Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
A-1Â Â Glossary of Terms Contents A-2 Summary A-2 Glossary of Terms and Page Number A-38 Bibliography A P P E N D I X A
A-2 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Summary The primary objectives of NCHRP Project 23-09, âScoping Study to Develop the Basis for a Highway Standard to Conduct an All-Hazards Risk and Resilience Analysis,â are to (1) develop a comprehensive and consistent set of risk and resilience terminology, and (2) develop a risk and resilience framework and formulate a research roadmap to develop a highway manual that supports quantitative all-hazard risk and resilience assessments for state and local DOTs. NCHRP Project 23-09, in its execution, will facilitate the communication of ideas garnered through literature review, surveys, and feedback from subject matter experts. The first step in this research is to develop a glossary of terms. This glossary merges the language surrounding all-hazards risk and resilience and brings together the multiple authoritative definitions for review as an industry. The intent is to evolve this glossary to reduce confusion and increase clarity toward a comprehensive and consistent set of risk and resilience terminology for transportation agency use. The current glossary contains 188 words with definitions drawn from 91 sources. Definitions were derived from sources published by the transportation sector, such as the FHWA Planning Glossary, the TRB Glossary, various NCHRP reports, and the AASHTO TAM Guide. Some definitions are based on the FEMA language. Additionally, specific definitions are derived from glossaries contained in the American Society of Mechanical Engineers (ASME) Risk Analysis and Management for Critical Asset Protection (RAMCAP) Plus manual and the AWWA J100 stan- dard. Multiple definitions are included in this glossary to provide context and to help transportation professionals understand the nuance and contextual differences among authoritative sources. This appendix includes a table containing the terms and their corresponding page numbers followed by an alphabetical list of the terms, definitions, and source attributions. Glossary of Terms and Page Number Absorptive Capacity . . . . . . . . . . . . . . . . . . . A-4 Acceptable Risk . . . . . . . . . . . . . . . . . . . . . . . A-4 Adaptation . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4 Adaptive Capacity . . . . . . . . . . . . . . . . . . . . . A-5 Adversary . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-5 All-Hazards . . . . . . . . . . . . . . . . . . . . . . . . . . A-5 All-Hazards Approach . . . . . . . . . . . . . . . . . A-5 All-Hazards Preparedness . . . . . . . . . . . . . . A-5 Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-5 Annual Exceedance Probability (AEP) . . . A-6 Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6 Asset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6 Asset Class . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6 Asset Condition . . . . . . . . . . . . . . . . . . . . . . . A-6 Asset Management . . . . . . . . . . . . . . . . . . . . A-6 Asset Management Plan . . . . . . . . . . . . . . . A-7 Asset Replacement Cost . . . . . . . . . . . . . . . . A-7 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-7 Benefit/Cost Analysis/Ratio . . . . . . . . . . . . A-7 Best Practice . . . . . . . . . . . . . . . . . . . . . . . . . . A-7 Bridge Management System (BMS) . . . . . A-8 Buffer Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8 Business Continuity . . . . . . . . . . . . . . . . . . . A-8 Business Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8 Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-8 Capability Maturity Framework (CMF) . . . . A-8 Change Averse . . . . . . . . . . . . . . . . . . . . . . . . . . A-8 Climate Change . . . . . . . . . . . . . . . . . . . . . . . . . A-8 Climate Stressor . . . . . . . . . . . . . . . . . . . . . . . . . A-9 Comprehensive Emergency Management . . A-9 Conditional Probability . . . . . . . . . . . . . . . . . . A-9 Conditional Risk . . . . . . . . . . . . . . . . . . . . . . . . A-9 Consequence . . . . . . . . . . . . . . . . . . . . . . . . . . . A-9 Consequence Analysis . . . . . . . . . . . . . . . . . . A-10 Consequence-Mitigation . . . . . . . . . . . . . . . . A-10 Consequence-Mitigation Features . . . . . . . . A-10 Consequence-Mitigation Strategies . . . . . . . A-10 Continuity of Operations (COOP) . . . . . . . A-11 Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-11 Countermeasures . . . . . . . . . . . . . . . . . . . . . . A-11 Crisis Management . . . . . . . . . . . . . . . . . . . . . A-11 Critical Assets . . . . . . . . . . . . . . . . . . . . . . . . . . A-11 Critical Infrastructure . . . . . . . . . . . . . . . . . . . A-12 Criticality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-12 Damage Assessment . . . . . . . . . . . . . . . . . . . . A-12 Decision Criteria . . . . . . . . . . . . . . . . . . . . . . . A-12
Glossary of Terms A-3 Decision Tree . . . . . . . . . . . . . . . . . . . . . . . . A-12 Delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-13 Dependency . . . . . . . . . . . . . . . . . . . . . . . . . A-13 Dependency Hazard/Threat . . . . . . . . . . . A-13 Design Standard . . . . . . . . . . . . . . . . . . . . . A-13 Deterministic Analysis/Models . . . . . . . . A-13 Disaster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-13 Domestic Incident Management . . . . . . . A-13 Economic Impacts/Loss . . . . . . . . . . . . . . . A-14 Ecosystem Services . . . . . . . . . . . . . . . . . . . A-14 Efficacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-14 Elements at Risk . . . . . . . . . . . . . . . . . . . . . A-14 Emergency . . . . . . . . . . . . . . . . . . . . . . . . . . A-14 Emergency Management . . . . . . . . . . . . . . A-14 Emergency Response . . . . . . . . . . . . . . . . . A-15 Equitable Access . . . . . . . . . . . . . . . . . . . . . A-15 Event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-15 Event Tree (also called âFailure Treeâ) . . A-15 Event Tree Analysis . . . . . . . . . . . . . . . . . . A-15 Expert Elicitation . . . . . . . . . . . . . . . . . . . . . A-15 Exposure . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-15 Extreme Events . . . . . . . . . . . . . . . . . . . . . . A-16 Extreme Weather Events . . . . . . . . . . . . . . A-16 Facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-16 Failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-16 Failure Mode . . . . . . . . . . . . . . . . . . . . . . . . A-16 Fault Tree Analysis . . . . . . . . . . . . . . . . . . . A-16 Feasibility . . . . . . . . . . . . . . . . . . . . . . . . . . . A-17 Financial Plan . . . . . . . . . . . . . . . . . . . . . . . . A-17 Frequency . . . . . . . . . . . . . . . . . . . . . . . . . . . A-17 Hazard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-17 Hazard (Intentional) . . . . . . . . . . . . . . . . . . A-18 Hazard (Natural) . . . . . . . . . . . . . . . . . . . . . A-18 Hazard (Technological) . . . . . . . . . . . . . . . A-18 Hazard Analysis . . . . . . . . . . . . . . . . . . . . . . A-18 Hazard Assessment . . . . . . . . . . . . . . . . . . . A-18 Hazard Identification . . . . . . . . . . . . . . . . . A-18 Human Factors . . . . . . . . . . . . . . . . . . . . . . A-18 Incident . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-19 Incident Analysis . . . . . . . . . . . . . . . . . . . . . A-19 Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . A-19 Initiating Event . . . . . . . . . . . . . . . . . . . . . . A-19 Insider Threat . . . . . . . . . . . . . . . . . . . . . . . . A-19 Intensity . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-19 Intent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-20 Investment Strategy . . . . . . . . . . . . . . . . . . A-20 Lane Mile . . . . . . . . . . . . . . . . . . . . . . . . . . . A-20 Level of Resilience (LOR) . . . . . . . . . . . . . A-20 Levels of Service (LOS) . . . . . . . . . . . . . . . . A-20 Life-Cycle Cost . . . . . . . . . . . . . . . . . . . . . . . A-20 Life-Cycle Planning and Management . . A-21 Likelihood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-21 Loss Prevention . . . . . . . . . . . . . . . . . . . . . . . . A-21 Man-made (Anthropogenic/ Human-Caused) Threats (Hazards) . . . . A-21 Measurement . . . . . . . . . . . . . . . . . . . . . . . . . . A-21 Metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-21 Minimum Practical Cost . . . . . . . . . . . . . . . . A-22 Mitigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-22 Mobility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-22 Monte Carlo Simulation/Analysis/ Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-23 Natural Events/Hazards/Threats . . . . . . . . . A-23 Net Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . A-23 Operational Costs . . . . . . . . . . . . . . . . . . . . . . A-23 Operational Risk . . . . . . . . . . . . . . . . . . . . . . . A-23 Owner Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . A-23 Performance Indicators (âKey Performance Indicatorsâ) . . . . . . . A-24 Performance Measure . . . . . . . . . . . . . . . . . . A-24 Performance Measurement . . . . . . . . . . . . . . A-24 Performance Metrics . . . . . . . . . . . . . . . . . . . A-24 Preparedness . . . . . . . . . . . . . . . . . . . . . . . . . . A-24 Preventative Measures/Risk Prevention . . . A-25 Prevention . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-25 Priority Access . . . . . . . . . . . . . . . . . . . . . . . . . A-25 Probabilistic Model . . . . . . . . . . . . . . . . . . . . . A-25 Probability (see also Likelihood) . . . . . . . . . A-25 Projection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-26 Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-26 Qualitative . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-26 Qualitative Risk Analysis/Assessment . . . . A-26 Quantified . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-26 Quantify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-27 Quantitative . . . . . . . . . . . . . . . . . . . . . . . . . . . A-27 Quantitative Risk Analysis/Assessment . . . A-27 Radiative Forcing . . . . . . . . . . . . . . . . . . . . . . A-27 RAMCAP Plus . . . . . . . . . . . . . . . . . . . . . . . . . A-27 Rapidity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-27 Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-27 Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . A-28 Reference Threat . . . . . . . . . . . . . . . . . . . . . . . A-28 Reliability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-28 Remediation . . . . . . . . . . . . . . . . . . . . . . . . . . . A-28 Residual Risk . . . . . . . . . . . . . . . . . . . . . . . . . . A-28 Resilience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-28 Resilience Management . . . . . . . . . . . . . . . . . A-29 Resilience Metrics . . . . . . . . . . . . . . . . . . . . . . A-29 Resource Allocation . . . . . . . . . . . . . . . . . . . . A-29 Response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-29 Restorative Capacity . . . . . . . . . . . . . . . . . . . . A-30 Return on Investment (ROI). . . . . . . . . . . . . A-30
A-4 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-30 Risk Allocation . . . . . . . . . . . . . . . . . . . . . . . A-31 Risk Assessment . . . . . . . . . . . . . . . . . . . . . A-31 Risk Aversion . . . . . . . . . . . . . . . . . . . . . . . . A-31 Risk Characterization . . . . . . . . . . . . . . . . . A-31 Risk Communication . . . . . . . . . . . . . . . . . A-32 Risk Management . . . . . . . . . . . . . . . . . . . . A-32 Risk Management Plan . . . . . . . . . . . . . . . A-32 Risk Mitigation . . . . . . . . . . . . . . . . . . . . . . A-32 Risk Register . . . . . . . . . . . . . . . . . . . . . . . . . A-33 Risk Tolerance . . . . . . . . . . . . . . . . . . . . . . . A-33 Risk Transfer/Transference . . . . . . . . . . . . A-33 Road Weather Management . . . . . . . . . . . A-33 Robustness . . . . . . . . . . . . . . . . . . . . . . . . . . A-33 Safety . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-33 Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-33 Scenario Planning . . . . . . . . . . . . . . . . . . . . A-34 Sensitivity . . . . . . . . . . . . . . . . . . . . . . . . . . . A-34 Severity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-34 Stakeholder . . . . . . . . . . . . . . . . . . . . . . . . . . A-34 Standards-Based Approach . . . . . . . . . . . . A-34 State of Good Repair (SGR) . . . . . . . . . . . A-34 Sustainability . . . . . . . . . . . . . . . . . . . . . . . . . . A-34 System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-35 Target . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-35 Technological Hazards . . . . . . . . . . . . . . . . . . A-35 Threat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-35 Threat Analysis/Assessment . . . . . . . . . . . . . A-35 Threat Characterization . . . . . . . . . . . . . . . . . A-36 Threat Likelihood . . . . . . . . . . . . . . . . . . . . . . A-36 Transportation Asset Management . . . . . . . A-36 Transportation Management Center (TMC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-36 Transportation Systems Management and Operations (TSMO) . . . . . . . . . . . . . . . . . . A-36 Twice Damaged Assets (âRepeatedly damaged facilitiesâ) . . . . . . . . . . . . . . . . . . A-37 Uncertainty . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-37 User Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-37 Vulnerability . . . . . . . . . . . . . . . . . . . . . . . . . . A-37 Vulnerability Assessment . . . . . . . . . . . . . . . A-38 Vulnerability Estimate . . . . . . . . . . . . . . . . . . A-38 Vulnerability Logic Diagrams (VLDs) . . . . A-38 Worst Reasonable Consequence . . . . . . . . . A-38 Absorptive Capacity ⢠âThe ability of the transportation system to absorb shocks and stresses and maintain normal functioningâ (Weilant et al. 2019). Acceptable Risk ⢠âThe level of potential losses that a society or community considers acceptable given existing social, economic, political, cultural, technical, and environmental conditions. UNISDR Edi- torâs Note: In engineering terms, acceptable risk is also used to assess and define the structural and non-structural measures that are needed in order to reduce possible harm to people, property, services, and systems to a chosen tolerated level, according to codes or âaccepted practiceâ which are based on known probabilities of hazards and other factorsâ (United Nations Office for Disaster Risk Reduction (UNISDR) Terminology 2016). ⢠âThat level of risk that is sufficiently low that society is comfortable with it. Society does not generally consider expenditure in further reducing such risks justifiableâ (Australian National Committee on Large Dams 1994). ⢠âDegree of human and material loss that is perceived by the community or relevant authorities as tolerable in actions to minimize disaster riskâ (United Nations, Department of Humanitarian Affairs, 1992). Adaptation ⢠âAdjustment in natural or human systems in anticipation of or response to a changing environ- ment that effectively uses beneficial opportunities or reduces negative effectsâ (FHWA 2014). ⢠âThe process of adjusting to new (climate) conditions in order to reduce risks to valued assetsâ (FHWA 2020).
Glossary of Terms A-5 ⢠âAdjustment in natural or human systems in anticipation of or response to a changing envi- ronment in a way that effectively uses beneficial opportunities or reduces negative effectsâ (Weilant et al. 2019). Adaptive Capacity ⢠âThe ability of a system to adjust to climate change (including climate variability and extremes) to moderate potential damages, to take advantage of opportunities, or to cope with the con- sequencesâ (U.S. Climate Change Science Program and the Subcommittee on Global Change Research 2008). ⢠âThe ability of a person, asset, or system to adjust to a hazard, take advantage of new opportu- nities, or cope with changeâ (United States Global Change Research Program 2020). ⢠âThe ability of a transportation asset or system to adjust, repair, or flexibly respond to damage caused by climate variability or extreme weatherâ (FHWA 2020). ⢠âThe ability of the system to change in response to shocks and stresses to maintain normal functioningâ (Weilant et al. 2019). Adversary ⢠âAny individual, group, organization, or government that conducts activities, or has the intention and capability to conduct activities, detrimental to critical infrastructure or key assets. Adversaries may include intelligence services of host nations or third-party nations, political and terrorist groups, criminals, rogue employees, and private interests. Adversaries can include site insiders, site outsiders, or the two acting in collusionâ (AWWA 2014). All-Hazards ⢠âAn approach for prevention, protection, preparedness, response, and recovery that addresses a full range of threats and hazards, including domestic terrorist attacks, natural and manmade disasters, accidental disruptions, and other emergenciesâ (DHS 2006). All-Hazards Approach ⢠âAn integrated hazard management strategy that incorporates planning for and consider- ation of all potential natural and technological hazardsâ (National Science and Technology Council (NSTC), Committee on the Environmental and Natural Resources, Subcommittee on Natural Disaster Reduction 1996). All-Hazards Preparedness ⢠âThe term âall-hazards preparednessâ refers to preparedness for domestic attacks, major disas- ters, and other emergenciesâ [HSPD-8 (Homeland Security Presidential Directive) 2003]. Analysis ⢠âInspection and analysis to check whether a standard or set of guidelines is being followed, that records are accurate, or that efficiency and effectiveness targets are being metâ (ASME 2009). ⢠âThe separation of an intellectual or material whole into its constituent parts for individual study. In the context of risk management, a broad, unconstrained consideration of risk and its component factors aimed at improving oneâs ability to make better decisionsâ
A-6 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Annual Exceedance Probability (AEP) ⢠âThe estimated probability that an event of specified magnitude will be exceeded in any yearâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Assessment ⢠âThe application of a method or procedure to measure or produce a decision-support product, with specific constraints in scopeâ (ASME 2009). Asset ⢠âAn item of value or importance. Assets may include physical elements (tangible property), cyber elements (information and communication systems), and human or living elements (critical knowledge and functions of people)â (ASME 2009). ⢠â(transportation system): Essentially any feature built and maintained on a highway (e.g., pavement, bridge, culvert, sign, and embankment)â (Flannery et al. 2018). ⢠âAn item of value or importance. In the context of critical water and wastewater infrastruc- ture, an asset is something of importance or value that if targeted, exploited, destroyed, or incapacitated could result in injury, death, economic damage to the owner of the asset or to the community it serves, destruction of property, or could profoundly damage a nationâs prestige and confidence. Assets may include physical elements (tangible property), cyber ele- ments (information and communication systems), and human or living elements (critical knowledge and functions of people)â (AWWA 2014). Asset Class ⢠âAssets with the same characteristics and function (e.g., bridges, culverts, tunnels, pavements, or guardrail) that are a subset of a group or collection of assets that serveâ (FHWA n.d.). Asset Condition ⢠âThe actual physical condition of an assetâ (FHWA n.d.). ⢠âRefers to an assetâs current state, as specifically defined by its appearance, perceived level of ser- vice, and observed physical state, whether or not it impacts its performanceâ (AASHTO 2013). ⢠âCondition relates to the structural integrity of an asset. Condition can be measured visually or with instruments and over time condition will almost always deteriorate without agency interventionâ (AASHTO 2013). Asset Management ⢠âThe practice of taking a comprehensive view of the entire portfolio of resources available in order to achieve system-wide agency goals at optimal cost-benefit. This includes the ability to show how, when, and why resources were committedâ (Nakanishi and Auza 2015). ⢠âAsset management is the process responsible for tracking and reporting the value and owners hip of financial assets throughout their lifecycle. Asset management is part of an over- all service asset and configuration management processâ (DRI International, Inc., 2021).
Glossary of Terms A-7 ⢠âA strategic and systematic process of operating, maintaining, and improving physical assets, with a focus on both engineering and economic analysis based upon quality information, to identify a structured sequence of maintenance, preservation, repair, rehabilitation, and replacement actions that will achieve and sustain the desired state of good repair over the life cycle of the assets at minimum practicable costâ (FHWA n.d.). ⢠âTransportation Asset Management is a strategic and systematic process of operating, main- taining, upgrading, and expanding physical assets effectively throughout their life cycle. It focuses on business and engineering practices for resource allocation and utilization, with the objective of better decision-making based upon quality information and well-defined objec- tivesâ (Cambridge Systematics, Inc., 2009). Asset Management Plan ⢠âMeans a document that describes how a State DOT will carry out asset management as defined in this section. This includes how the State DOT will make risk-based decisions from a long-term assessment of the National Highway System (NHS), and other public roads included in the plan at the option of the State DOT, as it relates to managing its physical assets and laying out a set of investment strategies to address the condition and system per- formance gaps. This document describes how the highway network system will be managed to achieve State DOT targets for asset condition and system performance effectiveness while managing the risks, in a financially responsible manner, at a minimum practicable cost over the life cycle of its assets. The term asset management plan under this part is the risk-based asset management plan that is required under 23 U.S.C. 119(e) and is intended to carry out asset management as defined in 23 U.S.C. 101(a)(2)â (FHWA n.d.). Asset Replacement Cost ⢠âThe anticipated cost to replace a damaged highway asset utilizing planning-level estimates of unit costsâ (CDOT 2020). Benefits ⢠âThe difference between the risk and resilience levels without the option and those with the option in place (also called âgross benefitsâ)â (AWWA 2014). Benefit/Cost Analysis/Ratio ⢠âA benefit-cost ratio (BCR) is a ratio used in a cost-benefit analysis to summarize the over- all relationship between the relative costs and benefits of a proposed project. BCR can be expressed in monetary or qualitative terms. If a project has a BCR greater than 1.0, the project is expected to deliver a positive net present value to a firm and its investorsâ (Hayes 2020). ⢠âBenefit-Cost Analysis, also referred to as Cost-Benefit Analysis, is a systematic process for calculating and comparing the benefits and costs of a project for two purposes: â to determine if it is a sound investment (justification/feasibility) â to see how it compares with alternate projects (ranking/priority assignment)â (Transporta- tion Research Board, n.d.). Best Practice ⢠âProven activities or processes that have been successfully used by multiple organizationsâ (DRI International, Inc., 2021).
A-8 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Bridge Management System (BMS) ⢠âA systematic process that provides, analyzes, and summarizes bridge information for use in selecting and implementing cost-effective bridge construction, rehabilitation, and mainte- nance programsâ (FHWA 2017a). Buffer Zone ⢠âThe outside area around an asset created by the combination of physical distance, barriers, security measures and other protective features that contributes to its protection from physi- cal attackâ (ASME 2009). Business Continuity ⢠âThe ability of an organization to continue to function before, during, and after a disasterâ (DHS 2006). ⢠â. . . the term business continuity encompasses the gamut of mechanisms that maintain conti- nuity in business, including all forms of problem resolution and preventive mechanisms like quality assurance and securityâ (Wainschel 2006). Business Risk ⢠âRisk that internal and external factors, such as inability to provide a service or product, or a fall in demand for an organizationâs products or services will result in an unexpected lossâ (DRI International, Inc., 2021). Capability ⢠âThe ability to cause an unwanted event or undertake an attack. In security analysis, the capa- bility is one factor of a threatening adversaryâ (ASME 2009). Capability Maturity Framework (CMF) ⢠âThe CMF is based on self-evaluation regarding the key process and institutional capabili- ties required from a transportation agency (or group of agencies) to achieve effective TSMO. This framework is adapted from a concept developed in the information technology industry called the Capability Maturity Model (CMM), which has been tailored to the transportation community. The CMF identifies the six key dimensions of process and institutional capability that directly relate to improving program effectiveness: business processes; systems and technology; performance measurement; culture; organization and workforce; collaborationâ (FHWA 2002). Change Averse ⢠âA strong opposition to changing practices or beliefsâ (Asam et al. 2015). Climate Change ⢠âRefers to any significant change in the measures of climate lasting for an extended period of time. Climate change includes major variations in temperature, precipitation, or wind patterns, among other environmental conditions, that occur over several decades or longer.
Glossary of Terms A-9 Changes in climate may manifest as a rise in sea level, as well as increase the frequency and magnitude of extreme weather eventsâ (FHWA 2014). Climate Stressor ⢠âA condition, event, or trend related to climate variability and change that can exacerbate hazardsâ (United States Global Change Research Program 2020). ⢠âAcute and long-term weather events and trends that have an effect on an asset or service. Among others, stressors include extreme temperature events and precipitation events, drought, sea-level rise, storm surge, intense storms (e.g., hurricanes and tropical storms), strong winds, blizzards, humidity, permafrost thaw, and long-term temperature and pre- cipitation trendsâ (U.S. Climate Change Science Program and the Subcommittee on Global Change Research 2008). Comprehensive Emergency Management ⢠âAn integrated approach to the management of emergency programs and activities for all four emergency phases (mitigation, preparedness, response, and recovery), for all types of emer- gencies and disasters, and all levels of government and the private sectorâ (Blanchard 2006). Conditional Probability ⢠âThe probability of an outcome, given the occurrence of some event. For example, given that a flood has reached the crest of an embankment dam, the probability of the dam failing is a conditional probabilityâ (Technical Committee on Risk Assessment and Management Glos- sary of Risk Assessment Terms 2004). ⢠âProbability of an event based on the assumption/condition that a previous event has occurred. For example, in an event tree branch, at any node, the sum of the conditional prob- abilities associated with each of the events/branches immediately following that node should equal 1â (ASME 2009). Conditional Risk ⢠âA measure of risk that focuses on consequences, vulnerability, and adversary capabilities but excludes threat frequency. It is used as a basis for making long-term risk management decisions. The adversary capabilities, countermeasures and residual vulnerability are often combined into a measure of the likelihood of adversary successâ (ASME 2009). Consequence ⢠âThe outcome of an event occurrence, including immediate, short, and long-term, direct, and indirect losses and effects. Loss may include human fatalities and injuries, monetary and economic damages, and environmental impact, which can generally be estimated in quantitative terms. In addition, consequences may also include less tangible and therefore, less quantifiable effects, including governance impacts, political ramifications, morale, and psychological effects, reductions in operational effectiveness or military readiness, or other impactsâ (ASME 2009). ⢠âThe immediate, short- and long-term effects of a malevolent attack or natural hazard. These effects include losses suffered by the owner of the asset and by the community served by that asset. They include human and property losses, environmental damages, and lifeline interruptions. Property damage and losses from interruption of operations are expressed
A-10 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis in monetary units. Consequences involving loss of life, injury, loss of lifelines, and environ- mental damage may be measured in any combination of two of the following: (1) natural units reported and considered individually (e.g., fatalities, number of serious injuries, losses in dollars); (2) converted to a single, summary economic value, reported, and considered as a single loss indicator; and (3) in predefined ranges represented by the RAMCAP âbinsâ (AWWA 2014). ⢠âA subsequent result (usually negative) that follows from damage to or loss of an asset. Quan- tifying potential consequences is an important part of determining riskâ (United States Global Change Research Program 2020). ⢠âThe result of a terrorist attack or other hazard that reflects the level, duration, and nature of the loss resulting from the incident. For the purposes of the NIPP, consequences are divided into four main categories: public health and safety, economic, psychological, and governanceâ (DHS 2006). Consequence Analysis ⢠âIs the identification and estimation of the worst reasonable consequences generated by each specific asset/threat combinationâ (ASME 2009). Consequence-Mitigation ⢠âA series of planned and coordinated actions or system features designed to reduce or mini- mize the damage caused by attacks (consequences of an attack); support and complement emergency forces (first responders); facilitate field-investigation and crisis management; and facilitate rapid recovery and reconstitution. May also include steps taken to reduce short- and long-term consequences, such as providing alternative sources of supply for critical goods and services. Mitigation actions and strategies are intended to reduce the consequences of an incident, whereas countermeasures are intended to reduce the probability that an attack will occur or will cause a failure or significant damage if it occursâ (AWWA 2014). ⢠âThe planned and coordinated actions or system features designed to reduce or minimize the damage caused by attacks or natural hazard events (consequences of an attack or event); sup- port and complement emergency forces (first responders); facilitate field-investigation, and crisis management response; and facilitate rapid recovery, reconstitution, and resumption of function (resilience). Consequence-mitigation may also include steps taken to enhance resilience by reducing short- and long-term impacts, such as providing alternative sources of supply for critical goods and services. Consequence-mitigation actions and strategies are intended to reduce the consequences/impacts of an event, whereas countermeasures are intended to reduce the probability of the event occurring, and the probability that an attack will succeed in causing a failure or significant damageâ (ASME 2009). Consequence-Mitigation Features ⢠âThose attributes, e.g., planned responses of system operators or automatic responses of engineered safety systems, of the asset or system that limit the impacts of a threat that has occurredâ (ASME 2009). Consequence-Mitigation Strategies ⢠âThe set of both internal consequence-mitigation features and other responses, e.g., by agen- cies outside the boundaries of the asset, such as emergency response or first responders, that limit the impacts of a threat that has occurredâ (ASME 2009).
Glossary of Terms A-11 Continuity of Operations (COOP) ⢠COOP, as defined in the National Continuity Policy Implementation Plan (NCPIP) and the National Security Presidential Directive51/Homeland Security Presidential Directive20 (NSPD-51/HSPD-20), is an effort within individual executive departments and agencies to ensure that Primary Mission Essential Functions (PMEFs) continue to be performed during a wide range of emergencies, including localized acts of nature, accidents and technological or attack-related emergencies (FEMA n.d.). Costs ⢠âWhen used to evaluate an option, the present value of all forward negative cash flows, includ- ing both investment and operating outlays (also known as âlife-cycle costsâ). Costs follow the principle of forward costing only, i.e., no previous outlays (âsunkâ costs) are to be included. The only exception to this is where the user is a taxable organization, when unused deprecia- tion can affect forward tax liabilitiesâ (ASME 2009; AWWA 2014). Countermeasures ⢠âAn action taken, or a physical capability provided for the principal purpose of reducing or eliminating vulnerabilities or reducing the likelihood of occurrence of attacks. Countermea- sures are often elements in a comprehensive and holistic security system designed to defend, detect, delay, deter or devalue an attack, i.e., â Defend against attack by delaying or preventing an aggressorâs movement toward the asset or use of weapons and explosives. â Detect an aggressor who is planning or committing an attack or the presence of a hazardous device or weapon. â Delay or slow the actions of an adversary to the point that a successful attack takes longer than expected or desired, during which time, defenses may interveneâ (ASME 2009). ⢠âWhat is in place or could be put in place to reduce the vulnerability of an asset, and/or the probability that an attack will succeed in causing failure or significant damageâ (Flannery et al. 2018). ⢠âAll measures taken to counter and reduce a hazard or consequences of a hazard. They most commonly refer to engineering (structural) measures but can also include other non-struc- tural measures and tools designed and employed to avoid or limit the adverse impact of natu- ral hazards and related environmental and technological disastersâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Crisis Management ⢠âFor the private sector, crisis management is that transition from normal business decision- making to a highly streamlined activity aimed at containing the initiating event, maintain- ing essential operations and recovery of normal business conditions as quickly as possibleâ (AWWA 2014). Critical Assets ⢠âAn asset considered to be essential to the function of a facility or infrastructure compo- nent. In the context of national critical infrastructure and key resource (CI/KR) protection, a CI/KR asset is something of importance or value which, if targeted, exploited, destroyed, or incapacitated could result in large scale injury, death, economic damage, destruction of property, or could profoundly damage a nationâs prestige and confidenceâ (ASME 2009).
A-12 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis ⢠âAn asset whose absence or unavailability would significantly degrade the ability of an organi- zation to carry out its mission. The criticality of an asset can vary depending on the decisions to be made and perspective of the analystâ (ASME 2009). ⢠âAssets, that if lost or damaged, would severely degrade or curtail an ownerâs ability to per- form core functions or its missionâ (Flannery et al. 2018). ⢠âAn asset of such strategic importance to the performance of essential functions that its incapaci- tation or destruction would have a very serious or debilitating effect on an organizationâs ability to perform the function(s)â (CDOT 2020). ⢠âAn asset whose absence or unavailability would significantly degrade the ability of an organi- zation to carry out its mission. The criticality of an asset can vary depending on the decisions to be made and perspective of the analystâ (ASME 2009). Critical Infrastructure ⢠âSystems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those mattersâ [Critical Infrastructure Protection Act of 2001, Public Law 107-56, Sec. 1016(6) n.d.]. ⢠âThe assets, systems, facilities, networks, and other elements that society relies upon to main- tain national security, economic vitality, and public health and safetyâ (DHS 2019). ⢠âPhysical assets whose incapacity or destruction would have a debilitating impact on the eco- nomic or physical security of an organization, community, nation, etc.â (DRI International, Inc., 2021). ⢠âThe incapacity or failure of which would have a debilitating impact on national or regional economic security, national or regional energy security, national or regional public health or safety, or any combination of those mattersâ (Public Law 114-94, Fixing Americaâs Surface Transportation Act 2015). ⢠âAssets, systems, and networks, whether physical or virtual, so vital to the United States that the incapacity or destruction of such assets, systems, or networks would have a debilitating impact on security, national economic security, public health or safety, or any combination of those mattersâ (DHS 2006). Criticality ⢠âA measure of the importance of an asset to the resilience of an overall systemâ (CDOT 2020). ⢠âAsset criticality is a key concept, relating to the importance of the asset and the level of risk that it may be exposed to. Criticality can be a driver of data collection effortsâ (AASHTO 2013). Damage Assessment ⢠âAn appraisal or determination of the effects of the incident on humans, on physical, opera- tional, economic characteristics, and the environmentâ (DRI International, Inc., 2021). Decision Criteria ⢠âThe set of information and assumptions on which a decision is based. These generally include both technical and âpoliticalâ factors, and typically involve significant uncertaintyâ (ASME 2009). Decision Tree ⢠âA diagram used to select the best course of action in uncertain situationsâ (California Depart- ment of Transportation 2003).
Glossary of Terms A-13 Delay ⢠âUse of security countermeasures to slow the actions of an adversary to the point that a suc- cessful attack takes long enough to be interdicted or longer than expected or desired by the adversaryâ (AWWA 2014). Dependency ⢠âThe reliance of an asset, system, network, or collection thereof, within or across sectors, on input, interaction, or another requirement from other sources in order to perform mission objectivesâ (AWWA 2014). Dependency Hazard/Threat ⢠âA dependency the denial of which has the potential to disrupt the function of the asset, system, etc.â (AWWA 2014). Design Standard ⢠âDesign standards are defined as standards which have been agreed upon by various regu- lating bodies and refer to all aspects of defining quality and methods of fabrication or installation of materials and equipmentâ (AutoQuiz: What is the Definition of a Design Standard? 2021). Deterministic Analysis/Models ⢠âDescribing a process with an outcome that is always the same for a given random, which describes a process with an outcome that can vary even though the inputs are the same. Deterministic analysis contrasts with probabilistic analysisâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Disaster ⢠âAn occurrence that has resulted in property damage, deaths, and/or injuries to a communityâ (FEMA 1990). ⢠âA serious disruption of the functioning of a community or a society causing widespread human, material, economic or environmental losses which exceed the ability of the affected community or society to cope using its own resourcesâ (National Science and Technology Council (NSTC), Committee on the Environmental and Natural Resources, Subcommittee on Natural Disaster Reduction 1996). ⢠âA serious disruption of the functioning of a community or a society causing widespread human, material, economic or environmental losses which exceed the ability of the affected community/society to cope using its own resourcesâ (UNISDR 2002). Domestic Incident Management ⢠âFor the Federal Government, domestic incident management is predominantly a DHS func- tion to coordinate federal operations within the United States to prevent, prepare for, respond to, and recover from terrorist attacks, major disasters, and other emergencies. It includes measures to identify, acquire and plan the use of resources needed to anticipate, prevent and/or resolve a threat or act of terrorism. State and local authorities participating in this response
A-14 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis may view it as crisis management, which includes traditional law enforcement functions, such as intelligence, surveillance, tactical operations, negotiations, forensics, and investigationsâ (ASME 2009). Economic Impacts/Loss ⢠âFor risk management at two levels: (1) the financial consequences to the organization; and (2) the economic consequences to the regional metropolitan community the organization servesâ (ASME 2009). Ecosystem Services ⢠âBenefits that humans receive from natural systemsâ (United States Global Change Research Program 2020). Efficacy ⢠âThe extent to which the strategy, if successfully implemented, reduces the riskâ (New York State Energy Research and Development Authority 2020). Elements at Risk ⢠âPopulation, buildings and engineering works, infrastructure, environmental features, and economic activities in the area affected by a hazardâ (Technical Committee on Risk Assess- ment and Management Glossary of Risk Assessment Terms 2004). Emergency ⢠âAny occasion or instance for which, in the determination of the President, Federal assistance is needed to supplement State and local efforts to save lives and to protect property and public health and safety, or to lessen or avert the threat of a catastrophe in any part of the United States. The Governor of a State, or the Acting Governor in his/her absence, may request that the President declare an emergency when an incident occurs or threatens to occur in a State which would not qualify under the definition of a major disaster. Assistance authorized by an emergency declaration is limited to immediate and short-term assistance, and may not exceed $5 million, except when authorized by the FEMA Associate Director for Response and Recovery under certain conditionsâ (FEMA 2001a); cites Robert T. Stafford Act 102; 44 CFR 206.2, 206.35; 206.63, 206.66, and 503. Emergency Management ⢠âThe process of preventing, preparing for, responding to, and recovering from an emergency; where an emergency is an unexpected, large-scale, damaging eventâ (Neudorff et al. 2012). ⢠âThe entire process of planning and intervention for rescue and relief to reduce the impact of emergencies as well as the response and recovery measures, to mitigate the significant social, economic, and environmental consequences to communities and ultimately to the country, usually through an emergency operation center, EOCâ (Disaster and Emergency Reference Center 1998). ⢠âOrganized analysis, planning, decision-making, and assignment of available resources to mitigate (lessen the effect of or prevent), prepare for, respond to, and recover from the effects
Glossary of Terms A-15 of all hazards. The goal of emergency management is to save lives, prevent injuries, and pro- tect property and the environment if an emergency occursâ (FEMA 1995). ⢠âThe process through which America prepares for emergencies and disasters, responds to them, recovers from them, rebuilds, and mitigates their future effectsâ [(FEMA 2001a), citing FEMA Strategic Plan]. Emergency Response ⢠âA response to emergencies, including both natural disasters, e.g., hurricanes, floods, earth- quakes, etc., and human-induced events, e.g., civil commotion, adversary attacks, etc., in order to protect lives and limit damage to property and impact on operationsâ (AWWA 2014). Equitable Access ⢠âThe ability of the system to provide the opportunity for access across the entire community during a shock or stress and when the system is undisruptedâ (Weilant et al. 2019). Event ⢠âOccurrence or change of a particular set of circumstancesâ (ISO 2009). Event Tree (also called âFailure Treeâ) ⢠â(also called âfailure treesâ) â The sequence of events between the initiation of an event and the termination of the event is described as a branching tree, where each âbranchâ represents the possible outcomes at that junction (e.g., a locked door may be breached or not). The evalua- tion team estimates the probability of each outcome. Multiplying the probabilities along each branch, from the initiating event to each terminal event, calculates the probability of each unique branch, while all branches together sum to unity (1.0). The sum of the probabilities of all branches on which the attack succeeds is the vulnerability estimateâ (AWWA 2014). Event Tree Analysis ⢠âAn inductive analysis that utilizes a graphical âtreeâ construct to analyze the logical sequence of the occurrence of events in, or states of, a system following an initiating event (often called the âtop eventâ)â (AWWA 2014). Expert Elicitation ⢠âUsing experts to provide information not readily available is often subjective or cannot be obtained from historical records. For example, members of the RAMCAP Plus evaluation team familiar with a facilityâs layout and work flows and knowledgeable about the asset being assessed discuss the likelihood of success of an attack of a particular type and provide logic and reasoning for their estimates. Sometimes trained facilitators, on staff or under contract, are used to elicit the judgmentsâ (ASME 2009). Exposure ⢠âThe nature and degree to which a system or asset is exposed to significant climate variationsâ (FHWA 2015).
A-16 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Extreme Events ⢠âExtreme events are not only [rare and] severe, but also outside the normal range of experi- ence of the system in questionâ (Bier et al. 1999). ⢠âAn extreme event in the context of the natural world is an act of nature, such as a lightning strike or a flood [that] may be a productive resource and a hazard at the same time. Lightning may kill an animal but also start a fire essential to the preservation of a forest ecosystem. A flood may destroy a farmstead while fertilizing the fieldsâ (Burton et al. 1993). ⢠âFor the purposes of this directive, the term âextreme eventsâ refers to risks posed by climate change and extreme weather events. The definition does not apply to other uses of the term nor includes consideration of risks to the transportation system from other natural hazards, accidents, or other human induced disruptionsâ (FHWA 2014). Extreme Weather Events ⢠âWeather events that can include significant anomalies in temperature, precipitation, and winds and can manifest as heavy precipitation and flooding, heatwaves, drought, wildfires, and windstorms (including tornadoes and tropical storms). Consequences of extreme weather events can include safety concerns, damage, destruction, and/or eco- nomic loss. Climate change can also cause or influence extreme weather eventsâ (Flannery et al. 2018). Facility ⢠âThis term is commonly used to describe a fixed manufacturing or operating site or installation. However, the more general term âassetâ as used in this document includes âfacilitiesâ as well as other types of assets. Assets may also be constituent elements of a facilityâ (AWWA 2014). Failure ⢠âLoss of ability to operate to specification, or to deliver the required output. The term failure may be used when referring to IT services, processes, activities, configuration items, etc. A failure often causes an incidentâ (DRI International, Inc., 2021). ⢠âThe inability of a system, or part thereof, to function as intended. In the context of structural safety (including geotechnical structures), failure is generally confined to issues of structural integrity, and in some contexts to the special case of the collapse of the structure or some part of itâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assess- ment Terms 2004). Failure Mode ⢠âA way that failure can occur, described by the means or underlying physics by which ele- ment or component failures must occur to cause loss of the subsystem or system functionâ (AWWA 2014). Fault Tree Analysis ⢠âA specific form of event treeâ (see definition for Event Tree) (ASME 2009). ⢠âA deductive logic diagram that depicts how a particular undesired event can occur as a logi- cal combination of other undesired eventsâ (AWWA 2014).
Glossary of Terms A-17 Feasibility ⢠âHow practical it is for a particular strategy to be implemented by a department, account- ing for engineering, policy, legal, and insurance considerationsâ (New York State Energy Research and Development Authority 2020). Financial Plan ⢠âA long-term plan spanning 10 years or longer, presenting a State DOTâs estimates of pro- jected available financial resources and predicted expenditures in major asset categories that can be used to achieve State DOT targets for asset condition during the plan period, and high- lighting how resources are expected to be allocated based on asset strategies, needs, shortfalls, and agency policiesâ (FHWA n.d.). Frequency ⢠âThe rate of occurrence of an event measured in terms of the number of a particular type of event expected to occur in a particular period of interest, usually one year, or in a particular number of iterations, e.g., one defect per million productsâ (AWWA 2014). ⢠âA measure of likelihood expressed as the number of occurrences of an event in a given time or in a given number of trialsâ (see also Likelihood and Probability) (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Hazard ⢠âA condition, which may result from either an external cause (e.g., earthquake, flood, or human agency) or an internal vulnerability, with the potential to initiate a failure mode. It is a source of potential harm or lossâ (ASME 2009). ⢠âAn event or condition that may cause injury, illness, or death to people or damage to assetsâ (United States Global Change Research Program 2020). ⢠âA dangerous phenomenon, substance, human activity, or condition that may cause loss of life, injury or other health impacts, property damage, loss of livelihoods and services, social and economic disruption, or environmental damage. UNISDR Editorâs Note: The hazards of concern to disaster risk reduction as stated in footnote 3 of the Hyogo Framework are â. . . hazards of natural origin and related environmental and technological hazards and risks.â Such hazards arise from a variety of geological, meteorological, hydrological, oceanic, bio- logical, and technological sources, sometimes acting in combination. In technical settings, hazards are described quantitatively by the likely frequency of occurrence of different inten- sities for different areas, as determined from historical data or scientific analysisâ (UNISDR Terminology 2016). ⢠âSomething that is potentially dangerous or harmful, often the root cause of an unwanted outcomeâ (DHS 2006). ⢠âHazard means an event or physical condition that has the potential to cause fatalities, inju- ries, property damage, infrastructure damage, agricultural loss, damage to the environment, interruption of business, or other types of harm or lossâ (FEMA 1997). ⢠âRelevant to emergency preparedness, a hazard is an emergency or disaster resulting from a natural disaster, or an accidental or man-caused eventâ (FEMA 2001a), p. 58, citing Robert T. Stafford Act, 602.
A-18 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis ⢠âA potentially damaging physical event, phenomenon or human activity, which may cause the loss of life or injury, property damage, social and economic disruption or environmental degradationâ (UNISDR 2002). Hazard (Intentional) ⢠âHuman actions with the intent to cause harm to other humans and what they value are termed intentional hazards. Today, terrorism is the source of most of the intentional hazardsâ (Dymon 2004). Hazard (Natural) ⢠â. . . those elements of the physical environment harmful to man and caused by forces extrane- ous to himâ (Smith 1996 quoting Burton et al. 1993). Hazard (Technological) ⢠âA range of hazards emanating from the manufacture, transportation, and use of such sub- stances as radioactive materials, chemicals, explosives, flammables, agricultural pesticides, herbicides, and disease agents; oil spills on land, coastal waters, or inland water systems; and debris from spaceâ (FEMA 1992). Hazard Analysis ⢠âInvolves identifying all of the hazards that potentially threaten a jurisdiction and analyzing them in the context of the jurisdiction to determine the degree of threat that is posed by eachâ (FEMA 1997). Hazard Assessment ⢠âHazard assessments are simply a process of identifying hazards, evaluating the risks pre- sented by those hazards, and managing the risks of the hazards of the experiment to be per- formed by incorporating appropriate hazard controls into the experimental design processâ (Virginia Tech 2011). Hazard Identification ⢠â. . . the process of defining and describing a hazard, including its physical characteristics, magnitude and severity, probability and frequency, causative factors, and locations/areas affectedâ (FEMA 1997). ⢠â. . . the identification of potential sources of harmâ (ISO 1990). ⢠The process of recognizing that a hazard exists and defining its characteristics (Standards Australia/Standards New Zealand 1995). Human Factors ⢠âHuman factors refer to environmental, organizational and job factors, and human and individual characteristics which influence behavior in a way which can affect safetyâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004)
Glossary of Terms A-19 Incident ⢠âAn occurrence or event, natural or human-caused, that requires an emergency response to protect life or property. Incidents can, for example, include major disasters, emergencies, ter- rorist attacks, terrorist threats, wildland, and urban fires, floods, hazardous materials spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tornadoes, tropical storms, war-related disasters, public health and medical emergencies, and other occurrences requiring an emergency responseâ (DHS 2006), p. 103. ⢠âAny condition that meets the definition of a major disaster or emergency which causes damage or hardship that may result in a Presidential declaration of a major disaster or an emergencyâ (FEMA 2001a), citing Title 44 CFR 206.32. Incident Analysis ⢠âA retrospective analysis of incidents at a particular site, among assets within a particular site, or assets within a category in a particular area, which indicates patterns of potential adver- sarial activities or intentions. Incident analyses should include an assessment of counter- measures sufficiency based on the ability to assess and respond to the suspicious activities in such a way as to reduce the likelihood of success if an actual attack occurredâ (ASME 2009). Infrastructure ⢠âIn transit systems, all the fixed components of the transit system, such as rights-of-way, tracks, signal equipment, stations, park-and-ride lots, but stops, maintenance facilities. 2) In transportation planning, all the relevant elements of the environment in which a transpor- tation system operates. (TRB1) 3) A term connoting the physical underpinnings of society at large, including, but not limited to, roads, bridges, transit, waste systems, public hous- ing, sidewalks, utility installations, parks, public buildings, and communications networksâ (FHWA 2017a). Initiating Event ⢠âAn event that appears at the beginning of a chain of events or a sequence of events which, directly or indirectly, has the potential to cause harm or loss. Such events may include major disasters, emergencies, terrorist attacks, terrorist threats, wildland, and urban fires, floods, hazardous material spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tor- nadoes, tropical storms, war-related disasters, public health and medical emergencies, and other occurrences requiring an emergency responseâ (AWWA 2014). Insider Threat ⢠âOne or more individuals with the access and/or inside knowledge of a company, organiza- tion, or enterprise that would allow them to exploit the vulnerabilities of that entityâs security, systems, services, products, or facilities with the intent to cause harmâ (AWWA 2014). Intensity ⢠â. . . refers to the damage-generating attributes of a hazard. For example, water depth and velocity are commonly used measures of the intensity of a flood. For hurricanes, intensity typically is characterized by the Saffir/Simpson scale, which is based on wind velocity and storm surge depths. . . . The absolute size of an earthquake is given by its Richter magnitude
A-20 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis (and other similar magnitude scales), but its effects in specific locations are described by the Modified Mercalli Intensity (MMI) Scale. . . . Earthquake intensity is also ascertained by physical measures such as peak ground acceleration (expressed as a decimal fraction of the force of gravity, e.g., 0.4 g), peak velocity, or spectral response, which characterizes the frequency of the energy content of the seismic waveâ (Deyle et al. 1998). Intent ⢠âAn adversaryâs goals and the value that the adversary would ascribe to achieving these goals through a particular means, as determined by expert judgment. In terrorism, the intent can be to inflict economic damage, mass fatalities, mass terror, symbolic goals, i.e., attacks against cultural symbols or against targets where there was a prior failure. This type of intent can be focused on types or categories of assets as targets (e.g., buses in Israel, or U.S. embassies) or with the demonstration of an adversaryâs capability (e.g., certain weapons of mass destruc- tion)â (AWWA 2014). Investment Strategy ⢠âA set of strategies that result from evaluating various levels of funding to achieve State DOT targets for asset condition and system performance effectiveness at a minimum practicable cost while managing risksâ (FHWA n.d.). Lane Mile ⢠âOne continuous mile of highway that includes one single travel laneâ (CDOT 2020). Level of Resilience (LOR) ⢠âMagnitude of a risk or combination of risks, expressed in terms of the combination of con- sequences and their likelihoodâ (ISO 2009). Levels of Service (LOS) ⢠âA qualitative assessment of a roadâs operating conditions. For local government, comprehen- sive planning purposes, level of service means an indicator of the extent or degree of service provided by, or proposed to be provided by, a facility based on and related to the operational characteristics of the facility. (1) Level of service indicates the capacity per unit of demand for each public facility. (2) This term refers to a standard measurement used by transportation officials which reflects the relative ease of traffic flow on a scale of A to F, with free-flow being rated LOS-A and congested conditions rated as LOS-Fâ (FHWA 2017a). Life-Cycle Cost ⢠âThe total cost of a project or item over its useful life. This includes all of the relevant costs that occur throughout the life of a project or item, including initial acquisition costs (such as the right of way, planning, design, and construction), operation, maintenance, modifica- tion, replacement, demolition, financing, taxes, disposal, and salvage value as applicableâ (WDOT 2020). ⢠âIn a pure asset management context, the term âlife-cycle costsâ includes all of the costs that an agency incurs in managing assets from the creation of the asset to its ultimate disposalâ (AASHTO 2013).
Glossary of Terms A-21 Life-Cycle Planning and Management ⢠âA process to estimate the cost of managing an asset class, or asset sub-group over its whole life with consideration for minimizing cost while preserving or improving asset conditionâ (AASHTO 2013). Likelihood ⢠âThe chance, frequency, or degree of belief that a particular outcome or event will occur in a specific time frame, usually one yearâ (ASME 2009). ⢠âChance of something happening, whether defined, measured or estimated objectively or subjectively. It can use general descriptors (such as rare, unlikely, likely, almost certain), frequencies, or mathematical probabilities. It can be expressed qualitatively or quantitativelyâ (DRI International, Inc., 2021). ⢠âConditional probability of an outcome given a set of data, assumptions, and information. Also used as a qualitative description of probability and frequencyâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Loss Prevention ⢠âThe set of activities undertaken to preclude or mitigate the effects of adverse impacts on assets due to natural and adversarial threatsâ (ASME 2009). Man-made (Anthropogenic/Human-Caused) Threats (Hazards) ⢠âA man-made hazard is a threat having an element of human intent, negligence, or error, or involving a failure of a man-made systemâ (Akpeninor 2012). ⢠âHuman-caused hazards: these result from intentional acts of humans and include terrorism, school and workplace violence, chemical attacks, and moreâ (The Polis Center 2015). ⢠âMan-made (i.e., anthropogenic, or human-induced) hazards are defined as those âinduced entirely or predominantly by human activities and choices.â This term does not include the occurrence or risk of armed conflicts and other situations of social instability or tension which are subject to international humanitarian law and national legislation. Technological hazards are normally considered a subset of man-made hazardsâ (UNISDR 2018). Measurement ⢠âA measurement is the act or the process of measuring, where the value of a quantitative variable in comparison to a (standard) unit of measurement is determined. A measure is a variable to which a value is assigned as a result of the measurement. According to the Webster dictionary, a measure represents the dimensions, capacity, or amount of somethingâ (ENISA 2011). ⢠âAn indicator of performance or conditionâ (FHWA 2021). Metric ⢠âSomething that is measured and reported to help manage a process, IT service or activityâ (DRI International, Inc., 2021). ⢠âA metric is a system of related measuring enabling quantification of some characteristic of a system, component, or process. A metric is composed of two or more measures. For example, the number of information security incidents per day is a security metric. The metric
A-22 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis represents the incident rate, which is related to the âsecurityâ attribute of a system in function of time. The composing measures are 3 incidents and 1 dayâ (ENISA 2011). Minimum Practical Cost ⢠âLowest feasible cost to achieve the objectiveâ (FHWA n.d.). Mitigation ⢠âActivities designed to reduce or eliminate risks to persons or property or to lessen the actual or potential effects or consequences of an incident. Mitigation measures may be implemented prior to, during, or after an incident. Mitigation measures are often developed in accordance with lessons learned from prior incidents. Mitigation involves ongoing actions to reduce exposure to, probability of, or potential loss from hazards. Measures may include zoning and building codes, floodplain buyouts, and analysis of hazard-related data to determine where it is safe to build or locate temporary facilities. Mitigation can include efforts to educate gov- ernments, businesses, and the public on measures they can take to reduce loss and injuryâ (DHS 2019). ⢠â. . . sustained action taken to reduce or eliminate long-term risk to people and property from hazards and their effects. Mitigation distinguishes actions that have a long-term impact from those that are more closely associated with preparedness for, immediate response to, and short-term recovery from a specific eventâ (FEMA 1997). ⢠âAny action taken to eliminate or reduce the long-term risk to human life and property from natural hazards. Mitigation actions are accomplished by: â Acting on the hazard. Seeding hurricanes or triggering avalanches may eliminate a hazard before a disaster occurs. â Redirecting the hazard. A seawall or dune restoration program helps keep water away from people by redirecting the impact areas away from vulnerable locations. â Interacting with the hazard. Seismic safety provisions incorporated into building codes result in structures that are more able to withstand impacts and earthquakes. â Avoiding the hazard. âRiver corridor projects create multiple beneficial uses of the flood- plain while relocating structures to less vulnerable locationsâ (FEMA 1999). ⢠âProcesses that can reduce the amount and speed of future climate change by reducing emis- sions of heat-trapping gases or removing them from the atmosphereâ (United States Global Change Research Program 2020). ⢠âActivities taken to reduce the impacts from hazardsâ (DRI International, Inc., 2021). ⢠âMeasures undertaken to limit the adverse impact of, for instance, natural hazards, environ- mental degradation, and technological hazardsâ (DRI International, Inc., 2021). ⢠âThe act of alleviating a harmful circumstance. Risk mitigation seeks to reduce the probability and/or impact of a risk to below an acceptable thresholdâ (California Department of Trans- portation 2003). ⢠âStructural and non-structural measures undertaken to limit the adverse impact of natural hazards, environmental degradation, and technological hazardsâ (UNISDR 2002). Mobility ⢠âThe ability to move or be moved from place to placeâ (FHWA 2017a). ⢠âMobility is considered to be one of the primary justifications for having a transporta- tion network. A common way of measuring mobility, using a broad definition of it, is origin-destination (O-D) travel time. Transportation planners compute O-D travel times by link, trip purpose, time of day, and season as a part of facility planning. This usually provides
Glossary of Terms A-23 sufficient detail for asset management purposes. As a means of tracking agency performance for public consumption, a single network average trip time on a particular class of road is usually sufficient. Senior management will typically want more detail, such as peak hour trip times by corridor, as a way of identifying emerging needs for new capacityâ (AASHTO 2013). Monte Carlo Simulation/Analysis/Method ⢠âComputerized probabilistic calculations that use random number generators to draw samples from a probability distributionâ (Ashley et al. 2006). ⢠âA procedure, which seeks to simulate stochastic processes by random selection of input values to an analysis model in proportion to their joint probability density functionâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Natural Events/Hazards/Threats ⢠âThese include floods, snowstorms, extreme wind, wildfire, landslide, tsunami, and earth- quake. While probabilities and return periods of these events may be understood, it cannot be predicted when exactly the next event will occur. These events cannot be controlled, although an agency can prepare and mitigate against the effects in advanceâ (AASHTO 2013). Net Benefits ⢠âGross benefits less cost of achieving those benefits, where benefits include the present value of all benefits for the life of the option and costs include the present value of investment and oper- ating cost (also known as âlife-cycleâ costs); a measure of value of the optionâ (AWWA 2021). ⢠â. . . costs (see which), where costs include the present value of an investment and operating costs (also known as âlife-cycleâ costs); a measure of valueâ (AWWA 2014). Operational Costs ⢠âSometimes referred to as revenue or running costs, these are the costs resulting from day- to-day running of an operation (e.g., staff costs, hardware maintenance, and electricity)â (ISIXSIGMA n.d.). ⢠âOperating costs are associated with the maintenance and administration of a business on a day-to- day basis. Operating costs include direct costs of goods sold (COGS) and other oper- ating expensesâoften called selling, general, and administrative (SG&A)âwhich includes rent, payroll, and other overhead costs, as well as raw materials and maintenance expenses. Operating costs exclude non-operating expenses related to financing such as interest, invest- ments, or foreign currency translationâ (Murphy 2020). Operational Risk ⢠âThe risk of loss resulting from inadequate or failed procedures and controls. This includes loss from events related to technology and infrastructure, failure, business interruptions, staff related problems, and from external events such as regulatory changesâ (DRI International, Inc., 2021). Owner Costs ⢠âOwner costs are the replacement value of each asset and may include the asset life-cycle cost in more comprehensive Risk and Resilience (R&R) analysesâ (Kemp et al. 2017).
A-24 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Performance Indicators (âKey Performance Indicatorsâ) ⢠âKey Performance Indicators are a set of quantifiable measures that an organization uses to gauge its performance and determine if it is meeting its strategic and operational goals.â (Pierce Transit 2021) ⢠âKey performance indicators typically include, but are not limited to, elements such as project benchmarks, targets, milestone dates, numbers, percentages, variances, distri- butions, rates, time, cost, indexes, ratios, survey data, and report dataâ (Molenaar and Navarro 2011). Performance Measure ⢠âA measurable result related to either quantitative or qualitative answersâ (CDOT 2020). ⢠âPerformance measures are quantifiable indicators of performance that can be used to evaluate progress toward achievement of a goal or objective. While often used interchangeably with âindicator,â performance measures generally denote the presence of specific quantification mechanisms, units, and implied targets/benchmarksâ (Zeitman et al. 2011). ⢠âIndicators of how well the transportation system is performing with regard to such things as average speed, reliability of travel, and accident rates. Used as feedback in the decision- making processâ (FHWA 2017a). ⢠âPerformance measures are defined as indicators of system effectiveness and efficiencyâ (Amekudzi and Meyer 2011). ⢠âIn an asset management context, reliability is closely related to mobility and is defined as the standard deviation of origin-destination travel time. This definition is used because it is compatible with all types of modes and system components. Reliability can be improved by adding capacity, by responding more effectively to incidents, and by improving system opera- tions managementâ (AASHTO 2016). ⢠âIndicators that provide the basis for evaluating the transportation system operating condi- tions and identifying the location and severity of congestion and other problemsâ (Neudorff et al. 2012). Performance Measurement ⢠âA process of assessing progress toward achieving predetermined goalsâ (Neudorff et al. 2012). ⢠âPerformance measurement is the use of evidence to determine progress toward specific defined organizational objectives. This includes both quantitative evidence (such as the mea- surement of customer travel times) and qualitative evidence (such as the measurement of customer satisfaction and customer perceptions)â (FHWA 2017a). Performance Metrics ⢠âPerformance metrics are defined as figures and data representative of an organizationâs actions, abilities, and overall quality. There are many different forms of performance metrics, including sales, profit, return on investment, customer happiness, customer reviews, personal reviews, overall quality, and reputation in a marketplace. Performance metrics can vary con- siderably when viewed through different industriesâ (ASQ 2021). Preparedness ⢠âActions taken to plan, organize, equip, train, and exercise to build, apply, and sustain the capabilities necessary to prevent, protect against, ameliorate the effects of, respond to, and
Glossary of Terms A-25 recover from climate change related damages to life, health, property, livelihoods, ecosystems, and national securityâ (FHWA 2014). ⢠âThe range of deliberate critical tasks and activities necessary to build, sustain, and improve the operational capability to prevent, protect against, respond to, and recover from domestic incidents. Preparedness is a continuous process involving efforts at all levels of government and between government and private sector and nongovernmental organizations to identify threats, determine vulnerabilities, and identify required activities and resources to mitigate riskâ (DHS 2006). ⢠âThose activities, programs, and systems that exist prior to an emergency that is used to sup- port and enhance response to an emergency or disasterâ (FEMA 1992). ⢠âThe term âpreparednessâ refers to the existence of plans, procedures, policies, training, and equipment necessary at the Federal, State, and local level to maximize the ability to prevent, respond to, and recover from major events. The term âreadinessâ is used interchangeably with preparednessâ [HSPD-8 (Homeland Security Presidential Directive) 2003]. Preventative Measures/Risk Prevention ⢠âMeasures and actions taken in advance in order to prevent new risks or impede their devel- opment and strengthening. This means working around latent hazards and vulnerabilitiesâ (Inter-American Development Bank n.d.). Prevention ⢠âActivities to provide outright avoidance of the adverse impact of hazards and related envi- ronmental, technological and biological disastersâ (UNISDR 2002). Priority Access ⢠âThe resilience of a critical infrastructure asset could also be enhanced by giving it priority access to critical resources, thereby maintaining its services, or getting services back on-line more quickly to aid in a more general community recoveryâ (AASHTO 2017). Probabilistic Model ⢠âA probability model is a mathematical representation of a random phenomenon. It is defined by its sample space, events within the sample space, and probabilities associated with each eventâ (Yale University 1998). ⢠âModel with inputs that are quantities or probability distributions and with outputs that are probability distributions. Model logic attempts to adhere to laws of probabilityâ (PHMSA 2020). Probability (see also Likelihood) ⢠âA quantitative measure of the likelihood that a particular event, i.e., terrorist attack or natu- ral event, will occur. This is usually expressed as a mean value between 0 and 1 and can include a minimum and maximum range or distribution (density function). However, probability can also be expressed in qualitative terms (e.g., low, moderate, high) if there is a common understanding of the qualitative terms among all the stakeholders. The probability must be associated with a specific event and either a defined timeframe (e.g., range of probability that a threat occurs in one year) or a set of trials (e.g., range of probability of detecting a particular
A-26 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis type of intrusion given 10 attempts or range of probability that a consequence-mitigation action is successful given a demand)â (ASME 2009). ⢠âA measure of the likelihood, degree of belief, frequency, or chance that a particular event will occur in a period of time (usually one year) or a number of iterations or trials. This is usually expressed quantitatively as a value between 0 and 1, a range of values between 0 and 1, a distribution (density function), or the mean of such a distribution. Probability can also be expressed in qualitative terms, e.g., low, moderate, or high, if there is a common understand- ing of the meaning of the qualitative termsâ (AWWA 2014). ⢠âThe likelihood of hazard events occurring. Probabilities have traditionally been determined from the historic frequency of events. With changing climate and the introduction of non- climate stressors, the probability of hazard events also changesâ (United States Global Change Research Program 2020). Projection ⢠âA climate projection is the simulated response of the climate system to a scenario of future emission or concentration of greenhouse gases (GHGs) and aerosols, generally derived using climate modelsâ (International Panel on Climate Change 2018). Protection ⢠âActions to mitigate the overall risk to CI/KR assets, systems, networks, or their interconnecting links resulting from exposure, injury, destruction, incapacitation, or exploitation. In the context of the NIPP, protection includes actions to deter the threat, mitigate vulnerabilities, or minimize consequences associated with a terrorist attack or other incident. Protection can include a wide range of activities, such as hardening facilities, building resiliency and redun- dancy, incorporating hazard resistance into initial facility design, initiating active or passive countermeasures, installing security systems, promoting workforce surety, and implementing cyber security measures, among various othersâ (DHS 2006). Qualitative ⢠âConcepts that cannot be communicated through a natural metric, such as national security consequences or judgments of potential interactions between adaptive humans. Such con- cepts must sometimes be stated descriptively and specifically, but wherever possible should be couched in a measure that allows comparisons. Qualitative measures can be linguistic (e.g., high, medium, low) or quantified (e.g., a scale of 1 to 10)â (ASME 2009). Qualitative Risk Analysis/Assessment ⢠âAn appraisal of risk that uses linguistic terms and measurements to characterize the factors of risk. Wherever possible, qualitative analyses should be couched in terms of a consistent measure that allows comparisons between assets. Qualitative measures can be linguistic, e.g., high, medium, low, or quantified, e.g., a scale of 1 to 10â (ASME 2009). ⢠âAn analysis which uses word form, descriptive or numeric rating scales to describe the magnitude of potential consequences and the likelihood that those consequences will occurâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Quantified ⢠âA quantitative measure that uses numbers as a proxy for language. This enables greater precision in the communication of items that fall within ranges and facilitates the use of
Glossary of Terms A-27 mathematics to calculate decision-relevant terms (e.g., risk, risk reduction, resilience, and benefit-cost ratio)â (ASME 2009). Quantify ⢠âTo apply numerical ratings to things that do not have natural metrics, such as threat and vulnerabilityâ (ASME 2009). Quantitative ⢠âConcepts that are easily communicated through a natural metric, such as numbers of lives, dollars, frequency, etc.â (ASME 2009). Quantitative Risk Analysis/Assessment ⢠âAn analysis based on numerical values of the probability, vulnerability, and consequences, and resulting in a numerical value of the riskâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). ⢠âAn appraisal of risk that uses numerical measures to describe factors in the analysis. Wher- ever possible, quantitative measures should be used to allow clear, defensible, and precise comparisons among assetsâ (ASME 2009). Radiative Forcing ⢠âA measure of the influence a factor has in altering the balance of incoming and outgoing energy in the Earth-atmosphere system and is an index of the importance of the factor as a potential climate change mechanism. It is used to assess and compare the anthropogenic and natural drivers of climate changeâ (FHWA 2020). RAMCAP Plus ⢠âAn all-hazard risk and resilience management process for critical infrastructureâ (ASME 2009). Rapidity ⢠âThe capacity to meet priorities and achieve goals in a timely manner in order to contain losses and avoid future disruptionâ (Bruneau et al. 2003). Recovery ⢠âActivities and programs designed to return conditions to a level that is acceptable to the entityâ (DRI International, Inc., 2021). ⢠âThe development, coordination, and execution of service- and site-restoration plans for impacted communities and the reconstitution of government operations and services through individual, private sector, nongovernmental, and public assistance programs that identify needs and define resources; provide housing and promote restoration; address long-term care and treatment of affected persons; implement additional measures and techniques, as feasible; evaluate the incident to identify lessons learned; and develop initiatives to mitigate the effects of future incidentsâ (DHS 2006). ⢠âThose long-term activities and programs beyond the initial crisis period of an emergency or disaster and designed to return all systems to normal status or to reconstitute these systems to a new condition that is less vulnerableâ (FEMA 1992).
A-28 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Redundancy ⢠âRedundancies to the asset or system can improve resilience by being able to reroute production or process flows through one or more parallel components or subsystemsâ (AASHTO 2017). ⢠âDefined as duplicative or excess capacity that can be used in times of emergency. Adding redundant highway capacity generally falls outside the practice of asset management. How- ever, sound management of the assets on a detour and emergency evacuation routes increases a highway systemâs redundancyâ (FHWA 2013). ⢠âThe state of having duplicate capabilities, such as systems, equipment, or resourcesâ (DRI International, Inc., 2021). Reference Threat ⢠âA particular attack, specified in terms of intensity or magnitude, mode, and medium of delivery, to be used consistently across numerous assets to facilitate direct comparisons. It is not to be confused with âdesign basis threat,â which is the type and intensity of threat a facility is designed to withstandâ (ASME 2009). Reliability ⢠âLikelihood of successful performance of a given project element. Mathematically, Reliability = 1 â Probability of failureâ (see also Probability and Failure) (Technical Com- mittee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Remediation ⢠âThe act of mitigating a vulnerability or a threatâ (DRI International, Inc., 2021). Residual Risk ⢠âThe amount of risk remaining after the net effect of risk reduction actions are taken. The residual reflects the impact of threats not deterred, consequences not avoided, and vulner- abilities not reduced through other countermeasures. The concept can also include the risks from threats not included in a risk analysisâ (ASME 2009). ⢠âThe level of risk remaining after all cost-effective actions have been taken to lessen the impact, probability and consequences of a specific risk or group of risks, subject to an organizationâs risk appetiteâ (DRI International, Inc., 2021). ⢠âThe remaining level of risk at any time before, during, and after a program of risk mitigation measures has been takenâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Resilience ⢠â. . . a dictionary definition [Merriam-Webster Online Dictionary] for âresilienceâ is: âan ability to recover from or adjust easily to misfortune or change.â Strategies based on resilience accept that efforts to prevent attacks (reduce threats) and to defend against those attacks (reduce vulnerabilities), albeit necessary, will inevitably prove insufficient. Strategies based on resilience address all three components of the risk equation in an integrated fashionâ (Critical Infrastructure Task Force 2006).
Glossary of Terms A-29 ⢠âThe capability to maintain function during an event or to recover function rapidly after an event, including the provision of a substitute function or asset provided after an attack or natural event. The concept of resilience is still being formalized, but candidate indicators include reductions in the duration and severity of service denial and/or economic losses to the community due to service denialâ (ASME 2009). ⢠âThe ability to resist, absorb, recover from, or successfully adapt to adversity or a change in conditions,â and also, âThe ability of systems, infrastructures, government, business, and citi- zenry to resist, absorb, recover from, or adapt to an adverse occurrence that may cause harm, destruction, or loss of national significanceâ (AASHTO 2017). ⢠âThe ability to prepare and plan for, absorb, recover from, or more successfully adapt to actual or potential adverse eventsâ (AASHTO 2017). ⢠âThe capacity of a community, business, or natural environment to prevent, withstand, respond to, and recover from a disruptionâ (United States Global Change Research Program 2020). ⢠âResilience or resiliency is the ability to anticipate, prepare for, and adapt to changing condi- tions and withstand, respond to, and recover rapidly from disruptionsâ (FHWA 2014). ⢠â. . . the ability to minimize the costs of a disaster, to return to a state as good as or better than the status quo ante, and to do so in the shortest feasible timeâ (Gilbert 2010). Resilience Management ⢠âThe deliberate process of understanding resilience as both a function of loss of infrastruc- ture components and the ability of the community to cope with the loss and recover in the shortest practical time. Resilience management includes the ability to model the inter- dependencies of infrastructure components and decide upon and implement actions that will increase the resilience of the community given the loss of a subset of infrastructureâ (AWWA 2014). Resilience Metrics ⢠âResilience is a measure to guarantee an acceptable level of service in the face of these chal- lenges. Resilience metrics may be used to quantify how well a network can retain this level of service regarding different challengesâ (Zieglmeier 2016). Resource Allocation ⢠âIs the process of assigning scarce resources to investments in transportation assets. The assigned resources can be money, staff time, contractor capacity, equipment, or other organi- zational requirements for assets. The investments can be capital projects, maintenance efforts, or other projects and activities that require the use of an organizationâs resources through various delivery methodsâ (ASME 2009). Response ⢠âThe reactive use of emergency response capabilities to deal with the immediate consequences of an incident or attack. Often used in conjunction with proactive measures to create a more comprehensive and holistic protection systemâ (ASME 2009). ⢠âThose activities and programs designed to address the immediate and short-term effects of the onset of an emergency or disasterâ (FEMA 1992).
A-30 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Restorative Capacity ⢠âThe ability of the system to recover quickly after a shock or stress to normal functioningâ (Weilant et al. 2019). Return on Investment (ROI) ⢠âA measurement of the expected benefit of an investment. In the simplest sense it is the net profit of an investment divided by the net worth of the assets investedâ (DRI International, Inc., 2021). Risk ⢠âThe potential for loss or harm due to the likelihood of an unwanted event and its adverse consequences. It is measured as the combination of the probability and consequences of an adverse event. When the probability and consequences are expressed as numerical point estimates, the expected risk is computed as the product of those values. In the case of the RAMCAP Plus process and many other risk and resilience processes, the risk is the product of threat (likelihood or frequency of the event occurring), vulnerability (likelihood that the event will cause the estimated consequences, given that the event occurs), and consequenceâ (ASME 2009). ⢠âA function of consequences, hazard frequency or likelihood, and vulnerability which, with point estimates, is the product of the terms. It is the expected value of the consequences of an initiating event weighted by the likelihood of the eventâs occurrence and the likelihood that the event will result in the consequences, given that it occurs. Risk is based on identified events or event scenariosâ (AWWA 2014). ⢠âThe potential total cost if something of value is damaged or lost, considered together with the likelihood of that loss occurring. Risk is often evaluated as the probability of a hazard occur- ring multiplied by the consequence that would result if it did happenâ (United States Global Change Research Program 2020). ⢠âA possible event that could cause harm or loss or affect the ability to achieve objectives. Risk is measured by the probability of a threat, the vulnerability of the asset to that threat, and the impact it would have if it occurredâ (DRI International, Inc., 2021). ⢠âThe potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and associated consequencesâ (AASHTO 2017). ⢠â. . . the three components of risk: threat, vulnerability, and consequenceâ (Critical Infrastruc- ture Task Force 2006). ⢠âRisk is generally defined as the combination of the frequency of occurrence, vulnerability, and the consequence of a specified hazardous eventâ (DHS 2019). ⢠âA measure of potential harm that encompasses threat, vulnerability, and consequence. In the context of the NIPP, the risk is the expected magnitude of loss due to a terrorist attack, natural disaster, another incident, along with the likelihood of such an event occurring and causing that lossâ (DHS 2006). ⢠âThe estimated impact that a hazard would have on people, services, facilities, and structures in a community; the likelihood of a hazard event resulting in an adverse condition that causes injury or damage. Risk is often expressed in relative terms such as a high, moderate, or low likelihood of sustaining damage above a particular threshold due to a specific type of hazard event. It also can be expressed in terms of potential monetary losses associated with the intensity of the hazardâ (FEMA 2001b). ⢠âRisk is the threat to transportation operations caused by extreme events, other external hazards, and from asset failure arising from any cause. Some examples of causes of asset failure are poor condition, unexpected loading, or poor work practicesâ (AASHTO 2013).
Glossary of Terms A-31 Risk Allocation ⢠âPlacing responsibility for a risk to a party through a contract. The fundamental tenets of risk allocation include allocating risks to the party best able to manage them, allocating risks in alignment with project goals, and allocating risks to promote team alignment with customer- oriented performance goalsâ (Ashley et al. 2006). Risk Assessment ⢠âThe technical and scientific activity of estimating the components of risk and combining them into the estimate of risk. Risk analysis provides the processes for identifying hazards or hazard scenarios, event-probability estimation, vulnerability assessment, and consequence estimation. The risk analysis process answers three basic questions: (1) What can go wrong and how can it happen? (2) What is the likelihood that it will go wrong? (3) What are the consequences if it does go wrong? Risk analysis often includes estimating the impact of changes to a system to reduce risks by reducing the likelihood of an attack, the vulnerability to attack, and/or the magnitude or duration of consequences given a successful attack. Reductions in risk due to such changes are the benefits of those changes. Risk analysis generally contains the following steps: scope definition, hazard identification, risk estimation, risk-reduction option evaluation and communication of information useful in risk management resource allocationâ (AWWA 2014). ⢠âThe use of available information to estimate the risk to individuals or populations, property, or the environment from hazards. Risk analyses generally contain the following steps: defini- tion of scope, danger (threat) identification, estimation of the probability of occurrence to estimate hazard, evaluation of the vulnerability of the element(s) at risk, consequence identi- fication, and risk estimation. Consistent with the common dictionary definition of analysis, viz. âA detailed examination of anything complex made in order to understand its nature or to determine its essential features,â risk analysis involves the disaggregation or decomposi- tion of the system and sources of risk into their fundamental partsâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). ⢠âRisk assessment is the process of measuring the potential loss of life, personal injury, eco- nomic injury, and property damage resulting from natural hazards by assessing the vulner- ability of people, buildings, and infrastructure to natural hazards. A risk assessment tells you: â âThe hazards to which your state or community is susceptible; â What these hazards can do to physical, social, and economic assets; â Which areas are most vulnerable to damage from these hazards; and â The resulting cost of damages or costs avoided through future mitigation projectsâ (FEMA 2001b), p. iii. ⢠âA process to determine the nature and extent of risk by analyzing potential hazards and evalu- ating existing conditions of vulnerability/capacity that could pose a potential threat or harm to people, property, livelihoods and the environment on which they dependâ (UNISDR 2002). ⢠âThe quantification of threats to an organization and the probability of them being realizedâ (DRI International, Inc., 2021). Risk Aversion ⢠âThe behavior of humans while exposed to uncertainty to attempt to reduce that uncertaintyâ (Wikipedia 2021). Risk Characterization ⢠âRisk characterization is a synthesis and summary of information about a potentially hazard- ous situation that addresses the needs and interests of decision-makers and interested and
A-32 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis affected parties. Risk characterization is a prelude to decision-making and depends on an interactive, analytical-deliberate processâ (National Research Council 1989), p. 27. Risk Communication ⢠â. . . risk communication: the effective understanding of risks and the transfer of risk information to the public, and the transfer of information from the public to decisionmakers. . . . Risk man- agement decisions should not simply be made by technical experts and public officials and then imposed on and justified to the public after the fact. Risk Communication involves a dialogue among interested parties â risk experts, policy makers, and affected citizensâ (National Research Council 2000). ⢠â. . . an interactive process of exchange of information and opinion among individuals, groups, and institutions. . . . We construe risk communication to be successful to the extent that it raises the level of understanding of relevant issues or actions for those involved and satisfies them that they are adequately informed within the limits of available knowledgeâ (National Research Council 1989). ⢠âNational Research Council (1989) concludes that four objectives are key to improving risk communications: (1) goal setting, (2) openness, (3) balance, and (4) competence. As a means of achieving these objectives, it is important, at the start of any given project, to determine: â What the public knows, believes, and does not believe about the subject risk and ways to control it; â What quantitative and qualitative information do participants need to know to make critical decisions; and â How they think about and conceptualize the risk (National Research Council 1989).â (Pearce 2000). ⢠âAn interactive exchange of information and opinion among stakeholders designed to convey an understanding of risks and risk-reduction options to support resource allocation and other decisions to manage risks. It often involves multiple exchanges about the nature of risk and expressing concerns, opinions, or reactions of risk managers, legal experts, and manage- ment. Risk communication greatly affects risk acceptance, safety and security standards and the allocation of resources to risk reductionâ (ASME 2009). Risk Management ⢠âThe deliberate, cyclical process of understanding risk based on risk analysis and deciding upon, implementing, and managing action, e.g., security countermeasures or consequence- mitigation features to achieve an acceptable level of risk at an acceptable cost. Risk man- agement is characterized by identifying, measuring, estimating, and controlling risks to a level commensurate with an assigned or accepted value, monitoring and evaluating the effectiveness of implementation and operation of the selected options (with corrective actions as needed) and periodic repetition of the full risk management cycleâ (AWWA 2014). Risk Management Plan ⢠âScheme within the risk management framework specifying the approach, the management components, and resources to be applied to the management of riskâ (ISO 2009). ⢠âDocuments how the risk processes will be carried out during the project. This is the output of risk management planningâ (Project Management Institute 2004). Risk Mitigation ⢠âThe deliberate process of setting security and resilience goals; identifying assets, systems, net- works, and functions; understanding risk; and deciding upon and implementing action (e.g.,
Glossary of Terms A-33 defining security countermeasures, consequence-mitigation features or characteristics of the asset) to achieve an acceptable level of risk and resilience at an acceptable cost. Risk management identifies, estimates and controls risks to a level commensurate with an assigned or accepted value; it also measures performance and takes corrective action. Public and private sector entities often include risk management frameworks in their business continuity plansâ (ASME 2009). Risk Register ⢠âA document detailing all identified risks, including description, cause, probability of occur- rence, impact(s) on objectives, proposed responses, owners, and current statusâ (Project Management Institute 2004). Risk Tolerance ⢠âOrganizationâs readiness to bear the risk after risk treatments in order to achieve its objec- tivesâ (DRI International, Inc., 2021). Risk Transfer/Transference ⢠âA common technique used by risk managers to address or mitigate potential exposures of the organization. A series of techniques describing the various means of addressing risk through insurance and similar productsâ (DRI International, Inc., 2021). Road Weather Management ⢠âMitigation strategies employed in response to various weather threats including fog, high winds, snow, rain, ice, flooding, tornadoes, hurricanes, and avalanchesâ (Neudorff et al. 2012). Robustness ⢠âDefined as the capacity to cope with stress or uncertainty, asset management focuses upon optimizing the conditions of assets with available revenues. Well-maintained assets generally are better able to withstand the stresses of storm events and other disasters better than weak- ened and poorly maintained onesâ (U.S. Department of Transportation 2017). Safety ⢠âThe number of accidents, by severity, expected to occur on the entity per unit of time. An entity may be a signalized intersection, a road segment, a driver, a fleet of trucks, etc.â (AASHTO 2009). Scenario ⢠âA combination of events and system states that lead to an outcome of interest. A scenario defines a suite of circumstances of interest in a risk assessment. In the present context, a scenario includes at least a specific attack threat on a specific asset, with the associated prob- abilities and consequencesâ (ASME 2009). ⢠âA plausible description of how the future may develop based on a coherent and internally consistent set of assumptions about key driving forces (e.g., rate of technological change, prices) and relationships. Note that scenarios are neither predictions nor forecasts but are useful to provide a view of the implications of developments and actionsâ (International Panel on Climate Change 2018).
A-34 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Scenario Planning ⢠âScenario planning provides a framework for developing a shared vision for the future by analyzing various forces (e.g., climate change, land use, economy) that affect growth and management of the transportation system. Scenario planning tests various future alterna- tives in order to identify solutions that meet state and community needs under a variety of potential futures. Scenario planning is used in exercises to make critical decisions in the face of uncertaintyâ (FHWA 2017b). Sensitivity ⢠âThe degree to which a transportation system or asset is affected by climate variability or changeâ (FHWA 2015). ⢠âRefers to how an asset or system responds to, or is affected by, exposure to a climate change stressor. A highly sensitive asset will experience a large degree of impact if the climate varies even a small amount, where as a less sensitive asset could withstand high levels of climate variation before exhibiting any responseâ (FHWA 2020a). ⢠âThe degree to which a system, population, or resource is or might be affected by hazardsâ (United States Global Change Research Program 2020). Severity ⢠âThe amount of daily service deniedâ (AWWA 2014). Stakeholder ⢠âIndividual or group having an interest in the performance or success of an organization, e.g., customers, partners, employees, shareholders, owners, the local community, first responders, government, and regulatorsâ (DRI International, Inc., 2021). ⢠âPerson or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activityâ (ISO 2009). Standards-Based Approach ⢠âThe traditional approach to engineering, in which risks are controlled by following estab- lished rules as to design events and loads, structural capacity, safety coefficients and defensive design measuresâ (Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). State of Good Repair (SGR) ⢠âRefers to a condition in which existing physical assets, both individually and as a system, are functioning as designed within their useful service life and are kept functional through regular maintenance and replacement programsâ (AASHTO 2013). Sustainability ⢠âSustainability entails meeting human needs for the present and future while preserving envi- ronmental and ecological systems, improving quality of life, promoting economic develop- ment, and ensuring equity between and among population groups and over generationsâ (Zeitman et al. 2011).
Glossary of Terms A-35 ⢠âThe capacity to endure. The goal of sustainability can be described with the triple bottom line, which includes considering three primary principles: social, environmental, and eco- nomicâ (Flannery et al. 2018). System ⢠âAn integrated combination of people, property, environment, and processes integrated to work in a coordinated manner to achieve a specific desired output under specific conditions. As used in this document, a system encompasses the set of one or more assets and their associated environment (e.g., threats, vulnerabilities, consequences, buffer zone attributes) considered in a risk analysis. Systems should be defined based on the decision-specific ana- lytical objectives, which may lead to different types of definitions, such as âfunctional systems,â âmanagement systems,â and âengineering systemsââ (FHWA 2017a). ⢠âA group of interacting, interrelated, or interdependent elements, such as people, property, materials, environment, and/or processes, for a single purpose or defined set of purposes. The elements together form a complex whole that can be a physical structure, process, or proce- dure of some attributes of interestâ (AWWA 2014). Target ⢠See Asset (AWWA 2014). Technological Hazards ⢠âTechnological hazards: These result from accidents or failures of systems and structures and include dam failures, hazardous materials spills, power failure, and moreâ (The Polis Center 2015). Threat ⢠âAny indication, circumstance, or event with the potential to cause the loss of, or damage to, an asset or population. In the case of terrorism risk, threat represents intention and capability of an adversary to undertake actions detrimental to an asset or population and also the attrac- tiveness of the asset or population relative to alternative assets or populations. In the case of natural hazards, threat refers to the historical frequency of the specific natural event to which the asset(s) may be subjected. In both cases, for risk analysis, threat is defined as the likelihood the event will occurâ (ASME 2009). ⢠âPotential cause of an unwanted incident, which may result in harm to individuals, assets, a system or organization, the environment, or the communityâ (DRI International, Inc., 2021). ⢠âA man-made or natural event with the potential to cause harm. In malevolent risk analysis, threat is based on the analysis of the intention and capability of an adversary (whether insider or outsider) to undertake actions that would be detrimental to an asset. Threats may also arise from natural hazards or dependency hazards (interruptions of supply chains or proximity to dangerous or hazardous sites)â (AWWA 2014). Threat Analysis/Assessment ⢠âA systematic process of estimating threat likelihood determined based on historical frequen- cies or predictions from scientific tools and expert opinionâ (CDOT 2020). ⢠âThe study or assessment of threats, including adversary capability, intent and incidents that may be indicators of adversary activitiesâ (ASME 2009; AWWA 2014). ⢠âProcess of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threatâ (DRI International, Inc., 2021).
A-36 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis ⢠âNormalized assessments of attractiveness in light of the high-level objectives of terror- ists and intelligence-based assessments of adversary capabilities and intentâ (Flannery et al. 2018). Threat Characterization ⢠âThe identification and description of reference threat scenarios in enough detail to estimate vulnerability and consequencesâ (ASME 2009). ⢠âThreat scenario identification and description in enough detail to estimate vulnerability and consequencesâ (Flannery et al. 2018). ⢠âProcess to identify possible scenarios and describe in enough detail to estimate vulnerability and consequencesâ (CDOT 2020). Threat Likelihood ⢠âThe probability that an undesirable event will occur. With natural hazards, the threat likeli- hood is the historical frequency of similar events unless there is a belief that the future will differ from the past. With terrorist threats, the likelihood is a function of available intelli- gence, the objectives and capabilities of the terrorist, and the attractiveness, symbolic or fear- inducing value of the asset as a target. The terms âthreat likelihoodâ and âthreat probabilityâ are used interchangeably in this publicationâ (AWWA 2014; ASME 2009). ⢠âProbability that an event will occurâ (Colorado State n.d.). Transportation Asset Management ⢠âA strategic and systematic process of operating, maintaining, and improving physical assets, with a focus on engineering and economic analysis based upon quality information, to iden- tify a structured sequence of maintenance, preservation, repair, rehabilitation, and replace- ment actions that will achieve and sustain a desired state of good repair over the life cycle of the assets at minimum practicable costâ (FHWA 2020). ⢠âA strategic and systematic process of operating, maintaining, upgrading, and expanding physi- cal assets effectively throughout their life cycle. It focuses on business and engineering practices for resource allocation and utilization, with the objective of better decision-making based upon quality information and well-defined objectivesâ (AASHTO 2013; Neudorff et al. 2012). ⢠âThe coordinated activity of an organization to realize value from assets. Realization of value involves the balancing of costs, risks, opportunities, and performance benefits. Asset manage- ment enables an organization to examine the need for, and performance of, assets and asset systems at different levels. Additionally, it enables the application of analytical approaches toward managing an asset over the different stages of its life cycle (which can start with the conception of the need for the asset, through to its disposal, and includes the managing of any potential post disposal liabilities)â (ISO 2009; AASHTO 2021). Transportation Management Center (TMC) ⢠âThe hub of a transportation management and control system. The TMC brings together human and technological components from various agencies to perform a variety of func- tionsâ (Neudorff et al. 2012). Transportation Systems Management and Operations (TSMO) ⢠âAn integrated program to optimize the performance of existing infrastructure through the implementation of systems, services, and projects designed to preserve capacity and improve security, safety, and reliability of the transportation systemâ (Neudorff et al. 2012).
Glossary of Terms A-37 Twice Damaged Assets (âRepeatedly damaged facilitiesâ) ⢠âRepeatedly damaged facilities are roads, highways, and bridges that have required repair and reconstruction activities on two or more occasions due to natural disasters or catastrophic failures resulting in emergencies declared by the Governor of the State or the Presidentâ (23 CFR 667.1). Uncertainty ⢠âA measure of unpredictability or knowledge incompleteness. In quantitative risk assessment, uncertainty includes chance events, measurement and estimation error, and simple lack of knowledge about the models and parameter values used. Uncertainties can be expressed as levels of confidence, ranges, or probability distributionsâ (ASME 2009). ⢠âA state of incomplete knowledge. Uncertainty about future climate arises from the complexity of the climate system and the ability of models to represent it, as well as the inability to predict the decisions that society will makeâ (United States Global Change Research Program 2020). ⢠âDescribes any situation without certainty, whether or not described by a probability dis- tribution. Uncertainty is caused by natural variation and/or incomplete knowledge (lack of understanding or insufficient data). In the context of structural safety, uncertainty can be attributed to (i) aleatory uncertainty: inherent variability in natural properties and events, and (ii) epistemic uncertainty: incomplete knowledge of parameters and the relationships between input and output valuesâ (Technical Committee on Risk Assessment and Manage- ment Glossary of Risk Assessment Terms 2004). User Costs ⢠â. . . vehicle running costs and lost wagesâ (Kemp et al. 2017). ⢠âRoad User Costs in the work zone are added vehicle operating costs, delay costs, and crash costs to highway users resulting from construction, maintenance, or rehabilitation activityâ (NJDOT 2015). ⢠âThose costs realized by the users of a facility. In life cycle-cost analysis, user costs could take the form of delay costs or of changes in the vehicle operating costs associated with various alternativesâ (FHWA 2004). Vulnerability ⢠âThe degree to which a transportation system or asset is susceptible to, and unable to cope with, adverse effects of climate change, variability, and extremes. Vulnerability is a function of exposure, sensitivity, and adaptive capacityâ (FHWA 2015). ⢠âAny weakness in an asset or infrastructureâs design, implementation or operation that can be exploited by an adversary or can contribute to functional failure in a natural disaster. Such weaknesses can occur in building characteristics, equipment properties, personnel behavior, locations of people, equipment, and buildings or operational and personnel practices. In risk analysis, vulnerabilities are estimated using a variety of methods, but usually summarized as the probability that, given an attack or natural event, the estimated consequences will ensue, i.e., will cause the estimated damageâ (ASME 2009). ⢠âThe degree to which a system is susceptible to, or unable to cope with adverse effects of climate change or extreme weather events. In the transportation context, climate change vul- nerability is a function of a transportation systemâs exposure to climate effects, sensitivity to climate effects, and adaptive capacityâ (FHWA 2020). ⢠âAn inherent state of a system (e.g., physical, technical, organizational, cultural) that can be exploited by an adversary or impacted by a natural hazard to cause harm or damage.
A-38 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Such weaknesses can occur in building characteristics, equipment properties, personnel behavior, locations of people, equipment, and buildings, or operational and personnel practices. Vulnerability is expressed as the likelihood of an event having the estimated consequences, given that the event occursâ (AWWA 2014). ⢠âA weakness in the design, implementation, or operation of an asset, system, or network that can be exploited by an adversary, or disrupted by a natural hazard or technological failureâ (DHS 2006), p. 105. ⢠âA vulnerability assessment presents âthe extent of injury and damage that may result from a hazard event of a given intensity in a given area. The vulnerability assessment should address impacts of hazard events on the existing and future built environmentâ (FEMA 2001b). ⢠âDegree of loss (from 0% to 100%) resulting from a potentially damaging phenomenonâ (United Nations, Department of Humanitarian Affairs 1992). ⢠âThe degree of loss to a given element or set of elements within the areaâ (Technical Commit- tee on Risk Assessment and Management Glossary of Risk Assessment Terms 2004). Vulnerability Assessment ⢠âA systematic examination of an assetâs ability to withstand a specific threat using current secu- rity and emergency preparedness procedures and controls. A vulnerability assessment often suggests countermeasures, mitigation features, and other security improvements. A vulnerability analysis may be used to: compute the probability a particular attack will succeed; compute the probability of significant damage, destruction, or incapacitation of part or all of an asset result- ing from a given threat; identify weaknesses that could be exploited and predict the effective- ness of additional security measures in protecting an asset from attackâ (ASME 2009). Vulnerability Estimate ⢠âThe conditional probability that an attack or natural event will cause specifically estimated consequencesâ (ASME 2009). Vulnerability Logic Diagrams (VLDs) ⢠âVLDs are used to illustrate the flow of events from the time an adversary approaches the facility to the terminal event in which the attack is foiled or succeeds, considering the obstacles and countermeasures that must be surmounted, with each terminal event associated with a specific vulnerability âbin.â This is frequently complemented by time estimates for each seg- ment and compared with an estimate of the reaction time of a counterforce once the attack has been detected. In many of the RAMCAP Sector-Specific Guidance documents, VLDs are prepared in advance as a heuristic to guide the team in making its assessmentâ (ASME 2009). Worst Reasonable Consequence ⢠âAn operating assumption for estimating consequence values that utilizes the most severe but reasonable consequences for a specific adversarial threat but does not combine unlikely coincidences. It directly reflects the assumption that an adversary is knowledgeable about the asset to be attacked and adaptive given emergent conditionsâ (ASME 2009; AWWA 2014). Bibliography AASHTO. (2009). Highway Safety Manual, 1st ed. Washington, DC. AASHTO. (2013). AASHTO Transportation Asset Management GuideâA Focus on Implementation. Retrieved from https://www.fhwa.dot.gov/asset/pubs/hif13047.pdf.
Glossary of Terms A-39 AASHTO. (2017). Understanding Transportation Resilience: A 2016â2018 Roadmap for Security, Emergency Management, and Infrastructure Protection in Transportation Resilience. Washington, DC. AASHTO. (2021). AASHTO TAM Guide. Retrieved February 9, 2021, from https://www.tamguide.com/guide/. Akpeninor, J. O. (2012). Modern Concepts of Security. Bloomington, IN: Author House. Amekudzi, A., and Meyer, M. (2011). Best Practices in Selecting Performance Measures and Standards for Effective Asset Management. Atlanta, GA: Georgia Department of Transportation. Asam, S., Bhat, C., Dix, B., Bauer, J., and Gopalakrishna, D. (2015). Climate Change Adaptation Guide for Transpor- tation Systems Management, Operations and Maintenance. Washington, DC: U.S. Department of Transpor- tation Federal Highway Administration. Retrieved from http://www.dot.state.oh.us/Divisions/Operations/ Traffic-Management/TSMO%20Docs/FHWA%20Climate%20Change%20Adaptation%20Guide%20for %20Transportation%20Systems%20Management%20Operations%20and%20Maintenance.pdf. Ashley, D. B., Dickmann, J. E., and Molenaar, K. R. (2006). Guide to Risk Assessment and Allocation for High- way Construction Management. Washington, DC: U.S. Department of Transportation, Federal Highway Administration. ASME. (2009). All-hazards Risk and Resilience: Prioritizing Critical Infrastructure Using the RAMCAP Plus Approach. New York: American Society of Mechanical Engineers. ASQ. (2021). What Are Performance Metrics? Retrieved February 10, 2021, from https://asq.org/quality-resources/ metrics. Australian National Committee on Large Dams. (1994). Guidelines on Risk Assessment. Australia. AutoQuiz: What Is the Definition of a Design Standard? (2021). International Society of Automation. Retrieved February 9, 2021, from https://blog.isa.org/design-standards-definition. AWWA. (2014). Risk and Resilience Management of Wastewater Systems Using the ASME-ITI RAMCAP Plus Methodology. Washington, DC: American Waster Water Association. AWWA. (2021). Risk and Resilience Management of Water and Wastewater System. J100-21 Standard. 2nd ed. Bier, M., Haimes, Y. Y., Lambert, J. H., Matalas, N. C., and Zimmerman, R. (1999). A Survey of Approaches for Assessing and Managing the Risks of Extremes. Risk Analysis, 19(1), 83â94. Blanchard, B. W. (2006, July 28). Appendix: Select Emergency Management-Related Terms and Definitions in Hazards, Disasters and the U.S. Emergency Management System: An Introduction. Emmitsburg, MD: FEMA. Retrieved February 11, 2021, from https://training.fema.gov/hiedu/aemrc/courses/coursesun- derdev/hazdisusems.aspx. Bruneau, M., Chang, S. E., Eguchi, R. T., OâRourke, T. D., Reihnorn, A. M., Shinozuka, M., Winterfeldt, D. v. (2003). A Framework to Quantitatively Assess and Enhance the Seismic Resilience of Communities. Earth- quake Spectra, 19(4), 733â752. Burton, I., Kates, R., and White, G. (1993). The Environment as Hazard, 2nd ed. New York: Guilford Press. California Department of Transportation. (2003). Project Risk Management Handbook. Sacramento, CA: California Department of Transportation, Office of Project Management Process Improvement. Cambridge Systematics, Inc. (2009). NCHRP Report 632: An Asset-Management Framework for the Interstate Highway System. TRB, National Research Council, Washington, DC. Retrieved from https://www.nap.edu/ download/14233. CDOT. (2020). Colorado Department of Transportation Risk and Resilience Procedure: A Manual for Calculating Risk to CDOT Assets from Flooding, Rockfall, and Fire Debris Flow. Retrieved from https://www.codot.gov/ programs/planning/cdot-rnr-analysis-procedure-8-4-2020-v6.pdf. Colorado State. (n.d.). Probability. Retrieved February 11, 2021, from https://www.math.colostate.edu/â¼freeman/ m130/probability1.pdf. Critical Infrastructure Protection Act of 2001, Public Law 107-56, Sec. 1016(6). (n.d.). Critical Infrastructure Task Force. (2006). Report of the Critical Infrastructure Task Force. Washington, DC: Homeland Security Advisory Council. Deyle, R., French, S., Olshansky, R., and Paterson, R. (1998). Hazard Assessment: The Factual Basis for Planning Mitigation. In R. Burby (Ed.), Cooperating with Nature. Washington, DC: National Academies Press. DHS. (2006). National Infrastructure Protection Plan. Washington, DC: U.S. Department of Homeland Security. DHS. (2019). A Guide to Critical Infrastructure Security and Resilience. Washington, DC: U.S. Department of Homeland Security. Retrieved from https://www.cisa.gov/sites/default/files/publications/Guide-Critical- Infrastructure-Security-Resilience-110819-508v2.pdf. Disaster and Emergency Reference Center. (1998). Disaster Management Glossary. K. Nimpuno, Ed., Delft, Netherlands: Disaster and Emergency Reference Center. DRI International, Inc. (2021). DRI International Glossary. Retrieved February 8, 2021, from https://drii.org/ resources/viewglossary. Dymon, U. J. (2004). Session 1, Introduction to and Evolution of Hazard Mapping and Modeling. In Hazard Mapping and Modeling (Draft FEMA Emergency Management Higher Education Project College Course). Emmitsburg, MD: Emergency Management Institute.
A-40 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis ENISA. (2011). Measurement Frameworks and Metrics for Resilient Networks and Services: Technical Report. European Network and Information Security Agency. FEMA. (n.d.). Continuity of Operations. An Overview. Retrieved from https://www.fema.gov/pdf/about/org/ncp/ coop_brochure.pdf. FEMA. (1990). Definitions of Terms (Instruction 500.2). Washington, DC. FEMA. (1992). Federal Response Plan with Revisions. (FEMA Publication 229). FEMA. (1995). Introduction to Emergency Management. Emmitsburg, MD: Emergency Management Institute. FEMA. (1997). Multi-Hazard Identification and Assessment. Washington, DC. FEMA. (1999). The Professional in Emergency Management (Independent Study IS-513). Emmitsburg, MD: Emergency Management Institute. FEMA. (2001a). The Disaster Dictionary-Common Terms and Definitions Used in Disaster Operations (9071.1-JA Job Aid). Washington, DC. FEMA. (2001b). Understanding Your Risks: Identifying Hazards and Estimating Losses (State and Local Mitigation Planning How-To Guide, FEMA 386-2). Washington, DC: FEMA. FHWA. (2002, June 1). Creating an Effective Program to Advance Transportation System Management and Operations. Retrieved from https://ops.fhwa.dot.gov/Publications/fhwahop12003/background.htm. FHWA. (2004). Guide for Mechanistic Empirical Design of New and Rehabilitated Pavement Structures: Appendix A. Washington, DC. Retrieved from https://www.fhwa.dot.gov/engineering/geotech/pubs/05037/aa.cfm FHWA. (2013). Risk-Based Transportation Asset Management: Building Resilience into Transportation Assets. Report 5: Managing External Threats Through Risk-Based Asset Management. Washington, DC: U.S. Department of Transportation. FHWA. (2014, December 15). FHWA Order 5520. Retrieved from https://www.fhwa.dot.gov/legsregs/directives/ orders/5520.cfm. FHWA. (2015). Gulf Coast Study. Retrieved from https://www.fhwa.dot.gov/environment/sustainability/resilience/ ongoing_and_current_research/gulf_coast_study/index.cfm. FHWA. (2017a, June 28). Planning Glossary. Retrieved February 9, 2021, from https://www.fhwa.dot.gov/ Planning/glossary/glossary_listing.cfm. FHWA. (2017b, June 28). FHWA Scenario Planning and Visualization in Transportation. Retrieved from https:// www.fhwa.dot.gov/planning/scenario_and_visualization/. FHWA. (2020, May 15). Climate Change Adaptation Guide for Transportation Systems Management, Operations, and Maintenance. Retrieved December 4, 2020, from https://ops.fhwa.dot.gov/publications/fhwahop15026/ ch3.htm#s3f. FHWA. (2021). Transportation Performance Management Terms. Retrieved February 10, 2021, from https:// www.tpmtools.org/wp-content/uploads/2016/09/guidebook-final-appendix-c.pdf. FHWA. (n.d.). 23 CFR § 515.5âDefinitions. Legal Information Institute. Retrieved February 8, 2021, from https://www.law.cornell.edu/cfr/text/23/515.5. Flannery, A., Pena, M., and Manns, J. (2018). NCHRP Synthesis 527: Resilience in Transportation Planning, Engineering, Management, Policy, and Administration. Transportation Research Board, Washington, DC. Gilbert, S. W. (2010). Disaster Resilience: A Guide to the Literature. National Institute of Standard and Technology (NIST). Retrieved from https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=906887. Hayes, A. (2020, August 21). Benefit-Cost Ratio (BCR). Investopedia. Retrieved February 9, 2021, from https:// www.investopedia.com/terms/b/bcr.asp. HSPD-8 (Homeland Security Presidential Directive). (2003). National Preparedness. Washington, DC: The White House. Inter-American Development Bank (IDB). RiskmonitorâGlossary. (n.d.). Retrieved from https://riskmonitor. iadb.org/en/node/92#:~:text=Measures%20and%20actions%20taken%20in,around%20latent%20hazards%20 and%20vulnerabilities. International Panel on Climate Change. (2018, April 6). IPCC Glossary. Retrieved from https://www.ipcc.ch/ report/sr15/glossary/. ISIXSIGMA. (n.d.). Definition of Operational Cost. Retrieved February 9, 2021, from https://www.isixsigma. com/dictionary/operational-cost/#:â¼:text=Definition%20of%20Operational%20Cost%3A,used%20up%20 (e.g.%2C%20consultancy). ISO. (1990). Guidelines for the Inclusion of Safety Aspects in Standards (ISO Guide 51). Geneva: International Standards Organization. ISO. (2009). International Standard ISO 31000âRisk Management, Principles and Guidelines. Geneva: International Standards Organization. Kemp, E., Flannery, A., and Krimmer, M. (2017). Risk and Resilience Analysis for Highway Assets. Transportation Research Record: Journal of the Transportation Research Board, No. 2604, 1â8. Molenaar, K. R., and Navarro, D. (2011). Key Performance Indicators in Highway Design and Construction. Transportation Research Record: Journal of the Transportation Research Board, No. 2228, 51â58.
Glossary of Terms A-41 Murphy, C. (2020, December 27). Operating Cost. Investopedia. Retrieved February 9, 2021, from https://www. investopedia.com/terms/o/operating-cost.asp. Nakanishi, Y. J., and Auza, P. M. (2015). FEMA and FHWA Emergency Relief Funds Reimbursements to State Departments of Transportation. Washington, DC: National Academies Press. National Research Council. (1989). Improving Risk Communication. National Academies Press, Washington, DC. National Research Council. (2000). Risk Analysis and Uncertainty in Flood Damage Reduction Studies. National Academies Press, Washington, DC. National Science and Technology Council (NSTC), Committee on the Environmental and Natural Resources, Subcommittee on Natural Disaster Reduction. (1996). Natural Disaster Reduction: A Plan for the Future. Washington, DC: U.S. Government Printing Office. Neudorff, L. G., Mason, J., and Bauer, J. (2012). Transportation Research E-Circular E-C-166: Glossary of Regional Transportation Systems Management and Operations Terms. Transportation Research Board of the National Academies, Washington, DC. New York State Energy Research and Development Authority. (2020). Responding to Climate Change in New York State (ClimAID). Retrieved from https://www.nyserda.ny.gov/About/Publications/Research%20 and%20Development%20Technical%20Reports/Environmental%20Research%20and%20Development %20Technical%20Reports/Response%20to%20Climate%20Change%20in%20New%20York. NJDOT. (2015). Road User Cost Manual. State of New Jersey Department of Transportation. Pearce, L. (2000). An Integrated Approach for Community Hazard, Impact, Risk and Vulnerability Analysis: HIRV. PhD dissertation. University of British Columbia, Vancouver, Canada. PHMSA. (2020). Pipeline Risk Modeling Overview of Methods and Tools for Improved Implementation. Washington, DC: U.S. DOT Pipeline Hazardous Materials Administration. Pierce Transit. (2021). Key Performance Indicators. Retrieved February 19, 2021, from https://www.piercetransit. org/PT-Key-Performance-Indicators/. Project Management Institute. (2004). A Guide to Project Management Body of Knowledge (PMBOK Guide). Newton Square, PA: Project Management Institute. Public Law 114-94, Fixing Americaâs Surface Transportation Act. (2015, December 4). Retrieved from https:// www.govinfo.gov/app/details/PLAW-114publ94. Smith, K. (1996). Environmental HazardsâAssessing Risk and Reducing Disaster, 2nd ed. London and New York: Routledge. Standards Australia/Standards New Zealand. (1995). AS/NZS 4360âRisk Management. North Sydney, Australia. Technical Committee on Risk Assessment and Management Glossary of Risk Assessment Terms. (2004). Risk AssessmentâGlossary of Terms. Retrieved February 8, 2021, from http://140.112.12.21/issmge/2004Glossary_ Draft1.pdf. The Polis Center. (2015). Threat and Hazard Identification and Risk Assessment (THIRA). Indianapolis, IN: Allen County Department of Homeland Security. Transportation Research Board. (n.d.). Transportation Benefit-Cost Analysis. Committee on Economics and Finance. Retrieved February 9, 2021, from https://sites.google.com/site/benefitcostanalysis/. U.S. Climate Change Science Program and the Subcommittee on Global Change Research. (2008). SAP 4.7. Impacts of Climate Change and Variability on Transportation Systems and Infrastructure: Gulf Coast Study. Retrieved from https://www.globalchange.gov/browse/reports/sap-47-impacts-climate-change-and- variability-transportation-systems-and/. U.S. Department of Transportation. (2017, January). Resilience and Transportation Planning. Retrieved December 6, 2020, from http://www.planhillsborough.org/wp-content/uploads/2017/03/Resilience- Tsp-Fact-Sheet.pdf#:â¼:text=January%202017%20FHWA-HEP-17-028%20RESILIENCE%20AND%20 TRANSPORTATION%20PLANNING%20.,secure%20and%20resilient%20to%20a%20myriad%20 of%20hazards. UNISDR. (2002). Living with Risk: A Global Review of Disaster Reduction Initiatives (preliminary version). Geneva: United Nations, International Strategy for Disaster Reduction. UNISDR. (2018). Man-made and Technological Hazards: Practical Considerations for Addressing Man-made and Technological Hazards in Disaster Risk Reduction. New York: United Nations. UNISDR Terminology. (2016). DRI International (DRI) Glossary for Resilience. Retrieved January 20, 2020, from http://drii.org/resources/viewglossary. United Nations, Department of Humanitarian Affairs. (1992). Internationally Agreed Glossary of Basic Terms Related to Disaster Management. (DNA/93/36). Geneva: United Nations. United States Global Change Research Program. (2020, January 7). U.S. Climate Resilience Toolkit. Retrieved January 20, 2020, from https://toolkit.climate.gov/content/glossary. Virginia Tech. (2011). Hazard Assessments. Retrieved February 9, 2021, from https://www.ehss.vt.edu/programs/ haz_assess_intro.php.
A-42 Developing a Highway Framework to Conduct an All-Hazards Risk and Resilience Analysis Wainschel, M. (2006). Business Continuity Terminology Update. Continuity Insights, 4(1), 54â55. WDOT. (2020). Design Manual. Madison, WI: Wisconsin Department of Transportation. Weilant, S., Strong, A., and Miller, B. (2019). Incorporating Resilience into Transportation Planning and Assess- ment. RAND Corporation. Wikipedia. (2021, January 13). Risk Aversion. Retrieved from https://en.wikipedia.org/wiki/Risk_aversion. Yale University. (1998). Probability Models. Retrieved February 9, 2021, from http://www.stat.yale.edu/Courses/ 1997-98/101/probint.htm. Zeitman, J., Ramani, T., Potter, J., Reeder, V., and DeFlorio, J. (2011). NCHRP Report 708: A Guidebook for Sus- tainability Performance Measurement for Transportation Agencies. Transportation Research Board of the National Academies, Washington, DC. Zieglmeier, V. (2016). Resilience Metrics. Network Architectures and Services, 9, 1â15. doi:10.2313/NET-2016- 09-1_02.