Risk analysis of systemsRisk analyses can be performed on all type of systems, and are essential in order to reveal the risks and make it possible to minimise them. SP can perform risk analyses at different system levels.
Some of the methods that we use for risk analyses are:
- HAZOP (risk identification)
- "What if "
- FTA (fault tree analysis)
- FMEA (fault mode and effects analysis)
SP can assist with advice and by performing risk analyses for various types of systems and at various stages in the life cycle of a product.
Risk of damage or injury everywhere
Risk is defined as a function of the probability and the extent of damage. Risks occur in various forms for all possible systems: damage to machinery, injury to persons or environmental damage, as well as economic damage resulting from the payment of damages or loss of reputation.
ALARP - Acceptable risk level
All systems present some form of risk. Total elimination of all risks is not realistic in practice, and the usual approach is to apply ALARP - As Low As Reasonably Practical, i.e. to achieve a level of risk so low that it is regarded as acceptable. What this level is for any particular specific case depends on the application and the circumstances under which it is intended to be used.
Alternatively, the ALARP level can be defined by state-of-the-art standards or by convention. However, it is often impossible quantitatively to state the probability and extent of damage: instead, a qualitative assessment is made, e.g. on a scale of 1 to 5.
Risk analysis of subsystems
Risk analysis was originally intended for investigation of the damage caused by a complete system, but there is no reason in principle why it should not be used on subsystems in cases where the resulting damage caused by failure cannot be directly observed. Consider, for example, the case where a component connected to a network must not transmit a certain message at the wrong time. Briefly, an important part of risk analysis is to identify the boundaries and conditions of the analysed system. In addition, risk analysis should be carried out on several parts of the development process, as well as during the operational and maintenance phases, e.g. when modifications are made, and it is necessary to ensure that safety has not been compromised.
Methods of identifying risks
Performing a thorough risk analysis requires a number of approaches which complement each other, and the participation of persons having complementary knowledge and experience. HAZOP and "What if?" are suitable methods of working.
HAZOP uses various key words, such as "too much" or "too little", and applies them to various aspects and looks to see if the consequences present any risks. "What if?" involves systematic application of the question, postulating various events. The purpose of both methods is to stimulate the creativity of those involved.
Methods of investigating dangerous events
FTA and FMEA are the methods generally used for investigation of the causes of dangerous events. FTA starts with an undesired top event, and analyses the conditions and events that can lead to it. It is important to identify appropriate abstraction levels and generalisations that cover all the important aspects, but which avoid swamping the work with unnecessary details.
FMEA is more direct: it involves identification of which fault modes there are for signals, and then applying them and seeing what the consequences are. FMEA can therefore be seen as a bottom-up method, while FTA is a top-down method: the two methods complement each other.