**3. The RA\_X expert system**

Construction industry is one of the activities more affected by work accidents. According to European Agency for Safety and Health at Work around 1,300 workers are killed each year, equivalent to 13 employees out of every 100,000 — more than twice the average of other sectors (EASHW, 2010). As a result of its particular characteristics (e.g., projects performed only once, poor working conditions, some tasks involve particular risks to the safety and health of workers, emigrant workers, low literacy, low safety culture) construction industry has special legislation concerning the workers protection, because temporary or mobile construction sites create conditions prone to expose workers to particularly high levels of risk. Temporary or mobile construction sites means any construction site at which building or civil engineering works are carried out, which include repair and maintenance activities. In Europe the Framework Directive is complemented by the Council Directive 92/57/EEC of 24 June 1992 that addresses minimum safety and health requirements at temporary or mobile construction sites designed to guarantee a better OHS standard for workers.

Despite a steady and steep decline in the accident rates in the construction industry they remain unacceptably high, both in Europe (EASHW, 2010) and in the US (NASC, 2008). One contribution for the lowering of such accident rates could be making available tools that support the risk management activities in a simple and easy way, since there is still a lack of practical tools to support these activities. This shortfall leads to the existence of a big gap between the available health and safety knowledge and the one that is applied. Using computer-based methods could be an interesting approach to support risk assessment. The possible reasons for the lack of computer aided support tools are twofold. On one hand, the conventional software programming, based on Boolean approaches, have trouble in dealing with the inherent complexity and vagueness of the data and knowledge used in the risk

The estimations of these parameters usually involve imprecise or vague data, incomplete information or lack of historical data that can be used to produce statistics. This is the reason why the introduction of methodologies based on fuzzy logic concepts can improve risk

Another important aspect in risk management is that there is no single cause (or simple sequence), but rather an interaction of multiple causes that directly and indirectly contribute to an occupational accident, the so-called cumulative act effects (Reason, J., 1997). The Reason model for the study of accident causation lies on the fact that most accidents can be traced to one or more of four levels of failure: organizational influences, unsafe supervision, preconditions for unsafe acts, and the unsafe acts themselves. The organization's defenses against these failures are modelled as a series of barriers. The barriers could be physical or organizational. The model considers active failures (unsafe acts that can be directly linked to an accident) and latent failures (contributory factors in the work system that may have been hidden for days, weeks, or months until they finally

Therefore, is important to include organizational and individual factors in the risk management process. This is also in accordance with more holistic views, recognized by several authors, that consider also a host of other factors (e.g., individual, psychosocial) that

Construction industry is one of the activities more affected by work accidents. According to European Agency for Safety and Health at Work around 1,300 workers are killed each year, equivalent to 13 employees out of every 100,000 — more than twice the average of other sectors (EASHW, 2010). As a result of its particular characteristics (e.g., projects performed only once, poor working conditions, some tasks involve particular risks to the safety and health of workers, emigrant workers, low literacy, low safety culture) construction industry has special legislation concerning the workers protection, because temporary or mobile construction sites create conditions prone to expose workers to particularly high levels of risk. Temporary or mobile construction sites means any construction site at which building or civil engineering works are carried out, which include repair and maintenance activities. In Europe the Framework Directive is complemented by the Council Directive 92/57/EEC of 24 June 1992 that addresses minimum safety and health requirements at temporary or

mobile construction sites designed to guarantee a better OHS standard for workers.

Despite a steady and steep decline in the accident rates in the construction industry they remain unacceptably high, both in Europe (EASHW, 2010) and in the US (NASC, 2008). One contribution for the lowering of such accident rates could be making available tools that support the risk management activities in a simple and easy way, since there is still a lack of practical tools to support these activities. This shortfall leads to the existence of a big gap between the available health and safety knowledge and the one that is applied. Using computer-based methods could be an interesting approach to support risk assessment. The possible reasons for the lack of computer aided support tools are twofold. On one hand, the conventional software programming, based on Boolean approaches, have trouble in dealing with the inherent complexity and vagueness of the data and knowledge used in the risk

assessment methods.

contributed to the accident) (Reason, J., 1997).

**3. The RA\_X expert system** 

can contribute to the risk (EC, 2009), (EASHW, 2002).

assessment processes. On the other hand there are no steady and Universal rules to use for the assessment (e.g., action and threshold limit values) and the advice (e.g., regulations). These challenges call for solutions that are innovative in terms of methodologies, flexible in terms of tailoring to a specific regional context, and adaptive to deal with new or emerging risks and regulations.

The motivation for the development of the Risk Analysis Expert System (RA\_X) was to make use of some emergent instruments offered by the Artificial Intelligence toolbox, namely the use of fuzzy logics in the development of a fuzzy expert system. Fuzzy Logics has been used to handle uncertainty in human-centred systems (e.g., ergonomics, safety, occupational stress) analysis, as a way to deal with complex, imprecise, uncertain and vague data. The literature review performed by (Nunes, I. L., 2010a) characterizes and discusses some examples of such applications.

Expert Systems (ES), also called knowledge-based systems, are computer programs that aim to achieve the same level of accuracy as human experts when dealing with complex, illstructured specific domain problems so that they can be used by non-experts to obtain answers, solve problems or get decision support within such domains (Turban, E. et al., 2004). The strength of these systems lies in their ability to put expert knowledge to practical use when an expert is not available. Expert systems make knowledge more widely available and help overcome the problem of translating knowledge into practical, useful results. ES architecture contains four basic components: (a) a specialized Knowledge Base that stores the relevant knowledge about the domain of expertise; (b) an Inference Engine, which is used to reason about specific problems, for example using production rules or multipleattribute decision-making models; (c) a working memory, which records facts about the real world; and (d) an interface that allows user-system interaction, as depicted in Figure 2.

A Fuzzy Expert System is an ES that uses Fuzzy Logic in its reasoning/inference process and/or knowledge representation scheme. For more information about Expert Systems see, for instance, (Turban, E. et al., 2010), (Gupta, J. N. D. et al., 2006), (Turban, E. et al., 2004).

The main objective of RA\_X is assisting the risk management process, which is key for the promotion of safety and health at work, by identifying, assessing and controlling occupational risks and advising on the application of corrective or preventive actions. One requirement for this system is the adoption of a flexible framework that can be easily customized to the particular needs and specificities of groups of users (e.g., particular fields of activity, different national/regional legislation and standards). The underlying concept was first presented in (Nunes, I. L., 2005) and the proof of concept for the risk assessment phase was presented in (Monteiro, T., 2006).

In (Nunes, I. L., 2005) it was described the Fuzzy Multiple Attribute Decision Making (FMADM) model developed by the author for the evaluation of risk factors. This model was applied in two different risk assessment contexts, for ergonomic analysis and for risk analysis for work accidents. The ergonomic analysis FMADM model was used in the ERGO\_X fuzzy expert system prototype and in the subsequent implementation of the FAST ERGO\_X fuzzy expert system. To learn more about ERGO\_X and FAST ERGO\_X see, for instance, (Nunes, I. L., 2006a, b, 2007, 2009). This article offers a view of the current state of evolution of the FMADM model for the risk analysis for work accidents that was introduced in (Nunes, I. L., 2005) used for the development of the RA\_X fuzzy expert system and presents an example applied to the risk management in the construction industry.

Applications of Fuzzy Logic in Risk Assessment – The RA\_X Case 27

measures set in the workplace, and the presence of a number of other factors, collectively

These main factors are assessed based on Attributes that characterize one particular work situation. Attribute's raw data can be of objective or subjective nature, depending if it is quantitative data obtained from measurements (e.g., height of a scaffold, depth of a trench, voltage of a power line) or qualitative data obtained from opinions of experts (e.g., adequacy, periodicity, acceptability). Figure 3 shows a schematic representation of the RA\_X assessment model. The process depicted in the figure will be repeated as many times as the number of Cases to analyze (which may be the total number of cases in the Knowledge Base,

In this approach it is considered that the data collection phase (depicted inside the boxes in the left hand side of Figure 3) includes the gathering of raw data and their pre-processing (i.e., fuzzification and aggregation) in order to generate the fuzzy attributes that will be used as inputs in the subsequent phase (the risk assessment). Usually each risk results from a single specific hazard but its triggering is affected by different types of safety control measures and potentiating factors. Therefore, for each Case defined in the Knowledge Base the model considers one Hazard fuzzy attribute, and several Safety Control Factors and

The risk assessment phase is depicted in the right hand side of Figure 3, illustrating the inference process that uses the attributes as criteria for the Fuzzy Rules that emulate the reasoning process used by human risk analysis experts (note that these fuzzy rules are translated into the FMADM model as discussed in subsection 3.3). The fuzzy evaluation result is defuzzified and presented in a more intelligible way to the users, for instance using

Figure 3 illustrates also the type of entities stored in the Knowledge Base (e.g., Fuzzy Sets, Fuzzy Rules) and their use in these two phases. The fuzzification of the raw data is done using continuous fuzzy sets (①) for the objective data, and linguistic variables or discrete fuzzy sets (②) for the subjective data. The objective and subjective attributes resulting from the fuzzification are aggregated using fuzzy aggregation operators (③) (e.g., fuzzy t-norm and fuzzy t-conorms) generating a unique fuzzy attribute that reflects both sources of data. The fuzzy attributes characterizing the hazards, the safety controls measures and the potentiating factors present in the workplace are aggregated according to fuzzy rules (④) that evaluate the risk. Finally the fuzzy result is defuzzified using linguistic variables (⑤) to generate conclusions expressed as natural language sentences. In addition, the conclusions

The advice phase, also depicted in the right hand side of Figure 3, is performed after the conclusion of the risk assessment and is based on an inference process that uses rules (④) contained in the knowledge base, which identify potential risk control solutions and prioritize them according to the factors that were assessed as more critical in the previous

Hence, building up the RA\_X Knowledge Base according to the above described model required the elicitation and representation of knowledge in the risk management domain,

referred as Potentiating Factors.

or a user selected subset of those).

Potentiating Factors fuzzy attributes.

sentences in natural language.

can be explained to users.

which involved the following activities:

phase.

Fig. 2. Basic architecture of an Expert System

Considering the risk management context, as a very brief summary one can say that the FMADM model is used to compute the possibility of occurrence of Cases that are defined in the expert system. "Cases" are what, in classical Risk Analysis terminology, is referred as Risks (e.g., falls, electrical shock, burn, burying due to trench collapse, crushing). A given Case is assumed to be possible to occur based on the evaluation of a set of contributing "Factors". In the RA\_X analysis model, three types of Factors are considered: "Hazard", "Safety Control Factors" and "Potentiating Factors". The main objective of the "Hazard" and the "Potentiating Factors" is to characterize the risk factors present on a specific work situation; and the "Safety Control Factors" purpose is to characterize the adequacy of the safety measures implemented in the workplace. Each Factor is evaluated based on a set of relevant "Attributes" that characterize in detail the work situation.

The concept and the analysis model was implemented in the RA\_X, which is a fuzzy expert system prototype designed to support risk management for work accidents. This tool can facilitate the practical application of risk management at company level, targeting especially SMEs. The main objectives of the RA\_X are the identification and assessment of exposure to occupational risks and the advice on measures to implement in order to control risks, i.e., to eliminate or, at least, to reduce the potential of the occupational risks for accident causation. The system also allows monitoring the evolution of risks over time, by performing trend analysis through the comparison of different risk assessment results regarding the same work situation.

#### **3.1 General structure**

RA\_X lies in a FMADM model that calculates the risk level for each specific Case (i.e. Risk) based on three main factors: the Hazard itself, the effectiveness of the Safety Control

Considering the risk management context, as a very brief summary one can say that the FMADM model is used to compute the possibility of occurrence of Cases that are defined in the expert system. "Cases" are what, in classical Risk Analysis terminology, is referred as Risks (e.g., falls, electrical shock, burn, burying due to trench collapse, crushing). A given Case is assumed to be possible to occur based on the evaluation of a set of contributing "Factors". In the RA\_X analysis model, three types of Factors are considered: "Hazard", "Safety Control Factors" and "Potentiating Factors". The main objective of the "Hazard" and the "Potentiating Factors" is to characterize the risk factors present on a specific work situation; and the "Safety Control Factors" purpose is to characterize the adequacy of the safety measures implemented in the workplace. Each Factor is evaluated based on a set of

The concept and the analysis model was implemented in the RA\_X, which is a fuzzy expert system prototype designed to support risk management for work accidents. This tool can facilitate the practical application of risk management at company level, targeting especially SMEs. The main objectives of the RA\_X are the identification and assessment of exposure to occupational risks and the advice on measures to implement in order to control risks, i.e., to eliminate or, at least, to reduce the potential of the occupational risks for accident causation. The system also allows monitoring the evolution of risks over time, by performing trend analysis through the comparison of different risk assessment results regarding the same

RA\_X lies in a FMADM model that calculates the risk level for each specific Case (i.e. Risk) based on three main factors: the Hazard itself, the effectiveness of the Safety Control

Fig. 2. Basic architecture of an Expert System

work situation.

**3.1 General structure** 

relevant "Attributes" that characterize in detail the work situation.

measures set in the workplace, and the presence of a number of other factors, collectively referred as Potentiating Factors.

These main factors are assessed based on Attributes that characterize one particular work situation. Attribute's raw data can be of objective or subjective nature, depending if it is quantitative data obtained from measurements (e.g., height of a scaffold, depth of a trench, voltage of a power line) or qualitative data obtained from opinions of experts (e.g., adequacy, periodicity, acceptability). Figure 3 shows a schematic representation of the RA\_X assessment model. The process depicted in the figure will be repeated as many times as the number of Cases to analyze (which may be the total number of cases in the Knowledge Base, or a user selected subset of those).

In this approach it is considered that the data collection phase (depicted inside the boxes in the left hand side of Figure 3) includes the gathering of raw data and their pre-processing (i.e., fuzzification and aggregation) in order to generate the fuzzy attributes that will be used as inputs in the subsequent phase (the risk assessment). Usually each risk results from a single specific hazard but its triggering is affected by different types of safety control measures and potentiating factors. Therefore, for each Case defined in the Knowledge Base the model considers one Hazard fuzzy attribute, and several Safety Control Factors and Potentiating Factors fuzzy attributes.

The risk assessment phase is depicted in the right hand side of Figure 3, illustrating the inference process that uses the attributes as criteria for the Fuzzy Rules that emulate the reasoning process used by human risk analysis experts (note that these fuzzy rules are translated into the FMADM model as discussed in subsection 3.3). The fuzzy evaluation result is defuzzified and presented in a more intelligible way to the users, for instance using sentences in natural language.

Figure 3 illustrates also the type of entities stored in the Knowledge Base (e.g., Fuzzy Sets, Fuzzy Rules) and their use in these two phases. The fuzzification of the raw data is done using continuous fuzzy sets (①) for the objective data, and linguistic variables or discrete fuzzy sets (②) for the subjective data. The objective and subjective attributes resulting from the fuzzification are aggregated using fuzzy aggregation operators (③) (e.g., fuzzy t-norm and fuzzy t-conorms) generating a unique fuzzy attribute that reflects both sources of data. The fuzzy attributes characterizing the hazards, the safety controls measures and the potentiating factors present in the workplace are aggregated according to fuzzy rules (④) that evaluate the risk. Finally the fuzzy result is defuzzified using linguistic variables (⑤) to generate conclusions expressed as natural language sentences. In addition, the conclusions can be explained to users.

The advice phase, also depicted in the right hand side of Figure 3, is performed after the conclusion of the risk assessment and is based on an inference process that uses rules (④) contained in the knowledge base, which identify potential risk control solutions and prioritize them according to the factors that were assessed as more critical in the previous phase.

Hence, building up the RA\_X Knowledge Base according to the above described model required the elicitation and representation of knowledge in the risk management domain, which involved the following activities:

Applications of Fuzzy Logic in Risk Assessment – The RA\_X Case 29

As mentioned before, on a specific risk assessment situation the fuzzy attributes characterizing the three main factors of a particular Case can result from the combination of objective and subjective attributes that relate, respectively, to objective and subjective data. Objective data is typically a quantitative value that can be measured (e.g., the height in meters at which a worker operates), therefore in this model it will be designated as "measurement". Subjective data is a qualitative estimate made by an analyst (e.g., "very high", "high", "and low") and therefore in this model it will be designated as "opinion".

Using the FST principles it is possible to evaluate the degree of membership to some highlevel concept based on observed data. Consider, for example, the evaluation of the risk of injury associated with falls from height based on the continuous membership function presented in Figure 4, where the input is a measured height. A low degree of membership to the "falls from height" risk concept (i.e., values close to 0) means the height is safe; while a

The representation of continuous fuzzy sets in the Knowledge Base is done using a

01234

**Height (m)**

The fuzzification of opinions can use Linguistic Variables (LV). In this approach, due to considerations regarding the numerical efficiency of the computational process, the LV terms were assumed as discrete fuzzy sets. Consider, as an example, the LV "inadequacy" presented in Figure 5, which can be used to evaluate the inadequacy of the protection provided in a workplace, by the Safety Control measures implemented (Nunes, I. L., 2007). An effective protection can be classified using the term "very adequate" (i.e., a membership degree of 0), while an inexistent protection can be classified as "very inadequate" (i.e.,

The result of the aggregation of the existing objective and subjective attributes is a fuzzy value assigned to the corresponding attribute. In the present model the aggregation of

high degree of membership (i.e., values close to 1) means the risk is unacceptable.

Fig. 4. Fuzzy set for the evaluation of the *risk of falls from height*

parametric method that was discussed in (Nunes, I. L., 2007).

membership degree of 1).

0

1

**Risk Degree**


The knowledge acquisition is a manual process based on data available on literature, on information collected from experts and on legislation. The initial knowledge acquisition activities for the RA\_X were mainly focused on the Construction industry.

Fig. 3. Schematic representation of the risk assessment model for a Case

### **3.2 Data collection phase**

The data collection is the phase of the process where the risk analysis raw data is gathered and pre-processed (i.e., fuzzified and aggregated) in order to generate the fuzzy attributes that will be used as inputs in the subsequent phase (the risk assessment).



The knowledge acquisition is a manual process based on data available on literature, on information collected from experts and on legislation. The initial knowledge acquisition




activities for the RA\_X were mainly focused on the Construction industry.

Fig. 3. Schematic representation of the risk assessment model for a Case

that will be used as inputs in the subsequent phase (the risk assessment).

The data collection is the phase of the process where the risk analysis raw data is gathered and pre-processed (i.e., fuzzified and aggregated) in order to generate the fuzzy attributes


to an Attribute;

**3.2 Data collection phase** 

related to an Attribute;

As mentioned before, on a specific risk assessment situation the fuzzy attributes characterizing the three main factors of a particular Case can result from the combination of objective and subjective attributes that relate, respectively, to objective and subjective data. Objective data is typically a quantitative value that can be measured (e.g., the height in meters at which a worker operates), therefore in this model it will be designated as "measurement". Subjective data is a qualitative estimate made by an analyst (e.g., "very high", "high", "and low") and therefore in this model it will be designated as "opinion".

Using the FST principles it is possible to evaluate the degree of membership to some highlevel concept based on observed data. Consider, for example, the evaluation of the risk of injury associated with falls from height based on the continuous membership function presented in Figure 4, where the input is a measured height. A low degree of membership to the "falls from height" risk concept (i.e., values close to 0) means the height is safe; while a high degree of membership (i.e., values close to 1) means the risk is unacceptable.

Fig. 4. Fuzzy set for the evaluation of the *risk of falls from height*

The representation of continuous fuzzy sets in the Knowledge Base is done using a parametric method that was discussed in (Nunes, I. L., 2007).

The fuzzification of opinions can use Linguistic Variables (LV). In this approach, due to considerations regarding the numerical efficiency of the computational process, the LV terms were assumed as discrete fuzzy sets. Consider, as an example, the LV "inadequacy" presented in Figure 5, which can be used to evaluate the inadequacy of the protection provided in a workplace, by the Safety Control measures implemented (Nunes, I. L., 2007). An effective protection can be classified using the term "very adequate" (i.e., a membership degree of 0), while an inexistent protection can be classified as "very inadequate" (i.e., membership degree of 1).

The result of the aggregation of the existing objective and subjective attributes is a fuzzy value assigned to the corresponding attribute. In the present model the aggregation of

Applications of Fuzzy Logic in Risk Assessment – The RA\_X Case 31

*µp* is the Fuzzy membership degree that reflects the inadequacy level of the safety control

*µpf* is the Fuzzy membership degree that reflects the level of the potentiating factors for a

\* represents a Fuzzy Intersection aggregation operator that produces a normalized fuzzy

Each criteria of the rule (the left side terms of the IF-THEN) can be the result of previous rules of an inference chain. For instance, considering that the protection provided by the safety control measures can be achieved through collective and personnel protection means the evaluation of the criteria "safety control is inadequate" can result from the use of the

personnel protection is inadequate (R2)

*µp* is the Fuzzy membership degree that reflects the inadequacy of the safety control

*µcp* is the Fuzzy membership degree that reflects the inadequacy of the collective protection

*µip* is the Fuzzy membership degree that reflects the inadequacy of the personnel protection

represents a Fuzzy Intersection aggregation operator that produces a normalized fuzzy

Another example relates with the evaluation of the potentiating factors. These factors (e.g., work activity, and environmental, psychosocial and individual factors) do not represent risk by themselves but potentiate and may intensify the negative impact of a hazard. In this case the evaluation of the criteria "potentiating factors exist" can result from the use of the following rule:

psychosocial factors are inadequate OR (R3)

As before this rule can be translated into a mathematical formula, such as:

represents a Fuzzy Intersection aggregation operator that produces a normalized fuzzy

*µh* is the Fuzzy membership degree that reflects the hazard level for a specific risk;

*µr* is the Fuzzy membership degree that reflects the risk level;

measures set in place to prevent a specific risk;

**IF** collective protection is inadequate **AND**

measures set in place to prevent a specific risk;

measures set in place to protect a specific risk;

measures set in place to protect a specific risk;

**IF** work activity is inadequate **OR** 

individual factors are inadequate

**THEN** potentiating factors exist

environmental factors are inadequate **OR** 

value, i.e., in the interval [0, 1]

**THEN** safety control is inadequate

Where:

specific risk;

following rule:

Where:

value, i.e., in the interval [0, 1]

value, i.e., in the interval [0, 1]

(1E (ߤכሻߤߙߤሺ ൌ ߤ

(2E (ߤ ߤ ൌ ߤ

opinions and measurements is done using the OWA operator (Yager, R. R., 1988). With this operator it is possible to assign weights to the different input data sources. This is particularly useful when the sources of information have different levels of reliability. In this case the inputs from more reliable sources have a bigger weight than the ones coming from less reliable sources.

Fig. 5. Linguistic variable "inadequacy" used to evaluate "protection inadequacy"
