The notion of probability and its various interpretations brings numerous opportunities for errors and misunderstandings. This is particularly true of contemporary risk analysis for dams that mostly consider geotechnical, hydraulic, and structural capacities subjected to extreme loads considered as independent evets. In these analyses subjective “degree of belief” probability has a major role, both in the modelling of the risk in the system by means of event trees based on inductive reasoning and in the assignment of probabilities to events in the event tree. There are numerous situations where physically possible conditions are eliminated from consideration in a risk analysis on the basis of probabilities that are judged to be too low to be of relevance. This is despite the fact that the assignment of a probability to a condition means that the occurrence of the event or condition is inevitable sometime, with the added complication that the time of occurrence is unknown and unknowable. Although there is no relationship between a remote probability and the possibility (or credibility) of the occurrence of the event in the event tree, it is quite common for physically feasible conditions to be either eliminated or their importance discounted on the basis of low probability in a risk assessment of a dam. Twenty five years ago, this elimination process might have been referred to as “judicious pruning of the event tree”. In more modern parlance, the elimination process is based on consideration of whether or not the condition or sequence of events is clearly so remote a possibility as to be non-credible or not reasonable to postulate. In contrast to the consideration of extreme loads vs. structural or geotechnical capacities, experience has shown that many dam failures and perhaps the majority of dam incidents do not result from extreme geophysical loads, but rather from operational factors. These incidents and failures occur because an unusual combination of reasonably common events occurs, and that unusual combination of events has a bad outcome. For example, a moderately high reservoir inflow occurs, but nowhere near extreme; the sensor and SCADA system fail to provide early warning for some unanticipated reason; one or more spillway gates are unavailable due to maintenance, or an operator makes an error, or there is no operator on site and it takes a long time for one to arrive; and the pool was uncommonly high at the time. This chain of reasonable events, none by itself particularly dangerous, can in combination lead to an incident or even a failure. This leads to the unnerving conclusions that; our estimates of risk made in terms of best available practice using the best available estimates will be underestimates of the actual risk, and the extent to which we underestimate the risk is unknowable. This paper examines why these improbable events occur and what can be done to prevent them. Some implications with respect to the endeavour of risk evaluation are also considered.
Now showing 1-12 of 58 2982:
Lessons learned from recent major incidents and related enquiries in Victoria in concert with the adoption
of an all-emergencies all-communities philosophy have informed both the scope and reach of the current
emergency management and dam safety regulatory environment. Victorian dam owners now have a statutory
obligation to implement an all-emergencies all-communities approach to risk assessment at their assets and,
as part of that, to adopt this approach as part of their “business as usual” activities. A major outcome of
this requirement is that for major dams, risk management is now being driven from Board and senior
management level: the implementation of controls and actions is formalised. As a consequence, there is a
better understanding across the organisation of new and emerging risks that require new technologies,
thinking and expertise and an improved appreciation of asset interdependencies and the risk posed to reliant
stakeholders. With other reforms including oversight and audit arrangements in place, the move from “doing
enough” to striving for “good’ industry practice, aided by an improved regulatory regime and statutory
processes, is well established. A brief consideration of the lessons learned from the February 2017 Oroville
dam incident in this context concludes the paper.
Two-dimensional hydraulic modelling technology has advanced significantly in recent years, providing powerful and flexible tools that are now routinely used for a wide variety of flood risk assessments. Assessing the downstream impacts of catastrophic dam failure represents an extreme test for the accuracy and stability of hydraulic models. Catastrophic dam failure can present an extreme risk to downstream infrastructure and public safety. Hence, it is important to have confidence in the estimated magnitude of potential impacts to design suitable, costeffective mitigation measures. The highly visual output of two-dimensional models adds credibility to their results. However, validation data for extreme hydraulic conditions is rarely available, resulting in uncertainty in the accuracy of model predictions and in the risks associated with dam failure. By validating numerical model results against analytical solutions for cases of simple geometry and also against realworld data, an improved level of confidence can be obtained in the accuracy of the model representation of these extreme hydraulic conditions. In this paper, we assessed the capability of the TUFLOW hydraulic modelling software package to accurately simulate an idealised dam break scenario by comparing the model results to analytical solutions. We also compared the model results for coastal inundation by a tsunami to real-world data from the 2004 Banda Ache (Indonesia) tsunami. The results showed that the HPC solver version of TUFLOW correctly captures the dam break flood fronts and the flood wave propagation and TUFLOW HPC is well suited for dam break flood modelling.
Junction and Clover Dams are central spillway slab-and-buttress dams located in Victoria. Previous safety reviews and assessments of the dams concluded that neither dam met modern dam design standards and remedial works were recommended, including infilling the slab-and-buttress dams with mass concrete to sustain seismic loadings. These conclusions were based largely on the assessed seismic hazard at the site, the results of response spectrum analyses and observed conditions of the dams including alkali-aggregate reaction of the concrete. AECOM used current seismic hazard assessment techniques, conducted concrete investigations and testing, assessed long term surveillance monitoring results and used modern finite element techniques to demonstrate that no upgrade works were required at either dam resulting in a significant saving for AGL.
Lake Buffalo located on the Buffalo River near Myrtleford in Victoria was constructed in the 1960s as a cofferdam for the then proposed Big Buffalo dam. Consequently, the dam was designed for a short life (<10 years) and design features and criteria for a permanent dam were not implemented.
Critical features include a primary spillway with three vertical lift gates, two outlet conduits located
through the spillway piers, a single upstream valve on each outlet conduit for regulation and isolation, and a multi-part bulkhead which is installed in front of the valves for inspection and maintenance.
With the continued operation of the dam beyond 60 years, upgrades appropriate to a permanent dam have been implemented, including addressing deficiencies with spillway gate hoists lifting equipment and redundancy of the outlet conduit vales. This proved challenging, as the operation of spillway structures does not readily align with industry or Australian Standards. This paper will outline the issues encountered, their resolution and the lessons learnt during this upgrade work.
In the face of potential future climate change, it is important that reservoir asset owners and operators consider what such change could mean for the integrity and operations of their assets. This must be developed as an integral part of risk-based management, with a systematic consideration of the uncertain future implications of climate change and their potential consequences.
Systematic assessment of the consequences of potential climate related events/loads should be included as an integral component of a risk-based approach to dam safety management. The magnitude of potential consequences can be used to inform the prioritisation and management responses to these conditions, regardless of probability of occurrence. Designing to accommodate exceedance events is an important response in this process.
The adaptive management process provides a framework within which the implications of uncertain future conditions and risks can be systematically identified and managed, forming the basis of agreeing a defined ‘pathway’ for monitoring and implementation of management actions. The concept of Adaptation Pathways can be utilised for reservoir adaptation, setting out the long-term risk informed process to manage operations and risks.