Tailings dams design and experience

Lately several tailings dam failures rocked the mining world. Despite the relative high frequency of these events we have heard engineers qualify the failures as “one in a million”, “extremely rare” or even “black swans”. Today we want to discuss a few concepts on tailings dams design and experience. In particular, we will focus on some disconcerting qualifiers like the ones we just cited above.

For example, given the experience of tailings dams catastrophic failures  resulting from combinations of various failure modes, we find highly disconcerting that people still discuss “credible failure modes”. We believe there is nothing to discuss related to “credible failure modes”, as there should be “no a priori exclusion” of a failure mode! Indeed, all failure modes are credible, meaning that it is generally not possible to eliminate any of them arbitrarily. Furthermore, we can easily show that even if the failure modes are independent and each one has a probability of occurrence at the border of credibility (i.e., say, a probability of 10^-5 per year ), their combination will easily result in a probability of failure one order of magnitude higher.

Additionally, NASA’s C. Michael Holloway stated: “To a first approximation, we can say that accidents are almost always the result of incorrect estimates of the likelihood of one or more things.”

• We fatally underestimate the probabilities of what can happen.
• Designers will say a failure mode is “not credible”, when it actually can happen with probabilities far greater than requirements allow.

Designer experience

Engineers must make decisions based on limited knowledge. Therefore their design choices will exhibit bounded rationality. Indeed, a typical designer’s total hands-on system experience time is almost nonexistent compared to typical system requirements and exposures.”

A typical designer with 20 years of experience has less than 5,000 hours of real hands-on system experience. In  addition almost none of this is in the system’s real environment. Thus the engineer sees a negligible number of failures.

So, when a designer says that a failure can’t happen, this means that he has not seen one in less than 5,000 hours of observation. But 5,000 hours is negligible compared to the collection of every incident over the collection of dams. Indeed, 5,000 hours is poor against:

• 8760 hours, i.e. 1 dam per year, and
• completely negligible for 3*10⁷ collective operational experience per year (3500 dams).

If we go back now to the initial reference “…incorrect estimates of the likelihood of one or more things” we have to notice that engineers generally treat failures modes in silos when in reality they occur simultaneously. Framing one probability is hard and framing many is even harder…

Additionally, failure modes also completely miss the:

• human factors that afflict any human endeavor including over-confidence,
• lack of care/insufficient effort, excessive audacity, and finally
• mistakes.

Risk assessment and management is effective when personnel involved in the process have the domain expertise necessary to:

• credibly challenge the risk-taking project engineers on their own turf and
• interpret and react to changing conditions.

Tailings dams design and experience closing remarks

Using a censored list of failure modes, under the assumption we can discard a priori some of them because they are not credible, is a negligent approach.

That is particularly true as, most of the time, no one cares to define what the credibility threshold is. Furthermore experience is unfortunately always incomplete. That unfortunately leads to uncertainties larger than believed. Behavioral and cognitive biases can lead even the most expert designers into overconfidence and misjudgments.

As a result, we cannot rely on our experience-based intuition to determine whether a failure can happen within required probability limits. Doing that is displaying technical arrogance.

To reduce this type of error and misleading statements we need to avoid censoring and biasing. That can be done through dashboards displaying baseline status as well as tools to monitor and adapt to new events.

Tagged with: bounded rationality, credible event, credible failure modes, dams, dams failures, designer, Tailings Dams

Category: Mitigations, Optimum Risk Estimates, ORE2_Tailings, Probabilities, Risk analysis, Risk management