Proceedings of the Eighth International Conference on Probabilistic Safety Assessment & Management (PSAM)
240 Intertwining Risk Insights and Design Decisions (PSAM-0193)
Download citation file:
- Ris (Zotero)
- Reference Manager
The role of risk assessment in design is to yield insights that influence decisions. If done only at the culmination of the design process, the space of remaining options among which to decide is severely constrained. In response to late-lifecycle risk insights, changes to the designed system will be limited to fine tuning and modest refinements, with the only significant areas of variability remaining in the way that system is operated, maintained and (ultimately) decommissioned. These latter are accomplished by changes to not the system itself (which must be used more or less “as is”), but to the operational procedures, maintenance practices, and scenarios of use. Conversely, if risk assessment is done early and continued throughout the design process, opportunities exist to use the risk insights to influence both the design itself and how it is to be realized. Such early insights enable significant design changes before large and irrecoverable investments have been made.
The state of systems engineering is such that a form of early and continued use of risk assessments is conducted (as evidenced by NASA's adoption and use of the “Continuous Risk Management” paradigm developed by SEI). In recognition of inevitable future uncertainties as the design process unfolds, systems engineering practices include the establishment and tracking of pre-determined allocations of reserves of the kinds of resources seen to be critical to the design at hand (e.g., schedule, budget, mass, power). Risk assessment can be used to look ahead at the development plan and operational scenarios to identify significant risks. These risks can then be assessed in terms of their likelihoods, their potential impacts on the critical resources (e.g., cost, schedule and functionality), and the options for preventing/reducing risks or for workarounds should they occur. However, these practices fall short of the ideal: (1) Integration between risk assessment techniques and other systems engineering tools is weak. (2) Risk assessment techniques and the insights they yield are only informally coupled to design decisions. (3) Individual risk assessment techniques lack the mix of breadth, fidelity and agility required to span the gamut of the design space.
In this paper we present an approach that addresses these shortcomings. The hallmark of our approach is a simple representation comprising objectives (what the system is to do), risks (whose occurrence would detract from attainment of objectives) and activities (a.k.a. “mitigations”) that, if performed, will decrease those risks. These are linked to indicate by how much a risk would detract from attainment of an objective, and by how much an activity would reduce a risk. The simplicity of our representational framework gives it the breadth to encompass the gamut of the design space concerns, the agility to be utilized in even the earliest phases of designs, and the capability to connect to system engineering models and higher-fidelity risk tools.
It is through this integration that we address the shortcomings listed above, and so achieve the intertwining between risk insights and design decisions needed to guide systems engineering towards superior final designs while avoiding costly rework to achieve them. The paper will use an example, constructed to be representative of space mission design, to illustrate our approach.