RISK ANALYSIS SUBGROUP BRIEFING PAPER
Last updated: 02. February 2004
EWICS TC7 (European Workshop on Industrial Computer Systems, Technical Committee 7, Safety, Reliability, and Security) is an international workshop of experts in the field of dependability of industrial computer systems with respect to safety, reliability, and security. The Risk Analysis Subgroup was set up within EWICS TC7 in June 1999. The current members come from government bodies, industry, universities and research institutes. The subgroup aims at producing a Guideline for the performance of Risk Analyses.
Performing risk analyses on systems or installations that include Programmable Electronic Systems (PES) is required when such systems have safety critical properties. Although relevant standards such as IEC 61508 demand that certain analyses be performed for a safety assessment, they do not give sufficient guidance on which technique should be used when, nor on the factors to be considered when choosing a particular technique. There is a reasonably large amount of literature describing risk analysis techniques, but there is little guidance on which techniques are best suited for a given application, nor is there a classification of techniques by applicability, effort, complexity etc. that would facilitate choosing the most suitable (or practicable) technique.
Activities and Progress to Date
A general outline for the intended guideline has been agreed upon, with the following structure:
2. Fundamentals of risk analysis
2.1 The concept of risk
2.2 Risk tolerance
2.3 Risk reduction
2.3.1 Risk avoidance
2.3.2 Risk removal
3. State of the art in risk analysis
3.1 Risk analysis techniques
3.2 Classification by context
3.3 Classification by effort
4. Guideline for selection of risk analysis techniques
5. References, literature, links
5.1 Standards, EU directives etc.
5.2 Rules and regulations
5.3 Supplementary reading
6. Revision history
The current activities concentrate on collecting inputs for the various chapters envisioned for the guideline, starting with 3.1. Group members will review the inputs. Most recent activities included a close cooperation with the subgroup on medical devices. A common position paper is in a draft stage. Furthermore, Task Groups have been set up to investigate the use of risk analysis in the medical, rail and security sectors and to investigate the definition of risk and risk perception. Each group will produce a working paper on the results of their investigation.
Contacts and Membership
EWICS TC7 and the Risk Analysis Subgroup welcome new members. For membership in EWICS TC7, see the EWICS home page at www.ewics.org. For more information about the Risk Analysis Subgroup, contact:
Odd Nordland (Chairman)
e-mail: odd.nordland 'at' sintef.no
Peter Daniel (Vice Chairman)
tel.: ++44 151 282 5200,
fax: ++44 151 254 1194,
e-mail:pete.daniel 'at' marconiselenia.com