APPENDIX B
CURRENT RECOGNITION OF RISK AND RISK-BASED DESIGN AT SELECTED FEDERAL AGENCIES
The committee invited liaison representatives to describe the types and sources of risks that agencies face in design and operation of their facilities, how they characterize and assess risk, and how they undertake to manage or limit risks through design. This appendix summarizes their presentations. Not all federal agencies that construct or manage facilities were represented by liaisons to the committee.
TYPES AND SOURCES OF RISKS
Risks of death, injury, and property damage due to fire, extreme winds, earthquakes, and other structural loads were acknowledged by all agencies. These risks are perceived to be generally similar to those faced in all facilities, public and private, but in some cases are especially acute.
Military and some civilian agencies identify certain areas of facilities that house functions, information, or equipment critical to a mission's viability, and judge those areas to be particularly risky. Examples include computer facilities, aircraft valued at several times the cost of their hangers, boiler rooms and telecommunications switching rooms, and hospital operating rooms.
Heat and smoke toxicity were identified as principal concerns from fire. Building collapse and trauma injury are generally recognized concerns regarding facility response to seismic loads; however, it was noted that
asphyxiation from dust raised by building collapse, rather than trauma (especially in concrete buildings), was a principal cause of death in the 1989 Armenian earthquake disaster.
Several agencies must deal with risks to security. This risk applies to drug storage in medical facilities as well as in military or intelligence settings.
Several agencies must deal with hazardous materials. The Department of Energy (DOE) considers radiological risk in facility siting. The military agencies design to limit risks to military personnel and the general public in weapons firing and munitions storage areas.
The Army's Construction Engineering Research Labs offered a broader concept of risk with respect to application of new technology in facilities. In this setting, risk may be defined with regard to any failure of a system to perform satisfactorily. However, failure and associated risk for wall coverings, for example, differs from that for structural systems.
Some agencies have encountered problems with older technologies that are now being found to have toxic effects on building occupants. Such toxic materials include asbestos and lead in paint and solder used in some plumbing.
CHARACTERIZING AND ASSESSING RISK
Representatives of several agencies indicated that the term ''risk'' is not explicitly used with respect to design and management of their facilities, even though they deal with risks of the types described in this study. Those agencies that do use the term "risk" adopt a probabilistic approach to assessment, with reference to a specific defined consequence to be avoided. These consequences may differ from one application to another.
The Navy, for example, sets 10-7 as the maximum probability per event of injury to military personnel assigned as observers on bombing or gunnery ranges.
The DOE requires that all its facilities be evaluated for potential risks to the operators, the public and the environment in its safety analysis process. Areas addressed in the safety analysis include, but are not necessarily limit to, the following:
-
Form, type, and amount of hazardous materials (nuclear or other) to be stored, handled, or processed
-
Principal hazards and risks that can be encountered in facility operation, including potential accidents and predicted consequences of fire, explosion, radiation, toxic exposure, structural failure, wind, flood, earthquake, tornado, operating error, failure of essential operating equipment, and failure of safety systems
-
Selected design basis accidents such as DBF, DBW, DBE, DBT, OBA, and DBFL, postulated and quantified, including the rationale for selection
-
Principal design, construction, and operating features selected for preventing accidents or reducing risks to acceptable levels, including the safety margins used.
The DOE's nuclear facilities siting requirements allow for the use of deterministic (subjective) analyses and/or probabilistic risk analysis (PRA)41 in judging the selection of one site over others and for overall risk of operation of the facility. For PRA, events considered are those whose annual probability of occurrence exceeds 10-6. For fire protection the DOE requires that its vital facilities and programs meet or exceed the "improved risk" level thereby limiting damage to an acceptable level. As a part of determining the "improved risk" level, the fire protection design analysis addresses those conditions in a facility where the following conditions occur:
-
Large or unusual fire potential exists.
-
There are special life-safety hazards.
-
Toxic chemicals or biological agents exist.
-
The consequences of fire include radioactive contamination of the facility, the site, or the public environment.
-
National security is adversely affected by fire.
MANAGEMENT AND LIMITATION OF RISK
A number of agencies depend on model building codes for design criteria to control risk in their facilities. Agencies (such as military) have their own extensive design criteria which tend to be similar to those in model codes but also address special mission-related needs. Risk assessment and management becomes an issue, if at all, only on projects that are particularly complex or crucial to the success of a key mission.
Agencies face problems of management and limiting risk in existing facilities as well as new designs. Agencies such as the Postal Service may lease only a few floors in a multi-floor building and yet must be concerned
41 |
PRA procedures are used by utilities and the Nuclear Regulatory Commission for analysis of nuclear power plants. These procedures were developed by the American Nuclear Society and the IEEE, working under contract to the Nuclear Regulatory Commission. More broadly applied, such procedures could fulfill many of the committee's recommendations. Refer to Appendix D. |
about risk associated with the entire facility. Other agencies suspect that risks are increasing as facilities age. The Army, for example, noted that 43 percent of their buildings are older than 35 years. Some agencies are concerned that newly perceived risks may require costly retrofit of existing structures, as occurred when the seismic hazard zone designation for the city of Memphis, Tennessee was increased.
In two cases—veterans hospitals and ballistics firing to which civilians might be exposed—agencies have adopted an implicit policy of "risk free" design. However, it was generally acknowledged that facilities maintenance and operating procedures can substantially influence the level of risk.