We attempt here a justification of methods which offer calculated answers and compare them with answers which might form the guessing game. If the "odds" and the "consequences" of a disaster can be calculated, then a relationship can be developed which gives the "risk" in quantitative terms of a particular accident.

The time, location and scale of a future incident can not be defined with absolute precision, just as an insurance company can not tell the future of an event or calamity to a particular individual.

Our "crystal ball", the competitor to the "seat of the pants" version, is driven by large data bases, information taken over longer time scales and from a vast number of observers. Each piece of data can be cross checked and validated before hand, accepted or thrown out as the case dictates. Determinism, the Newtonian approach to the World, states that for a particular cause there invariably follows a unique effect.

There is only one possible answer, only one way of seeing things but that implicitly is for a privileged observer and his pair of pants. Things would be marvelous if the circumstances did not change or move beyond the realm of the experience and the personal crystal ball of that privileged observer. However events and situations change, become relative, more complex and interactive. A new calculus is required.

The situation is not unlike the problems of physics in the mid 1800’s where determinism came under attack and the introduction of statistical mechanics was made by the Boltzmans and Maxwells of the World.

Ironically, from these notions of statistical mechanics, of probability and consequence, we can calculate to almost unbelievable levels of certainty, in some cases better than one part in 1017. For the individual event no such certainty exists but for the population as a whole we can predict with absolute certitude.

Disasters are the events in which the outcome or consequences are measurable, the cost assessable and the causes definable. The consequence of an event or happening can be put into dollar terms and this can form the basis for computations and decisions. The consequences have many aspects and the more precise the description, the more accurate the "cost" will be in all its guises. If the first estimates are not good enough then the exercise is repeated at a more detailed level.

The probability that the event will happen is more difficult to determine but not impossible to predict. The first approach is historical, the frequency of failure, the reliability of equipment, the track record of personnel. The phrase "we’ve been in business for x years and …" is a qualitative expression which implies that the frequency of failure of that organization is low. More precise data such as maintenance records can give a table of failure rates, availability lists and priorities of what is vulnerable. The data can be quantitative, thus compared and processed and graphically presented in forms such as the Wiebull curve.

The information can be so compelling that preventative maintenance programs are made mandatory, as with the FAA, i.e. after so many hours, replace it whether it’s failed or not.

The second approach to probable occurrence are the "what if" studies where scenarios are built up from the simplest of events, such as individual component failure, bearings that seize up, vessels that breach, corrosion or power failures. Each step in a sequence or chain of events is assigned a probability and the final outcome calculated as a combination of sums and products.

The third method is macroscopic in nature and relies heavily on operations research. As with many very useful concepts, this can be rendered almost useless by layers of jargon and obscure mathematics.

However, it is the most powerful of approaches and uses linear and non-linear programming, stochastic and Markovian processes. It enables the probabilities of events to be calculated with considerable accuracy.

This is of no surprise as these techniques are extensively used in marketing, on the stock exchange, in the military and in industrial engineering. All attempt to gain the best return for the least expenditure. In our case we can turn the question around and instead of maximizing the return of an action, we ask the extent of the cost if we take no action or ineffectual action.

We have reduced the problem to two factors, the consequences and the probability of an event. Risk is defined as the product of probability and consequence, a concept we use every day but we seldom formalized.

In dealing with an accident, a fire, an explosion or a deliberate assault on a public building or aircraft, the form of the event is crucial in determining the consequences. Fortunately the number of different forms is very limited so there are only a finite number of consequences to consider.

This makes the defense against accident or sabotage a tractable problem. The consequences can be mechanical or physical damage, loss of life or limbs, foregone business, injured pride or other measures more important to some than others.

By way of illustration let us consider two scenarios:

·•Factory Smoke Stacks. Around many large industrial cities there are deserted factory sites, often with disused smoke stacks. A smoke stack is designed to disperse and dilute the pollutants from the furnace. The taller the stack, the greater the plume, the larger the area covered by the plume and the more dilute the concentration in that plume of pollutants. If the dilution is adequate then few people will be affected. Most smoke stacks are reasonably good at the task of dispersing noxious chemicals.

Suppose a terrorist armed with a toxic chemical or biological agent were to place a quantity in the base of the stack and then blow it up with a small cordite charge. The distribution would be assured and at the appropriate time with the right weather conditions, the panic and mayhem caused would be hard to over estimate.

•Airport Passenger Concourse. Many large metropolitan airports have concourses which transfer or herd passengers from the ticketing areas to the aircraft. The passengers are confined in a small area at high people densities, partly to control them from losing themselves amongst the aircraft and partly to protect them from the smells and noise. Massive and efficient air conditioning systems(heating and cooling) exist to control the ambient conditions.

Suppose a distraught young mother complete with a couple of screaming kids, loaded with baby stuff and toys, makes her way along to the end of the concourse and the boarding area. She would have been inspected by the X-ray machine and probably helped by the security guards. The machine and the guards could not know that the baby’s bottle or a coke can contained Ebola virus or a nerve gas. She deposits the kids with practically any grandmother at hand, nips into the ladies "loo", does a quick change and disappears. Five minutes latter the bottle explodes, the air conditioning distributes the virus, some to the boarding passengers going overseas.

The incident is announced by the terrorists and the World waits through the incubation period with anxiety escalating to terror. Incidentally what could be more attractive to a terrorist group in terms of maximum publicity for minimum cost?

In this case the crux of the issue is the economic cost, a few tens of thousands of dollars to the terrorists and probably billions to the nation. Wars are not won by heroics but by economics and at a ratio of our costs to theirs of a million to one, the terrorists are bound to win.

It is not difficult to devise many such scenarios and the acid test to any such scenario is "would it work". In the case of the saboteur, particularly the sophisticated type, they will do their own analysis with linear programming, mini-max assessment and decision analysis. They will pick the targets with the biggest bang for the buck.

So far the terrorist have been more noteworthy for their lack of sophistication and as an example, with the application of a little civil and mechanical engineering knowledge the World Trade Center attack could have been orders of magnitude more serious. Much of the money spent on our current defense is inappropriate in the terrorist case.

Stealth bombers, nuclear submarines and "smart" bombs don’t catch terrorists. To respond after the event, disaster recover as often practiced is "shutting the stable door after the horse has gone". At best it alleviates the suffering and hopefully might help guard against similar attacks.

However, if the saboteurs are clever and imaginative with new and unconventional ways they will ignore our "rule book", our conventional wisdom and our "seat of the pants" judgment. Their cleverness must be countered with superior cleverness of ours. For every Ph.D. from Baghdad or where ever, the terrorists field, America fields three from MIT or borrows one from Cambridge. The new currency is the technical smarts of "a few clever men" rather than legions of minimum wage security guards.

The risk and decision making techniques that are currently available are easily applied to real sites and situations. If we determine the attractiveness of a site for a terrorist then we have a line on which sites we should defend.

By using the same data we can prioritize the sites which would cause the greatest embarrassment if the event was deliberately provoked or accidental. For example, a metropolitan airport can be divided into a set of functional areas and a list made.

The principle types of attack used by terrorists, from pipe bombs, to rocket propelled grenades, to guided missiles can also be listed. By equating one list against the other a two dimensional matrix is produced that gives an array of region against attack.

Each box is evaluated by applying R = p x C and a value obtained which indicates the attractiveness of the target to the terrorist. A pipe bomb on the approach road is not likely to be effective in terrorizing hundreds of people and hence not likely to be chosen by the terrorist. However for a single assassination with a telescopic rifle (a la Kennedy) the approach road is a more attractive option.

Such matrix grids constructed with other parameters can be overlaid on each other and with a little mathematical manipulation show any existing cross ties. Some parameters, such as time of year, religious calendars, social and economic factors, elections and historical dates do show such correlations. What can be done for the deliberate act may also be applied to the normal accident.

The requirements of SARA Title III are better served by such approaches than the very shallow interrogations that normally occur. The task for civil assessments of risk is much easier, partly because there are fewer parameters involved and partly because the quality and reliability of the information.

Furthermore the impact on society in terms of the cost of "risk" can be shown on the Farmer curve. This approach was developed for the siting of nuclear power plant and assessing the impact on local communities.

No method can predict absolutely but the "odds" may be shortened in our favor. By the same token however the terrorists have equal access to these methods, the literature and the textbooks and what is more important, the ability to use them.

They will do so in the future whether we do or not. Our best defense is to do it better and do it first. This philosophy applies equally for normal accidents.