Keywords

1 Introduction

The 2011 Fukushima disaster and other recent natural and man-made hazards caused environmental, health, and safety concerns [1]. A strategic structure or facility such as nuclear power plants (NPPs) could be exposed to more than one hazard. Given the uncertainty related to the characterization of these hazards, it would be preferable for the design to be based on a probabilistic multi-hazard assessment (PMHA) to ensure the safety and the performance of the facility. Therefore, a collectively exhaustive set of all the possible extreme events, which the facility could be subjected to during its lifetime, have to be considered. In such probabilistic framework, the main objective is to calculate a total probability of failure that a limit threshold is exceeded by the facility response. Uncertainty is nevertheless unavoidable, even when using the most sophisticated models with highly accurate data. Decisions are very often made in the presence of uncertainty. Therefore, it is critical to understand the decisional context about risky events whatever our field of activity. A more comprehensive characterization of hazards, including uncertainties, is then needed to solve a large variety of problems related, inter alia, to environmental, health, and safety concerns. Indeed, regardless of the type of risk, it may be associated with many sources or initiator phenomena. The hazard sources, independent or not, must be considered in a site-specific multi-hazard characterization and assessment of the risk.

In a multi-hazard framework, more than a hazard curve should be obtained and will have to be properly aggregated into one single and total hazard curve. This type of information can be critical in decisions, especially in assessing the risk at a specific site of interest such as a nuclear power plant. Unlike deterministic approaches, PMHA also is suited to providing risk managers with a better understanding of how the relative merits of all the decision alternatives and choices are impacted by the interactions that can exist between the events.

To recap, therefore, the construction of hazard curves is a key step in the PMHA process. Nevertheless, the most important issue in this paper is how the hazard curves should be aggregated? Indeed, in the aggregation, all the contributions of all the involved hazards are summed up and a total probability is calculated. Another way of posing the question is the following: which annual probabilities or rates of occurrence to be associated with specific hazard levels induced by many hazard sources at a point of interest? Is it the sum of the probabilities associated with all scenarios? Is it the product of these probabilities? Or maybe something else, like a median hazard curve, say.

2 The Events Tree in a Probabilistic Multi-hazard Approach

It is important for engineers to recognize the presence of all major sources of uncertainties and that some of them are unavoidable when dealing with real-world problems. Probability and statistics provide the proper tool for the modeling and the analysis of the uncertainty, irrespective of whether it is aleatory (associated to natural randomness) or epistemic (associated with inaccuracies and vagueness in our estimation and prediction of the reality). In the PMHA study, the events tree is used [2]. Each branch is associated with a hazard or a concomitance of hazards and ends with a hazard curve if many scenarios are considered. A single hazard curve, showing the final hazard level at a point of interest as a function of a total annual frequency of exceedance, should be obtained by summing up the contributions from the different branches representing the different hazards.

This single hazard curve is the aggregation of all the hazard curves. The weights used in events trees are calculated and assigned to reflect the probability of occurrence of each event by simply using the enumeration theory (ratio of the number of favorable events to the total number of events). To meet and satisfy the safety requirements, the probabilistic approach applied with the appropriate aggregation model becomes then a major operational concern. Considering the particular case (proposed for illustration purposes only) in which the strategic facility could be subjected during its lifetime to the extreme events Ei = {coastal flooding, earthquake, dam failure, blast and plane crash}. Figure 1 shows the events tree diagram in which the events \(E_{i}\) lead to a state of failure \(F\) or not (\(\overline{F}\)).

Fig. 1
figure 1

Events tree: dependent and independent hazards

Full size image

3 The Aggregation Model—Based on the Algebra of Events

The safety of an NPP and any other strategic facility is a difficult business in which success requires not only innovative ideas but a sound theoretical basis as well. The main aim of this work is to introduce a new concept and method of probability and statistics for the modeling and formulation of the aggregation step of the PMHA. In this paper, we develop a new way of thinking, based on the algebra of events. The principal motivation for developing the aggregation method and writing this communication is our firm belief that the principles of the algebra of events are of fundamental importance to probabilistic approaches which involve more than one hazard. We did not insist on the mathematical rigor throughout the paper. We are concerned mainly with the use of the theoretical framework, which is the algebra of events, and the relevance of the total probability concept to the probabilistic approaches [3]. In addition, many methods we have previously used to solve a large variety of problems we face (related, inter alia, to environmental, health, and safety concerns) are too simple and no longer effective. It has, however, to be clear that with the dizzying acceleration of the computing capacity and models developments, enabled in large part by ever more powerful computers, models which were difficult and very time consuming can be today more efficient and applied with less calculation time.

In the probability theory, there are several different probability interpretations. It, however, treats the concept in a rigorous mathematical manner by expressing it through a set of axioms formalizing probability in terms of a probability space, which assigns a measure taking values between 0 and 1, termed the probability measure, to a set of outcomes called the sample space and any subset of these outcomes is called an event [3]. It also should be borne in mind that the probability can be considered as a numerical measure of the likelihood of occurrence of this event relative to other events or within an exhaustive set of all possible alternative events. Accordingly, the first requirement in the development of a probabilistic method is the identification of the event of interest and the set of all possibilities.

Formally, consider \(n\) mutually exclusive events \(E_{i}\), \(i = 1,2,\,\,...,\,n\) and also collectively exhaustive. That is the union of all these events from a sample space \(\Omega\) which is the space of possibilities as can be seen in Fig. 2. The probability of an event \(E_{k} ,\,\,1 \le k \le n\), say \(p\left( {E_{k} } \right)\), cannot be determined directly. The probability of occurrence of an event \(E_{k}\) is highly dependent on the occurrence or non-occurrence of the other events \(E_{i} ,\,\,i \ne k\). Each event of the sample space \(\Omega\) can lead to failure \(F\) or not (\(\overline{F} = 1 - F\)). The probability of failure \(p\left( F \right)\) will then depend on which of the events has occurred and would be conditional to each of them and weighted by their probabilities. Such requirements can be stated and provided by the theorem of total probability.

Fig. 2
figure 2

The sample space of events (\(\bigcup {E_{i} } = \Omega\))

Full size image

Before formally presenting the mathematical theorem, the algebraic structure should be defined with some important notions of the algebra of events, needed to better grasp and understand the developments presented hereafter. Each scenario of failure associated with an event (or a concomitance of events) is represented by the intersection between the area of event in the sample space and the failure one. It is characterized by a hazard level and its associated probability and it should appear as a single point in the associated hazard curve. Let \(p\left( {\left. F \right|E_{k} } \right)\) be the probability of failure conditional to the occurrence of the event \(E_{k}\). It is defined as the conditional probability for the event of failure F given that the event \(E_{k}\) takes place where the strategic structure or facility is (or in its vicinity). The definition of conditional probabilities [4] allows us to write thats

$$p\left( {E_{k} \cap F} \right)\, = \,\,p\left( {E_{k} } \right)\,\, \cdot \,\,p\left( {\left. F \right|E_{k} } \right)$$
(1)

Calculating probabilities in a probabilistic multi-hazard context is complicated by the fact that there is often dependence between some of the events. Sometimes we add them (unions of events if they are mutually exclusive), sometimes we multiply them (intersections of dependent events), and often it is hard to figure out what to perform. Tree diagrams can make it a lot easier. Figure 3 illustrates the probabilities tree diagram superposed to the sample space of mutually exclusive and collectively exhaustive events. It is worth remembering that the sum of the probabilities associated with all the branches must equal 1 at each stage of the tree. The probability of failure \(F\) is then calculated conditionally to the occurrence of each hazard. This calculation is presented in the second step of the tree diagram (the blue area). The probability of the intersection between the area of each event in the sample space and the failure one is presented at the end of the associated branch. Once the tree diagram is completed, the overall probabilities can be calculated by multiplying each probability along each branch of the tree. But that’s not all—all the branches (as other hazards contribute to the final hazard curve) have to be included. All the probabilities associated with the failure must be added and this sum, associated with the hazard level, should appear as a point in the final hazard curve. This sum is given by

Fig. 3
figure 3

The aggregation model in the form of an events tree superimposed on a sample space

Full size image
$$p\left( F \right)\, = \,\,\sum\limits_{i = 1}^{n} {\left[ {p\left( {E_{i} } \right)\,\, \cdot \,\,p\left( {\left. F \right|E_{i} } \right)} \right]}$$
(2)

This algebraic structure is nothing other than the total probability [5]. The formula of the total probability is a form of Bayes’ theorem.

4 Application

Many possible applications of the developed aggregation model can refer to the assessment of the risk of failure related to certain safety functions in a nuclear power plant. The objective in each application is to calculate and implement the total probabilities and associated hazard levels in the framework of a PMHA approach leading to the estimation of the annual risk of failure. To facilitate calculations, it is assumed that the individual probabilities of occurrence are considered as known quantities and the associated conditional probabilities of failure are proposed in a scenarios-based manner. Synthetic scenarios were derived for annual probabilities of exceedance of \(p = 0.1,\,0.02,\,0.01,\,0.002,\,0.001\). Whereas the hazard levels associated with these probability levels are nothing more than the 10-, 50-, 100-, 500-, and 1000-year return levels.

Let \(F\) be a sample space of three elementary events river flooding, earthquake, and blast that could potentially threaten a strategic structure and cause significant damage to it, up to a structural collapse. The annual risk of concomitance of any two events in this sample space is assumed to be less than the residual risk ξrr. The residual risk defines the risk below which there is no regulatory guidance imposed by the society and it varies, ranging between 10–7 and 10–6/year for some, particularly strategic structures. That is, just one of the three events can induce a collapse. The total probability of failure can be written as.

$$p\left( F \right)\, = \,\,p\left( {RF} \right)\,\, \cdot \,\,p\left( {\left. F \right|RF} \right) + p\left( {Eqk} \right)\,\, \cdot \,\,p\left( {\left. F \right|Eqk} \right) + p\left( {Blast} \right)\,\, \cdot \,\,p\left( {\left. F \right|Blast} \right)$$
(3)

where \(p\left( {RF} \right)\), \(p\left( {Eqk} \right)\), and \(p\left( {Blast} \right)\) stand for the probability of occurrence of river flooding, earthquake, and blast events, respectively. The conditional probabilities \(p\left( {F|RF} \right)\), \(p\left( {F|Eqk} \right)\), and \(p\left( {F|Blast} \right)\) represent the annual probabilities of exceedance for events {RF}, {Eqk}, and {Blast}, respectively. As already mentioned in this paper, the latter is estimated with univariate and multi-variate statistical models using Bayesian or frequentist inferences. The probability of a riverine flooding event or an earthquake event to occur can be estimated using classic statistics. Furthermore, the occurrence of a blast event depends on how vulnerable the structure is against such events and on sociopolitical considerations. The calculation of the probability of occurrence of a blast event is, therefore, not really an engineering issue. However, as mentioned earlier in this section, in order to make calculations easier, it is assumed that these individual probabilities, as well as associated conditional probabilities, are known quantities. Figure 4 shows the probabilities tree diagram, as well as the scenarios to be combined to obtain total probabilities. These total probabilities with the associated hazard levels form the points of the final hazard curve.

Fig. 4
figure 4

Probability-based model for multi-hazard risk assessment of a strategic structure subjected to riverine flooding, earthquake, and blast events

Full size image

5 Conclusion

A methodology for the assessment of the annual risk of failure for strategic structures or facilities such as NPPs is presented herein in a context of a multi-hazard risk assessment. The developed methodology is largely inspired by the algebra of events.

The developed PMHA model is presented in the form of a new algebraic structure based on the construction of a sample space of different hazards (or hazard sources) with the associated probabilities tree. The model employs the total probability formula to aggregate the hazard curves. It can be concluded that the total probability of failure is not a simple sum of the annual exceedance probabilities of events in the sample space. Indeed, the total risk is a weighted sum of the annual exceedance probabilities whose weighting coefficients are the priori probabilities (i.e., the probability of occurrence) of these hazards.

A unique feature of the developed PMHA approach is that it involves the classic, the frequentist, and the Bayesian statistics at the same time. Indeed, based on the history of the event in question at the site of interest, the probability of an event to occur can be estimated by just using the classic statistics (i.e., enumeration theory ~ the ratio of the number of favorable cases to that of possible ones). The annual exceedance probabilities can be calculated using frequency analysis and finally, the formula of the total probability is a form of Bayes’ theorem.

The rigor and efficiency of the proposed PMHA approach make it particularly useful to design and verify (retrofit) a strategic structure subjected to more than a hazard or a critical event. Moreover, it should be noted that the PMHA model can be extended in order to assess the risk associated to dependent hazards (i.e., flooding of a coastal urban site due to pluvial, marine, and river floods).