Tomorrow’s World: The future of risk and safety management
There’s a Chinese proverb that asserts, “Consider the past and you shall know the future”. For a profession that applies this mantra on a day-to-day basis to identify and prevent the myriad ways an activity or facility could cause harm, you might imagine that predicting our own future would be straightforward enough. However, the scale of complexity and uncertainty quickly reduces the problem to one of speculation rather than science and engineering. So then, speculating, what does the future hold for the coming 20 years?
Three key technological themes emerging from the last 20 years are:
- A gradual acceleration of climate action, with the associated development of new technologies requiring risk and safety management support.
- A much increased capacity for data storage and analysis, allowing more sophisticated and comprehensive risk and safety assessment.
- Greater connectivity, integration and mobility of information and control systems.
Against this background, it is interesting to speculate what risk and safety professionals will be doing in 20 years’ time.
As new technologies continue to emerge and develop, tried and tested methods of risk and safety assessment will no doubt be applied or adapted. The mainstays of HAZOP or FMEA, for example, can be applied to most engineering solutions, whether it’s carbon capture, hydrogen generation or small modular reactors.
There will, however, be areas where new approaches or tools will need to be developed and validated, such as the assessment of AI safety, where AI (or machine learning) is used autonomously or semi-autonomously in settings where it could either cause or have to respond to hazards. Other concrete examples are hydrogen release consequence modelling, for which codes are much less mature than for hydrocarbon gases; and quantitative geological containment risk modelling for CO2 storage, for which methods are still being invented.
…AND NEW TECHNIQUES
As interesting are the benefits that new methods and new technology could bring. For instance, could emerging techniques in resilience modelling, such as petri nets (Google it!), provide further insights over and above conventional and well established reliability analysis approaches (such as reliability block diagrams and fault/event tree analysis)?
Will increasing processing power mean a leap forward in our ability to identify and assess hazards, such as:
- Automating HAZOPs
- Identifying rare accident sequences that arise from combinations of independent and dependent events
- Enhanced checking of available risk controls against the latest design and peer facilities
- Increasing the scope of failure datasets to improve reliability estimates.
Or, respectively in these four examples, will we be limited by our own ability to conceive of hazards and associated event combinations; or by our lack of patience in coding potentially applicable controls and failure data?
Could AI and machine learning extend our capacity in these respects; or are we in danger of entering ‘analysis hell’, tying ourselves up in ever more detailed assessments, and relying on black box technologies to supply the answer without questioning its validity? Whilst we should certainly embrace the potential for better, smarter and more cost-effective analysis, as today, the importance of risk-informed scoping and validation will remain.
The challenges involved are not just limited to practitioners. For novel technologies to be deployed, the regulatory landscape will need to evolve too, and with this public perceptions of risk and acceptability.
Proactive and balanced risk management acts as an enabler in the sense that it prevents accidents that would otherwise set back new technologies by years, while as importantly, not stifling innovation.
As computing power grows, we might also expect to be able to integrate tools and techniques to increase efficiency and utility. One idea that’s been touted for many years is the linking of the electronic design model to a risk model, so that as the design evolves so does the risk assessment (whether in the form of a bowtie or QRA, supported by consequence analysis). A logical extension to this idea is a risk monitor that is informed by real-time data from the facility in question – including health monitoring of equipment defects, availability and maintenance. Making sense of the sheer scale of data involved may well require machine learning.
Risk communication is another area where there is huge scope for development. In an age when we carry in our pockets a device more powerful than the 1997 Deep Blue supercomputer that beat chess grand master Gary Kasparov, it is surprising that the majority of risk communication still takes the form of written reports. There are emerging signs, however, of an appetite for more mobile and graphical risk communication, most recently seen in a tablet/mobile based bowtie application that facility personnel can browse.
But why stop there? Why not build in interactivity – to support and register training, maintenance, defect reporting and so on, and thereby provide a real time assessment of the health and availability of safety measures? One barrier is that such a solution requires integration with separate existing systems, which can only be overcome by standardising interfaces (or less practically, by fully integrating all systems).
The flip-side of greater integration and interfacing across systems is the greater vulnerability to cyberattack, a threat which has been growing exponentially recently, particularly with the transition to remote working. Not only is this a growth area for risk assessment in the future, but the future’s risk management tools will also need protecting from cyber agents. If a real-time risk monitor can be hacked, it could be subverted to indicate that the corresponding power or process plant should shut down to protect the workers or the public; worse, it could misdirect or misinform users, ultimately undermining and degrading safety.
Not only does the past provide insights into the future, it also serves to remind us how uncertain and unsighted predictions can be. That said, it’s intoxicating to speculate about how we might support the development of new technologies, or how future technologies might shape our profession. To paraphrase many (but most recently, business guru Peter Drucker), we leave you with this thought: The most reliable way to predict the future is to create it.
This article first appeared in RISKworld 40, issued November 2021.
Related consulting services:
Subscribe to Risktec publications
Please use this form to subscribe to RISKworld. You will also receive exclusive access to the Risktec Essentials series, plus notifications of new events and publications.