Marvin Rausand - Risk Assessment

A system analysis of an existing system can be seen as a reverse engineering process that is carried out to understand how the system is built and how it is functioning, usually to improve it. For new cutting edge products, competitors may sometimes use analysis, in the meaning of reverse engineering, to learn and “steal” the new technology.

A system analysis may be followed by its inverse process, the synthesis. The term “synthesis” is defined as follows:

Systematic combination of elements to form a whole (i.e. a system).

The processes of analysis and synthesis are illustrated in Figure 4.5.

Figure 4.5Analysis versus synthesis.

Recent books on risk and reliability analysis are concerned with “complex systems,” but (almost) none of them define what they mean by the term complex . In our understanding, we may classify a system into one out of three categories:

Simple systems. A simple system is easy to understand and can be analyzed by following a defined procedure or algorithm. Most simple systems have a rather small number of components. Simple systems comply with the Newtonian–Cartesian paradigm.

Complicated systems. A complicated system has a high number of components with a fair degree of interrelationships and interdependencies between the components. By using current knowledge (e.g. by involving subject experts), we can understand the relevant system properties and analyze it. The relationships between the components can be reduced to clear, predictable interactions. Complicated systems can be decomposed and comply with the Newtonian–Cartesian paradigm. Examples of complicated systems include airplanes and computers.

Complex systems. In a complex system, the behavior of at least some of the components or the interactions between them are not fully understandable, even when using all current knowledge. The performance of a complex system cannot be predicted adequately via linear relationships. A complex system cannot be adequately understood and analyzed by traditional approaches because the system is something more than a sum of its components. A complex system cannot be decomposed without losing some characteristics and does not comply with the requirements of the Newtonian–Cartesian paradigm. Some authors simply define a complex system as a system that does not comply with the Newtonian–Cartesian paradigm.

The term “complexity” may be defined as follows:

A scientific theory that asserts that some systems display behavioral phenomena completely inexplicable by any conventional analysis of the systems' constituent parts.

The following complexity metaphor was coined already by Aristotle (384–322 BCE).

The whole is greater than the sum of its parts.

Complexity leads to several challenges for risk analysis, as pinpointed by Leveson (1995):

Many of the new hazards are related to increased complexity (both product and process) in the systems we are building. Not only are new hazards created by the complexity, but the complexity makes identifying them more difficult.

The ever‐increasing integration of information and communication technology in systems and the expanding digital infrastructure are important contributors to system complexity. This problem is discussed further by Grøtan et al. (2011).

Most often, a system is not designed or built to be complex, but develops into a complex system through changes, coupling, and/or emergent properties.

An emergent property may be defined as follows:

A property of a system of elements that cannot be derived from the properties of the individual elements.

An emergent property is a property of the system as a whole rather than a property that can be deduced from the properties of the system components. This applies even if we had total knowledge about the properties of any one of the system components. Emergent properties can only be observed and measured when the components have been integrated into a system. A system with emergent properties is nondeterministic and does not always produce the same outputs when presented with the same inputs. A frequently used example of emergent property is salt (sodium chloride). Both sodium (Na) and chlorine (Cl) are poisonous when taken separately, but when compounded into salt (NaCl) it is part of our daily diet. It is not at all possible to deduce the properties of salt from the properties of sodium and chlorine.

Emergent properties occur within many categories of systems. In chemical systems, for example, we often see forces that are greater than the sum of the forces of their constituent parts. Many sociotechnical systems have emergent properties and are, therefore, not possible to analyze adequately.

1 4.1 What is meant by a “black box” analysis? Give some examples of such an analysis.

2 4.2 Assume that you are going to do risk analysis of an electric coffee maker. Is this a technical or a sociotechnical system? If you concluded that it is a sociotechnical system, what are the nontechnical aspects?

3 4.3 Find examples of technical (man‐made) systems that, if we are going to do a risk analysis of them, would not be considered as sociotechnical systems.

4 4.4 Consider a car ferry transporting passengers and cars across a stretch of water as a system. The system also includes the harbors at both ends. Set up a breakdown structure for this system in two ways: With respect to the physical elements of the system and with respect to the functions/processes performed by the system. Do you think a risk analysis would lead to the same results regardless of which breakdown structure is chosen?

5 4.5 Define the boundaries of the coffee maker considered in Problem 4.2 . What are the external inputs to the system you have defined and what are the outputs? Could a change in the boundaries change the risk analysis?

6 4.6 Define the operating context for the coffee maker in Problem 4.2 .

7 4.7 Describe your interpretation of a complex system. Write down five attributes that make a system complex.

8 4.8 Reconsider the car ferry transporting system in Problem 4.4 . Give two examples of emergent properties that may occur in this system and discuss potential causes of these properties.

9 4.9 Consider an ordinary bicycle and establish a system breakdown structure for this bicycle. Next, consider the stability of the bicycle during normal use. Do you consider it to be possible to deduce the stability properties of the bicycle from the properties of its elements? Would you call the stability an emergent property? Explain why you arrive at this answer.

1 von Bertalanffy, L. (1968). General System Theory; Foundations, Development, Applications. New York: George Braziller Inc.

2 Grøtan, T.O., Størseth, F., and Albrechtsen, E. (2011). Scientific foundations of addressing risk in complex and dynamic environments. Reliability Engineering & System Safety 96: 706–712.

3 ISO 12100 (2010). Safety of machinery – general principles for design: risk assessment and risk reduction, International standard ISO 12100. Geneva: International Organization for Standardization.

4 Leveson, N. (1995). Software. System Safety and Computers: A Guide to Preventing Accidents and Losses Caused by Technology. Reading, MA: Addison‐Wesley.