A modular risk concept for complex systems

Abstract: Our ways of managing risk have in the past been adapted to changes in technology and society. Amidst the ongoing digital transformation, the ur-gency of adapting risk management to changing needs seems higher than ever. This paper starts with a brief historic overview of the development of risk management in the past. The paper motivates the views that for com-plex systems, risk should be controlled by enforcing constrains in a modular way at different system levels, that the constraints can be expressed as assur-ance contracts and that acceptable risk mitigation can be demonstrated in as-surance case modules. Based on extensive industry experience of the authors, a major contribution is to explain how already existing methodologies have been combined to cre-ate a concept for modular risk assessment. Examples from assurance of au-tonomous sea navigation and autonomous driving are used to illustrate the concept. Beyond the existing methodologies this paper generalizes risk con-straints to assurance contracts as an enabler of modular risk assessment spanning all relevant system levels and stakeholder perspectives while main-taining the dependencies between the system parts and accounting for emer-gent system behavior. Furthermore, the use of safety integrity levels (SIL) and similar concepts for assigning assurance rigor have been avoided in favor of direct assessment of assurance case argument rigor, because technology and applications change too fast to justify using past experience as evidence of validity of such prescriptive schemes. This paper aims to help practitioners making efficient and timely risk-informed decisions about complex integrated systems.