RISK MANAGEMENT AS APPLIED

TO SYSTEMS ENGINEERING
Being a professional engineer means that
the wider public trusts you to be competent
and to adhere to certain ethical standards.
(IET)

A 10 presentation for Mullard Space Science Lab, by: Alfonso de la Fuente Ruiz - 25/10/2016
Unauthorized duplication and dissemination of this document is restricted. (C): https://www.linkedin.com/in/alfonsofr

DEFINITION
RISK: Potential of gaining or losing something of
value. The effect of uncertainity on objectives.

MANAGEMENT: Study and administration of an

organization.

SYSTEM: set of interacting or interdependent

component parts forming a complex or intricate
whole.

ENGINEERING: the structured application of

scientific knowledge in order to create, solve, or
improve some structure.

RISK VS IMPACT

(possibly
unknown) impact, or damage, that occurs over time,

Every identified threat has a likelihood of happening, or risk, plus a

affecting measurable value (VaR), usually in a negative way: by
diminishing property, efficacy, or other variables.

A vulnerability is defined as the actual occurrence of a threat

Risks must be first adequately modelled, and then avoided or
prevented. Their impact, in the event of risk materialization, is to be
kept as low and short as possible.

Examples of impacts are: delay/deadline missing, financial loss,

system halt, component degradation, malfunction, health/life loss,
financial loss, information theft.

Residual risk is defined as unitary value * probability defences:

RISK MANAGEMENT
Identification, Analysis, Assessment,
Monitoring, and Prioritized evaluation of
RISKS.

MITIGATION of these risks: coordinated and

economical application of resources to
monitor, minimize, and control the
probability of unfortunate events and their
impact, while maximizing the realization of
opportunities.

Multi-Objective OPTIMIZATION:

Minimize costs, durations, risks and impacts.

Maximize performance, reliability and resilience.

SYSTEMS ENGINEERING
and management of complex
Design

engineering systems, or system

development projects, over their
complete life-cycles.

The need to identify and manipulate

the properties of a system as a whole,
in larger projects, may greatly differ
from the sum of the parts' properties.

There is no panacea or silver bullet

that serves any arbitrary purpose with
zero risk exposure ().

SYSTEMS THEORY
Open Systems include inputs and outputs that operate in some
environment.

Systems Theory defines the following rules and properties [1]:

Each element may have an effect on the functioning of the whole.
Each element may be affected by one or more other element/s in the

system.
All possible subgroups of elements also may exhibit the previous two
properties
Systems may be composed of smaller systems.
Systems may be part of larger systems.
Systems may naturally grow more complex over time.

Systems may be classified in two genres:

AUTOMATIC SYSTEMS: Dynamic systems that tipically incorporate both

hardware and software elements.

NON AUTOMATIC SYSTEMS: Other natural, artificial, or theoretical,
systems.

EXAMPLES OF NON-AUTOMATIC SYSTEMS

A hydrogen atom: simple

components (proton +
electron + neutrons if
isotopic). Its a natural
system, but not man-made.

Human society: though there

is ongoing debate (Is it
"designed to work as a
coherent entity, or it may
be split into subsystems?)

EXAMPLES OF AUTOMATIC SYSTEMS

A chess-playing
automaton [2] (1912)
invented by Leonardo
Torres Quevedo.

Spanish Aerocar [3]: A

funicular, or aerial ferry,
installed by Torres
Quevedo at the Niagara
Waterfalls (1916).

Leonardo Torres Quevedo

Spanish inventor (1852-1936)
and intelectual heir of Charles
Babbage

EXAMPLES OF RISKS, IMPACTS, AND

MITIGATION OPPORTUNITIES
For the Chess Automaton:
Malfunction: cannot win/cannot move pieces according to the rules.
Impact: moderated. Mitigation: fix.

Additional costs: overbudget in development or maintenance.

Impact: financial. Mitigation: feature audit.

Systemic: Design too complex to implement (creeping requirements).

Impact: catastrophic. Mitigation: allocate more resources or abandon the
project.

For the Aerocar:

Malfunction: cannot go up/down.
Impact: moderated. Mitigation: contingency plan, rescue mission.

Delays: in finishing the project, or in length of route.

Impact: affects time and scheduling. Mitigation: Project Review, corrective
maintenance.

Accidental: cliffhanging, fire on board.

Impact: catastrophic. Mitigation: containment, damage control.

MANAGING RISKS IN SYSTEMS ENGINEERING

(I)
Contingency planning. Tools:

Risk Rating Matrix

Disaster Recovery & Impact Mitigation plan.
Mathematical Programming.
Provision of Training: when the system is prone to human
error.
Disaster Communication plan: when the incident may
affect the brands image (f.i: Volkswagen emissions case)
PERT, or Project Evaluation and Review Techniques
such as: GANTT charts, the Critical Path Method for
scheduling interdependent tasks.
CMMI, ITIL, and Configuration Management Tools for
Quality Assurance: particularly in digital networks and
software development.
SWOT Analysis, Brainstorming, Checklists, Decision Trees,
Cleanroom approach, Risk Information sheets, Mitigation
Status Reports, Risk Exposure Analysis, Divergence
Coefficients for Risk Profiling, Ishikawa fishbone Cause
& Effect diagrams, and other Project Management tools
and methodologies, such as PRINCE2(R) for projects in
controlled environments..

MANAGING RISKS IN SYSTEMS ENGINEERING

(II)
Careful (Mature) Preventive Design: Explicit
and exhaustive avoidance of Critical Failures
(systemic/catastrophic) based upon virtuous
cycle continual improvement processes.

TQM (Total Quality Management): improves

general quality, mitigates some impacts, and
prevents certain risks (Operational, Technical,
Managerial).

TRM (Total Risk Management): The 3 Ps [

4]: Probabilities + Prices (Values) + Preferences.

Control Systems Engineering techniques may

be of help when tackling and controlling risks in
a System or Project, through mathematical
modelling of values and threats.

IN SUMMARY:
RESEARCH: risks and their impacts. Priorities,
expectations, values, preferences, liabilities, measures [
5] and techniques.

DEVELOPMENT: of accurate, holistic measures,

contingency plans, and mitigation tools.

DESIGN: the system to be sturdy, mature, fail-proof,

and resilient.

INNOVATION: to keep an eye on new potential threats.

MAINTENANCE: preventive and corrective throughout
the systems lifecycle, with a focus on mitigation, and
long term sustainability.

COORDINATION
INFORMATION
COMMUNICATION

REFERENCES
[1]: Systems Theory terms http://lesswrong.com/lw/mxb/systems_theory_terms/
[2]: Leonardo Torres Quevedo Chess Automaton, footage taken at 1951 cybernetics conference in Paris (Vid. 25): https://www.youtube.com/watch?v=YoZ389Rs5s8
[3]: Lecture: What do they invent? Leonardo Torres Quevedo: the most prodigious inventor of his time by Dr. Francisco A. G. at OCSA Embassy of Spain in the UK (Vid. 74)
https://vimeo.com/37365710

[4]: Financial Analysts Journal - January/February 1999, Volume 55 Issue 1 The Three P's of Total Risk Management by Andrew W. Lo

http://

www.cfapubs.org/doi/abs/10.2469/faj.v55.n1.2238

[5]: UCLse Blog The importance of measuring the right thing http://blogs.ucl.ac.uk/uclse/2014/12/22/the-importance-of-measuring-the-right-thing/ by Ian Raper
[6]: UCLse Blog: Engineering, Ethics, and Risk http://blogs.ucl.ac.uk/uclse/2015/09/30/engineering-ethics-risk/ by Ian Raper (cover quotation)
[7]: UCLse Blog: Exploring Risk Management http://blogs.ucl.ac.uk/uclse/2015/01/21/exploring-risk-management/ by Michael Emes
[8]: UCL Centre for Systems Engineering Risk Modelling and Management http://www.ucl.ac.uk/syseng/research/risk-modelling-and-management
[9]: Risk Management for Systems Engineering http://www.dtic.mil/ndia/2004cmmi/CMMIT1Mon/Track1IntrotoSystemsEngineering/KISE09RiskManagementv2.pdf by Kasse
Initiatives LLC

[10]: Documentation from the Executive Master of Business Administration (MBA) of Information Technology Management, by IDE-CESEM Business School
http://www.ide-cesem.com/

Q&A

THANK YOU
Alfonso de la Fuente Ruiz 2016
All rights reserved