Nat Hazards (2016) 84:13071325

DOI 10.1007/s11069-016-2487-6
ORIGINAL PAPER

Building climate change into risk assessments

Alex Coletti1

Antonio De Nicola2 Maria Luisa Villani2

Received: 5 February 2016 / Accepted: 24 July 2016 / Published online: 1 August 2016
Springer Science+Business Media Dordrecht 2016

Abstract Community managers and planners have an increasing need for assessing system failure risks as they relate to fact-based information on weather extremes and climate
change. We illustrate a model that defines the services a software system can provide to
facilitate the discovery of useful information by stakeholders with different technical
background wanting to reach a fact-based consensus on risks, hazards, and vulnerabilities.
Decision support systems succeed in facilitating the analysis of past severe weather events
but provide limited support for the analysis of hazards related to climate change. Severe
weather data enable estimates of the ability of an exposed system to withstand environmental extreme values, but the estimates of their impact on communities remain largely
undetermined and prone to divergent interpretations. This study proposes a model that is
built on the experience of a decision support system (DSS) that is dedicated to guide users
through a stakeholder-based vulnerability assessment of community water systems. The
DSS integrated data sources into an online environment so that perceived risksdefined
and prioritized qualitatively by userscould be compared and discussed against the
impacts that past events have had on the community. To make DSS useful for practical
decision making related to the complex issues, such as those encountered in the case of
climate change, we propose a model with a prototype design suitable for semantic web
applications where the various entities are connected by an ontology that defines relative
concepts and relationships.
Keywords Vulnerability  Water systems  Climate  Ontology

Electronic supplementary material The online version of this article (doi:10.1007/s11069-016-2487-6)

contains supplementary material, which is available to authorized users.
& Alex Coletti
alexscoletti@gmail.com
1

SM Resources Corporation, Ashburn, VA, USA

ENEA, Rome, Italy

123

1308

Nat Hazards (2016) 84:13071325

1 Introduction
Access to reliable information and data is crucial for the formulation of realistic action
plans and the ability to provide safe water. The provision of safe and acceptable drinking
water of adequate quantity is a challenge that is often hard to achieve for small-scale water
suppliers. Experience has shown that small water systems are more vulnerable to breakdown and contamination than larger utilities. They require particular attention due to the
administrative, managerial, and social impact in case of disaster (Rickert and Schmoll
2011). In the United States, the Environmental Protection Agency (EPA 2013) estimated
that over one-third of the total population gets some or all of their drinking water from
highly vulnerable public systems. In Europe, over two-thirds of all river and lake habitats
and inland water species are in unfavorable conservation status, and about 25 % of all
groundwater bodies across Europe are in poor chemical status (EEA Report 2012).
Therefore, small water system managers need easy access to local information that enables
them to prepare for risks in ways that are most suited to the needs and priorities of their
communities (Pagano et al. 2014).
Following Hunt et al. (2009), the results obtained during the development of on-line
decision support systems were examined for the value they offered in merging specific indepth knowledge with qualitative local experiences (Howe et al. 2013). Another objective
of the study was to facilitate the comparisons of different vulnerability assessments with
the help of a software package that implemented a unified information exchange protocol
among stakeholders of different focus groups.
As discussed by Dow et al. (2015), the exchange of data between different localities is
hampered by a difference in standards, measurement types and ill-defined chains of custody. This makes it difficult to leverage the advantages of participative approaches along
the lines of Haase (2011) and Miles (2011) for vulnerability and risk assessments. However, the ontology engineering methodologies of the type discussed by De Nicola and
Missikoff (2016) can organize differences rooted in local priorities and values according to
semantics that qualify the relationships between different stakeholders, systems needs, and
local solutions.
Semantic rules can be applied for data validation and queries whenever the database
schemas that organize the information are linked by the conceptual framework. To this
aim, the knowledge of water systems vulnerabilities identified during the previous
experiments was used to create a formal, explicit specification of a shared conceptualization (i.e., an ontology) (Gruber 1993; Borst 1997). The starting point of the process was
the creation of a vulnerability model that would define system risk at the most general
level. By using the least number of necessary concepts to group all the domains of interest,
it is possible to build an upper level model that optimizes the number of semantic hooks
needed in the interfaces. Camporeale et al. 2015 discusses how upper models can be a
means to facilitate engineering of multi-disciplinary ontologies (Noy 2004), such as those
representing environmental and technological aspects of the knowledge concerning complex domains. Therefore, a vulnerability upper model (VUM) for Community Water
Systems (CWS) could, in principle, be used to also represent risks of other types of
technological systems (e.g., telco and energy networks). Further, it would establish a
protocol useful for linking several system-specific risk ontologies together. In this paper,
we describe a model specific to risks and vulnerabilities of a generic water system that
would be suitable for the inclusion of climate change-related hazards. To this purpose, by
following a similar approach to that presented by De Nicola et al. 2014, we elaborated the

123

Nat Hazards (2016) 84:13071325

1309

raw information coming from the water systems experts to derive possible risk situations
for water systems into mini-stories. These mini-stories were the input for defining the
ontology concepts and links to be included the VUM.
Recent bibliometric analysis on the increasing level of interest emerging among the
research community in linking climate change research to topics concerning water systems
(Wang et al. 2014) further justifies this work. An upper model consists in a simple conceptual graph (Sowa 1983) where visual information is used to represent relationships and
concepts. It can be specialized to any level of design using any of the many editors
available, such as the Protege tool1 for OWL2 models. The editors provide assistance in the
creation of model components such as concepts and properties and may prevent incorrect
or inconsistent definition of relationships and rules. In ontology, relationships and rules can
be made to have properties dual to interfaces and parameter properties in a systems
engineering design. This is the key feature that enables ontology to link concepts to
systems services and service components to object properties.
By introducing hazards, climate extremes, ecosystems, and critical infrastructures as
entities that provide servicesor disservicesthe parameters that qualify their properties
are mapped on the interface only for the effect they have on the service. This enables to
regard separate concepts such as hurricanes, river overflow, or storm surge only for their
relative ability to deliver flood damages to CWS. Only CWS location and design further
specify the relative relevance each hazard can have on the system services. This facilitates
the analysis of how hazards relate to climate extremes (e.g., Timofeyeva-Livezey et al.
2015, Stewart and Oke 2012, Wirtz et al. 2014) and how location interfaces to critical
services and demographic performance (Milly et al. 2008).
Following a brief review of qualitative and quantitative vulnerability assessment
methods, the properties of the two assessments methods are discussed. The vulnerabilities
identified during qualitative vulnerability assessments reported by Howe et al. (2013)
provided a sizeable sample set of the variety of knowledge areas that a decision support
system should be able to provide during structured stakeholder meetings. When an
ontology model is used to organize the required knowledge base, then semantic web tools
can be used to deliver the available online information to stakeholders.
The rest of the paper is organized as follows. Section 2 describes the experiment and the
method followed to group into broad categories the risks identified by the experts. The
categories are then used in Sect. 3 to analyze the relationships existing between the
parameters that qualify the hazards, the system, and the stakeholders. This analysis is than
further expanded into an ontology model that promises to leverage online availability of
environmental data sets and geographical information systems (GIS). Communities lacking
specific types of expertise can use the information to investigate, discover, and review their
vulnerability posture vis-a`-vis local needs and climate change.

2 A deliberative risk ranking experiment

During a recent qualitative vulnerability assessment experiment (Coletti et al. 2012), focus
groups identified and discussed some thirty-five risks affecting community water systems
(CWS) in two coastal communities of the East coast of the USA. The experiment, conducted under a NOAA Climate Program Office grant measured the advantages that online
1

Protege ontology editor. http://protege.stanford.edu/.

OWL. Web Ontology Language Overview. https://www.w3.org/TR/owl2-overview/.

123

1310

Nat Hazards (2016) 84:13071325

vulnerability assessment support systems (VASS) could provide to focus groups. The focus
group members were selected among the experts of public works and emergency services
of two different counties in the East coast of the United States (Howe et al. 2013). One
community was located in the Chesapeake Bay area and the other on the gulf side of
Florida.
During the first phase of the experiment, the stakeholders prioritized each risk by
frequency and severity using an ordinal ranking process (see Appendix 2 for reference).
During the second phase, the stakeholders were presented with past records of local natural
hazards and with demographic analysis of vulnerable groups. Similar data sets were presented on a dedicated Web site that included historical records of severe storms from the
NOAA NCDC database which dated back about 20 years (Coletti et al. 2012). The Web
site provided the stakeholders with the ability to refer to individual environmental events
and to perform fact-based reviews of individual recollections of events that caused adverse
conditions systems operations.
Data records facilitated the discussion of the relevant events during the recollection of
the local contextual experiences. The discussions reviewed water quality monitoring
practices in use by the community, and evaluated vulnerable safety rules adopted during
recovery phases following system failures and repairs.

2.1 Risk types and vulnerability assessment methodologies

The set of risks identified by the two separate stakeholder groups during the VASS
experiment were caused by different sets of hazards. However, since the differences in
hazard types, levels of severity, and probability of occurrences are properties and metrics
that define the interfaces of the our model, the risks addressed by both groups of stakeholders can be considered representative of those experienced by the CWS of several
coastal communities in the United States. Several risks addressed problems with quality
and availability of water resources due to demographic changes, sharing of water
resources, distribution services across systems (risk 1, 3, 4, 25, 26, 27 listed separately in
Table 1), others addressed issues with water quality and flow rates of the aquifers (risk 1, 2,
3, 5, 8, 9,10, 17, 20 listed separately in Table 2).
Other risks addressed vulnerabilities related to power distribution, essential supplies,
and suitability of allocation of funding in case of emergency (risk 6, 13, 14, 22, 30 listed
separately in Table 3).

Table 1 Risks related to water resources distribution

Risk definition

HW, Se, Q

M, N

1. Shortage due to drought

HW

3. Climate change impacts on groundwater system and aquifers

HW

4. Demand due to population growth or construction

25. Back feeding from contaminants

HW

26. Integrity of transmission lines of raw water

HW, Se

27. Distribution system deterioration (age, maintenance)

Se, Q

HW vulnerable subsystem, Se vulnerable support services, Q exceeded/inadequate quality standards, M man

induced hazards, N natural hazard)

123

Nat Hazards (2016) 84:13071325

1311

Table 2 Risks related to water flow rates and recharging

Risk definition

HW, Se, Q

M, N

1. Shortage due to drought

HW

2. Taste, Temperature and odor of finished water

Se, Q

3. Climate change impacts on groundwater system and aquifers

HW

5. Salt water intrusion

HW

8. High water surges contaminating distribution system

HW

9. Levels of natural deposits (arsenic, fluorides, etc.)

HW

10. Water system potability and pressure

HW, Se

N
N

17. Ability to produce and distribute water at minimum potability standards

Se, Q

20. Plan for and ability to implement emergency testing

Table 3 Risks related to power and essential services

Risk definition

HW, Se, Q

M, N

6. Hurricane impacts on water systems and management

HW, Se

13. Disrupted delivery of treatment and process chemical

Se

14. Ability to maintain emergency power

HW, Se

22. Physical damage of water storage tanks

HW

30. Disgruntled employee action

HW

Table 4 in Appendix 1 consolidates the risks identified in the experiment by the two
groups in one single list of all the experiences described by the experts (but with duplicates
removed). The table shows how, in addition to the risks of water plant failures, the
stakeholders addressed vulnerabilities caused by ill-prepared management, maintenance
services, and water quality monitoring practices. Appendix 2 (after fig. 2 and fig. 3 in
Howe et al. 2013) shows how the experts prioritized the risks they jointly identified in each
of the two sample counties.
Therefore, even though the VASS experiment demonstrated that the availability of wellselected climate and weather data can help in validating vulnerabilities and priorities, still,
as shown in Fig. 1, they offer only partial help when the majority of high-priority risks
originate from hazards related to human and social behaviors (labeled with M in the table).
Several of the risks considered were associated to vulnerabilities of water systems
critical elements such as pumps, storage tanks, water conditioning units, and distribution
lines that can be also quantitatively assessed with other methods. Quantitative risk
assessments provide verifiable results in the case of risks related to physical components or
assets, but their results are hard to validate in the case of socially related threats like
vandalisms, mismanagement of resources and human errors in operating procedures.
Figure 2 plots the number of all the risks in Table 4 that are related to subsystem
components, services, and quality standards. The figure shows that the number of risks that
can be assessed by quantitative methods on the basis of weather related statistics is around
30 % of the total. The total amount of risks related to natural hazards involving systems,
services, and quality control is instead greater, and in our experiment of the order of 60 %.

123

1312

Nat Hazards (2016) 84:13071325

Fig. 1 Risks of CWS measured during the VASS Experiment. The figure compares the weather- and
climate-related risks to those due to other causes. The histogram reports data extracted from the original risk
descriptions gathered during the two focus groups

Fig. 2 Number of risks observed during the experiment divided according to broad categories of impacted
system modules (system components, system service, and service requirements) for natural and manmade
hazard (threads) sources

In quantitative risk assessment, the total risk of a critical asset or system to a number, N,
of threats could be expressed, at least in a first approximation, as the sum of the individual
risks. Each risk in turn, is the product of the consequence (or severity) Ci to the system or
asset from the results of the threat, the vulnerability of the system or asset, Vi, and the
probability of threat, Ti to occur within a given time period (typically 1 year):
X
X
X

i 1; 2; . . .:N; j 1; . . .:M
1
Ri
Ti 
Ci; j  V i; j
R
i

123

Nat Hazards (2016) 84:13071325

1313

where i is a threat index identifier, and j the index of the different ways an individual threat
can imperil the asset. Even in the case of only a few assets and a few major threats, the
number of terms in the equation can quickly grow large and make the comparison of
solutions and vulnerability reduction plans very difficult.
Experiences with water sector owners and operators undertaking a probability-based
risk assessment of their systems according to quantitative standards (e.g., American Water
Works Association 2010) have demonstrated that certain parts of the risk evaluation are
straightforward and easy to understand, while others offer an almost insurmountable challenge (Binning and Coletti 2015). Groups of water systems personnel can quickly
discuss their systems and come to consensus on how detailed the listing of the critical
assets needs to be to achieve useful results (granularity). On the other end, most groups in
the water sector may experience some difficulty identifying likelihood threats and estimating possible consequence levels. This approach does not distinguish between direct and
indirect effects of a threat on a system and most importantly, by non-resolving the complexities related to quantifying man-made threats, loses much of its usefulness.

3 Climate and water systems vulnerability

Much like other similar vulnerability assessments, the breakdown of the risk categories in
Fig. 2 confirms that natural hazards need to be considered for both their direct and indirect
effect combined. This brings attention to the need of describing the mechanisms of how
various causes can impact a system both individually and in combination. This process
requires integrating the reliability of key system elements operating under different conditions into mini-stories of likely series of events. Therefore, each mini-story forms a data
point in the space of all the possible performance degradations of a water service and
includes causes, system failures, and damages.
Creating parametric relationships between data points and concepts is an important
phase of several of the on-going semantic web development efforts of linked data initiative
type (Berners-Lee et al. 2009). The process is schematically represented in Fig. 3, and the
technology can be used to enable stakeholders to share a common formal specification of
concepts related to water systems. In the figure, these specifications are represented by the
dots on the ontology layer of Fig. 3 and the lines are the semantic relationships that
connect them. The risks listed in Appendix 1 describe the real-world entities belonging
to the empirical layer. The information layer includes the digital resources describing the
real-world entities of the below layer. The example at the end of this section describes in
more details how the ontology layer establishes the framework that guides the investigations and the queries of the stakeholders on the information layer.
Therefore, the ontology model defines the set of concepts and their relationships so that
the data objects of the mini-stories residing on the information layer can be organized and
grouped. This way the information data points become organized as instances of the
ontology concepts. For example, natural hazards can be defined as the objects that exploit
some system vulnerability, and vulnerability as the object contributing to a risk. Since
natural hazards include weather and climate model as children in the information layer,
severe weather model and predictions can also exploit individual exposure, sensitivity, and
adaptive capacity weaknesses of water system components, services, and quality
parameters.

123

1314

Nat Hazards (2016) 84:13071325

Fig. 3 Schematic representation of how the semantic web can organize data and information to make them
more easily accessible to stakeholders

3.1 Vulnerability upper model

To test viability of the semantic web solution as a means to expand the role of decision
support systems, a detailed analysis of the ontologies was needed to describe the results of
the vulnerability assessment experiment. The first step, consisted in rephrasing the definition of the risks identified by the experts (Appendix 1) into mini-stories with a subject,
active verb and a predicate (Appendix 3).
In this new form, the risks identified sets of hazards, actors, affected systems services,
and interaction methods. The subject and predicate elements in the mini-stories lead to
easy identification of the classes needed for a low-level ontology. The methods of interaction instead required to disaggregate the functional thresholds of system operations in the
vulnerability dimensions (sensitivity, exposure, and adaptive capacity) indicated by the
experts during the VASS experiment (Appendix 2). The classes in the detailed low-level
ontologies and the types of the vulnerability-dependent interactions delivered a rather
complex network. Therefore, for the model to be useful and to enable the logical and
consistent addition of lower level interactions, it resulted necessary to introduce an
overarching upper level (VUM).
The resulting ontology consists of concepts linked to each other by a somewhat lower
number of properties (Coletti 2014) controlled by the definition of the VUM that defines

123

Nat Hazards (2016) 84:13071325

1315

the prerequisites of all the elements addressed in the vulnerability assessment. This
demonstrated the ability of the VUM to support experts needs in building individual
vulnerability ontologies.3
Given the variety of different concepts the focus groups used in their vulnerability
assessment, it is appropriate for sake of clarity to focus on the core high-level aspects of the
system services first, and provide indications on how a VUM ontology may be built (see
Figs. 5, 6, 7). Later, in Sect. 3.2, the core concepts are disaggregated to reveal their
extended meaning in detail. Since the focus of our VUM is to facilitate surveys of water
systems vulnerabilities to natural hazards, the (natural) Environmental aspect at the top of
Core VUM is needed to organize all the general categories related to Hazards entities (e.g.,
Climatological, Ecosystem/Habitats, Geological, Hydrological and Weather). In turn, all
Hazards are characterized by their set of Severity metrics defined to specify properties such
as time, duration, location, and intensity. Individual Hazards of defined Severity property
can be associated to collections of likely Threats (Ti in Eq. 1) for selected System aspects
of the assessment. The distinction between Hazard and Threat is necessary in the ontology
to separate, for example, the threat posed by hurricanes (hazard) on location in the US Mid
Atlantic from the one in the US Gulf Coast. Threat and System Risk differentiate between
the threats a hazard can pose to exposed systems and the risk (Ri) of the systems with actual
Vulnerability to the incumbent Threat. In the case of WS, a hurricane can pose significant
risks for flood, but minimal for wind.
Continuing in the model flow, the System Risk can be defined according to vulnerability
(Vi,j) and the severity (Ci j) parameters within the System aspect. In turn, both System Risk
and Vulnerability are also a property of the System. The System defines all the users
interfaces with the participating Stakeholders. However, Stakeholders not only control the
System through its interfaces, but are also affected by its Risk when the system fails to
function within operational conditions.
In the next section, the concepts and links introduced in the Core VUM diagram (Fig. 4)
are disaggregated to show how the model organizes the different sets of risks identified
during the VASS regardless of their locations, population priorities, severe weather patterns and climate stressors. The process of disaggregating the concepts, demonstrates the
true power of the ontology methodology that require clear and unambiguous definition of
how they relate to each other.
A properly implemented vulnerability model enables the implementation of wellstructured semantic web applications and their implementation in decision support systems. It also provides specific guidelines useful for orderly organization of the issues
arising during vulnerability assessments. Problems that appear too complex for quantitative
methods of Eq. 1 may find viable resolutions with the adoption of the VUM ontology. In
fact, an analysis of the metrics that qualify the dependencies between concepts provides the
information needed for assessing the quality and limitations of the available data resources.

3.2 Building a VUM ontology

As a proof of concept of the vulnerability upper model, in the following, we present our
guidelines of ontology building based on VUM extension operations.4

References to layers of Fig. 3 are referenced in capitalized bold font. In the ontology, entities are
capitalized cursive, and relationships in courier typeface.

The ontology described in this paper is available at http://tinyurl.com/VUM-ontology.

123

1316

Nat Hazards (2016) 84:13071325

Fig. 4 Diagram of the Core VUM illustrates the conceptual relationships occurring between System Aspect
and Environmental Aspect at one side and Stakeholder Aspect at the other side. A double conceptual
pathway of relationships occurs between System and System Risk. System properties such as design or
location affect its vulnerability and System Risk. However, System Risk affects also the system performance.
Likewise, Stakeholders act as actors in their relationship with the System but are also impacted by the System
Risk. For the sake of clarity the VUM is presented by means of the Unified Modeling Language (UML)
graphical notation (www.uml.org)

The basic mechanism to extend the VUM is the generalization/specialization abstraction

(Borgida et al. 1984), which is expressed by the relationship IS-A that allows the introduction of new concepts whenever they can be associated with more abstract ones. IS-A is
generally shortened to ISA. The idea is that an ontology is built by first modeling the most
general concepts characterizing the domain of interest (core concepts), and then sub-cases
through more specialized concepts (Borgida et al. 1984). By means of the ISA relationship, it is possible to organize a second level of logical units where the new concepts
disaggregate the well-defined entities of the core VUM into smaller conceptual tokens.
This extended VUM model facilitates logical subgrouping of well-organized ontologies.
Figure 5 shows an excerpt from the taxonomy of hazards focusing on the Weather Hazard
concept. The other upper level concepts (e.g., Stakeholder) belonging to the VUM can be
specialized by means of the same technique (e.g., Manager ISA Stakeholder, User ISA
Stakeholder, Regulator ISA Stakeholder, Operator ISA Stakeholder).

123

Nat Hazards (2016) 84:13071325

1317

Fig. 5 Excerpt from the water systems ontology concerning the taxonomy of hazards and focusing on the
Weather_hazard concept

Fig. 6 Excerpt from our water systems risk ontology focusing on the main concepts and relationships that
extend the system aspect of the core VUM

In our VUM ontology, System Risk distinguishes between Operational, Physical, and
Service Delivery (Fig. 6) risks to system functionalities. In turn, each of the system
functionality risk has also a corresponding equivalent Vulnerability dimension of Sensitivity, Exposure, and Adaptive Capacity. The use of the Vulnerability dimensions is
instrumental in the VUM to link information on System Risk and System intrinsic properties
to Stakeholders type categories (Manager, User, Regulator, and Operator).
For example, storage capacity of a water system may have physical parameters that
measure risks related to its reliance on the sources, an exposure to drought risk might be
quantified in a number of days before total discharge (service delivery). Operational Risk
methods might be defined by monitoring methods of discharge rates. These System Risk
find correspondence in the vulnerability measures adopted by the stakeholders. The
measures could relate to water use restrictions (adaptive capacity), to access of distant
alternate water sources (exposure), and to the use of statistical predictors and climate
models on drought persistence (sensitivity).

123

1318

Nat Hazards (2016) 84:13071325

This distinction between Systems Risks and Vulnerability connects the data, organized
by experts in the information layer, to their real-world local interests (Fig. 3). More
specifically, it responds to the need of making the model fit the observations illustrated in
Fig. 2. In fact, the Vulnerabilities in the model expand the system risks to include also
those of the critical infrastructures needed to maintain services, operations, and physical
integrity for the duration of threats.
As the water system is a complex system, risks can also be specific to some of its parts
(or subsystems). To this aim, our ontology allows for a recursive application of the VUM
to define and detail risks of system components by means of the System self-relationship
is subSystem of.
Similarly, system (or subsystem) risks may depend on risks on other systems (or
subsystems). For example, a risk of the overall water system may account for risks related to
some individual subsystems or else a risk on some subsystem of the water system may
influence a risk on another subsystem. This is represented by the depends on relationship.
The ontology can guide stakeholders investigations and queries during focus groups
concerned with the discovery of data on the information layer. As an example we take the
risk Amount of storage capacity in treated water (number 23 in Appendix 1). Storage
capacity is a property of a reservoir subsystem in a water system so the reservoir entity
inherits the relationships with the stakeholders held by the water system. Specifically, it
relates to water system stakeholder of Operator type as operators routinely monitor
reservoir levels for Operating and Service Risk. Also, Managers, once informed on storage
levels as Severity risks by Operators, may be involved for their role on needing to agree
with Regulators on necessary water usage restrictions for users. In this case, the risk may
reside in poor or inadequate implementation of any of the pre-planned procedures.
Therefore, the use of ontology can streamline stakeholders reviews of the overall System
Vulnerabilities.
In addition to internal failure, other Threats to the system come from the Environmental
Aspect in the information layer (Fig. 3). The Environmental Aspect provides other possible
causes to the risk such as drought affecting replenishing rates of surface water reservoir, or
excessive water consumption due to unseasonal higher temperatures.
At the Information Layer, drought for example is associated to some drought parameter
such as severity that can be compared against historical records of related processes in the
Environmental Aspect (i.e., precipitation rates, snow melting, etc.).
Therefore, threat to the system can be re-evaluated on the base of new rate of possible
occurrences and the new estimates of the severity (losses) of the system failure.
Figure 7 shows an excerpt of an ontology developed starting from the VUM (Fig. 4)
which illustrates the role of the risk 23 Amount of storage capacity in treated water. The
UML graphical notation in Fig. 7 summarizes several likely mini-stories that could be used
to describe mishaps related to risk 23 as System Risk. These mini-stories would concern
specific problems of the Services or Operations of the clean water tank, and if combined,
they could describe some Composite Risk. Several mini-stories considered in the figure are
related to Drought or Excessive water consumption and expose pre-existing poor or
inadequate maintenance practices. The extraction of specific mini-stories from the actual
records of the VASS experiment is somewhat arbitrarily, but it shows how Risk 23
ontology can expand into a range of more detailed risks. It also shows how mini-stories are
dependent on both system properties and semantics and how their formulation accommodates different technical backgrounds and experiences.

123

Nat Hazards (2016) 84:13071325

1319

Fig. 7 Excerpt of the ontology developed starting from the VUM which includes the risk Amount of
storage capacity in treated water. For the sake of clarity the ontological fragment is presented by means of
the UML graphical notation

3.3 Discussion
From the modeling viewpoint, the VUM achieved two objectives. First, it organizes all the
elements discussed during the vulnerability assessment into a well-defined logical
framework. Secondly, the VUM unambiguously illustrates the societal framework of the
assessment so that only conforming assessment can be included as follow-up expansion of
the ontology.
Ontologies, defined starting from the VUM, offer the opportunity for making accessible
information available on-line, and for substantiating the relationships between real-world
elements such as local weather extremes and the vulnerabilities of systems.
In the case of vulnerability analysis and risk assessment, the real-world elements are
once again a complex concept that encompasses both technical information on systems
components and sequence of adverse events. The sequence of events that need to be
considered may involve varieties of different physical components and geographical
properties of systems, services, operations, resources and management processes. The
information relative to threats originating from combinations of hazards and of risks
triggered by multiple causes is complex and requires the definition of the Composite Risk
in the developed ontology extending the VUM. Sea level rise (SLR), for example, may not
be a high-priority hazard for its actual projected size of just a few centimeters, but it can
become cause for unprecedented flood damages when combined with tidal surge events.
The Composite Risk ontology is often the focus of several practical applications of big

123

1320

Nat Hazards (2016) 84:13071325

data-based technologies (Mylopolous 2015) for local adaptation and mitigation plans.
Composite Risk circumvents also the limitations of the risk equation that remains valid for
small logic subsystem units subject to temporally independent threats.

4 Conclusions
Past experience shows that the availability and ease of accessing historical records on
environmental hazards makes it easy for focus groups, made up of water system operators,
to prioritize risks and form agreements. These findings suggest the possibility that quantitative information on all other types of hazards could be equally helpful.
The ontology approach to the problem departs from the one used in other online tools
such as the NOAAs Community Vulnerability Assessment Tool (CVAT, Watson 2009)
and the EPAs Community-Based Adaptation to Changing Climate (EPA 2015). In fact,
the formal definition of the concepts shared by the stakeholders during the vulnerability
assessments becomes a knowledge sharing system (Kraines and Weisen Guo 2011). The
majority of the risk assessment methods developed so far addresses either technical needs
with the quantitative method, or high-level structural system issues with qualitative participatory risk ranking. The use of either of these methods is often at the exclusion of the
other, leaving the analysis incomplete.
Ontology-based decision support systems for emergency planning demonstrated their
ability to improve collaborations of teams with different perspectives by facilitating
common understanding of multidisciplinary scenarios (Ferreira 2015; Collarits and Wergles 2009). Similarly, the VUM solves several difficulties present in vulnerability
assessments. It could facilitate practical decision making by enabling stakeholders with
different technical knowledge and experiences to access the type of information they need.
Most small water system operators are aware of the local vulnerabilities and have some
understanding of the associated risks. For the most part, their difficulties arise from limitations in the predictive models useful for planning component upgrades, specific
knowledge on water management, and information on how to update water quality monitoring methods.
To overcome these gaps and merge the use of past local experiences along with predictive models, we developed the VUM. The ontology enables users to access subject
matters according to the relationships the keywords have to concepts. So for example,
weather and climate effects can be related to their impact on services and critical infrastructures, and quality control practices can be investigated in the context of climate.
Preliminary reviews made on the role of natural hazards on water systems indicated that
decision support systems can be significantly improved by enriching existing relational
databases with semantics (e.g., Furlow 2002). Therefore, VUM-based software design
appears to be a promising path for the development of services that managers, regulators,
users, and operators can use to compare drought observations, climate predictive models,
demographic projections, and water quality needs.
Furthermore, as future work, we intend to use the VUM ontology to infer knowledge
representing new risk situations (not yet conceived) by means of the methodology for
automatic generation of mini-stories proposed in (De Nicola et al. 2014).
Acknowledgments The vulnerability decision support system experiment was conducted at SMRC, with
partial funding from a NOAA-CPO research Grant.

123

Nat Hazards (2016) 84:13071325

1321

Appendix 1
See Table 4.
Table 4 List of risks recorded during the VASS experiment with their associated vulnerable system and
hazards
Risk definition

HW,
Se, Q

M,
N

Risk definition

HW,
Se, Q

M,
N

1. Shortage due to drought

HW

19. Returning the water system to

normal after a disaster

Se, Q

2. Taste, Temperature and odor of

finished water

Se, Q

20. Plan for and ability to

implement emergency testing

3. Climate change impacts on

groundwater system and aquifers

HW

21. Well-head protection

HW

4. Demand due to population growth or

construction

22. Physical damage of water

storage tanks

HW

5. Salt water intrusion

HW

23. Amount of storage capacity of

treated water

HW

6. Hurricane impacts on water systems

and management

HW,
Se

24. Physical, Chemical, and

Biological Conditioning of Water

HW

7. Wind and flooding affects power

distribution lines

HW

25. Back feeding from

contaminants

HW

8. High water surges contaminating

distribution system

HW

26. Integrity of transmission lines

of raw water

HW,
Se

9. Levels of natural deposits (arsenic,

fluorides, etc.)

HW

27. Distribution system

deterioration (age, maintenance)

Se, Q

10. Water system potability and

pressure

HW,
Se

28. Number of connections and

ability to isolate most/least
critical

Se

11. Contamination of wells

HW

29. Pressure to extend CWS

12. Ability to get staff to come to work

in a disaster

Se

M,
N

30. Disgruntled employee action

HW

13. Disrupted delivery of treatment and

process chemical

Se

31. Vandalism to infrastructure

HW

14. Ability to maintain emergency

power

HW,
Se

32. Telemetry system vandalism

Se

15. Emergency power supply

Se

33. Lack of funding for

maintenance and repair

16. Process for notifying regulators/

public of compromised supply

Se, Q

34. Emergency funding

17. Ability to produce and distribute

water at minimum potability standards

Se,Q

35. Ability to supply water to

critical infrastructures

HW

M,
N

18. Cascading impacts of private and

public systems

HW

Vulnerable systems considered are: HW vulnerable subsystem, Se vulnerable support services, Q exceeded/
inadequate quality standards. Hazards considered are: M man, N natural hazard

123

1322

Nat Hazards (2016) 84:13071325

Appendix 2
Results obtained by Howe et al. (2013) with the application of the participatory vulnerability scoping diagram (P-VSD) while engaging county A and B experts in a Participatory
Risk Mapping (PRM) exercise (after Figs. 2, 3).
The approach provided an ordinal ranking of both the severity and probability of
specific risks and allowed the calculation of an additional frequency variable based on the
number of participants who mention the risk. Ordinal ranking assigned the value five for
high and one for low. The risks in the P-VSD diagrams short-hand the risk descriptions
elaborated by the experts during the focus groups to make the complex diagram readable.
In the figures, color hues signify the vulnerability dimension of a risk ranking result
(e.g., purple for exposure, orange for sensitivity, and green for adaptive capacity).
Transparency corresponds to the groups perceived probability of each risk, with solid
colors signifying high probability. Within each dimension, risks are sorted clockwise
according to the order they were discussed in the ranking exercise. The relative importance
of the risk (attribute one) is approximated by the risks numerical order in the sequence,
whereas the other attributes are defined through the application of the deliberative process.
The method used in the collection of the data makes it possible to describe the level of
agreement between individuals and the group, as well as to compare results between
groups

123

Nat Hazards (2016) 84:13071325

1323

Appendix 3
The table lists the mini-stories extracted from the risk descriptions elaborated by the
experts and listed in Appendix 1. Each mini-story includes an active verb along with
subject and predicate to define an ontology element. The VUM generalization accommodates all the mini-stories extracted from the two focus groups (Table 5).

Table 5 Mini-stories extracted from the vulnerabilities in Appendix 1

1

Aquifer retreat causes salt water intrusion

30

Managers define plans for emergency fuel supply

Citizen vandalizes infrastructure

31

Managers limit operators work hours due to

financial constrains

Citizen vandalizes systems security

32

Managers lose control of essential operators during

disaster

Citizen vandalizes systems telemetry

33

Managers postpone maintenance and repairs due to

financial constrains

Citizen vandalizes water source

34

Manager control and monitor storage capacity of

treated waters

Climate change impacts groundwater

system and aquifers

35

Manager plan chemicals and water treatment

supplies

Contaminants dispersed by flood find

pathways to enter system

36

Mangers alert stakeholders of waste water system

failure

Disgruntled citizen damages system

37

Managers are concerned about inadequate

emergency funding

Disgruntled employee damages system

38

Managers communicate adaptive measures to users

10

Drought increases water demand

39

Management cannot monitor operating conditions

of system

11

Drought reduces aquifer productivity

40

Operator detects losses in water distribution line

12

Electric infrastructure fails delivering

power

41

Operator monitors levels of mineral deposits

13

Emergency units response have limited

control due to distance to supply

42

Operator monitors potability and pressure

14

High water finds ways to enter well

43

Operator reports disinfection system failure

123

1324

Nat Hazards (2016) 84:13071325

Table 5 continued
15

Human waste enters system

44

Operator/managers accept risks of short term

electrical power losses

16

Hurricane impacts water system

functionalities

45

Operators and manager loose access to system

infrastructure

17

Management cannot monitor operating

conditions of system

46

Operators and mangers have reduced control of

system operations

18

Management define water quality

emergency testing plan after flood

47

Operators cannot maintain emergency power

generation

19

Manager assesses alternate water sources

48

Operators runs out of fuel for emergency power

generation

20

Manager declares the water unsuitable for

potability

49

Polluted water enter system from an interconnected

source

21

Manager define critical connections to

isolate to prevent cross contamination

50

Pollution enter system

22

Manager devices plan to restore operations

after disaster

51

Private water operators require help from public

system

23

Manager notice aquifer overuse

52

Pump lost ability to rise water

24

Manager plan communication channels

with stakeholders

53

Stakeholders consider criticality of system for

critical services (hospitals, nursing homes, etc.)

25

Manager plan communication channels

with users

54

Stakeholders consider desalination unit for

mitigation adaptation

26

Managers cancel replacement of aging

infrastructure due to financial constrains

55

Supplier and regional water systems supply

emergency water

27

Managers consider extending distribution

due to community development

56

Terrorist introduces waste water into drinking

water distribution

28

Managers consider extending distribution

due to demographic increase

57

Users complains and operator alerts management of

anomalous taste and odor in water

29

Drought reduces level of reservoir

58

Users complains of water temperature

59

Wildlife accesses water source

References
American Water Works Association (2010) Risk and Resilience Management of Water and Wastewater
Systems. ANSI/ASME-ITI/AWWA J100-10 (First Edition)
Berners-Lee T, Bizer C, Heath T (2009) Linked data-the story so far. Int J Sem Web Inf Syst 5(3):122
Binning D, Coletti A (2015) Open source tools for risk analysis and vulnerability assessments. American
Meteorological Society conference, Jan 2015
Borgida A, Mylopoulos J, Wong HKT (1984) Generalization/specialization as a basis for software specification. In: On conceptual modelling. Springer, New York, pp 87117
Borst W (1997) Construction of Engineering Ontologies. PhD thesis, Institute for Telematica and Information Technologies, University of Twente, Enschede, The Netherlands
Camporeale C, De Nicola A, Villani ML (2015) Semantics-based services for a low carbon society: an
application on emissions trading system data and scenarios managements. Environ Model Softw
64:124142
Coletti A, Howe P, Yarnal B, Wood N (2012) Technical note: a support system for assessing local vulnerability to weather and climate. Nat Hazards 65:9991008
Coletti A, Howe P, Yarnal B (2014): Local Resilience of Community Water Systems and Severe Weather
Patterns. In: 94the AMS Conference, Atlanta (GA)

123

Nat Hazards (2016) 84:13071325

1325

Collarits, Wergles (2009) MONITORan ontological basis for risk management. European Regional
Development Fund (ERDF) at www.monitor2.org. Last Accessed Jan 2015
De Nicola A, Missikoff M (2016) A lightweight methodology for rapid ontology engineering. Commun
ACM 59(3):7986
De Nicola A, Melchiori M, Villani ML (2014) A lateral thinking framework for semantic modelling of
emergencies in smart cities. In: Proceedings of the database and expert systems applications (DEXA)
2014 conference. Lecture notes in computer science, vol 8645, pp 334348
Dow Andrew K, Dow Eli M, Fitzsimmons Thomas D, Materise Maurice M (2015) Harnessing the environmental data flood: a comparative analysis of hydrologic, oceanographic, and meteorological
informatics platforms. Bull Am Meteor Soc 96:725736
EEA Report (2012) European Waterscurrent status and future challenges
EPA (2013) Geographic information systems analysis of the surface drinking water provided by intermittent,
ephemeral and headwater streams in the US. (water.epa.gov/lawsregs/guidance/wetlands/surface_drinking_water_index.cfm). Last Accessed 11 Nov 2014
EPA (2015) Community-Based Adaptation To A Changing Climate (1 MB, June 2015, EPA-230-F-15-001)
Ferreira MIGB, Moreira JLR, Campos MM, Braga BFB, Sales TP, de F. Cordeiro K, Borges MRS (2015)
OntoEmergePlan: variability of emergency plans supported by a domain ontology. In: Analytical
modeling and simulation proceedings of the ISCRAM 2015 conferenceKristiansand, May 2427
Furlow J, Scheraga JD, Freed R, Rock K (2002) The vulnerability of public water systems to sea level rise.
In: John RL (ed) Proceedings of the coastal water resource Conference, American Water Resources
Association, Middleburg, Virginia, TPS-02-1, 2002, 31-36
Gruber TR (1993) A translation approach to portable ontologies. Knowl Acquis 5(2):199220
Haase D (2011) Participatory modelling of vulnerability and adaptive capacity in flood risk management.
Nat Hazards 67(1):7797
Howe PD, Yarnal B, Coletti A, Wood N (2013) The participatory vulnerability scoping diagram: deliberative risk ranking for community water systems. Ann As Am Geogr 103:343352
Hunt JR, Baldocchi DD, van Ingen C (2009) Redefining ecological science using data. In: Hey T, Tansley S,
Tolle K (eds) The fourth paradigm: data-intensive Scientific Discovery University. Microsoft
Kraines S, Guo W (2011) A system for ontology-based sharing of expert knowledge in sustainability
science. Data Sci J Volume 9, 29 January 2011, pp 107123, doi:10.2481/dsj.Kraines, J-STAGE
Miles SB (2011) Participatory model assessment of earthquake-induced landslide hazard models. Nat
Hazards 56(3):749766
Milly PCD et al (2008) Stationarity is dead: whither water management? Science 319:573
Mylopolous J (2015) Data semantics in the days of big data. In: Keynote speech presented at the OTM
Conference 2015, Rhodes. Greece
Noy NF (2004) Semantic integration: a survey of ontology-based approaches. SIGMOD Rec 33(4):6570.
doi:10.1145/1041410.1041421 (December 2004)
Pagano A, Giordano R, Portoghese I, Fratino U, Vurro M (2014) A Bayesian vulnerability assessment tool
for drinking water mains under extreme events. Nat Hazards 74(3):21932227
Rickert B, Schmoll O (2011) Small-scale water supplies in the pan-European region. World Health Organization Regional Office for Europe
Sowa JF (1983) Conceptual structures: information processing in mind and machine. Addison-Wesley Pub,
Reading
Stewart ID, Oke TR (2012) Local climate zones for urban temperature studies. Bull Am Meteor Soc
93:18791900
Timofeyeva-Livezey Marina, Horsfall Fiona, Hollingshead Annette, Meyers Jenna, Dupigny-Giroux LesleyAnn (2015) NOAA local climate analysis tool (LCAT): data, methods, and usability. Bull Am Meteor
Soc 96:537545
Wang B, Pan SY, Ke RY, Wang K, Wei YM (2014) An overview of climate change vulnerability: a
bibliometric analysis based on Web of Science database. Nat Hazards 74(3):16491666
Watson (2009) NOAAs Community vulnerability assessment Tool in http://northeastarc.org/archive/2009/
html/abstracts/nearc_watson01_20091004.pdf
Wirtz A, Kron W, Low P, Steuer M (2014) The need for data: natural disasters and the challenges of
database management. Nat Hazards 70(1):135157

123