Contents
About the Authors
Preface
Acknowledgements
Defi nitions of Risk and Risk Management
Introduction: The Art of Prediction and the Creation of Order
Risk and Risk Management
Defi ning Risk
Managing Risk: Our Purpose, Plan and Goals
Recent Tragic Outcomes
Power Blackouts, Space Shuttle Losses, Concorde Crashes, Chernobyl, Three Mile Island and More . . .
How Events and Disasters Evolve in a Phased Development: The Human Element
Our Values at Risk: The Probable Improvement
Probably or Improbably Not
How this Book is Organised
References
Technical Summary
Defi ning the Past Probability
Predicting Future Risk: Sampling from the Jar of Life
A Possible Future: Defi ning the Posterior Probability
The Engineers Have an Answer: Reliability
Drawing from the Jar of Life: The Hazard Function and Species Extinction
Experiencing Failure: Engineering and Human Risk and Reliability
Experience Space
Managing Safely: Creating Order out of Disorder Using Safety Management Systems
Describing the Indescribable: Top-Down and Bottom-Up
What an Observer will Observe and the Depth of our Experience
References
1 The Universal Learning Curve
Predicting Tragedies, Accidents and Failures: Using the Learning Hypothesis
The Learning Hypothesis: The Market Place of Life
Learning in HTSs: The Way a Human Learns
Evidence of Risk Reduction by Learning
Evidence of Learning from Experience: Case Studies
Evidence of Learning in Economics
Evidence of Learning in Engineering and Architecture: The Costs of Mistakes
Learning in Technology: the Economics of Reducing Costs
Evidence of Learning Skill and Risk Reduction in the Medical Profession: Practice Makes Almost Perfect
Learning in HTSs: The Recent Data Still Agrees
The Equations That Describe the Learning Curve
Zero Defects and Reality
Predicting Failures: The Human Bathtub
Experience Space: The Statistics of Managing Safety and of Observing Accidents
Predicting the Future Based on Past Experience: The Prior Ignorance
Future Events: the Way Forward Using Learning Probabilities
The Wisdom of Experience and Inevitability
The Last, First or Rare Event
Conclusions and Observations: Predicting Accidents
References
2 The Four Echoes
Power Blackouts, Space Shuttle Losses, Concorde Crashes, and the Chernobyl and Three Mile Island Accidents
The Combination of Events
The Problem Is the Human Element
The Four Echoes Share the Same Four Phases
The First Echo: Blackout of the Power Grid
Management's Role
The First Echo: Findings
Error State Elimination
The Second Echo: Columbia/Challenger
The Results of the Inquiry: Prior Knowledge
The Second Echo: The Four Phases
Management's Responsibility
Error State Elimination
The Third Echo: Concorde Tires and SUVs
Tire Failures: the Prior Knowledge
The Third Echo: The Four Phases
Management's Responsibility
Error State Elimination
The Fourth Echo: Chernobyl
The Chernobyl Accident: An Echo of Three Mile Island
The Consequences
Echoes of Three Mile Island
The Causes
Error State Elimination
The Fourth Echo: The Four Phases
Regulatory Environment and Practices
Case study: Regulation in Commercial Aviation
a) Regulations Development
b) Compliance Standards
c) Accident Investigation
Addressing Human Error
Management Responsibilities
Designing to Reduce Risk and the Role of Standards
Conclusion and Echoes: Predicting the Unpredictable
References
3 Predicting Rocket Risks and Refi nery Explosions: Near Misses, Shuttles, Safety and Anti-Missile Defence Systems Effectiveness
Learning from Near Misses and Prior Knowledge
Problems in Quantifying Risk: Predicting the Risk for the Next Shuttle Mission
Estimating a Possible Range of Likelihoods
Learning from Experience: Maturity Models for Future Space Mission Risk
Technology versus Technology
Missiles Risks over London: The German Doodlebug
Launching Missile Risk
The Number of Tests Required
Estimating the Risk of a Successful Attack and How Many Missiles We Must Fire
Uncertainty in the Risk of Failing to Intercept
What Risk Is There of a Missile Getting Through: Missing the Missile
Predicting the Risk of Industrial Accidents: The Texas City Refinery Explosion
From Lagging to Leading: Safety Analysis and Safety Culture
Missing Near Misses
What these Risk Estimates Tell Us: The Common Sense Echo
References
4 The Probability of Human Error: Learning in Technological Systems
What We Must Predict
The Probability Linked to the Rate of Errors
The Defi nition of Risk Exposure and the Level of Attainable Perfection
Comparison to Conventional Social Science and Engineering Failure and Outcome Rate Formulations
The Learning Probabilities and the PDFs
The Initial Failure Rate and its Variation with Experience
The 'Best' MERE Risk Values
Maximum and Minimum Likely Outcome Rates
Standard Engineering Reliability Models Compared to the MERE Result
Future Event Estimates: The Past Predicts the Future
Statistical Bayesian-Type Estimates: The Impact of Learning
Maximum and Minimum Likelihood
Comparison to Data: The Probability of Failure and Human Error
Comparison of the MERE Result to Human Reliability Analysis
Implications for Generalised Risk Prediction
Conclusions: The Probable Human Risk
References
5 Eliminating Mistakes: The Concept of Error States
A General Accident Theory: Error States and Safety Management
The Physics of Errors
The Learning Hypothesis and the General Accident Theory
Observing Outcomes
A Homage to Boltzmann: Information from the Grave
The Concept of Depth of Experience and the Theory of Error States
The Fundamental Postulates of Error State Theory
The Information in Error States: Establishing the Risk Distribution
The Exponential Distribution of Outcomes, Risk and Error States
The Total Number of Outcomes
The Observed Rate and the Minimum Number of Outcomes
Accumulated Experience Measures and Learning Rates
The Average Rate
Analogy and Predictions: Statistical Error Theory and Learning Model Equivalence
The Infl uence of Safety Management and Regulations: Imposing Order on Disorder
The Risk of Losing a Ship
Distribution Functions
The Most Probable and Minimum Error Rate
Learning Rates and Experience Intervals: The Universal Learning Curve
Reducing the Risk of a Fatal Aircraft Accident: the Infl uence of Skill and Experience
Conclusions: A New Approach
References
6 Risk Assessment: Dynamic Events and Financial Risks
Future Loss Rate Prediction: Ships and Tsunamis
Predicted Insurance Rates for Shipping Losses: Historical Losses
The Premium Equations
Financial Risk: Dynamic Loss and Premium Investments
Numerical Example
Overall Estimates of Shipping Loss Fraction and Insurance Inspections
The Loss Ratio: Deriving the Industrial Damage Curves
Making Investment Decisions: Information Drawing from the Jar of Life
Information Entropy and Minimum Risk
Progress and Learning in Manufacturing
Innovation in Technology for the Least Product Price and Cost: Reductions During Technological Learning
Cost Reduction in Manufacturing and Production: Empirical Elasticity 'Power Laws' and Learning Rates
A New General Formulation for Unit Cost Reduction in Competitive Markets: the Minimum Cost According to a Black-Scholes Formulation
Universal Learning Curve: Comparison to the Usual Economic Power Laws
The Learning Rate b-Value 'Elasticity' Exponent Evaluated
Equivalent Average Total Cost b-Value Elasticity
Profi t Optimisation to Exceed Development Cost
The Data Validate the Learning Theory
a) Aircraft Manufacturing Costs Estimate Case
b) Photovoltaic Case
c) Air Conditioners Case
d) Ethanol Prices Case
e) Windpower Case
f) Gas Turbine Power Case
g) The Progress Curve for Manufacturing
Non-Dimensional UPC and Market Share
Conclusions: Learning to Improve and Turning Risks into Profits
References
7 Safety and Risk Management Systems: the Fifth Echoes
Safety Management Systems: Creating Order Out of Disorder
Workplace Safety: The Four Rights, Four Wrongs and Four Musts
Acceptable Risk: Designing for Failure and Managing for Success
Managing and Risk Matrices
Organisational Factors and Learning
A Practical 'Safety Culture' Example: The Fifth Echo
Safety Culture and Safety Surveys: The Learning Paradox
Never Happening Again: Perfect Learning
Half a World Apart: Copying the Same Factors
Using a Bucket: Errors in Mixing at the JCO Plant
Using a Bucket: Errors in Mixing at the Kean Canyon Explosives Plant
The Prediction and Management of Major Hazards: Learning from SMS Failures
Learning Environments and Safety Cultures: The Desiderata of Desires
Safety Performance Measures: Indicators and Balanced Scorecards
Safety and Performance Indicators: Measuring the Good
Human Error Rates Passing Red Lights, Runway Incursions and Near Misses
Risk Informed Regulation and Degrees of Goodness: How Green is Green?
Modelling and Predicting Event Rates and Learning Curves Using Accumulated Experience
Using the Past to Predict the Future: How Good is Good?
Reportable Events
Scrams and Unplanned Shutdowns
Common Cause Events and Latent Errors
Performance Improvement: Case-by-Case
Lack of Risk Reduction: Medical Adverse Events and Deaths
New Data: Sentinel Events, Deaths and Blood Work
Medication Errors in Health Care
Organisational Learning and Safety Culture: the 'H-Factor'
Risk Indicator Data Analysis: A Case Study
Meeting the Need to Measure Safety Culture: the Hard and the Soft Elements
Creating Order from Disorder
References
8 Risk Perception: Searching for the Truth Among all the Numbers
Perceptions and Predicting the Future: Risk Acceptance and Risk Avoidance
Fear of the Unknown: The Success Journey into What We Do or Do Not Accept
A Possible Explanation of Risk Perception: Comparisons of Road and Rail Transport
How Do We Judge the Risk?
Linking Complexity, Order, Information Entropy and Human Actions
Response Times, Learning Data and the Universal Laws of Practice
The Number and Distribution of Outcomes: Comparison to Data
Risk Perception: Railways
Risk Perception: Coal Mining
Risk Perception: Nuclear Power in Japan
Risk Perception: Rare Events and Risk Rankings
Predicting the Future Number of Outcomes
A Worked Example: Searching out and Analysing Data for Oil Spills
Typical Worksheet
Plotting the Data
Fitting a Learning Curve
Challenging Zero Defects
Comparison of Oil Spills to other Industries
Predicting the Future: the Probability and Number of Spills
Observations on this Oil Spill Case
Knowing What We Do Not Know: Fear and Managing the Risk of the Unknown
White and Black Paradoxes: Known Knowns and Unknown Unknowns
The Probability of the Unknowns: Learning from What We Know
The Existence of the Unknown: Failures in High Reliability Systems
The Power of Experience: Facing Down the Fear of the Unknown
Terrorism, Disasters and Pandemics: Real, Acceptable and Imaginary Risks
Estimating Personal Risk of Death: Pandemics and Infectious Diseases
Sabotage: Vulnerabilities, Critical Systems and the Reliability of Security Systems
What Is the Risk?
The Four Quadrants: Implications of Risk for Safety Management Systems
References
9 I Must Be Learning
Where We Have Come From
What We Have Learned
What We Have Shown
Legal, Professional and Corporate Implications for the Individual
Just Give Me the Facts
Where We Are Going
Reference
Nomenclature
Appendices:
Appendix A: The 'Human Bathtub': Predicting the Future Risk
The Differential Formulation for the Number of Outcomes
The Future Probability
Insuffi cient Learning
Appendix B: The Most Risk, or Maximum Likelihood, for the Outcome (Failure or Error) Rate while Learning
The Most or Least Likely Outcome Rate
The Maximum and Minimum Risk: The Two Solutions
Low Rates and Rare Events
The Limits of Maximum and Minimum Risk: The Two Solutions
Common Sense: The Most Risk at the Least Experience and the Least Risk as the First Outcome Decreases with Experience
Typical Trends in Our Most Likely Risk
The Distribution with Depth of Experience
References
Appendix C: Transcripts of the Four Echoes
Power Blackout, Columbia Space Shuttle loss, Concorde Crash and Chernobyl Accident
The Combination of Events
The Four Echoes Share the Same Four Phases
Appendix. Blackout Chronology and the Dialog from Midday 14 August 2003
The Second Echo: Columbia/Challenger
Appendix: Shuttle Dialog and Transcripts
The Third Echo: Concorde Tires and SUVs
Appendix: Dialog for the Concorde Crash
The Fourth Echo: TMI/Chernobyl
Appendix: Chronology and Transcripts of the Chernobyl Reactor Unit 4 Accident
Conclusion and Echoes: Predicting the Unpredictable
Appendix D: The Four Phases: Fuel Leak Leading to Gliding a Jet in to Land without any Engine Power
The Bare Facts and the Sequence
The Four Phases
Flight Crew Actions
Initial Recognition of the Fuel Loss
Crew Reaction to the Fuel Imbalance Advisory (05:33-05:45)
Crew Reaction to the Continued Fuel Loss (05:45-06:10)
Crew Reaction to the (Two) Engine Failures
References
Appendix E: The Four Phases of a Midair Collision
The Bare Facts
The Four Phases
References
Appendix F: Risk From the Number of Outcomes We Observe: How Many Are There?
The Number of Outcomes: The Hypergeometric Distribution
Few Outcomes and many Non-Outcomes: The Binomial and Poisson Distributions
The Number of Outcomes: In the Limit
The Perfect Learning Limit: Learning from Non-Outcomes
The Relative Change in Risk When Operating Multiple Sites
References
Appendix G: Mixing in a Tank: The D.D. Williamson Vessel Explosion
Errors in Mixing in a Tank at the Caramel Factory: The Facts
The Prior Knowledge
Another Echo
References
Appendix H: Never Happening Again
The Risk of an Echo, or of a Repeat Event
The Matching Probability for an Echo
The Impact of Learning and Experience on Managing the Risk of Repeat Events
The Theory of Evidence: Belief and Risk Equivalence
References
Appendix I: A Heuristic Organisational Risk Stability Criterion
Order and Disorder in Physical and Management Systems
Stability Criterion
References
Appendix J: New Laws of Practice for Learning and Error Correction
Individual Learning and Practice
Comparison to Error Reduction Data
Comparison to Response Time Data and the Consistent Law of Practice
Reconciling the Laws
Conclusions
References
Appendix K: Predicting Rocket Launch Reliability - Case Study
Summary
Theory of Rocket Reliability
a) Unknown Total Number of Launches and Failures
b) Known Total Number of Launches and Failures
Results
Measures of Experience
Comparsion to World Data
Predicting the Probability of Failure
Statistical Estimates of the Failure Probability for the Very 'next' launch
Independent Validation of the MERE Launch Failure Curve
Observations
References
Illustrations
Pipeline Spill and Fire
Train Crash Due to SPAD
Space Shuttle Columbia
Chemical Explosion
Bayes, Laplace and Bernouli
Kean Canyon Explosion
Boltzmann's Grave
Quebec Overpass
Index