Risk-based methodology for parameter calibration of a reservoir flood control model

Flash floods are of major relevance in natural disaster management in the Mediterranean region. In many cases, the damaging effects of flash floods can be mitigated by adequate management of flood control reservoirs. This requires the development of suitable models for optimal operation of reservoirs. A probabilistic methodology for calibrating the parameters of a reservoir flood control model (RFCM) that takes into account the stochastic variability of flood events is presented. This study addresses the crucial problem of operating reservoirs during flood events, considering downstream river damages and dam failure risk as conflicting operation criteria. These two criteria are aggregated into a single objective of total expected damages from both the maximum released flows and stored volumes (overall risk index). For each selected parameter set the RFCM is run under a wide range of hydrologic loads (determined through Monte Carlo simulation). The optimal parameter set is obtained through the overall risk index (balanced solution) and then compared with other solutions of the Pareto front. The proposed methodology is implemented at three different reservoirs in the southeast of Spain. The results obtained show that the balanced solution offers a good compromise between the two main objectives of reservoir flood control management

Desarrollos metodológicos y aplicaciones hacia el cálculo de la peligrosidad sísmica en el ecuador continental y estudio de riesgo sísmico en la ciudad de Quito

En el presente trabajo de tesis se desarrolla, en primer lugar, un estudio de peligrosidad sísmica en Ecuador continental, siguiendo una metodología probabilista zonificada. El estudio se plantea a escala regional y presenta como principales aportaciones: 1) la elaboración de un Estado del Arte sobre Tectónica y Geología de Ecuador, concluyendo con la identificación de las principales fuentes sísmicas; 2) La confección de un Catálogo Sísmico de proyecto, recopilando información de distintas agencias, que ha sido homogeneizado a magnitud momento, Mw, depurado de réplicas y premonitores y corregido por la falta de completitud para la estimación de tasas en diferentes rangos de magnitud; 3) la propuesta de un nueva zonificación sísmica, definiendo las zonas sismogenéticas en tres regímenes tectónicos: cortical, subducción interfase y subducción in-slab; 4) la caracterización sísmica de cada zona estimando los parámetros de recurrencia y Magnitud Máxima (Mmax), considerando para este último parámetro una distribución de valores posibles en función de la sismicidad y tectónica, tras un exhaustivo análisis de los datos existentes; 5) la generación de mapas de peligrosidad sísmica de Ecuador continental en términos de aceleración pico (PGA) y espectral SA (T= 1s) , en ambos casos para periodos de retorno (PR) de 475, 975 y 2475 años; 6) La estimación de espectros de peligrosidad uniforme (UHS) y sismos de control mediante desagregación de la peligrosidad, para PR de 475 y 2475 años en 4 capitales de provincia: Quito, Esmeraldas, Guayaquil y Loja. Una segunda parte del trabajo se destina al cálculo del riesgo sísmico en el Barrio Mariscal Sucre de Quito, lo que supone incidir ya a una escala municipal. Como principales contribuciones de este trabajo se destacan: 1) definición del escenario sísmico que más contribuye a la peligrosidad en Quito, que actuará como input de cálculo del riesgo; 2) caracterización de la acción sísmica asociada a ese escenario, incluyendo resultados de microzonación y efecto local en la zona de estudio; 3) Elaboración de una Base de Datos partiendo de información catastral e identificación de las tipologías dominantes; 4) Asignación de clases de vulnerabilidad y obtención de porcentajes de daño esperado en cada clase ante la acción sísmica definida previamente, con la consiguiente representación de mapas de vulnerabilidad y daño; 5) mapas de indicadores globales del riesgo sísmico; 6) Base de datos georreferenciada con toda la información generada en el estudio. Cabe destacar que el trabajo, aunque no formula nuevos métodos, si plantea una metodología integral de cálculo del riesgo sísmico, incorporando avances en cada fase abordada, desde la estimación de la peligrosidad o la definición de escenarios sísmicos con carácter hibrido (probabilista-determinista), hasta la asignación de vulnerabilidades y estimación de escenarios de daño. Esta tesis trata de presentar contribuciones hacia el mejor conocimiento de la peligrosidad sísmica en Ecuador y el riesgo sísmico en Quito, siendo uno de los primeros estudios de tesis que se desarrolla sobre estos temas en el país. El trabajo puede servir de ejemplo y punto de partida para estudios futuros; además de ser replicable en otras ciudades y municipios de Ecuador. -------------------- ABSTRACT: ------------------ This thesis first develops a study of seismic hazard in mainland Ecuador, following a zoned, probabilistic methodology. The study considers a regional scale and presents as main contributions: 1) The development of a State of Art on the Tectonics and Geology of Ecuador, concluding with the identification of the main seismic sources; 2) The creation of a Seismic Catalog project, collecting information from different agencies, which has been homogenized to Moment magnitude, Mw, purged from aftershocks and premonitories and corrected for the lack of completeness to estimate rates in different maggnitude ranges; 3) The proposal of a new seismic zoning, defining the seismogenic zones in three tectonic regimes: cortical, subduction interface and subduction in-slab; 4) The seismic characterization of each zone, estimating the parameters of recurrence and Maximum Magnitude (Mmax), considering the latter as a distribution of possible values, depending on the seismicity and tectonics, and after a thorough analysis of the existing data; 5) Seismic hazard maps of continental Ecuador in terms of peak ground acceleration (PGA) and spectral SA(T=1), and return periods (PR) of 475, 975 and 2475 years; 6) Uniform hazard spectra (UHS) and control earthquakes obtained by hazard disaggregation, for PR 475 and 2475 years in four provincial capitals: Quito, Esmeraldas, Guayaquil and Loja. The second section focuses on the calculation of seismic risk in the Quito Mariscal Sucre parish, which is already supposed to be influencing at a municipal level. The main contributions here are the: 1) Definition of the seismic scenario that contributes most to the hazard in Quito, which acts as an input in the risk calculation; 2) Characterization of the seismic action associated with that scenario, including results of micro-zoning and local effect in the study area; 3) Development of a database, based on cadastral data and identification of key typologies; 4) Allocation of vulnerability classes and obtaining percentages of damage expected in each class faced with the seismic action previously defined, with the consequent representation of maps of vulnerability and damage; 5) Global maps of seismic risk indicators; 6) Geo-referenced database with all the information generated in the study. It should be noted that although new methods are not prescribed, this study does set a comprehensive methodology for the calculation of seismic risk, incorporating advances in each phase approached, from the hazard estimation, or definition of seismic scenarios applying a hybrid (deterministic-probabilistic) method, to the allocation of vulnerabilities and estimation of damage scenarios. This thesis aims to present contributions leading to a better understanding of seismic hazard in Ecuador and seismic risk in Quito, and is one of the first studies in the country to develop such themes. This study can serve as an example and starting point for future studies, which could replicate this methodology in other cities and municipalities.

Efficient algorithms for dynamic probabilistic safety assessment. An application to convex damage domain.

The design of nuclear power plant has to follow a number of regulations aimed at limiting the risks inherent in this type of installation. The goal is to prevent and to limit the consequences of any possible incident that might threaten the public or the environment. To verify that the safety requirements are met a safety assessment process is followed. Safety analysis is as key component of a safety assessment, which incorporates both probabilistic and deterministic approaches. The deterministic approach attempts to ensure that the various situations, and in particular accidents, that are considered to be plausible, have been taken into account, and that the monitoring systems and engineered safety and safeguard systems will be capable of ensuring the safety goals. On the other hand, probabilistic safety analysis tries to demonstrate that the safety requirements are met for potential accidents both within and beyond the design basis, thus identifying vulnerabilities not necessarily accessible through deterministic safety analysis alone. Probabilistic safety assessment (PSA) methodology is widely used in the nuclear industry and is especially effective in comprehensive assessment of the measures needed to prevent accidents with small probability but severe consequences. Still, the trend towards a risk informed regulation (RIR) demanded a more extended use of risk assessment techniques with a significant need to further extend PSA’s scope and quality. Here is where the theory of stimulated dynamics (TSD) intervenes, as it is the mathematical foundation of the integrated safety assessment (ISA) methodology developed by the CSN(Consejo de Seguridad Nuclear) branch of Modelling and Simulation (MOSI). Such methodology attempts to extend classical PSA including accident dynamic analysis, an assessment of the damage associated to the transients and a computation of the damage frequency. The application of this ISA methodology requires a computational framework called SCAIS (Simulation Code System for Integrated Safety Assessment). SCAIS provides accident dynamic analysis support through simulation of nuclear accident sequences and operating procedures. Furthermore, it includes probabilistic quantification of fault trees and sequences; and integration and statistic treatment of risk metrics. SCAIS comprehensively implies an intensive use of code coupling techniques to join typical thermal hydraulic analysis, severe accident and probability calculation codes. The integration of accident simulation in the risk assessment process and thus requiring the use of complex nuclear plant models is what makes it so powerful, yet at the cost of an enormous increase in complexity. As the complexity of the process is primarily focused on such accident simulation codes, the question of whether it is possible to reduce the number of required simulation arises, which will be the focus of the present work. This document presents the work done on the investigation of more efficient techniques applied to the process of risk assessment inside the mentioned ISA methodology. Therefore such techniques will have the primary goal of decreasing the number of simulation needed for an adequate estimation of the damage probability. As the methodology and tools are relatively recent, there is not much work done inside this line of investigation, making it a quite difficult but necessary task, and because of time limitations the scope of the work had to be reduced. Therefore, some assumptions were made to work in simplified scenarios best suited for an initial approximation to the problem. The following section tries to explain in detail the process followed to design and test the developed techniques. Then, the next section introduces the general concepts and formulae of the TSD theory which are at the core of the risk assessment process. Afterwards a description of the simulation framework requirements and design is given. Followed by an introduction to the developed techniques, giving full detail of its mathematical background and its procedures. Later, the test case used is described and result from the application of the techniques is shown. Finally the conclusions are presented and future lines of work are exposed.

Approximate Relational Reasoning for Probabilistic Programs

La seguridad verificada es una metodología para demostrar propiedades de seguridad de los sistemas informáticos que se destaca por las altas garantías de corrección que provee. Los sistemas informáticos se modelan como programas probabilísticos y para probar que verifican una determinada propiedad de seguridad se utilizan técnicas rigurosas basadas en modelos matemáticos de los programas. En particular, la seguridad verificada promueve el uso de demostradores de teoremas interactivos o automáticos para construir demostraciones completamente formales cuya corrección es certificada mecánicamente (por ordenador). La seguridad verificada demostró ser una técnica muy efectiva para razonar sobre diversas nociones de seguridad en el área de criptografía. Sin embargo, no ha podido cubrir un importante conjunto de nociones de seguridad “aproximada”. La característica distintiva de estas nociones de seguridad es que se expresan como una condición de “similitud” entre las distribuciones de salida de dos programas probabilísticos y esta similitud se cuantifica usando alguna noción de distancia entre distribuciones de probabilidad. Este conjunto incluye destacadas nociones de seguridad de diversas áreas como la minería de datos privados, el análisis de flujo de información y la criptografía. Ejemplos representativos de estas nociones de seguridad son la indiferenciabilidad, que permite reemplazar un componente idealizado de un sistema por una implementación concreta (sin alterar significativamente sus propiedades de seguridad), o la privacidad diferencial, una noción de privacidad que ha recibido mucha atención en los últimos años y tiene como objetivo evitar la publicación datos confidenciales en la minería de datos. La falta de técnicas rigurosas que permitan verificar formalmente este tipo de propiedades constituye un notable problema abierto que tiene que ser abordado. En esta tesis introducimos varias lógicas de programa quantitativas para razonar sobre esta clase de propiedades de seguridad. Nuestra principal contribución teórica es una versión quantitativa de una lógica de Hoare relacional para programas probabilísticos. Las pruebas de correción de estas lógicas son completamente formalizadas en el asistente de pruebas Coq. Desarrollamos, además, una herramienta para razonar sobre propiedades de programas a través de estas lógicas extendiendo CertiCrypt, un framework para verificar pruebas de criptografía en Coq. Confirmamos la efectividad y aplicabilidad de nuestra metodología construyendo pruebas certificadas por ordendor de varios sistemas cuyo análisis estaba fuera del alcance de la seguridad verificada. Esto incluye, entre otros, una meta-construcción para diseñar funciones de hash “seguras” sobre curvas elípticas y algoritmos diferencialmente privados para varios problemas de optimización combinatoria de la literatura reciente. ABSTRACT The verified security methodology is an emerging approach to build high assurance proofs about security properties of computer systems. Computer systems are modeled as probabilistic programs and one relies on rigorous program semantics techniques to prove that they comply with a given security goal. In particular, it advocates the use of interactive theorem provers or automated provers to build fully formal machine-checked versions of these security proofs. The verified security methodology has proved successful in modeling and reasoning about several standard security notions in the area of cryptography. However, it has fallen short of covering an important class of approximate, quantitative security notions. The distinguishing characteristic of this class of security notions is that they are stated as a “similarity” condition between the output distributions of two probabilistic programs, and this similarity is quantified using some notion of distance between probability distributions. This class comprises prominent security notions from multiple areas such as private data analysis, information flow analysis and cryptography. These include, for instance, indifferentiability, which enables securely replacing an idealized component of system with a concrete implementation, and differential privacy, a notion of privacy-preserving data mining that has received a great deal of attention in the last few years. The lack of rigorous techniques for verifying these properties is thus an important problem that needs to be addressed. In this dissertation we introduce several quantitative program logics to reason about this class of security notions. Our main theoretical contribution is, in particular, a quantitative variant of a full-fledged relational Hoare logic for probabilistic programs. The soundness of these logics is fully formalized in the Coq proof-assistant and tool support is also available through an extension of CertiCrypt, a framework to verify cryptographic proofs in Coq. We validate the applicability of our approach by building fully machine-checked proofs for several systems that were out of the reach of the verified security methodology. These comprise, among others, a construction to build “safe” hash functions into elliptic curves and differentially private algorithms for several combinatorial optimization problems from the recent literature.

Probabilistic approach for longitudinal ventilation system design in fire situations

The main objective of ventilation systems in tunnels is to reach the highest possible safety level both in service and fire situation; being the fire one, the most relevant when designing the system. When designing a longitudinal ventilation system, the methodology to evaluate the capacity of the system is similar both in service and fire situation, with the exception of the chimney effect and the phenomena of thermal transfer which is responsible or the changes in the density of the air. When facing the dimensioning task for longitudinal ventilated tunnels, although similar methodologies are used in different countries, specific hypothesis (aerodynamic, thermal properties, traffic) even if discussed in the literature or current practice, are not usually detailed in the regulations or recommendations. The aim of this paper is to propose a probabilistic approach to the problem which would allow the designer, and the tunnel owner, to understand the uncertainty and sensibility adopted in the results and, eventually, identify possible ways of optimizing the ventilation solution to be adopted.