Reports and Papers
Risk assessment and management includes both spatially distributed, as well as dynamic problems. While geographic information systems provide powerful tools for spatial analysis, their capabilities for complex, and dynamic analysis are limited. Traditional simulation models, on the other hand, are powerful tools for complex and dynamic situations, but often lack the intuitive visualization and spatial analysis functions that the GIS offers. Obviously, the integration of GIS and simulation models, together with the necessary databases and expert systems, within a common and interactive graphical user interface should make for more powerful and easy to use - and understand - risk information systems.
More than ten years ago, starting in 1986, these ideas were first implemented in a series of projects involving IIASA, Delft Hydraulics, the JRC, VROM, and the RIVM. The still ongoing XENVIS project (developing a risk information system for the Netherlands) provides a unique opportunity to review some basic and emerging concepts of integrated risk assessment. Based on a dedicated GIS as the central tool and user interface, databases of hazardous installations and hazardous chemicals are linked in a hypertext structure. They include tools for spatial risk assessment based on externally generated risk contours, and links to models describing accidental and continuous atmospheric releases, spills into surface water systems, and transportation risk analysis. All the models used are fully georeferenced and integrated with the underlying GIS layer, and include an embedded rule-based expert system to help with model input specification, and the interpretation of model results. Model results take the form of interactive graphics and animated topical maps for an intuitive understanding, and a more efficient interactive analysis.
Integrated risk assessment has at least two major roots. A technological source oriented one, typified by fault trees and event models, originating with the process engineering and nuclear communities; and a receptor oriented one, typified by fate and transport models and environmental impact assessment, originating with the environmental and health disciplines. Somewhere in between are the natural hazards of storms, floods, avalanches, forest fires and earthquakes, that are addressing both the probabilities and frequencies of occurrence and the impacts on man and the environment.
Integrated risk assessment aims at combining more than one approach, more than one source, and both source and receptor. For technological risks, this includes both plant and external safety considerations; aspects of regulatory assessment, planning, training, and emergency management, but also risk communication and the integration of physical and chemical criteria with environmental, human health, and socio-economic considerations. In addition, it specifically aims at integrating the power of dynamic simulations models as a major tool of risk assessment with the capabilities of spatial analysis by geographic information systems.
The European regulatory framework for technological risk is based on Directive EEC 82/501, its amendments (87/216 EEC, 88/610 EEC) and its latest version (96/82 EEC). The directives and their national implementations focus on information about risk, primarily substance oriented, as the central element of risk management. Rather than setting any specific standards on acceptable risk as is the usual practice with environmental pollution, the directive establishes a system for the compilation of risk related information, based on a classification scheme for hazardous installations using threshold values of hazardous substances. The Directive also specifies the information system for the distribution of risk information, including public access. The underlying assumption is that a well-organised and informed risk management leads to both economically efficient and socially acceptable results.
Risk is also an important component in Environmental Impact Assessment (EIA), that looks at projects and installations and their normal operations rather than accidents, and where the source of risk is often in the uncertainty of cause-effect relations rather than in a probabilistic source term. Integrated assessment provides a more unified approach to normal operation and accidental risks .
Risk Assessment and Information Technology
Risk assessment and management is information intensive. Large volumes of technical information have to be gathered, processed, analyzed, and eventually communicated to a broad range of users under quite different conditions, ranging from planning and regulatory activities to emergency management.
Modern information technology provides some of the tools to support these activities. The integration of data bases, GIS and simulation models, expert systems and decision support tools leads to powerful operational systems  and their implementation in distributed client-server architectures that support remote access through Internet protocols including mobile clients based on Java open new and promising directions of development. Within an object-oriented design paradigm (see, for example ), a broad range of information resources that can support risk assessment and management tasks can be organized to meet even the most demanding computational and communication requirements for real-time forecasting and decision support for emergency management.
Multi-media formats and Internet access through PC based browser software provides efficient access to and publication of up-to-date risk information to a wide range of users. Network based groupware can support cooperative information systems linking industry, regulatory agencies, interest groups, and the public.
Rapidly evolving information technologies like distributed client-server systems, hypermedia and virtual reality, HPCN, network computing, light-weight mobile clients, GPS and GSM to name a few, can be integrated into powerful yet easy to use information and decision support systems for better risk management. These developments in information technology can be expected to increasingly shape the research and practice of risk assessment and management.
Risk management involves a multitude of actors and stake holders, including at least the operator of a high-risk installation or process, the regulatory or competent authority, a number of government bodies and agencies involved in risk management, various interest groups, and the general public. For all of them, easy access to risk related information is essential. Clearly, direct access to such information through the Internet or the direct communication between industry and regulatory agencies using the Internet is an obvious trend, issues of control, security, and confidentiality notwithstanding.
Assessment and Evaluation
Risk assessment has more than a straightforward physical and chemical, environmental and public health component. The basic requirements of economic efficiency and social equity require comparative evaluation. Assessment implies evaluation, and any valuation requires a value system and a metric for measurement. A simple approach is to compare levels of risk with predefined standards, which, however, begs the question how to measure it, and where the standards come from in the first place.
Standards, where they have been formulated like in the Netherlands where (loosely paraphrasing the 10-8 to 10-6 fatality risk levels) being killed every 100 Million years by a chemical plant is considered acceptable, suffering the same fate every million years is not ,  are subject to debate, which again is a cultural problem with very different attitudes in more litigation oriented societies such as the United States, or more authoritarian systems like in most European countries. What is, and what is not acceptable is ultimately a political, not a scientific problem. In addition, the perception of risk is as relevant here as is its measurement, so that the social construction of reality (for example ) clearly dominates the positivists ideas of a single, correct answer. Bias (e.g., ) and plural rationalities add to physical uncertainty.
Economic evaluation is faced with similar problems. Clearly, the cost of risk management has to be compared with its opportunity costs, but the monetary evaluation of risks still poses fundamental problems that appear to have no agreed upon scientific solution either (see, for example, , , ).
Within the framework of the Seveso II Directive (96/82 EC) on the control of major-accident hazards involving dangerous substances, a number of specific classification criteria are defined for the reporting of accidents to the Commission; in addition to the substances involved, health and economic criteria, these include explicit spatial criteria such as:
Risk as a Spatial Problem
As the above example demonstrates, technological and environmental risk has an obvious spatial dimension. Floods, mudslides and avalanches as much as toxic spills, or explosions, transportation of dangerous goods or hazardous waste management all are spatially distributed problems.
Geographical information systems are tools to capture, manipulate, process, and display spatial or geo-referenced data. They contain both geometry data (coordinates and topological information) and attribute data, i.e., information describing the properties of geometrical spatial objects such as points, lines, and areas. In GIS, the basic concept is one of location, of spatial distribution and relationships; the basic elements are spatial objects. GIS and its capability to map risks is clearly a powerful tool for risk assessment. The analytical capabilities of GIS however, are usually limited to static analysis of buffers and overlays. To fully utilize the potential of GIS, and in particular its communication capabilities, better, and in particular dynamic, analysis tools are needed. In modeling physical and environmental or toxicological processes, by contrast, the basic concept is one of state, expressed in terms of numbers, mass, or energy, of interaction and dynamics; the basic elements are species, which may be biological or chemical, and environmental media such as air, water or sediment and their evolution over time. The integration of these two approaches and sets of tools into a new generation of more powerful tools for spatial analysis is a promising and obvious approach , , and .
Spatial Risk Analysis
Spatial dimensions in risk assessment cover closely related aspects: the source of risk is located or distributed in space, like a chemical process plant or a transportation system; the original phenomenon of an accident or incident is spatially distributed (like the blast from an explosion or a toxic plume), and the impacts are spatially distributed due to the interaction of the original phenomenon and the receiving system affected by it. We can distinguish:
Following the checklists for facility emergency management, we find
Plant risk evaluation involves:
In Area Risk Evaluation, again a number of spatial elements are obvious. They cover:
Hazards analysis is explicitly defined as a spatial approach, that evaluates the vulnerability of a geographical area, its population and environment to technological risks (e.g., hazardous materials release from process plants or transportation accidents).
Seveso II (96/82 EC) "called on the Commission to include in Directive 82/501/EEC provisions concerning controls on land use planning when new installations are authorised and when urban development takes place around existing installations", which has a clear spatial dimension.
The directive then makes explicit provisions for landuse planning, referring to the siting of new establishments, modifications to existing, and new developments such as transport links, locations frequented by the public and residential areas in the vicinity of existing establishments, where the siting or developments are such as to increase the risk or consequences of a major accident.
GIS for Risk Communication
96/82 EC requires that Member States shall ensure that the safety report is made available to the public, with possible restrictions for reasons of industrial, commercial or personal confidentiality, public security or national defense. It also requires that information on safety measures and on the requisite behavior in the event of an accident is supplied, without their having to request it, to persons liable to be affected by a major accident; It shall also be made permanently available to the public.
Cearly, some of this information is spatial in nature and thus best communicated in the form of maps, that is, with the help of a GIS. An example is GRIBS, a risk management information system for the Kanton and City of Basel in Switzerland (http://www.ess.co.at/docs/b_top.html).
In addition to its basic regulatory application, one specific function of the system is as a source of information for concerned citizens: the system supports the easy retrieval (in the form of a topical map) of all risk related information such as installations and substances stored within a certain radius of a persons home. Up-to-date information on plant locations and substances stored in the system is also being made available to those involved in emergency response such as fire fighters.
GIS in Risk Assessment
Searching on the Internet for examples of integrated risk assessment systems, and links between GIS and risk assessment in particular, leads to the usual number of surprises and a few insights. Searching for various combinations of risk and mapping or GIS leads primarily to a number of sites concerned with storms, floods, volcanoes, earthquakes, and forest fires. Numerous collections of web links related to risk can be found; few of them explicitly address the topic of spatial risks, and risk mapping.
Looking at some of the more recent GIS literature in recent conference proceedings such as the Joint European Conference on Geographical Information JEC-GI '97 meeting, more than 1,500 pages of proceedings include very few risk related applications (, , ). The risk community, however, seems more interested in GIS than the other way round: proceedings from a meeting on Computer Supported Risk Management  contain a number of GIS applications (, , , and .
GIS and Risk is discussed by  as a culture problem in the policy arena, with the different paradigms and views of scientists, policy makers, and the public coming together. GIS for emergency management is discussed in . Wadge et al.  look at GIS for Natural Hazards Assessment, and similar applications and approaches use risk indices for ecological risk , Superfund site remediation  or overlay analysis for groundwater vulnerability studies , , and their extension to human exposure . Similar approaches are used for geological hazards , . All these examples primarily use static approaches to characterise risks, which lend themselves to overlay analysis with standard GIS tools.
Spatial Risk Modeling
To map risks, they first have to be computed. Much what one can find under the heading of risk mapping includes rather simplistic maps with simple symbols for potential sources such as chemical installations, storage locations, or hazardous waste dump sites, possibly with a circle drawn around them, or overlay analysis of static data layers.
Important issues of scale, resolution, and uncertainty are rarely addressed (, ). Risk mapping is a powerful concept: since the underlying map looks familiar and precise, the risk overlay is more easily accepted - it looks real too.
In two specialized conferences on GIS and environmental modeling (, ), applications to technological or environmental risk are again comparatively rare, and the examples cover risk and GIS rather than risk and dynamic modeling. An overview of the integration of spatial environmental modeling and GIS is given in ,, and the spatial modeling of hazardous substances is discussed in .
When comparing a number of existing software systems for emergency planning and management, as well as a series of ongoing EU sponsored R&D projects, they all provide at least some basic functionality to graphically display, and map, their model results and thus exposure and risk (Table 1; see also ,  for recent compilations of risk related computer codes). The main bias introduced in Table 1 is that it is restricted to systems and projects with at least some presence on the Internet.
Detailed information on ongoing research and development projects funded under the Fourth Framework Programme by the European Union can be found on the CORDIS server, http://apollo.cordis.lu, and on the respective homepages of the various programmes such as ESPRIT, TELEMATICS.
A considerable number of useful web links that each lead to one or more interesting collections of risk related URLs can be found in a few hours of web search, and with the usual level of missing links and frustration.
As web links tend to expire, rather listing them here at the risk of being obsolete soon, yet another web site was created that compiles these links for further perusal: http://www.ess.co.at/HITERM/risklinks.
In parallel, a bibliography on integrated risk assessment and risk and GIS is available under http://www.ess.co.at/HITERM/REGULATIONS/bibliography.html.
In summary, it appears that the use of GIS and spatial display of the results of model based risk assessment is common practice, or at least as much as the use of simulation models is common practice. However, the majority of examples are restricted either to the post-processing use of GIS functionality, i.e., to generate and display topical risk maps, or to the basic analytical functionality of overlay and buffer analysis that GIS provides. Few if any example of complex and dynamic spatial analysis can be found, based on a tight integration of simulation modeling and GIS.
Integration in risk management information systems means bringing together several aspects of risk assessment and management: it should be applicable to internal and external safety analysis; it should consider physical and chemical, toxicological and public health, material damage, and environmental aspects. It should address both probabilistic approaches for risk planning, but also real-time applications for risk management. It has to support the practical implementation of relevant EU and national regulations, and it should provide the required information to the public. Analysis tools should be fast, efficient and reliable, scientifically rigorous and at the same time operate under the often severe data constraints of an emergency. Obviously, these are multiple, and conflicting objectives and criteria.
A general architecture of how a state-of-the-art risk information system could look like would not only include models, data bases, and GIS, but equally include other emerging and important elements of IT, and in particular, distributed computing and Internet based access:
Since there are numerous possible examples of integrated risk assessment systems that merge GIS functionality with the traditional tools of data bases and models, and drawing on all of them is impossible in this context, the examples chosen are not surprisingly, from the authors own work, and include an application, again not surprisingly, to the Netherlands. Starting with a project in collaboration with the JRC in Ispra to develop a Risk Management Information System combining databases (hazardous installations, hazardous materials, and accidents) with simulations models for various accident scenarios . This has lead to a continuing development project with VROM and RIVM in the Netherlands for a national scale system.
XENVIS began in 1986 as a study of interactive risk assessment of transportation of chlorine in the Netherlands. Since then it has been extended repeatedly, evolving into an interactive environmental information and decision support system that can be applied to a wide range of problems in the Netherlands associated with industrial risk and the management of hazardous operations and substances .
XENVIS integrates a national level geographic information system (Figure 1) with several interlinked databases, in particular on hazardous substances and hazardous industrial installations (Figure 2). GIS and databases for industrial installations and hazardous chemicals are linked to simulation models for industrial air pollution, toxic spills to surface water, i.e., the Rhine-Maas system, and rail and road transportation problems. The graphical user interface incorporates a context sensitive hypertext help- and explain system, and embedded expert system components that can assist users in scenario specification, parameter estimation, and the interpretation and further analysis of model results or plant specific safety data including safety audits.
XENVIS also serves as a pre- and post-processor for a major fault- and event tree risk assessment package, incorporating its results, e.g., as risk contours around a plant, in the data bases and displaying them at the GIS level (Figure 3).
Spatial analysis in XENVIS is performed either as an integrated function of the spatial models (Figure 4) or in a post-processing step. For example, for externally computed risk contours as part of a safety report, XENVIS performs the overlay analysis by computing distances and numbers of houses within the various risk levels (Figure 3). An extension to the embedded GIS functions allows to further analyse sets of cell grids representing input data such as population density, gridded risk contours, or model generated concentration distributions (for single events or probabilistic inputs) with a map calculator that evaluates arbitrary algebraic expressions and first order logic rules in the combination of map layers. Transportation risk analysis includes a path generator as a pre-processor for the computation of risk corridors (Figure 5), and the simulation of individual accidents (Figure 6).
Other dynamic models describe toxic spills into the Rhine-Maas system (Figure 7), or the atmospheric dispersion from industrial or transportation accidents. Depending on the available data, this can either use a multiple event Gaussian puff model, a dynamic finite element model based on a diagnostic wind field model (Figure 8), or a Lagrangian model.
Another model of integration is GRIBS, developed for the KCGU, the chemical safety, toxics, and environment inspectorate for the city of Basel, Switzerland. GRIBS is based on a tight integration of databases on industrial sites that store hazardous chemicals, a hazardous chemicals database, and an embedded GIS. The primary purpose is to perform a number of queries on installations and substances for a given location and its neighborhood as part of a public risk information system. The risk information is primarily based on a qualitative classification of substances. In addition, output from external impact simulation model systems like PHAST can also be integrated and visualized as a GIS layer. In addition to hazardous chemicals, GRIBS also includes databases for biological hazards and radioactive substances, adding another dimension of integration.
Object-oriented design: spatial risk objects
XENVIS is designed in terms of risk objects. They include elements such as process plants, storage facilities, trucks and railway cars, loading docks, marshalling yards, pipelines, etc. Each object is characterized by a set of properties that are updated depending on the context by a set of methods. These methods include data base retrieval and search, logical inference by expert systems, or model applications. The state of a risk object, from a regulatory point of view (within the framework of a safety report) may then be summarized as in compliance with a set of regulations.
Object oriented design brings all the advantages of inheritance and encapsulation, but also simplifies coupling with the GIS layers. Every risk object is georeferenced, and has a location and possibly extent. The risk objects are linked to geographic or geometric objects in the GIS such as reference locations or polygons. Objects are accessible by properties, or location.
Client-server architecture: HPCN and Internet access
Taking the integration approach one step further, we now would like to link the risk objects to additional information resources: distributed databases, monitoring and high performance computing. At the same time, these new features should be available to a larger set of distributed clients, including mobile field units. Data availability is clearly always a major constraint at least for emergency management. Access to monitoring systems in real time to obtain current meteorological data, traffic information, and possibly, data from chemical sensor can be of great values for accident simulation. For planning and training uses, high-performance computing can support detailed analysis with complex three-dimensional dynamic models, including probabilistic simulation, sensitivity and robustness analysis, and extensive scenario analysis for multi-criteria decision support applications. These concepts are currently being tested in HITERM for a number of test cases of atmospheric dispersion of toxics, fire and explosion, spills into river and estuarine systems, and groundwater contamination.
HITERM (http://www.ess.co.at/HITERM), a project under ESPRIT's High-Performance and Networking, Decision Support Applications, aims at using high-performance computing based on parallel machines and workstation clusters to obtain better-than-real time solutions to complex simulation models of accidental spills of hazardous materials, as well as integrating sensitivity and uncertainty analysis explicitly into the assessment and decision support process.
Technological risk is an inherent part of industrial societies. Risk assessment and management needs to find strategies and mechanism that make the control of this risk economically efficient, and socially acceptable. This may be conflicting objectives, and additional criteria like equity and sustainability have to be considered. The integration of complex dynamic models of risk assessment and GIS is a recent development. GIS is quickly developing into a common technology. Early GIS applications are often based on static georeferenced data and simple overlay and buffer analysis, but more powerful and more affordable computers and more flexible GIS software support more demanding applications including dynamic and 3D models.
In addition to GIS, the fast growing Internet with Java as an emerging language for client-server applications, and the multi-media formats they support are powerful tools to access and disseminate complex information. At the same time, the regulatory framework for risk assessment puts more emphasis on information exchange and public access to risk information. These developments promise exiting opportunities and a growing demand for better integrated risk information systems.
© Copyright 1995-2018 by: ESS Environmental Software and Services GmbH AUSTRIA | print page