances, usually based on a first-order or exponential decay as a function of time. A special case are oil spills, where the evaporation and aging of the oil on the water surface affects several parameters of a spill (Brebbia, 2001). Emergency management: real-time DSS A specific case of the modeling of accident scenarios is in the context of real-time decision support for emergency management. Here the data bases and models are embedded in a real-time forward chaining expert system that processes information as it becomes available on the basis of its first order rules, and triggers the corresponding actions (Fedra and Winkelbauer, 2002). In the first phase of an emergency, this includes compiling basic information on the type and location of an accident, sending out alerts to the responsible teams, and establishing the necessary communication channels between first response teams. Among the actions the systems can trigger is the running of simulation models to predict the likely course and evolution of an accident, its severity, expected temporal patterns, and the areas affected. Possible and sensitive consequences can be the closing of roads, evacuation of people, but also shutting down water intakes, positioning oil booms, preparing equipment etc. Other important spatial decision support related to the location of emergency management resources, hospital capacities, etc. where standard GIS methods such as least costs (time and distance) routing would be applicable. In the case of an accident, information is necessarily limited, which leads to considerable uncertainties, for example in the estimation of the source terms. One way to address that is to run the underlying models over a range of conditions compatible with the current information analyzed by the expert system, generating an ensemble of solutions. Interpreting this ensemble as a probability density function, we can then provide information such as a 95% probability maximum concentration front, displayed as a thematic map, or the area where certain standards such as IDLH values are likely to be exceeded. Depending on circumstances, a team leader in the field can then decide what level of risk is appropriate. As additional information and observations become available, the forecasts of the accident development can be refined through data assimilation and narrowing the ranges of uncertainty that need to be explored to generate probabilistic solutions. Implementation as a distributed client-server application no only provides access to several information and computational resources including meteorological stations, sensors in the field, satellite imagery, and compute clusters. An Internet based client server architecture also support mobile web-based clients, from simple PC based web browses implemented in vehicles of emergency response teams to mobile phones or PDAs. Emergency training A straight-forward extension of the real-time DSS application is emergency training. The same tools used for the support of emergency response teams can be used for training, by embedding them into the appropriate didactic framework. This open a wide range of possibilities from group training assisted by a tutor with the computer providing the accident scenario and its evolution, to individual learning any time, anywhere and the options to train at ones own pace in a truly interactive, immersive and experimental environment: http://www.ess.co.at/A-TEAM Providing an appropriate didactic framework primarily means to add explanatory material that provide background, theory, and generic information together with tests to obtain feedback and monitor student comprehension and performance. Data bases and models can be shared with the emergency management branch, making the system cost-efficient, especially when compared with field exercises. However, the on-line computer assisted training is not meant to replace field training, but rather to complement it. REFERENCES
|