Dear Colleagues

I must gratefully acknowledge Dave MacDonald, our engineering risk consultant (currently examining risks at an international airport), for detailed advice on risk engineering in this note. I have been horrified by the basic misunderstandings by our so-called financial experts on risk, especially concerning the fact that risk is not randomly distributed and thinking that each event has no bearing on the next event in a sequence (as you can see unfolding on TV over the past week). Now if they had been slightly more quantitatively oriented such as you this issue would not have arisen. Please forgive the slightly more tutorial note here but I believe it is worthwhile. Risk engineering is a principle that underlies most design and maintenance tasks in engineering. It is interesting that the approach to most design tasks follows the simple principle that the expenditure of money and effort in any project must be appropriate to the rewards and appropriate to the level of risk that will be accepted by the public and the business owners or investors.  Risk engineering is a principle that underlies most design and maintenance tasks in engineering. Simply put we adjust the level of effort in design and the expenditure on equipment to suit the objectives of the mission. To do this safely and effectively we need to apply the principles of risk management to the engineering tasks in hand. Firstly, what is risk?  It’s the combination of the likelihood of a specified event and severity of its consequence.
 
i.e  Risk = Frequency of  Unwanted Event  X  Scale of Consequence
 
The event: In the practice of engineering design the event is generally an undesirable thing such as a component or system failure or a dangerous hazardous event such as an explosion or fire.
 
The frequency or likelihood of the event has to be estimated by some method of data gathering or analysis.
 
The scale of consequence depends on how much damage the undesirable event is going to cause either to people or to the environment or to the business profit and loss account.

Measuring the risk or risk assessment is the key to the application of risk based design.  If you have hard data on failure rates, a very good understanding of the failure modes and can predict the consequences of failures accurately you can quantify the risk very well. Usually we do not have that luxury so we have to use various ways of estimating and approximating the risk calculation to achieve a good feel for the risk. In the design process the risk estimation task is critical and it seems that this where most of the mistakes can occur. In particular engineers need to be alerted to the sort of problems that have beset the financial world. If we do not have a good model for cause and effect then we may be in danger of underestimating the impact of individual failures of parts of the system. .
 
By way of an example: in safety control systems it is a well established principle that an independent shutdown device will protect against a failure of a process component or a control loop. But this will not work very well if we have failed to notice that there is a common link between failure of the process and its protection system. These are common mode failures. (In banking systems if you secure your housing loans by backing them up from another bank that also does housing loans this is a pretty basic common mode failure waiting to happen!)
 
We have seen how the generalized models for risk management are directly applicable in engineering management. Risk management involves the systematic analysis of risk levels, knowledge of acceptable risk levels and the selection of measures to reduce risk to the acceptable level. The selection of measures involves balancing the  level of risk achieved against the cost of achieving it. 

Action steps for dealing with risk:

* Ensure you estimate the risks correctly
* Understand the causes and effects well (eg common links)
* Apply measures to reduce the risk to acceptable levels
* And, naturally look at the costs of achieving this reduction in risks carefully
 
Especially as far as our financial friends are concerned, George Patton hit the nail on the head: Take calculated risks. That is quite different from being rash.

Yours in engineering learning
 
Steve