Uncertainty in Risk Assessment E-Book

Contents

Cover

Title Page

Copyright

Preface

Part I: Introduction

Chapter 1: Introduction

1.1 Risk

1.2 Probabilistic Risk Assessment

1.3 Use of Risk Assessment: The Risk Management and Decision-Making Context

1.4 Treatment of Uncertainties in Risk Assessments

1.5 Challenges: Discussion

References – Part I

Part II: Methods

Chapter 2: Probabilistic Approaches for Treating Uncertainty

2.1 Classical Probabilities

2.2 Frequentist Probabilities

2.3 Subjective Probabilities

2.4 The Bayesian Subjective Probability Framework

2.5 Logical Probabilities

Chapter 3: Imprecise Probabilities for Treating Uncertainty

Chapter 4: Possibility Theory for Treating Uncertainty

4.1 Basics of Possibility Theory

4.2 Approaches for Constructing Possibility Distributions

Chapter 5: Evidence Theory for Treating Uncertainty

Chapter 6: Methods of Uncertainty Propagation

6.1 Level 1 Uncertainty Propagation Setting

6.2 Level 2 Uncertainty Propagation Setting

Chapter 7: Discussion

7.1 Probabilistic Analysis

7.2 Lower and Upper Probabilities

7.3 Non-Probabilistic Representations with Interpretations Other Than Lower and Upper Probabilities

7.4 Hybrid Representations of Uncertainty

7.5 Semi-Quantitative Approaches

References – Part II

Part III: Practical Applications

Chapter 8: Uncertainty Representation and Propagation in Structural Reliability Analysis

8.1 Structural Reliability Analysis

8.2 Case Study

8.3 Uncertainty Representation

8.4 Uncertainty Propagation

8.5 Results

8.6 Comparison to a Purely Probabilistic Method

Chapter 9: Uncertainty Representation and Propagation in Maintenance Performance Assessment

9.1 Maintenance Performance Assessment

9.2 Case Study

9.3 Uncertainty Representation

9.4 Uncertainty Propagation

9.5 Results

Chapter 10: Uncertainty Representation and Propagation in Event Tree Analysis

10.1 Event Tree Analysis

10.2 Case Study

10.3 Uncertainty Representation

10.4 Uncertainty Propagation

10.5 Results

10.6 Comparison of the Results to Those Obtained by Using Other Uncertainty Representation and Propagation Methods

10.7 Result Comparison

Chapter 11: Uncertainty Representation and Propagation in the Evaluation of the Consequences of Industrial Activity

11.1 Evaluation of the Consequences of Undesirable Events

11.2 Case Study

11.3 Uncertainty Representation

11.4 Uncertainty Propagation

11.5 Results

11.6 Comparison of the Results to Those Obtained Using a Purely Probabilistic Approach

Chapter 12: Uncertainty Representation and Propagation in the Risk Assessment of a Process Plant

12.1 Introduction

12.2 Case Description

12.3 The “Textbook” Bayesian Approach (Level 2 Analysis)

12.4 An Alternative Approach Based on Subjective Probabilities (Level 1 Analysis)

References – Part III

Part IV: Conclusions

Chapter 13: Conclusions

References – Part IV

Appendix A: Operative Procedures for the Methods of Uncertainty Propagation

A.1 Level 1 Hybrid Probabilistic–Possibilistic Framework

A.2 Level 2 Purely Probabilistic Framework

Appendix B: Possibility–Probability Transformation

Reference

Index

This edition first published 2014

© 2014 John Wiley & Sons, Ltd

Registered office

John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom

For details of our global editorial offices, for customer services and for information about how to apply for permission to reuse the copyright material in this book please see our website at www.wiley.com.

The right of the author to be identified as the author of this work has been asserted in accordance with the Copyright, Designs and Patents Act 1988.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the prior permission of the publisher.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Designations used by companies to distinguish their products are often claimed as trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of their respective owners. The publisher is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. It is sold on the understanding that the publisher is not engaged in rendering professional services and neither the publisher nor the author shall be liable for damages arising herefrom. If professional advice or other expert assistance is required, the services of a competent professional should be sought.

Library of Congress Cataloging-in-Publication Data

Aven, Terje, author.

Uncertainty in risk assessment : the representation and treatment of uncertainties by probabilistic and non-probabilistic methods / Terje Aven, Piero Baraldi, Roger Flage, Enrico Zio.

pages cm

Includes bibliographical references and index.

ISBN 978-1-118-48958-1 (hardback)

1. Risk assessment–Statistical methods. 2. Probabilities. I. Title.

HD61.A947 2014

338.5–dc23

2013034152

A catalogue record for this book is available from the British Library.

ISBN: 978-1-118-48958-1

Preface

The aim of this book is to critically present the state of knowledge on the treatment of uncertainties in risk assessment for practical decision-making situations concerning high-consequence technologies, for example, nuclear, oil and gas, transport, and so on, and the methods for the representation and characterization of such uncertainties. For more than 30 years, probabilistic frameworks and methods have been used as the basis for risk assessment and uncertainty analysis, but there is a growing concern, partly motivated by newly emerging risks like those related to security, that extensions and advancements are needed to effectively treat the different sources of uncertainty and related forms of information. Alternative approaches for representing uncertainty have been proposed, for example, those based on interval probability, possibility, and evidence theory. It is argued that these approaches provide a more adequate treatment of uncertainty in situations of poor knowledge of the phenomena and scenarios studied in the risk assessment. However, many questions concerning the foundations of these approaches and their use remain unanswered.

In this book, we present a critical review and discussion of methods for the representation and characterization of the uncertainties in risk assessment. Using examples, we demonstrate the applicability of the various methods and point to their strengths and weaknesses in relation to the situation addressed. Today, no authoritative guidance exists on when to use probability and when to use an alternative representation of uncertainty, and we hope that the present book can provide a platform for the development of such guidance. The areas of potential application of the theories and methods studied in the book are broad, ranging from engineering and medicine to environmental impacts and natural disasters, security, and financial risk management. Our main focus, however is, on engineering applications.

The topic of uncertainty representation and characterization is conceptually and mathematically challenging, and much of the existing literature in the field is not easily accessible to engineers and risk analysts. One aim of the present book is to provide a relatively comprehensive state of knowledge, with strong requirements for rigor and precision, while striving for readability by a broad audience of professionals in the field, including researchers and graduate students.

Readers will require some fundamental background in risk assessment, as well as basic knowledge of probability theory and statistics. The goal, however, has been to reduce the dependency on extensive prior knowledge, and key probabilistic and statistical concepts will be introduced and discussed thoroughly in the book.

It is with sincere appreciation that we thank all those who have contributed to the preparation of this book. In particular, we are grateful to Drs. Francesco Cadini, Michele Compare, Jan Terje Kvaløy, Giovanni Lonati, Irina Crenguza Popescu, Ortwin Renn, and Giovanna Ripamonti for contributing the research that has provided the material for many parts of the book, and to Andrea Prestigiacomo for his careful editing work. We also acknowledge the editing and production staff at Wiley for their careful and effective work.

Terje Aven

Roger Flage Stavanger

Piero Baraldi Milano

Enrico Zio Paris

June 2013

Part I

Introduction

1

Introduction

Risk assessment is a methodological framework for determining the nature and extent of the risk associated with an activity. It comprises the following three main steps:

Risk assessment is now widely used in the context of various types of activities as a tool to support decision making in the selection of appropriate protective and mitigating arrangements and measures, as well as in ensuring compliance with requirements set by, for example, regulatory agencies. The basis of risk assessment is the systematic use of analytical methods whose quantification is largely probability based. Common methods used to systematically analyze the causes and consequences of failure configurations and accident scenarios are fault trees and event trees, Markov models, and Bayesian belief networks; statistical methods are used to process the numerical data and make inferences. These modeling methods have been developed to gain knowledge about cause–effect relationships, express the strength of these relationships, characterize the remaining uncertainties, and describe, in quantitative or qualitative form, other properties relevant for risk management (IAEA, 1995; IEC, 1993). In short, risk assessments specify what is at stake, assess the uncertainties of relevant quantities, and produce a risk description which provides information useful for the decision-making process of risk management.

In this book we put the main focus on quantitative risk assessment (QRA), where risk is expressed using an adequate representation of the uncertainties involved. To further develop the methodological framework of risk assessment, we will need to explain in more detail what we mean by risk.

This introductory chapter is organized as follows. Following Section 1.1, which addresses the risk concept, we present in Section 1.2 the main features of probabilistic risk assessment (PRA), which is a QRA based on the use of probability to characterize and represent the uncertainties. Then, in Section 1.3, we discuss the use of risk assessment in decision-making contexts. Section 1.4 considers the issue of uncertainties in risk assessment, motivated by the thesis that if uncertainty cannot be properly treated in risk assessment, the risk assessment tool fails to perform as intended (Aven and Zio, 2011). This section is followed by a discussion on the main challenges of the probability-based approaches to risk assessment, and the associated uncertainty analysis. Alternative approaches for dealing with uncertainty are briefly discussed.

1.1 Risk

1.1.1 The Concept of Risk

In all generality, risk arises wherever there exists a potential source of damage or loss, that is, a hazard (threat), to a target, for example, people, industrial assets, or the environment. Under these conditions, safeguards are typically devised to prevent the occurrence of the hazardous conditions, and protection is put in place to counter and mitigate the associated undesired consequences. The presence of a hazard does not in itself suffice to define a condition of risk; indeed, inherent in the latter there is the uncertainty that the hazard translates from potential to actual damage, bypassing safeguards and protection. In synthesis, the notion of risk involves some kind of loss or damage that might be received by a target and the uncertainty of its transformation in actual loss or damage, see Figure 1.1. Schematically we can write (Kaplan and Garrick, 1981; Zio, 2007; Aven, 2012b)

(1.1)

Normally, the consequence dimension relates to some type of undesirable outcome (damage, loss, harm). Note that by centering the risk definition around undesirable outcomes, we need to define what is undesirable, and for whom. An outcome could be positive for some stakeholders and negative for others: discussing whether an outcome is classified in the right category may not be worth the effort, and most of the general definitions of risk today allow for both positive and negative outcomes (Aven and Renn, 2009).

Let A denote a hazard/threat, C the associated consequences, and U the uncertainties (will A occur, and what will C be?). The consequences relate to something that humans value (health, the environment, assets, etc.). Using these symbols we can write (1.1) as

(1.2)

or simply

(1.3)

where C in (C, U) expresses all consequences of the given activity, including the hazardous/threatful events A. These two risk representations are shown in Figure 1.2.

Obviously, the concept of risk cannot be limited to one particular measuring device (e.g., probability) if we seek a general risk concept. For the measure introduced, we have to explain precisely what it actually expresses. We also have to clarify the limitations with respect to its ability to measure the uncertainties: is there a need for a supplement to fully describe the risk? We will thoroughly discuss these issues throughout the book.

A concept closely related to risk is vulnerability (given the occurrence of an event A). Conceptually vulnerability is the same as risk, but conditional on the occurrence of an event A:

(1.4)

where the symbol | indicates “given” or “conditional.” For short we write

(1.5)

1.1.2 Describing/Measuring Risk

The risk concept has been defined above. However, this concept does not give us a tool for assessing and managing risk. For this purpose we must have a way of describing or measuring risk, and the issue is how.

As we have seen, risk has two main dimensions, consequences and uncertainty, and a risk description is obtained by specifying the consequences and using a description (measure) of the uncertainty, . The most common tool is probability , but others exist and these also will be given due attention in the book. Specifying the consequences means identifying a set of quantities of interest that represent the consequences , for example, the number of fatalities.

Now, depending on the principles laid down for specifying and the choice of , we obtain different perspectives on how to describe/measure risk. As a general description of risk we can write

(1.6)

where is the background knowledge (models and data used, assumptions made, etc.) that and the specification are based on, see Figure 1.3. On the basis of the relation between vulnerability and risk previously introduced, the vulnerability given an event is analogously described by .

1.1.3 Examples

1.1.3.1 Offshore Oil and Gas Installation

Consider the future operation of an offshore installation for oil and gas processing. We all agree that there is some “risk” associated with this operation. For example, fires and explosions could occur leading to fatalities, oil spills, economic losses, and so on. Today we do not know if these events will occur and what the specific consequences will be: we are faced with uncertainties and, thus, risk. Risk is two dimensional, comprising events and consequences, and associated uncertainties (i.e., the events and consequences being unknown, the occurrences of the events are not known and the consequences are not known).

When performing a risk assessment we describe and/or quantify risk, that is, we specify . For this purpose we need quantities representing and a measure of uncertainty; for the latter, probability is introduced. Then, in the example discussed, is represented by the number of fatalities, , and the background knowledge covers a number of assumptions that the assessment is based on, for example, related to the number of people working on the installation, as well as the models and data used for quantification of the accident probabilities and consequences. On this basis, several risk indices or metrics are defined, such as the expected number of fatalities (e.g., potential loss of lives, PLL, typically defined for a one-year period) and the fatal accident rate (FAR, associated with 100 million exposed hours), the probability that a specific person will be killed in an accident (individual risk, IR), and frequency–consequence (f–n) curves expressing the expected number of accidents (frequency ) with at least n fatalities.

1.1.3.2 Health Risk

Consider a person's life and focus on the condition of his/her health. Suppose that the person is 40 years old and we are concerned about the “health risk” for this person for a predetermined period of time or for the rest of his/her life. The consequences of interest in this case arise from “scenarios” of possible specific diseases (known or unknown types) and other illnesses, their times of development, and their effects on the person (will he/she die, suffer, etc.).

To describe risk in this case we introduce the frequentist probability that the person gets a specific disease (interpreted as the fraction of persons that get the disease in an infinite population of “similar persons”), and use data from a sample of “similar persons” to infer an estimate of . The probability can be considered a parameter of a binomial probability model.

For the consequent characterization, , we look at the occurrence or not of a disease for the specific person considered, and the time of occurrence of the disease, if it occurs. In addition, we have introduced a probability model with a parameter and this also should be viewed as a quantity of interest . We seek to determine , but there are uncertainties about and we may use confidence intervals to describe this uncertainty, that is, to describe the stochastic variation in the data.

The uncertainty measure in this case is limited to frequentist probabilities. It is based on a traditional statistical approach. Alternatively, we could have used a Bayesian analysis based on subjective (judgmental, knowledge-based) probabilities (we will return to the meaning of these probabilities in Chapter 2). The uncertainty description in this case may include a probability distribution of , for example, expressed by the cumulative distribution function . Using to measure the uncertainties (i.e., ), we obtain a risk description , where is a part of . From the distribution we can derive the unconditional probability (more precisely, ) of the event A that the person gets the disease, by conditioning on the true value of (see also Section 2.4):

(1.7)

This probability is a subjective probability, based on the probability distribution of the frequentist probability . We see that is given by the center of gravity (the expected value) of the distribution .

Alternatively, we could have made a direct subjective probability assignment for , without introducing the probability model and the parameter .

1.2 Probabilistic Risk Assessment

Since the mid-1970s, the framework of probability theory has been the basis for the analytic process of risk assessment (NRC, 1975); see the reviews by Rechard (1999, 2000). A probabilistic risk assessment (PRA) systematizes the knowledge and uncertainties about the phenomena studied: what are the possible hazards and threats, their causes and consequences? The knowledge and uncertainties are characterized and described using various probability-based metrics, as illustrated in Section 1.1.3; see also Jonkman, van Gelder, and Vrijling (2003) for a comprehensive overview of risk metrics (indices) for loss of life and economic damage. Additional examples will be provided in Chapter 3, in association with some of the detailed modeling and tools typical of PRA.

A total PRA for a system comprises the following stages:

PRA methodology is nowadays used extensively in industries such as nuclear power generation (e.g., Vesely and Apostolakis, 1999; Apostolakis, 2004), offshore petroleum activities (e.g., Falck, Skramstad, and Berg, 2000; Vinnem, 2007), and air transport (e.g., Netjasov and Janic, 2008).

The current default approach to a comprehensive quantitative PRA is based on the so-called set of triplets definition of risk, introduced by Kaplan and Garrick (1981); see also Kaplan (1992, 1997). In this approach, risk is defined as the combination of possible scenarios , resulting consequences , and the associated likelihoods . Loosely speaking: What can happen (go wrong)? How likely is it? What are the consequences? Within this conceptual framework, three main likelihood settings are often defined (Kaplan, 1997): repetitive situation with known frequency (, where is a known frequentist probability), unique situation (, where is a subjective probability), and repetitive situation with unknown frequency (, where is a subjective probability distribution on an unknown/uncertain frequentist probability ). Of course, the first case is a special case of the third. The last-mentioned setting is typically dealt with using the so-called probability of frequency approach, where all potentially occurring events involved are assumed to have uncertain frequency probabilities of occurrence, and the epistemic uncertainties about the true values of frequency probabilities are described using subjective probabilities. For the sake of simplicity, in the following we will often use the short term “frequency” instead of “frequentist probability.”

The probability of frequency approach is in line with the standard Bayesian approach (Aven, 2012a) as will be described below. It is also considered “the most general and by far the most powerful and useful idea” by Kaplan (1997, p. 409), and corresponds to the highest level of sophistication in the treatment of uncertainties in risk analysis according to the classification by Paté-Cornell (1996).

In this book, however, we adopt a broader perspective of risk by which the set of triplets is not risk per se but a risk description. In this view, the outcome of a risk assessment is a list of scenarios quantified in terms of probabilities and consequences, which collectively describe the risk. As we will thoroughly discuss throughout the book, this risk description will be shown to be more or less adequate for describing the risk and uncertainties in different situations.

Numerous textbooks deal with methods and models for PRA, for example, Andrews and Moss (2002), Aven (2008), Cox (2002), Vinnem (2007), Vose (2008), and Zio (2007, 2009). Some also deal specifically with foundational issues, in particular with the concepts of uncertainty and probability, for example, Aven (2012a), Bedford and Cooke (2001), and Singpurwalla (2006).

In spite of the maturity reached by the methodologies used in PRA, a number of new and improved methods have been developed in recent years to meet the needs of the analysis brought about by the increasing complexity of the systems and processes studied, and to respond to the introduction of new technological systems. Many of the methods introduced allow for increased levels of detail and precision in the modeling of phenomena and processes within an integrated framework of analysis covering physical phenomena, human and organizational factors, and software dynamics (e.g., Mohaghegh, Kazemi, and Mosleh, 2009). Other methods are devoted to the improved representation and assessment of risk and uncertainty. Examples of more recently developed methods are Bayesian belief networks, binary digit diagrams, multi-state reliability analysis, and advanced Monte Carlo simulation tools. For a summary and discussion of some of these models and techniques, see Bedford and Cooke (2001) and Zio (2009).

The probabilistic analysis underpinning PRA is based on one or the other of two alternative conceptual foundations: the traditional frequentist approach and the Bayesian approach (Bedford and Cooke, 2001; Aven, 2012a). The former is typically applied in situations in which there exists a large amount of relevant data; it is founded on well-known principles of statistical inference, the use of probability models, the interpretation of probabilities as relative frequencies, point estimates, confidence interval estimation, and hypothesis testing.

By contrast, the Bayesian approach is based on the concept of subjective (judgmental, knowledge-based) probabilities and is applied in situations in which there exists only a limited amount of data (e.g., Guikema and Paté-Cornell, 2004). The idea is to first establish probability models that adequately represent the aleatory uncertainties, that is, the inherent variability of the phenomena studied, such as the distribution of lifetimes of a type of system. The epistemic uncertainties, reflecting incomplete knowledge or lack of knowledge about the values of the parameters of the models, are then represented by prior subjective probability distributions. When new data on the phenomena studied becomes available, Bayes' formula is used to update the representation of the epistemic uncertainties in terms of the posterior distributions. Finally, the predictive distributions of the quantities of interest – the observables (e.g., the lifetime of new systems) – are derived by applying the law of total probability. The predictive distributions are epistemic statements, but they also reflect the inherent variability of the phenomena being studied, that is, the aleatory uncertainties.

1.3 Use of Risk Assessment: The Risk Management and Decision-Making Context

Risk management can be defined as the coordinated activities to direct and control an organization with regard to risk (ISO, 2009). As illustrated in Figure 1.4, the main central steps of the risk management process are: establishment of the context, risk assessment, and risk treatment. Context here refer to the internal and external environment of the organization, the interface of these environments, the purpose of the risk management activity, and suitable risk criteria. Risk treatment is the process of modifying risk, which may involve avoiding, modifying, sharing or retaining risk (ISO, 2009).

Note that, according to ISO (2009), source (hazard/threat/opportunity) identification is not included as part of risk analysis. Many analysts and researchers do prefer, however, to include this element in the definition of the scope of risk analysis, in addition to cause and consequence analysis and risk description; see, for example, Modarres, Kamiskiy, and Krivtsov (1999) and Aven (2008).

There are different perspectives on how to use risk assessment and uncertainty analysis in risk management and decision making. Strict adherence to expected utility theory, cost–benefit analysis, stochastic optimization, and related theories would give clear recommendations on what is the optimal arrangement or measure. However, most risk researchers and risk analysts would see risk and uncertainty assessments as decision support tools, in the sense that the assessments inform the decision makers. The decision making is risk informed, not risk based (Apostolakis, 2004). In general, there is a significant leap from the assessments to the decision, see Figure 1.5. What this leap (often referred to as management review and judgment, or risk evaluation) comprises is a subject being discussed in the literature (e.g., Renn, 2005; Aven and Renn, 2010; Aven and Vinnem, 2007). The management review and judgment is about giving weight to the cautionary and precautionary policies and risk perception, as well as other concerns/attributes than risk and uncertainties. The scope and boundaries of risk and uncertainty assessments define to a large extent the content of the review and judgment, as we will discuss in Section 1.4.

Similar ideas are reflected in many risk assessment frameworks, for example, the analytic–deliberative process recommended by the US National Research Council (1996, 2008) in environmental restoration decisions involving multiple stakeholders.

The relevance of the management and decision-making side of the problem is further demonstrated by the increasing research efforts being conducted to integrate decision-making and uncertainty characterizations that extend beyond the traditional probability-based representations. An example is the theory of robust decision making, supported by fairly recent advancements in robust optimization (Ben-Tal and Nemirovski, 2002; Beyes and Sendhoff, 2007), aimed at finding optimal decisions under specified ranges of the uncertain model parameters.

In this book we will present and discuss various ways of representing and characterizing the uncertainties in risk assessment. The key question addressed is how to best express risk and represent the associated uncertainties to meet the decision makers' and other relevant stakeholders' needs, in the typical settings of risk assessment of complex systems with limited knowledge of the behavior of these systems. The principal driver is the decision-making process and the need to inform and facilitate this process with representative information derived from the risk assessment.

Hence, the book addresses, for example, the issue of how to present the results from risk and uncertainty assessments to decision makers, but not the decision making itself. We make a sharp distinction between risk/uncertainty representation and characterization on the one hand, and risk/uncertainty management and related decision making on the other.

1.4 Treatment of Uncertainties in Risk Assessments

When speaking about uncertainties in risk assessments most analysts would think about the uncertainties related to parameters in probability models, such as the frequentist probability in the second example in Section 1.1.3. Following the traditional statistical approach, the uncertainties are expressed using confidence intervals or according to the Bayesian approach, where subjective (judgmental, knowledge-based) probabilities are used to express the epistemic uncertainties about the parameters. This type of uncertainty analysis is an integrated part of risk assessment.

However, uncertainty analysis also exists independently of risk assessment (Morgan and Henrion, 1990). Formally, uncertainty analysis refers to the determination of the uncertainty associated with the results of an analysis that derives from uncertainty related to the input to the analysis (including the methods and models used in the analysis) (Helton et al., 2006).

We may illustrate the ideas of uncertainty analysis by introducing a model , which depends on the input quantities and on the function . The quantity of interest, , is computed by using the model . The uncertainty analysis of requires an assessment of the uncertainties about and their propagation through the model to produce an assessment of the uncertainties concerning , see Figure 1.6. Uncertainty related to the model structure , that is, uncertainty about the error , is typically treated separately (Devooght, 1998; Zio and Apostolakis, 1996; Baraldi and Zio, 2010). In fact, while the impact of uncertainties associated with has been widely investigated and many sophisticated methods have been developed to deal with it, research is still ongoing to obtain effective and agreed methods to handle the uncertainty related to the model structure (Parry and Drouin, 2009). For a broad sample of methods and ideas concerning model uncertainty, see Mosleh et al. (1994). Overall frameworks for uncertainty analysis and management have been developed based on the elements and as indicated above; see, for example, de Rocquigny, Devictor, and Tarantola (2008), Helton et al. (2006), and Aven (2010a).

These frameworks also applies to risk assessment. Then could for example be some high-level event of interest, such as a blowout in an offshore QRA setting or a core meltdown in a nuclear PRA setting, and could be the set of low-level events which through various combinations could lead to the occurrence of the high-level event.

The quantities and could also be frequentist probabilities representing fractions in a large (in theory, infinite) population of similar items, that is, parameters of probability models. Think of the frequentist probability