Risk Assessment. Marvin Rausand

Risk Assessment - Marvin Rausand


Скачать книгу
subsystems and components. An alternative approach is to consider the system functions and to break each function down into subfunctions and actions. A functional breakdown structure may often be more useful than a hardware breakdown structure as a starting point for risk and reliability studies.

      The causal structure for a system failure or a system accident may also be represented as a hierarchical structure starting from the system failure/accident. Indenture level 2 represents the direct causes of the failure/accident, whereas indenture level 3 represents the direct causes leading to each of the causes at indenture level 2, and so on. The obtained structure represents a hierarchical structure of the causes of the system failure/accident.

      4.2.5 System Boundary

      Definition 4.4 (System boundary)

      The system boundary separates the internal components and processes of a system from external entities. Internal to its boundary, the system has some degree of integrity, meaning the parts are working together and this integrity gives the system a degree of autonomy. 1

      4.2.6 Assumptions

      All assumptions and boundary conditions should be clearly specified in the documentation of the risk analysis. Examples include answers to questions, such as

       – What are the objectives of the study?

       – What level of detail is required?

       – What are the environmental conditions for the system?

       – How is the system operated?

       – Which operational phases are to be included in the study (e.g. start‐up, steady state, maintenance, and disposal)?

       – Which external stresses should be considered (e.g. earthquakes, lightning strikes, sabotage, and cyberattacks)?

      Some of these assumptions are also mentioned in Chapter 3.

      4.2.7 Closed and Open Systems

      The study object may be a closed or an open system. A closed system may be defined as follows:

      Definition 4.5 (Closed system)

      A system where the interface to the environment is static and always according to the assumptions specified.

      Definition 4.6 (Open system)

      A system where disturbances in the environment may influence the study object and required system inputs and outputs may fluctuate or even be blocked.

      Open systems are generally more difficult to analyze than closed systems.

      Items are generally designed and built for an intended operating context that should be clearly stated in the item specification and in the user documentation.

      Definition 4.7 (Operating context)

      The environmental and operating conditions under which the item is (or is expected to be) operating.

      Consider a domestic washing machine. The user manual of the washing machine may, for example, specify intervals for the voltage and frequency of the power supply, the pressure and temperature of the water supply, the type and weight of laundry (e.g. clothes, carpets) put into the machine, the temperature in the room where the machine is located, and the surface on which the machine is placed. 2

      Example 4.2 (Operating context for a passenger ship)

      In military applications, the concept of operations (CONOPS) document describes the operating context of the item.

      A system analysis is always based on a model, which is a simplification of the system or of one or more properties of the system. Many types of models are available. Among these are system structure models, also called architecture models, functional models, state transition models, and so on. System modeling helps the analyst to understand the structure and functionality of the system. Models may further be used to communicate with other stakeholders to the risk assessment. The IEV defines a model as follows:

      Definition 4.8 (Model)

      Mathematical or physical representation of a system or a process, based with sufficient precision upon known laws, identification, or specified suppositions (IEV 351‐42‐26).

      An example of a model is a map of a terrain. The model (the map) provides a lot of information about the system, but it will always be a simplification compared to the real world. The information that is included is still useful for navigating.

      4.4.1 Component Modeling


Скачать книгу