UNIT II – Engineers responsibility for safety:

Safety and Risks: The terms of safety and risk are inter-related. It is
amazing to know that what may be safe enough for one person may not be for
someone else. It is because of either different perception about what is safe or
different predispositions to harm.
For better understanding, let us explore safety and risk further.

Safety
According to William W Lowrance, the famous consultant of those times, Safety was
defined as “A thing is safe if its risks are judged to be acceptable.”
To be more clear on this, let us consider three cases.
1.Let the first case be where we seriously underestimate the risks of something. Buying
a non-brand electric dryer from a local market without any guarantee, may eventually
send us to a hospital with a severe electric shock or burn. While buying this dryer,
according to Lowrance definition, this is quite safe, as the risks are judged to be
acceptable.
2.Let the second case be where we grossly overestimate the risks of something. If we
suddenly know that the consumption of carbonated beverages like cola are the cause of
cancer for 5% of the world’s cancer patients, then we start worrying considering Cola as
a poisonous drink. So, in this case, according to Lowrance definition, the Cola becomes
unsafe the moment we judged the risks of using it to be unacceptable for us.
3.Let the third case be a situation wherein, a group makes no judgment at all about
whether the risks of a thing are acceptable or not. As defined by Lowrance, this is the
position where the thing is neither safe nor unsafe with respect to that group. Just like
using the products of certain brands are considered safe, while others are not where
nothing seems to differ.
Safety is frequently expressed in terms of degree and comparisons. The
words like fairly-safe and relatively-safe are used where an individual is
judged on the basis of settled values and it is further decided that the risks
of anything are more or less acceptable in comparison with the risks of the
other thing. For example, the consideration that roadtravel is safer than air-
travel.
Risk
Any work which might lead to harm us and is not considered safe, can be understood as
a risk. According to a popular definition, “A risk is the potential that something
unwanted and harmful may occur.” According to William D Rowe, potential for the
realization of unwanted consequences from impending events.
When it comes to technology, it can equally well include dangers of bodily harm, of
economic loss or of environmental degradation. These in turn can be caused by
delayed job completion, faulty products or systems or economically or
environmentally injurious solutions to technological problems

Acceptability of Risk
“a risk is acceptable when those affected are generally no longer apprehensive
about it”.
Let us have a better understanding on the acceptability of risks in our subsequent
sections.

Voluntarism and Control

In our daily life, we come across many such things where the scopes of risk might or
might not be low. The person who breaks a red signal, is prone to be a victim of an
accident, but risks. A person who lives near a dumping yard is prone to ill-health, but
neglects. A boy who rides a vehicle at a high speed cannot rely on the perfect
functioning of the brakes. But these people take voluntary risks thinking they can
control.

Job-related Risks
In some jobs where the workers are exposed to chemicals, radiations and poisonous
gases etc., they are not informed about the probable risks the workers would be facing,
in doing their jobs. These are such dangers where the toxic environments cannot
readily be seen, smelled, heard or sensed otherwise.
The workers at such places are simply bound to their work and what they are told to do.
The health condition of a person who gets affected under such environments cannot be
neglected because that will be the future condition of co-workers.

Risk and Cost:

2
 Risk benefit analysis: As per the famous saying, “A Ship in harbor is safe.
But that’s not what ships are built for” risk is somewhat common to be accepted.
The most common risk we all take is driving an automobile in a traffic. Though
we are not sure about the perfect functionality of the brake system and the
timings of other drivers’ responses, we take risk. The controlling factor appears to
be their perception of their individual ability to manage the risk-creating situation
people mostly calculate the ratios of risk to benefit, while accepting the risks. The risk to
benefit analysis is made depending on the types such as the ones mentioned below.
The risk to be occurred in future is completely known after it gets fully developed.
It is called as Real future risk.
If the idea of risk is developed using current data, such one is called as
Statistical risk.
The risk which is analytically based on system models structured from historical
studies is called as Projected risk.
The risk which is intuitively seen by individuals is called as Perceived risk.

testing methods for safety:

Risk Reduction
The risks we generally face can be reduced to a great extent by proper analysis with
steps. as mentioned below −
Define the Problem.
Generate Several Solutions.
Analyze each solution to determine the pros and cons of each.
Test the solutions.
Select the best solution.
Implement the chosen solution.
Analyze the risk in the chosen solution.
Try to solve or move to next solution.

Engineers Responsibility for Safety Social and Value

dimensions of Technology
- Technology Pessimism

3
 – The Perils of Technological Optimism
– The Promise of Technology: In this era of technology,
everything from sleek gadgets and AI to smart user interfaces
promise to help businesses streamline processes, increase the
number of happy clients and retain customers. However, the
million dollar question is — are these technologies fulfilling their
intended purpose?

five promise of technology

Speed: Take the example of a loan management system in a
financial services company. The usual customer journey would
involve meeting the first line of customer service who helps fill out
a form about the loan that s/he needs. Next, the credit of the
prospective client is checked to determine loan viability. The
finance team, which includes risk assessment, might eventually
flag the application if the customer does not have enough
collateral for the loan amount sought. If this real-world process is
simply replicated as a web-based application, it will create a
bottleneck because the number of people applying on it would
overwhelm the system very quickly. However, a more befitting
way to design it would be to implement machine learning to
manage the stage-by-stage progress of the loan application
through the system and to use human effort only to manage the
exceptions that the system throws up. The actions performed by
this human should also be used to reinforce the learning and
make the system better over time. The person is then best
imagined not just as a user of the system, but as a trainer who is
making the system smarter. Such a system will achieve true
speed for the organisation.

Scale: Technology-centered thinking would direct new

businesses to use the technology to scale up their businesses.

4
 For example, an e-commerce-first approach would help a
business scale without the obstacles faced by offline stores that
are typically capital intensive. Take the example of Urban Ladder,
the online furniture retailer that began with a user-friendly website
with a focused approach of 35 categories of furniture catering to
three cities in the first year. The results of this approach are there
for all to see. Potential customers wouldn’t have scaled up to
thousands and lakhs from a few hundred if the business hadn’t
chosen to take the e-commerce route first.

Spread: Technology instantly helps spread businesses from

one location to multiple ones. Besides geography, language
reaches through technology can help tap into potential customer
bases that would otherwise be impossible to reach. Voice-based
technologies developed by companies like Slang Labs, for
instance, help businesses tap into the market of regional
language users by offering a multilingual voice-based assistant
platform that can be integrated into apps. This can help level up
your business exponentially.
Smarts: With the proliferation of AI and it being made more
widely applicable in regular businesses through companies like
Prowler.io, technology has the ability to bring machine learning and
artificial intelligence to every business out there. It can help refine
and optimise processes within organisations and even predict what
users would do next. With this kind of intelligence at your disposal,
you can deliver superlative customer experiences, optimise your
inventory so you never run out of stock or maintain any excess and
even expand your business at a fraction of the cost and time it
would have normally taken.

5
and asynchrony: One of the great advantages of technology
is that it brings asynchrony in our communication and decision
making. Any system that doesn’t employ asynchrony at its core is
likely to be slower than others. Common examples of asynchronous
technologies are email and WhatsApp. These allow people living in
different time zones to discuss a subject and make a decision
without requiring all of them to be available at the same time. This
has brought incredible efficiency to communication and reduced the
time spent in making decisions drastically in any system that relies
on these types of asynchronous technologies.
– Computer Technology Privacy
What is privacy?
> privacy is the protection of an individual’s personal information
> privacy is the right and obligation oh individuals and organizations
with respect to collection use retention disclosure and disposal of
personal information
 Some Case Studies:
 Case Studies:
# BHOPAL Gas Tragedy
In the 1970s, the Indian government initiated policies to encourage
foreign companies to invest in local industry. Union Carbide
Corporation (UCC) was asked to build a plant for the manufacture of
Sevin, a pesticide commonly used throughout Asia. As part of the deal,
India's government insisted that a significant percentage of the
investment come from local shareholders. The government itself had a
22% stake in the company Union Carbide India Limited (UCIL) The
company built the plant in Bhopal because of its central location and
access to transport infrastructure. The specific site within the city was
zoned for light industrial and commercial use, not for hazardous
industry. The plant was initially approved only for formulation of
pesticides from component chemicals, such as MIC imported from the

6
 parent company, in relatively small quantities. However, pressure from
competition in the chemical industry led UCIL to implement "backward
integration" – the manufacture of raw materials and intermediate
products for formulation of the final product within one facility. This
was inherently a more sophisticated and hazardous process
In 1984, the plant was manufacturing Sevin at one quarter of its
production capacity due to decreased demand for pesticides. Widespread
crop failures and famine on the subcontinent in the 1980s led to increased
indebtedness and decreased capital for farmers to invest in pesticides.
Local managers were directed to close the plant and prepare it for sale in
July 1984 due to decreased profitability When no ready buyer was found,
UCIL made plans to dismantle key production units of the facility for
shipment to another developing country. In the meantime, the facility
continued to operate with safety equipment and procedures far below the
standards found in its sister plant in Institute, West Virginia. The local
government was aware of safety problems but was reticent to place heavy
industrial safety and pollution control burdens on the struggling industry
because it feared the economic effects of the loss of such a large employer
At 11.00 PM on December 2 1984, while most of the one million residents
of Bhopal slept, an operator at the plant noticed a small leak of methyl
isocyanate (MIC) gas and increasing pressure inside a storage tank. The
vent-gas scrubber, had been turned off three weeks prior . Apparently a
faulty valve had allowed one ton of water for cleaning internal pipes to mix
with forty tons of MIC . A 30 ton refrigeration unit that normally served as
a safety component to cool the MIC storage tank had been drained of its
coolant for use in another part of the plant . Pressure and heat from the
vigorous exothermic reaction in the tank continued to build. The gas flare
safety system was out of action and had been for three months. At around
1.00 AM, December 3, loud rumbling reverberated around the plant as a
safety valve gave way sending a plume of MIC gas into the early morning
air [4]. Within hours, the streets of Bhopal were littered with human
corpses and the carcasses of buffaloes, cows, dogs and birds. An estimated
3,800 people died immediately, mostly in the poor slum colony adjacent to
the UCC plant Local hospitals were soon overwhelmed with the injured, a
crisis further compounded by a lack of knowledge of exactly what gas was
involved and what its effects were. It became one of the worst chemical

7
 disasters in history and the name Bhopal became synonymous with
industrial catastrophe.

 Nuclear Power Plant Disasters: The Chernobyl disaster was nuclear

accident that occurred at Chernobyl Nuclear Power Plant on April 26, 1986. A
nuclear meltdown in one of the reactors caused a fire that sent a plume of
radioactive fallout that eventually spread all over Europe.
Chernobyl nuclear reactor plant, built at the banks of Pripyat river of Ukraine, had
four reactors, each capable of producing 1,000 MWs of electric power.
On the evening of April 25th 1986, a group of engineers, planned an electrical
engineering experiment on the Number 4 Reactor. With their little knowledge on
Nuclear physics, they thought of experimenting how long turbines would spin and
supply power to the main circulating pumps following a loss of main electrical power
supply.

What Led to the Disaster?

Let us now see what led to the disaster.
The reactor unit 4 was to be shut down for routine maintenance on 25 April 1986. But, it
was decided to take advantage of this shutdown to determine whether, in the event of a
loss of station power, the slowing turbine could provide enough electrical power to
operate the main core cooling water circulating pumps, until the diesel emergency
power supply became operative. The aim of this test was to determine whether cooling
of the core could continue in the event of a loss of power.
Due to the misconception that this experiment belongs to the non-nuclear part of the
power plant, it was carried out without a proper exchange of information between the
testing department and the safety department. Hence the test started with inadequate
safety precautions and the operating personnel were not alerted to the nuclear safety
implications of the electrical test and its potential danger.

The Experiment
According to the test planned, the Emergency Core Cooling System (ECCS) of the
reactor, which provides water for cooling the reactor core, was shut down deliberately.
For the test to be conducted, the reactor has to be stabilized at about 700-1000 MW
prior to shut down, but it fell down to 5000 MW due to some operational phenomenon.
Later, the operator working in the night shift committed an error, by inserting the reactor

8
control rods so far. This caused the reactor to go into a near-shutdown state, dropping
the power output to around 30 MW.
Since this low power was not sufficient to make the test and will make the reactor
unstable, it was decided to restore the power by extracting the control rods, which made
the power stabilize at 200 MW. This was actually a violation to safety law, due to the
positive void co-efficiency of the reactor. Positive void coefficient is the increasing
number of reactivity in a reactor that changes into steam. The test was decided to be
carried out at this power level.
Actually, the reactors were highly unstable at the low power level, primarily owing to the
control rod design and the positive void coefficient factors that accelerated nuclear
chain reaction and the power output if the reactors lost cooling water.
At 1:23, on April 26th 1986, the engineers continued with their experiment and shut down
the turbine engine to see if its inertial spinning would power the reactor’s water pumps.
In fact, it did not adequately power the water pumps and without the cooling water the
power level in the reactor got surged.
The water pumps started pumping water at a slower rate and they together with the
entry to the core of slightly warmer feed water, may have caused boiling (void
formation) at the bottom of the core. This, along with xenon burn out, might have
increased the power level at the core. The power level was then increased to 530 MW
and continued to rise. The fuel elements were ruptured and lead to steam generation,
which increased the positive void coefficient resulting in high power output.
The high power output alarmed the engineers who tried to insert all the 200 control
rods, which is a conventional procedure done in order to control the core temperature.
But these rods got blocked half the way, because of their graphite tip design. So, before
the control rods with their five-meter absorbent material, could penetrate the core, 200
graphite tips simultaneously entered the core which facilitated the reaction to increase,
causing an explosion that blew off the 1,000-ton heavy steel and concrete lid of the
reactor, consequently jamming the control rods, which were halfway down the reactor.
As the channel pipes begin to rupture, mass steam generation occurred as a result of
depressurization of the reactor cooling circuit.
As a result, two explosions were reported. The first one was the initial steam explosion.
Eventually, after two to three seconds, a second explosion took place, which could be
possibly from the build-up of hydrogen due to zirconium-steam reactions.
All the materials such as Fuel, Moderator and Structural materials were ejected, starting
a number of fires and the destroyed core was exposed to the atmosphere. In the
explosion and ensuing fire, more than 50 tons of radioactive material were released into
the atmosphere, where it was carried by air currents. This was 400 times to the amount
of radioactive materials released at the time of Hiroshima bombing.

9
Fatal Effects of the Disaster
The Chernobyl Nuclear Power Plant disaster in Ukraine, is the only accident in the
history of commercial nuclear power to cause fatalities from radiation.
There were many fatal effects due to the radiation released. A few of the effects are
listed below −
Two workers had died. One immediately got burnt to ashes after the accident,
while the other was declared dead at the hospital within few hours of admission.
28 emergency workers and staff died within 4 months of the accident due to the
thermal burns and the radiation effect on their bodies.
This accident created 7,000 cases of thyroid cancer.
Acute radiation syndrome (ARS) was diagnosed in 237 people, who were on-site
and involved in cleaning up
The land, air and ground water were all contaminated to a great extent.
The direct and indirect exposure to radiation led to many severe health problems
such as Downs Syndrome, Chromosomal Aberrations, Mutations, Leukemia,
Thyroid Cancer and Congenital Malfunctions, etc.
A number of plants and animal faced destruction as after-effect.

 Space Shuttle Challenger: The Space Shuttle Challenger, with a seven-

member crew was launched on the morning of 28th January 1986 from
Cape Canaveral, Florida (USA). The original launch for the 27th was
postponed. The temperature on that day was about -7 °C. This was the 10th
flight of the Space Shuttle Challenger.

73 seconds into the flight, it was believed that the solid boosters exploded
killing all the crew on-board and plunging the shuttle into the Atlantic
Ocean. Initial investigations reported that the O-ring between the solid
boosters failed due to the low temperatures on that day, eventually leading
to the breakage of the shuttle.

These O-rings were installed between the solid fuel segments Their
purpose was to prevent hot combustion gases and particles from escaping
the inside of the booster. For redundancy, two O-rings were installed. On

10
 the internal layer, a heat-resistant putty was added to further isolate the
rings from the hot gases.

 Three Mile Island Accident

accident in 1979 at the Three Mile Island nuclear power station
that was the most serious in the history of the American nuclear
power industry. The Three Mile Island power station was named
after the island on which it was situated in the Susquehanna
River near Harrisburg, Pa. At 4:00 AM on March 28, an
automatically operated valve in the Unit 2 reactor mistakenly
closed, shutting off the water supply to the main feedwater
system (the system that transfers heat from the water actually
circulating in the reactor core). This caused the reactor core to
shut down automatically, but a series of equipment and
instrument malfunctions, human errors in operating procedures,
and mistaken decisions in the ensuing hours led to a serious loss
of water coolant from the reactor core. As a result, the core was
partially exposed, and the zirconium cladding of its fuel reacted
with the surrounding superheated steam to form a large
accumulation of hydrogen gas, some of which escaped from the
core into the containment vessel of the reactor building. Very
little of this and other radioactive gases actually escaped into the
atmosphere, and they did not constitute a threat to the health of
the surrounding population. In the following days adequate
coolant water circulation in the core was restored.

11