A picture of a 1,000-year old earthen mound in Central America.
Goes to prove geotechnical structures can endure stable for at least that long.
Today I explained the differences between Failure Modes and Effects Analyses (FMEA), Value Engineering (VE), Multiple Accounts Analysis (MAA), and Risk Assessment (RA) to some unfamiliar with any of these tools to support engineering judgment as the basis for decision making. In so doing, I had to go back to basics and thus myself uncovered a new and deeper understanding of the basics.
First I had to emphasize that none of these tools is a universal computer. None of them enable you to feed in the data, turn on the tool, and await a printed output of a definitive answer. They are but tools or methods that you should plough through as part of a conscientious, holistic consideration of alternatives. They are but aids to judgment. They are but steps you must take in learning, thinking, and calculating before you invoke engineering judgment.
Too many young engineers believe there is a universal computer code that gives you the answer to everything. They have not learnt that computer codes are only another tool to use in refining understanding and preparing to exercise judgment and make a decision.
Thus we talked about FMEAs as the first and earliest of the tools formulated to enable logical and consistent thinking about the chain of events that could lead to failure. An example: if water is stored on the tailings facility; if it rains too much; if the extreme precipitation increases the level of water in the tailings pool; and if the rise of the water level causes the water to approach or touch the perimeter embankments or dike, then one or more of the following could happen:
- Pore pressures in the tailings of the perimeter slope of the tailings facility could increase.
- Increased pore pressures could induce low effective strengths along a potential failure plane.
- The slope could accordingly fail.
- Seepage rates could increase as a result of the driving head induced by deep pool water.
- The increase seepage velocity through loose sand layers could induce piping.
- The piping could remove solids from the perimeter zone.
- The overlying tailings could slump.
- The freeboard could be wiped out.
- Water in the pool could flow over the slumped zone.
- And whole-scale failure could result.
- The high level of water in the pool could increase flow rates through the penstocks.
- The penstocks could loosen or fail as a result of increased flow or water hammer.
- The penstocks could fail.
- And the tailings could follow the penstock failure and flow far down the valley.
In practice, this is the dilemma of the failure of the Bafokeng Slimes dam. The courts said the failure was an Act of God. We engineers, however, reject this facile conclusion and still seek the fundamental cause. If only somebody could compile an FMEA that illustrates the many possible sequence of causes leading to the actual failure!
Value Engineering involves similar processes to FMEA: list things that control performance of a system, establish criteria, and compare alternative performance using the defined criteria. But then things take a big turn; for the objective of VE is to understand the function of a system and each component thereof, and hence to find better and cheaper ways of achieving the same or better performance. Think of toasting bread. You can do that over an open flame. But a better approach is to use a toaster from the local store. Different system, same result.
MAAs are favored in Canada because Andy Robertson and Shannon Shaw have written eloquently about the method–although they have never published a convincing example of the use of the method to do anything other than get people to talk in five-day meetings. In practice MAAs are nothing other than a much more powerful method, Multiple-Criteria Decision Analysis, based on maximizing the utility of a system. Andy himself acknowledges that MAA is good as a frame work for getting people to talk, but not much else.
Then we have risk assessment. ISO tells us how to do a formal risk assessment. The Giant Mine report in Appendix D says this of risk assessments:
The Board expects the risk assessment to include:
- The compilation of a proper glossary containing a description of all the terms used in the Project and its development, especially those that might have a common use which differs from the technical meaning (such as “risk”, “crisis”, “hazard”) in compliance with ISO 31000.
- The definition of the Project context in compliance with ISO 31000, including all the assumptions on the Project environment, chronology etc.
- A properly defined hazard and risk register covering a clearly defined system of macro and subsystems/elements and their links describing for each one of them: .
o expected performances,
o possible failure modes and
o quantification of the related ranges (to include uncertainties) of probabilities evaluated as numbers in the range 0-1 (mathematical characterization) with a clear explanation of the assumptions underlying their determination, and,
o associated magnitude of the hazards and related scenarios.
- An independent analysis of failure/success objectives.
- A holistic consequence function integrating health and safety, environmental, economic and financial direct and indirect effects.
- Applicable published correlations and information.
The Board expects the risk assessment to use a unified metric showing consequence as a function of health and safety, environmental, economic and financial direct and indirect effects. This will be done in a manner that allows transparent comparison of holistic risks with the selected tolerability threshold.
Consequences will be expressed as ranges, to include uncertainties. When evaluating the consequences, the risk assessment will explicitly define Risk Acceptability/Tolerability thresholds, in compliance with ISO 31000 international code. These will be determined in consultation with potentially affected communities, using a unified metric compatible with the one described above for consequences.
Risks and tolerability or acceptability will be developed separately, in such a way not to influence or bias the judgment of the assessors or evaluators. Risks will then be grouped into “tolerable” and “intolerable” classes. The risks in the intolerable group will be ranked as a function of their intolerable part. Mitigation efforts will be allotted proportionally to that ranking.
Today I tried out the system. I had to consult with Franco and Cesar Oboni, who wrote the above to determine how to use this demanding approach which has only vague similarities with FMEA, VE, and MAA methods. The approach is clearly much more powerful. I have yet to master it.
I will keep you informed. But for now, do not confuse the various methods to compare things, or think about what to decide. They are all very different. None are Turing computers. Use them all before you decide. But regardless, you will have to fall back on informed, human intelligence and judgement to make a profound decision.