No risc no fun

If you look at the current international standards of ISO TC 197 or IEC 105 with the overall main topic "Safety in hydrogen technology", it is noticeable that almost every one of these standards requires right at the beginning and as a basis for all subsequent specifications that the manufacturer and or the operator has to carry out a risk assessment.

This applies to hydrogen generators using water electrolysis as well as to filling stations, storage facilities, means of transport, distribution stations, filling stations, fuel cell systems and other elements of the hydrogen value chain. As an example I quote here the standard ISO 19880-1: 2020: Gaseous hydrogen — Fuelling stations — Part 1: General requirements Clause 5.2: “Risk assessment is the overall process of risk identification, risk analysis, risk evaluation, and risk mitigation.”

Use of risk assessment may allow station owners and designers to flexibly define station specific mitigations that achieve an equal or better level of risk to those of prescriptive recommendations or to relax existing prescriptive mitigation measures as long as the total system risk remains below the selected tolerability threshold (risk acceptance criteria). A risk assessment shall be performed for the hydrogen fuelling station except when the stations comply with prescriptive regulations that address relevant risks. See standards such as ISO 31000, IEC 31010, and/or ISO 12100 for guidance in conducting risk assessment. The risk assessment should demonstrate that the mitigation measures employed are appropriate to achieve the desired level of risk of the station. It is recommended that the risk assessment carried out for the hydrogen fuelling station should be quantitative or semi-quantitative. For a better understanding, reference is also made to Annex A (informative) “Safety methodologies and risk assessment” and Annex B (informative) “Further guidance on risk management”.

We find a similar approach in the relatively new standards for non-electrical explosion protection of the IEC 80079-36ff series of standards. Here, too, the risk-based evaluation of the effectiveness of non-electrical ignition sources represents the central element of the safety concept. One can only welcome this shift from a pure deterministic setting of standards to a risk-based approach, as has been implemented in numerous standards for quite a long time.

However, in order to properly use such probability-based methods, one should know exactly how they work and where exactly their strengths and weaknesses lie. The first requirement is the use of a correct risk term. It can be defined roughly as follows: Risk is linked to people's mental and practical activities and their results. It refers to the intended, but above all the unintended, to the foreseeable, but above all to the unpredictable consequences of actions. The vagueness of target achievement is consciously accepted. Risk knowledge is then knowledge for dealing with precisely this vagueness.

In society, the concept of risk is largely emotional. According to Daniel Kahneman (Thinking fast and slow), people generally have problems with the consideration of coincidences and the theory of probability that goes with them. We all too readily reject the notion that much of what we see in life is random based. In business and technology, the concept of risk is largely rational. Unfortunately, scientists have not yet succeeded in making society sufficiently aware of their concept of risk. The scientific approach finds its equivalent in the famous risk formula: risk is equal to the weighted product of the probability of damage occurring and its extent. The risk formula is correct in principle, but because of the high complexity of risk perception and risk assessment, as well as because of the often insufficient empirical data calibration and weighting not easy!

The objectivity of the determined risk parameters is often lacking. Causal relationships are often context dependent. An example: safety-related parameters in explosion protection Often there is too little detailed knowledge, especially in the case of rare events. Model assumptions for the description are often unrealistic.

So you have to be very careful when using risk and probability-based methods, especially if you haven't used them that much before. In order to avoid dangerous misjudgments and decisions, you should first have sufficient methodological skills. To get it, this standards like the ISO 310100:2010: “Risc management: “Risk assessment procedures”, ISO 12100: 2010:”Safety of machinery -.General principles for design – risk assessment and risk reduction” and the Technical report ISO/TR 14121-2:2013: “Safety of machinery – part2: Practical guidance and examples of methods are very helpful.

Working in risk assessment teams with an appropriate mix of different relevant expertise and experience increases the objectivity of the results. A careful, comprehensive and unambiguous recording and communication of the assessment results help to increase the knowledge base from project to project.

Finally, I want to quote the famous American mathematic and biologist Anatol Rapoport who stated about the benefits and the limitations or dangers of quantifying risk assessment methods: "Undoubtedly, quantification is indispensable in some matters. But it becomes a trap when it is applied purely formally... Quantification becomes a distorted image when one combines benefit and harm - events who never had a precedent"