PHIL/ENGR 482
Ethics in Engineering: Chapter 7
Risk, Safety
and
Liability
An engineering responsibility
Codes of ethics require the engineer to
prevent exposure of the public to
unacceptable risks.
NSPE Code
 “hold paramount the safety, health and welfare of the
public” design to “accepted engineering standards”
 not “complete, sign, or seal plans and/or
specifications that are not of a design safe to the
public health and welfare in conformity with
accepted engineering standards”
 in “circumstances where the safety, health, property
or welfare of the public are endangered” engineers
must “notify their employer or client and such other
authority as may be appropriate”
Understanding and
managing risks



What is risk?
How do we design to reduce risks?
What are acceptable risks?
Risk
One definition of “risk” is:

“Exposure to the chance of injury or loss;
a hazardous or dangerous chance” *
This definition involves both


the probability of an event occurring
the consequences of the event
* Webster’s Dictionary
An engineering definition of risk
Risk  (probability of event)  (consequences)
 Example: When playing Russian Roulette, a
single bullet is loaded into a six-chambered
revolver. The chamber is spun and the trigger is
pulled. There is a random 1/6th chance that the
revolver will fire.
Risk = (1/6) x (Death)
Risk is inherent in engineering
 Engineering involves innovation which
necessarily has risk.
Examples:



Tacoma Narrows Bridge--collapse
Three Mile Island Power Plant--radiation
release
Concorde airliner--crash
Probabilities in
Independent Events
 Example: A coin is flipped three times.
What is the probability heads will show
three times in a row?
 Use an “event tree”
Heads
Trials
0.5
Tails
0.5
Heads
0.5
Tails
0.5
0.5
Tails
0.5
Heads
0.5
Probability = 0.5 x 0.5 x 0.5
= 0.53=0.125
Risk Assessment Example
 A nuclear reactor will “meltdown” if the
control rods fail and the cooling pump fails.
What is the probability of this occurring?
Risk Assessment
Problems with Event-Tree
Analysis:
assigned probabilities are
sometimes conjectural
cannot anticipate all failure modes:





pipe rupture,
pipe corrosion,
terrorist attack,
human error,
etc.
Management of risk in design
 Develop inherently low-risk designs
 Incorporate redundancy in design
 Design with appropriate Safety Factor
Failure load
Safety Factor 
Design load
 Allowable Stress Design (ASD)
 Load Factor Design (LFD)
 Probabilistic design methods (LRFD)
Safety Factors accommodate
uncertainties in...
Applied loads
Material strength
Simplified methods of analysis
Construction quality
Maintenance
etc...
Safety Factors also...
Reflect different consequences

Safety factors are higher for critical
infrastructure (fire stations, hospitals)
than for other facilities (warehouses)
Safety Factors in design
 An engineer working for Otis Elevators
determines that a fully loaded passenger
elevator will weigh 6450 lb. The elevator is
supported by a double-sheaved cable so that
the cable tension is 1/4 of the elevator weight.
The elevator is expected to experience
dynamic load factors of approximately 1.35.
The design code requires a safety factor of 7.6.
What cable diameter should the engineer
specify?
Safety Factors in design (cont’d)
Computedesign tension...
W * 1.35
T 
 2176 lb
4
Design Safety Factor  6.5
Factored tension  14,150 lb
 7.07 ton
Breaking strength for 6x19
wire rope...

R ope
D iam.
(in. )
3/8
1/2
5/8
3/4
7/8
1
Approx . Breaking
W t. St rengt h
(lb/ f t)
(tons )
0.236
6.71
0.42
11. 8
0.66
18. 3
0.95
26. 2
1.29
35. 4
1.68
46. 0
Safety Factors in design (cont’d)
Choosing 1/2-in. cable...
(118
. ton)(2000 lb / ton)
FS 
2176 lb
FS  10.8  6.5 ok.
Allowable Stress Design example
 Julio is designing a portable cylindrical
compressed air tank for use by motorists
with flat tires, based on the calculated hoop
stress...
pr
H 
t
Allowable Stress Design
example--(cont’d)
 He calculates that the design pressure (125 psi)
will cause the allowable stress (20,000 psi) in the
12 in. diameter steel tank if the wall thickness is
0.0375 in.
 He then increases the calculated wall thickness by
0.060 in. to allow for corrosion, and chooses the
next larger available thickness 0.105 in (12 ga).
Allowable Stress Design
example--(cont’d)
 The Factor of Safety of a new tank against exceeding
allowable stress is then…
(20,000psi)(0105
. in.) / (6in.)

FS 
 2.80
(125psi)
The factor of Safety of a corroded (0.045 in. wall
thickness) tank against yielding (36,000 psi) is...
(36,000psi)(0.045in.) / (6in.)

FS 
 216
.
(125psi)
Design difficulties...
 All failure modes must be anticipated and
evaluated...
 buckling
 fatigue
 corrosion
 fire
 Different failure modes have different risk
(uncertainty x consequence), so different FS may be
appropriate for each mode
Load Factor Design example
A steel link is being designed to carry a
1,000,000 lb load. What is the required
cross-sectional area?
Load Factor Design example, (cont’d)
“Ultimate Strength”
“Allowable Stress”
Safety factor against ultimate stress:
3.0 load factor (not typical value)
0.233 stress reduction factor (not typical)
FS= (3.0)/(0.233) =12.8
Probabilistic design philosophy
ex.--AASHTO Bridge Design Specs.
Load factors and resistance factors are
not fixed, but chosen in each design
based on the specifics of the instance.
Factors are determined in such a way
that the “probability of failure” of
each limit state (failure mode) is
maintained at some uniform value.
Cost-benefit risk assessment example
 The government is proposing legislation to limit
formaldehyde emissions to 3 ppm. Industry
estimates that to install and operate the necessary
scrubbers will cost $300 million annually.
Toxicologists estimate that this new standard will
save 30 lives annually. Using cost/benefit analysis,
should the new standard be implemented?
 Cost = $300 million/yr
 Benefit = (30 lives/yr)($?????/ life)
 What is the dollar value of human life?
What is the value of human life ?
Some methods to place a value on
human life



purchasing decisions involving safety
(e.g. car purchase)
future earnings
extra pay needed for risky jobs
(e.g. house painter vs. smokestack
painter)
Problems with using studies of purchasing
decisions to determine the value of life...
 wealthy people are willing to pay more
 people will pay 7 times more to reduce risk of cancer
than to reduce risk of death in an automobile
 decisions are based on perceptions (values)
 women value their lives more than men, i.e., men are
more willing to engage in risky behavior
 A 1984 study by Shualmit Kahn indicates that people
typically valued their lives at $8 million
(Note: this figure is higher than is typically used in
public policy analysis.)
Quantifying Risk: Example
 Suppose a toxicologist is asked to determine if
Compound X is a carcinogen at a loading of 5
mg/kg of human body weight. To answer this
definitively, the ideal experiment would have to
be performed as follows:


Have a control group of 100,000 humans consisting
of 1000 100-subject groups. They receive a placebo.
Have a test group of 100,000 humans consisting of
1000 100-subject groups. They receive a pill
containing the suspected carcinogen.
Quantifying Risk (cont’d.)
Wait 20 years.
Plot the data as histograms and
analyze.
For ethical reasons, a surrogate (e.g.
rat) would be used instead of
humans
More realistic test data might be...
 Because of cost constraints, a much smaller
group of rats would be tested.
 Suppose the test results are as follows:

Control:

Test:
Number of rats = 100
Number of cancer deaths = 12
Number of rats = 100
Number of cancer deaths = 14
 Question: How would the toxicologist know if
Compound X causes cancer in rats?
One solution...
 If we assume the binomial result (cancer--yes/no) is a random
normal variable, we can estimate the mean (1=np=12) and
the standard deviation (1=(npq)1/2=3.24) of the control
group.
 Likewise we can assume the exposed group is normal with a
mean (2=14) and a standard deviation (2=(npq)1/2=3.46).
 Then the standard deviation associated with the difference of
the two means is

 
d  


n
n
2 
 1
2
1
2
2
1/ 2
 0.475
One solution...
Applying the t-test, with a 95%
confidence level, we can say that the
increase in cancers is not random.
Specifically, we can say with a confidence
of 95% that the exposure will cause an
increase in cancer rates of 1.8% to 2.1%
(about 20,000 new cases for each million
persons exposed).
Implications...
 These are the possible outcomes to the question:
“Does Compound X cause cancer in rats?”
Reality
Test
Outcome
Yes
Yes True Pos
No False Neg
No
False Pos
True Neg
Public Policy Expert’s
Approach to Risk
 First priority is to protect the public.
 Consequences:


False Positive A chemical is banned as being
carcinogenic, when in reality it is not. The
producer loses potential profits from the sale of
this chemical.
False Negative A dangerous chemical is
approved as safe and sold to the general public.
The death rate from cancer increases.
Public policy expert approach
(cont’d).
 The public policy expert is not interested in
“scientific truth” per se. He prefers to err on the
“safe side”, i.e., protect the public from false
negatives.
 She presumes that the chemical is dangerous, and
places the burden on the manufacturer to prove the
chemical is safe.
 In a democracy, the government policy makers
respond to the public’s wishes. As a result, we tend
to allocate differing amounts of money to save lives
by different measures...
Allocation of Money
Layman’s approach to risk
Respect for Persons Approach
Key Issues:





is the risk distributed equitably?
are those assuming the risk compensated?
is the risk voluntary?
does the person assuming the risk understand
it?
does the person assuming the risk have
control?
Layman’s approach to risk...
 Laymen often overestimate low probability risks
 Willing to accept higher voluntary risks than
involuntary risks (by factor of 103)
 Laymen don’t compare a risk to already accepted
risks
 Laymen overestimate risks of human origin
compared to risks of natural origin
 Laymen’s approach more closely follows Respectfor- Persons approach than the Utilitarian
approaches used by many experts
An Acceptable Risk is one that is...
freely assumed with informed consent
equitably distributed
properly compensated
Informed Consent
 RP says we should treat people as “moral
agents” (autonomous, self-governing
individuals)…thus we should seek
“informed consent” before assigning risk
 Criteria for informed consent



consent must not be coerced*
person must be accurately informed*
person must be competent* to assess information
*there are possible conceptual and applications issues
to be resolved
Problems with informed consent
 difficulty getting informed consent



consent must be obtained before the risk is assumed
consent requires negotiation
holdouts or unreasonable preferences
 parties must be well informed and reasonable


people are often hysterical regarding dramatic or
catastrophic risk
people underestimate the consequences of risks that
have never happened before
When it isn’t possible to get
informed consent...
Only expose people to risks they would
consent to, if they were informed of all
known risks.
Or, ...
As an alternative to gaining consent
from everyone affected by the risk,
the group leaders can decide to
accept the risk for the group.
Problems with Informed Consent
(cont’d.)
Some people may give informed
consent to things that are not in their
interests, because of...



misunderstanding information
immaturity
irrationality
Such consent isn’t autonomous.
Problems with Informed Consent
(cont’d.)
If consent is not autonomous, then
you should find a way to make
consent autonomous.
Risk concepts--Example
 The electric power company proposes to build a
nuclear power plant near your neighborhood.
Given the newly deregulated electricity market,
the power probably will be sold out of state
because prices are higher there.
Risk concepts--Example (cont’d.)
 Is the risk voluntary?
 Does the person taking the risk understand
it?
 Does the person taking the risk have
control?
 Is the risk distributed equitably?
 Do those taking the risk get the rewards?
Informed Consent by Group
Leaders--Example
 The XYZ Chemical Company wants to build
a new plant in Smallville. The chemical plant
has a pollution effluent that may give one
citizen cancer every five years. However, the
plant will create 100 new jobs and a
substantial tax base for Smallville, which will
improve the local schools and hospital. The
XYZ Chemical Company asks the town
council for approval to build the plant in the
industrial park.
Informed Consent by Group
Leaders (cont’d.)
 Advantages:

simplifies decision-making process
 Problems:


How do we compensate those individuals who
suffer the consequences of the risk?
Approval of group leaders does not reflect the
wishes of all individuals
 Works okay for small risks, but large risks
may need individual consent
Paternalism
Paternalism: the exercise of power by
one person or institution over another
in order to help or prevent harm to the
latter, regardless of the latter's
expressed wishes.
Paternalism (cont’d)
 Commonly-accepted criterion for
acceptable paternalism:

A fully rational person informed of the
relevant facts would consent to
intervention in this case
 Paternalism often causes resentment.


Paternalism is permissible, if protected
person is not autonomous
but people will disagree over who is
autonomous.
The Engineer’s Liability for Risk
Often, in protecting the public from
unacceptable risk, engineers may incur
legal liabilities.
Different standards for tort law
and science...
 Tort (injury) law uses different standards
for risk and liability than we have been
discussing so far.
 An engineer might not feel confident that
action A had caused result B without strong
statistical evidence (ie., 95% confidence)
 Tort law requires proof by a
“preponderance” of evidence (ie., 51%)
An engineer’s ethical dilemma...
All engineering involves some risk
We must protect the public from
unacceptable risks
Protecting the public from all risks is
not in the public’s interests
We may be liable for injuries caused
when we misjudge the risks
For guidance...
“People should be protected from the harmful
effects of technology, especially when the
harms are not consented to or when they are
unjustly distributed, except that this protection
must sometimes be balanced against (1) our
need to preserve great and irreplaceable
benefits and (2) the limitations on our ability
to obtain informed consent.” Harris, et al.
Summary
 Be aware that experts tend to use a utilitarian
approach and the lay public tends to use a
respect-for-persons (RP) approach
 Utilitarian and RP approaches each have
their limitations
 It is difficult to quantify risk
 Peoples’ values differ regarding risk
 Promote informed consent within your limits
as an engineer
Summary (cont’d.)
 Some technologies provide valuable and
irreplaceable benefits, yet are inherently
risky (e.g. automobiles)
 Engineers should be paternalistic and
protect the public from harmful impacts of
technology if:



Consequences are severe
Consequences are unjustly distributed
Informed consent is not possible
Recommendations...
Work conscientiously, diligently, and
ethically.
Document your actions and decisions
in a Daily Log.
Liability insurance is commonly
purchased by design engineers. Costs
can be high, depending on the work
you do.