The notion of probability and its various interpretations brings numerous opportunities for errors and misunderstandings. This is particularly true of contemporary risk analysis for dams that mostly consider geotechnical, hydraulic, and structural capacities subjected to extreme loads considered as independent evets. In these analyses subjective “degree of belief” probability has a major role, both in the modelling of the risk in the system by means of event trees based on inductive reasoning and in the assignment of probabilities to events in the event tree. There are numerous situations where physically possible conditions are eliminated from consideration in a risk analysis on the basis of probabilities that are judged to be too low to be of relevance. This is despite the fact that the assignment of a probability to a condition means that the occurrence of the event or condition is inevitable sometime, with the added complication that the time of occurrence is unknown and unknowable. Although there is no relationship between a remote probability and the possibility (or credibility) of the occurrence of the event in the event tree, it is quite common for physically feasible conditions to be either eliminated or their importance discounted on the basis of low probability in a risk assessment of a dam. Twenty five years ago, this elimination process might have been referred to as “judicious pruning of the event tree”. In more modern parlance, the elimination process is based on consideration of whether or not the condition or sequence of events is clearly so remote a possibility as to be non-credible or not reasonable to postulate. In contrast to the consideration of extreme loads vs. structural or geotechnical capacities, experience has shown that many dam failures and perhaps the majority of dam incidents do not result from extreme geophysical loads, but rather from operational factors. These incidents and failures occur because an unusual combination of reasonably common events occurs, and that unusual combination of events has a bad outcome. For example, a moderately high reservoir inflow occurs, but nowhere near extreme; the sensor and SCADA system fail to provide early warning for some unanticipated reason; one or more spillway gates are unavailable due to maintenance, or an operator makes an error, or there is no operator on site and it takes a long time for one to arrive; and the pool was uncommonly high at the time. This chain of reasonable events, none by itself particularly dangerous, can in combination lead to an incident or even a failure. This leads to the unnerving conclusions that; our estimates of risk made in terms of best available practice using the best available estimates will be underestimates of the actual risk, and the extent to which we underestimate the risk is unknowable. This paper examines why these improbable events occur and what can be done to prevent them. Some implications with respect to the endeavour of risk evaluation are also considered.
$15.00
ANCOLD is an incorporated voluntary association of organisations and individual professionals with an interest in dams in Australia.