Risk, Safety and Liability
description
Transcript of Risk, Safety and Liability
Risk, Safety and
Liability
PHIL/ENGR 482
Ethics in Engineering: Chapter 7
An engineering responsibility
Codes of ethics require the engineer to prevent exposure of the public to unacceptable risks.
NSPE Code “hold paramount the safety, health and welfare of the
public” design to “accepted engineering standards” not “complete, sign, or seal plans and/or
specifications that are not of a design safe to the public health and welfare in conformity with accepted engineering standards”
in “circumstances where the safety, health, property or welfare of the public are endangered” engineers must “notify their employer or client and such other authority as may be appropriate”
Understanding and managing risks
What is risk?How do we design to reduce risks?What are acceptable risks?
Risk
One definition of “risk” is:“Exposure to the chance of injury or loss;
a hazardous or dangerous chance” *
This definition involves boththe probability of an event occurring the consequences of the event
* Webster’s Dictionary
An engineering definition of risk
Example: When playing Russian Roulette, a single bullet is loaded into a six-chambered revolver. The chamber is spun and the trigger is pulled. There is a random 1/6th chance that the revolver will fire.
Risk = (1/6) x (Death)
R isk (p ro b ab ility o f ev en t) (co n seq u en ces)
Risk is inherent in engineering
Engineering involves innovation which necessarily has risk.
Examples: Tacoma Narrows Bridge--collapse Three Mile Island Power Plant--radiation
release Concorde airliner--crash
Probabilities in Independent Events
Example: A coin is flipped three times. What is the probability heads will show three times in a row?
Use an “event tree”
Heads
Tails
0.5
0.5 Tails0.5
0.5
Heads0.5
Tails0.5
Heads0.5
TrialsProbability = 0.5 x 0.5 x 0.5
= 0.53=0.125
Risk Assessment Example
A nuclear reactor will “meltdown” if the control rods fail and the cooling pump fails. What is the probability of this occurring?
Risk Assessment
Problems with Event-Tree Analysis:
assigned probabilities are sometimes conjectural
cannot anticipate all failure modes:pipe rupture, pipe corrosion, terrorist attack, human error, etc.
Management of risk in design Develop inherently low-risk designs Incorporate redundancy in design Design with appropriate Safety Factor
Allowable Stress Design (ASD) Load Factor Design (LFD) Probabilistic design methods (LRFD)
loadDesign
loadFailureFactorSafety
Safety Factors accommodate uncertainties in...
Applied loads Material strength Simplified methods of analysis Construction quality Maintenance etc...
Safety Factors also...
Reflect different consequences Safety factors are higher for critical
infrastructure (fire stations, hospitals) than for other facilities (warehouses)
Safety Factors in design An engineer working for Otis Elevators
determines that a fully loaded passenger elevator will weigh 6450 lb. The elevator is supported by a double-sheaved cable so that the cable tension is 1/4 of the elevator weight. The elevator is expected to experience dynamic load factors of approximately 1.35. The design code requires a safety factor of 7.6. What cable diameter should the engineer specify?
Safety Factors in design (cont’d)
ton
lbtensionFactored
FactorSafetyDesign
lbW
T
tension...designCompute
07.7
150,14
5.6
21764
35.1*
Breaking strength for 6x19 wire rope...
(tons)StrengthBreaking
(lb/ft)Wt.
Approx.
(in.)Diam.Rope
6.710.2363/811.80.421/218.30.665/826.20.953/435.41.297/846.01.681
Safety Factors in design (cont’d)
Choosing 1/2-in. cable...
F Sto n lb to n
lb
F S o k
( . )( / )
. . .
11 8 2 0 0 0
2 1 7 6
1 0 8 6 5
Allowable Stress Design example
Julio is designing a portable cylindrical compressed air tank for use by motorists with flat tires, based on the calculated hoop stress...
H
p r
t
Allowable Stress Design example--(cont’d)
He calculates that the design pressure (125 psi) will cause the allowable stress (20,000 psi) in the 12 in. diameter steel tank if the wall thickness is 0.0375 in.
He then increases the calculated wall thickness by 0.060 in. to allow for corrosion, and chooses the next larger available thickness 0.105 in (12 ga).
F S
p si in in
p si
( , )( . . ) / ( . )
( ).
2 0 0 0 0 0 1 0 5 6
1 2 52 8 0
Allowable Stress Design example--(cont’d)
The Factor of Safety of a new tank against exceeding allowable stress is then…
F S
p si in in
p si
( , )( . . ) / ( . )
( ).
3 6 0 0 0 0 0 4 5 6
1 2 52 1 6
The factor of Safety of a corroded (0.045 in. wall thickness) tank against yielding (36,000 psi) is...
Design difficulties... All failure modes must be anticipated and
evaluated... buckling fatigue corrosion fire
Different failure modes have different risk (uncertainty x consequence), so different FS may be appropriate for each mode
Load Factor Design example
A steel link is being designed to carry a 1,000,000 lb load. What is the required cross-sectional area?
Load Factor Design example, (cont’d)
Safety factor against ultimate stress:3.0 load factor (not typical value)0.233 stress reduction factor (not typical)FS= (3.0)/(0.233) =12.8
“Ultimate Strength”
“Allowable Stress”
Probabilistic design philosophyex.--AASHTO Bridge Design Specs.
Load factors and resistance factors are not fixed, but chosen in each design based on the specifics of the instance.
Factors are determined in such a way that the “probability of failure” of each limit state (failure mode) is maintained at some uniform value.
Cost-benefit risk assessment example The government is proposing legislation to limit
formaldehyde emissions to 3 ppm. Industry estimates that to install and operate the necessary scrubbers will cost $300 million annually. Toxicologists estimate that this new standard will save 30 lives annually. Using cost/benefit analysis, should the new standard be implemented?
Cost = $300 million/yr Benefit = (30 lives/yr)($?????/ life) What is the dollar value of human life?
What is the value of human life ? Some methods to place a value on
human lifepurchasing decisions involving safety
(e.g. car purchase)future earnings extra pay needed for risky jobs
(e.g. house painter vs. smokestack
painter)
Problems with using studies of purchasing decisions to determine the value of life...
wealthy people are willing to pay more people will pay 7 times more to reduce risk of cancer
than to reduce risk of death in an automobile decisions are based on perceptions (values) women value their lives more than men, i.e., men are
more willing to engage in risky behavior A 1984 study by Shualmit Kahn indicates that people
typically valued their lives at $8 million
(Note: this figure is higher than is typically used in public policy analysis.)
Quantifying Risk: Example
Suppose a toxicologist is asked to determine if Compound X is a carcinogen at a loading of 5 mg/kg of human body weight. To answer this definitively, the ideal experiment would have to be performed as follows: Have a control group of 100,000 humans consisting of
1000 100-subject groups. They receive a placebo. Have a test group of 100,000 humans consisting of 1000
100-subject groups. They receive a pill containing the suspected carcinogen.
Quantifying Risk (cont’d.)
Wait 20 years. Plot the data as histograms and
analyze. For ethical reasons, a surrogate (e.g.
rat) would be used instead of humans
More realistic test data might be...
Because of cost constraints, a much smaller group of rats would be tested.
Suppose the test results are as follows: Control: Number of rats = 100
Number of cancer deaths = 12 Test: Number of rats = 100
Number of cancer deaths = 14 Question: How would the toxicologist know if
Compound X causes cancer in rats?
One solution... If we assume the binomial result (cancer--yes/no) is a random
normal variable, we can estimate the mean (1=np=12) and the standard deviation (1=(npq)1/2=3.24) of the control group.
Likewise we can assume the exposed group is normal with a mean (2=14) and a standard deviation (2=(npq)1/2=3.46).
Then the standard deviation associated with the difference of the two means is
d n n
1
2
1
22
2
1 2
0 4 7 5
/
.
One solution...
Applying the t-test, with a 95% confidence level, we can say that the increase in cancers is not random.
Specifically, we can say with a confidence of 95% that the exposure will cause an increase in cancer rates of 1.8% to 2.1% (about 20,000 new cases for each million persons exposed).
Implications...
These are the possible outcomes to the question: “Does Compound X cause cancer in rats?”
RealityNoYes
False PosTrue PosYesTestTrue NegFalse NegNoOutcome
Public Policy Expert’s Approach to Risk First priority is to protect the public. Consequences:
False Positive A chemical is banned as being carcinogenic, when in reality it is not. The producer loses potential profits from the sale of this chemical.
False Negative A dangerous chemical is approved as safe and sold to the general public. The death rate from cancer increases.
Public policy expert approach (cont’d).
The public policy expert is not interested in “scientific truth” per se. He prefers to err on the “safe side”, i.e., protect the public from false negatives.
She presumes that the chemical is dangerous, and places the burden on the manufacturer to prove the chemical is safe.
In a democracy, the government policy makers respond to the public’s wishes. As a result, we tend to allocate differing amounts of money to save lives by different measures...
Allocation of Money
Layman’s approach to risk Respect for Persons Approach Key Issues:
is the risk distributed equitably? are those assuming the risk compensated? is the risk voluntary? does the person assuming the risk understand
it? does the person assuming the risk have
control?
Layman’s approach to risk...
Laymen often overestimate low probability risks Willing to accept higher voluntary risks than
involuntary risks (by factor of 103) Laymen don’t compare a risk to already accepted
risks Laymen overestimate risks of human origin
compared to risks of natural origin Laymen’s approach more closely follows Respect-
for- Persons approach than the Utilitarian approaches used by many experts
An Acceptable Risk is one that is...
freely assumed with informed consent equitably distributed properly compensated
Informed Consent RP says we should treat people as “moral
agents” (autonomous, self-governing individuals)…thus we should seek “informed consent” before assigning risk
Criteria for informed consent consent must not be coerced* person must be accurately informed* person must be competent* to assess information
*there are possible conceptual and applications issues to be resolved
Problems with informed consent
difficulty getting informed consent consent must be obtained before the risk is assumed consent requires negotiation holdouts or unreasonable preferences
parties must be well informed and reasonable people are often hysterical regarding dramatic or
catastrophic risk people underestimate the consequences of risks that
have never happened before
When it isn’t possible to get informed consent...
Only expose people to risks they would consent to, if they were informed of all known risks.
Or, ...
As an alternative to gaining consent from everyone affected by the risk, the group leaders can decide to accept the risk for the group.
Some people may give informed consent to things that are not in their interests, because of... misunderstanding information immaturity irrationality
Such consent isn’t autonomous.
Problems with Informed Consent (cont’d.)
Problems with Informed Consent (cont’d.)
If consent is not autonomous, then you should find a way to make consent autonomous.
Risk concepts--Example
The electric power company proposes to build a nuclear power plant near your neighborhood. Given the newly deregulated electricity market, the power probably will be sold out of state because prices are higher there.
Risk concepts--Example (cont’d.) Is the risk voluntary? Does the person taking the risk
understand it? Does the person taking the risk have
control? Is the risk distributed equitably? Do those taking the risk get the rewards?
Informed Consent by Group Leaders--Example
The XYZ Chemical Company wants to build a new plant in Smallville. The chemical plant has a pollution effluent that may give one citizen cancer every five years. However, the plant will create 100 new jobs and a substantial tax base for Smallville, which will improve the local schools and hospital. The XYZ Chemical Company asks the town council for approval to build the plant in the industrial park.
Informed Consent by Group Leaders (cont’d.) Advantages:
simplifies decision-making process
Problems: How do we compensate those individuals who
suffer the consequences of the risk? Approval of group leaders does not reflect the
wishes of all individuals
Works okay for small risks, but large risks may need individual consent
Paternalism
Paternalism: the exercise of power by one person or institution over another in order to help or prevent harm to the latter, regardless of the latter's expressed wishes.
Commonly-accepted criterion for acceptable paternalism:A fully rational person informed of the
relevant facts would consent to intervention in this case
Paternalism often causes resentment.Paternalism is permissible, if protected
person is not autonomousbut people will disagree over who is
autonomous.
Paternalism (cont’d)
The Engineer’s Liability for Risk
Often, in protecting the public from unacceptable risk, engineers may incur legal liabilities.
Different standards for tort law and science...
Tort (injury) law uses different standards for risk and liability than we have been discussing so far.
An engineer might not feel confident that action A had caused result B without strong statistical evidence (ie., 95% confidence)
Tort law requires proof by a “preponderance” of evidence (ie., 51%)
An engineer’s ethical dilemma...
All engineering involves some risk We must protect the public from
unacceptable risks Protecting the public from all risks is
not in the public’s interests We may be liable for injuries caused
when we misjudge the risks
For guidance...
“People should be protected from the harmful effects of technology, especially when the harms are not consented to or when they are unjustly distributed, except that this protection must sometimes be balanced against (1) our need to preserve great and irreplaceable benefits and (2) the limitations on our ability to obtain informed consent.” Harris, et al.
Summary
Be aware that experts tend to use a utilitarian approach and the lay public tends to use a respect-for-persons (RP) approach
Utilitarian and RP approaches each have their limitations
It is difficult to quantify risk Peoples’ values differ regarding risk Promote informed consent within your limits
as an engineer
Summary (cont’d.)
Some technologies provide valuable and irreplaceable benefits, yet are inherently risky (e.g. automobiles)
Engineers should be paternalistic and protect the public from harmful impacts of technology if: Consequences are severe Consequences are unjustly distributed Informed consent is not possible
Recommendations...
Work conscientiously, diligently, and ethically.
Document your actions and decisions in a Daily Log.
Liability insurance is commonly purchased by design engineers. Costs can be high, depending on the work you do.