managing uncertainty in the context of
play

Managing Uncertainty in the Context of Risk Acceptance - PowerPoint PPT Presentation

Oct 27, 2023 •568 likes •727 views

Managing Uncertainty in the Context of Risk Acceptance Decision-Making at NASA: Thinking Beyond The Model Presented at the Rigorous Test and Evaluation for Defense, Aerospace, and National Security" Workshop Crystal City, VA April

  1. Managing Uncertainty in the Context of Risk Acceptance Decision-Making at NASA: Thinking Beyond “The Model” Presented at the “Rigorous Test and Evaluation for Defense, Aerospace, and National Security" Workshop Crystal City, VA April 11, 2016 Homayoon Dezfuli, Ph.D. Technical Fellow, System Safety Office of Safety and Mission Assurance NASA Headquarters

  2. Acknowledgments • Opinions expressed in this presentation are not necessarily those of NASA • Most of the present discussion is based on work performed by the Office of Safety and Mission Assurance in conjunction with: – NASA System Safety Handbook, Volume 1 (NASA/SP-2010-580) – NASA System Safety Handbook, Volume 2 (NASA/SP-2014-612) NASA’s initiatives to formalize its processes for risk acceptance – 2

  3. Overview • In the NASA risk management context, “risk” means “potential for falling short of performance requirements” E.g., a particular value of Probability of Loss of Crew (P(LOC)) might be a – safety performance requirement (threshold for maximum acceptable risk) The risk is the probability that the “actual” P(LOC) > the threshold – – Roughly analogous to MIL-HDBK-189C consumer risk : the probability of accepting a system when the true reliability is below the technical requirement • In a mission context, the scope of performance requirements spans the domains of safety, technical, cost, and schedule • Specifying acceptable levels of performance for a given system is a question of requirements setting and relates to policy decisions (not a topic of this presentation) • Uncertainty about what the “actual” performance of a system is, or will be, relates to epistemic uncertainty, and is a topic of this presentation • At issue is the need to make sure that the decision maker (DM) is adequately apprised of all the relevant uncertainty when making risk acceptance decisions For the above example, in order to justify a risk acceptance decision, DM – needs assurance (enough confidence) that P(LOC) < “threshold” 3

  4. How Safe Is Safe Enough? • The trigger for dealing with the issue of “adequate safety” was the NASA Aerospace Safety Advisory Panel (ASAP) Recommendation 2009- 01-02a: “ The ASAP recommends that NASA stipulate directly the acceptable risk levels — – including confidence intervals for the various categories of activities (e.g., cargo flights, human flights) —to guide managers and engineers in evaluating “how safe is safe enough.” • NASA accepted the ASAP recommendation and committed to establishing safety thresholds and goals for human space flight – Safety threshold expresses an initial minimum tolerable level of safety Safety goal expresses expectations about the safety growth of the system in – the long term • Additionally, b ecause of spaceflight’s high risk, NASA also recognized an ethical obligation to pursue safety improvements wherever practicable In other words, NASA systems should be As Safe As Reasonably – Practicable (ASARP) The ASARP principle applies regardless of meeting safety thresholds and – goals • Threshold and goal values, as well as the level of ASARP application, are a function of risk tolerances 4

  5. Adequate Safety Adequate Safety Meeting Minimum Levels Being ASARP of Safety • Analyze a range of alternatives during major design, product realization, operations and • Establish safety thresholds, safety sustainment decisions (i.e., risk-informed decision making (RIDM)) goals, safety growth profiles • Prioritize safety during decision making • Establish safety performance • Implement design-for-safety strategies (e.g., hazard elimination, hazard control (e.g., margins to account for UU risk Design for Minimum Risk (DFMR)), failure tolerance (e.g., redundancy/diversity), safing, • Levy safety performance emergency operations) requirements and associated • Analyze and test (e.g., Hazard Analysis, Failure Modes & Effects Analysis and Critical verification procedures (e.g., Items List, PRA, qualification/acceptance testing) Probabilistic Risk Assessment (PRA), • Monitor and respond to performance (e.g., precursor analysis, Problem Reporting and tests) Corrective Action (PRACA), closed-loop risk management) • Conduct verifications • Adhere to appropriate codes and standards • Etc. 5

  6. Risk Models • Risk model development (synthetic analysis) attempts to forecast performance within a probabilistic framework that accounts for known, quantifiable sources of epistemic uncertainty. Performance Measure Values for Alternative i Performance Performance … Performance Measure 1 Measure 2 Measure n Cost & Schedule Safety Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Input Technical Input Input Input Input Decision Alternative i Input Input Input Input Input Performance Parameter 1 Performance Parameter 2 … Performance Parameter m 6

  7. Real World vs. Models • Risk models must be constantly and critically re-examined for consistency with system configuration/ operation, and updated with relevant information (e.g., accident precursor analysis…) to ensure the closest correlation and fastest convergence between the “real world” and the “risk model” 7

  8. The Gap • However, in NASA contexts there is typically a gap between the real world and the model that is initially dominating and does not converge until long after most major decisions have been made Executing first-of-a-kind missions with first-of-a-kind hardware – – Employing systems that operate at the edge of engineering capability • This gap is the domain of so-called Unknown and/or Underappreciated (UU) risks • UU risks live outside the model due to: – Model incompleteness Being outside the scope of the model – – Violating the model assumptions – Remaining latent in the system until revealed by operational failures, precursor analysis, etc. – Tending to be most significant early in the system life cycle – Disproportionally reflecting complex intra-system and environmental interactions 8

  9. How Significant is the Gap? GAP MODEL UU scenarios have historically represented a significant fraction of actual risk, especially for new systems 9

  10. Launch System Reliability Trends Source: Morse et al., “Modeling Launch Vehicle Reliability Growth as Defect Elimination,” AIAA Space Conference and Exhibition (2010). 10

  11. Results of Retrospective Analysis of Space Shuttle Risk 0.12 0.1 R U is the contribution of UU P(LOC) scenarios to the P(LOC) level 0.08 R U Backward-Look PRA Results Actual Risk (Known + UU Scenarios) Accounting for Revealed LOC 0.06 Accidents 0.04 Backward-Look PRA Results Not Accounting for Revealed LOC Accidents 0.02 Final System Risk R K Risk from Known Scenarios 0 0 50 100 150 Chronological Flight Number Source: Shuttle Risk Progression: Use of the Shuttle Probabilistic Risk Assessment (PRA) to Show Reliability Growth, Teri L Hamlin et al. (AIAA, 2010) (downloadable from http://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/20110004917_2011004008.pdf) 11

  12. Accounting for Unknown/Underappreciated (UU) Risks • Aerospace Safety Advisory Panel (ASAP) and others have identified the need to consider the gap between known risk and actual risk when applying NASA safety thresholds and goals • We use the concept of safety performance margin to account for UU risks • Based on historical Risk Acceptance Threshold for Actual Risk discrepancies between initially-calculated and eventually- demonstrated safety performance Requirement for Known Risk • Provides a rational basis for deriving probabilistic requirements on known risk 12

  13. The Case for the “Safety Case” • In order to be adequately informed, risk acceptance decision-making must go beyond the risk analysis • A holistic “safety case” must be made that the system is adequately safe: a coherent and evidentiary statement of how safe we are (or will be) at a given stage of the life cycle Unknown / Underappreciated – Substantiation that UU risks are adequately managed via application of the ASARP principle: Minimize the presence of UU scenarios (e.g., via margin, programmatic commitments) • Maximize discovery of UU hazards (e.g., via testing, liberal instrumentation, monitoring, and • trending, anomaly investigation, Precursor Analysis, use of best safety analysis techniques) Provide broad-coverage safety features (e.g., abort capability, safe haven, rescue) • – Substantiation that the known risk (calculated by PRA) is within the specified safety performance requirement Known Known risks are managed by applying controls that are designed to mitigate identified accident • scenarios • The “safety case” goes beyond traditional system-centric risk analysis to address the totality of the “uncertainty story” about the actual safety performance of the system – Presented and defended by the provider at key decision points – Provides the DM with a rational basis for identifying assurance deficits (inadequacies in the evidentiary support of the safety claims) – Involves serious consideration of things that live outside traditional risk models (e.g., organizational and management factors) 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 10: Managing Lecture 10: Managing Uncertainty in the Supply Chain Uncertainty in the

Lecture 10: Managing Lecture 10: Managing Uncertainty in the Supply Chain Uncertainty in the

Lecture 10: Managing Lecture 10: Managing Uncertainty in the Supply Chain Uncertainty in the Supply Chain (Safety Inventory) (Safety Inventory) Quality Assurance in Supply Chain Management (INSE 6300/4-UU) Winter 2011 INSE 6300/4-

601 views • 23 slides
Managing Expectation in Times of Uncertainty Duke Residency and Executive Coaching Programs

Managing Expectation in Times of Uncertainty Duke Residency and Executive Coaching Programs

Managing Expectation in Times of Uncertainty Duke Residency and Executive Coaching Programs MettaSolutions September 28,2020 Introductions and Overview Coach Facilitator Introductions Participant introduction Agenda o Uncertainty

587 views • 21 slides
Managing Design-Time Uncertainty Michalis Famelis, Marsha Chechik MODELS 2017 Austin TX, USA

Managing Design-Time Uncertainty Michalis Famelis, Marsha Chechik MODELS 2017 Austin TX, USA

Managing Design-Time Uncertainty Michalis Famelis, Marsha Chechik MODELS 2017 Austin TX, USA Uncertainty in Software Development Many design alternatives Incomplete information Conflicting stakeholder opinions Uncertain inty durin ring th

830 views • 33 slides
Uncertainty AIMA Chapter 13 Outline Uncertainty Uncertainty Probability Syntax and

Uncertainty AIMA Chapter 13 Outline Uncertainty Uncertainty Probability Syntax and

Uncertainty Uncertainty AIMA Chapter 13 Outline Uncertainty Uncertainty Probability Syntax and Semantics Inference Independence and Bayes Rule Uncertainty Uncertainty Let action A t = leave for airport t minutes before

999 views • 46 slides
Managing Through Uncertainty Destination Success Paper Presentation Faculty/Staff

Managing Through Uncertainty Destination Success Paper Presentation Faculty/Staff

Managing Through Uncertainty Destination Success Paper Presentation Faculty/Staff Conference, Spring 06 Southern University Shreveport January 9, 2006 Mr. Martin B. Fortner, Asst. Director Planning, Research &amp; Evaluation

230 views • 18 slides
18.09.2018 Managing Change under Uncertainty Esther Celosse 1 International Corporate

18.09.2018 Managing Change under Uncertainty Esther Celosse 1 International Corporate

18.09.2018 Managing Change under Uncertainty Esther Celosse 1 International Corporate Lawyer 25 years Financial Industry: People &amp; Business Development, Mergers &amp; Acquisitions Strategy Different

238 views • 12 slides
Lecture 10: Managing Lecture 10: Managing INSE 6300/4 INSE 6300/4- -UU UU Uncertainty in

Lecture 10: Managing Lecture 10: Managing INSE 6300/4 INSE 6300/4- -UU UU Uncertainty in

Lecture 10: Managing Lecture 10: Managing INSE 6300/4 INSE 6300/4- -UU UU Uncertainty in the Supply Chain Uncertainty in the Supply Chain (Safety Inventory) (Safety Inventory) Quality Assurance In Supply Chain Management

517 views • 12 slides
Managing Uncertainty in Value-based SE Tim Menzies (tim@menzies.us) Phillip Green, Oussama

Managing Uncertainty in Value-based SE Tim Menzies (tim@menzies.us) Phillip Green, Oussama

Managing Uncertainty in Value-based SE Tim Menzies (tim@menzies.us) Phillip Green, Oussama Elwaras 10/27/08 23rd International Forum on COCOMO and Systems/Software Cost Modeling Sound bites On sampling some systems, we see Come to PROMISE

552 views • 30 slides
UNCERTAINTY IN KNOWLEDGE Ch. 9 Uncertainty in Knowledge 1 Sources of Uncertainty

UNCERTAINTY IN KNOWLEDGE Ch. 9 Uncertainty in Knowledge 1 Sources of Uncertainty

UNCERTAINTY IN KNOWLEDGE Ch. 9 Uncertainty in Knowledge 1 Sources of Uncertainty Uncertainty in problem solving can be attributed to Imperfect domain knowledge Imperfect case data Experts employ inexact methods for two

605 views • 31 slides
Uncertainty Reasoning through Similarity in Context Claudia dAmato Nicola Fanizzi

Uncertainty Reasoning through Similarity in Context Claudia dAmato Nicola Fanizzi

Uncertainty Reasoning through Similarity in Context Claudia dAmato Nicola Fanizzi Dipartimento di Informatica Universit` a degli studi di Bari, Italy 2nd ARCOE Workshop @ ECAI2010, Lisbon , PT Introduction Motivations Motivation Reasoning

551 views • 26 slides
Uncertainty Visualization in the Context of CO 2 Storage Simulation Marcel Hlawatsch, Sergey

Uncertainty Visualization in the Context of CO 2 Storage Simulation Marcel Hlawatsch, Sergey

Employing Model Reduction for Uncertainty Visualization in the Context of CO 2 Storage Simulation Marcel Hlawatsch, Sergey Oladyshkin, Daniel Weiskopf University of Stuttgart Problem setting - underground CO 2 storage Decision making

540 views • 13 slides
Managing Risk at Northern Contaminated Sites: Differentiating Assessment-derived Uncertainty from

Managing Risk at Northern Contaminated Sites: Differentiating Assessment-derived Uncertainty from

Managing Risk at Northern Contaminated Sites: Differentiating Assessment-derived Uncertainty from Risk Assessment Conservatism in Remedial Action Planning RPIC Montreal 2016 Presented by: Francois Lauzon Prepared by: David Wilson Stantec

415 views • 27 slides
Defined Benefits: today and tomorrow Valuing and managing liabilities Considerable uncertainty

Defined Benefits: today and tomorrow Valuing and managing liabilities Considerable uncertainty

Defined Benefits: today and tomorrow Valuing and managing liabilities Considerable uncertainty in valuing liabilities Survivors Job tenure Discount rate Salary growth Longevity Inflation Investment returns Interest rates Accounting

412 views • 7 slides
The Presentation of Risk and Uncertainty in the Context of National Missile Defense Simulations

The Presentation of Risk and Uncertainty in the Context of National Missile Defense Simulations

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/304196307 The Presentation of Risk and Uncertainty in the Context of National Missile Defense Simulations Article in Human Factors and

236 views • 6 slides
Managing Uncertainty in Self-* Systems with Plan Reuse and Stochastic Search Cody Kinneer, Zack

Managing Uncertainty in Self-* Systems with Plan Reuse and Stochastic Search Cody Kinneer, Zack

Managing Uncertainty in Self-* Systems with Plan Reuse and Stochastic Search Cody Kinneer, Zack Coker, Joanna Wang, David Garlan, Claire Le Goues 2 C l o u d We b S e r v e r U s e r s U s e r s D a t a C e n t e

805 views • 34 slides
Uncertainty and its Representa/on @kordinglab Uncertainty ma7ers

Uncertainty and its Representa/on @kordinglab Uncertainty ma7ers

Uncertainty and its Representa/on @kordinglab Uncertainty ma7ers The brain is good with uncertainty Measure world + uncertainty Derive op/mal behavior

240 views • 11 slides
Quirijn Lodder About myself: Work: Rijkswaterstaat (National Government) equivalent of

Quirijn Lodder About myself: Work: Rijkswaterstaat (National Government) equivalent of

Asset management of the Dutch coast: Policy and Practice Quirijn Lodder About myself: Work: Rijkswaterstaat (National Government) equivalent of Environment Agency Tasks: Technical Management of the Dutch Coastal Nourishment

642 views • 36 slides
Risk Assessment the 5 steps What are the hazards? Who is doing what, where &amp; when?

Risk Assessment the 5 steps What are the hazards? Who is doing what, where &amp; when?

Risk Assessment the 5 steps What are the hazards? Who is doing what, where &amp; when? (WWW) AND Who else might be affected by what is done? What is the degree of risk? What do we need to, or can we, do to control

145 views • 10 slides
RISK ASSESSMENT IN GREEK HEALTH CARE SETTINGS Estimation de la risque dans services du system

RISK ASSESSMENT IN GREEK HEALTH CARE SETTINGS Estimation de la risque dans services du system

RISK ASSESSMENT IN GREEK HEALTH CARE SETTINGS Estimation de la risque dans services du system Grec de la Sant Styliani Tziaferi Assistant Professor in Community Nursing Dep. of Nursing Faculty of Human Movement and Quality of Life Sciences

456 views • 21 slides
Compliance vs. Due Diligence: SFAIRP and its Interaction with Systems Safety and Assurance

Compliance vs. Due Diligence: SFAIRP and its Interaction with Systems Safety and Assurance

Compliance vs. Due Diligence: SFAIRP and its Interaction with Systems Safety and Assurance Approaches Tim Procter Tel: Mob: Email: International Railway Safety Council Conference October 2019 Context System Safety and Assurance

647 views • 40 slides
NGAP 2 MODEL ICAO FORUM 2018 MODEL ICAO FORUM STREAM 1 B UNMANNED AIRCRAFT SYSTEMS (UAS):

NGAP 2 MODEL ICAO FORUM 2018 MODEL ICAO FORUM STREAM 1 B UNMANNED AIRCRAFT SYSTEMS (UAS):

NGAP 2 MODEL ICAO FORUM 2018 MODEL ICAO FORUM STREAM 1 B UNMANNED AIRCRAFT SYSTEMS (UAS): Aviation for Next Generation STREAM LEADERS - Phil Dawson, ICAO - Wang Yingxun, President of Yunnan Innovation Institute - Filippo Tomasello,

327 views • 20 slides
Jefferies Virtual Industrials Conference August 6, 2020 Investor Presentation 2 Forward Looking

Jefferies Virtual Industrials Conference August 6, 2020 Investor Presentation 2 Forward Looking

Jefferies Virtual Industrials Conference August 6, 2020 Investor Presentation 2 Forward Looking Statements Forward-looking statements involve known and unknown risks, uncertainties, assumptions, and other important factors that could cause

305 views • 11 slides
Risk Assessment Nina Clough Senior Environmental Health Practitioner What you can do from 4 July

Risk Assessment Nina Clough Senior Environmental Health Practitioner What you can do from 4 July

Keeping COVID Secure Risk Assessment Nina Clough Senior Environmental Health Practitioner What you can do from 4 July Pubs/Cafes/Restaurants/Hotels/B&amp;Bs/Campsites can all re -open (some areas still need to remain closed) You

417 views • 31 slides
Decision theoretic troubleshooting Ji r Vomlel Academy of Sciences of the Czech Republic

Decision theoretic troubleshooting Ji r Vomlel Academy of Sciences of the Czech Republic

Decision theoretic troubleshooting Ji r Vomlel Academy of Sciences of the Czech Republic 11th July, 2007 J. Vomlel ( UTIA AV CR) Troubleshooting 11th July, 2007 1 / 26 Light Print Problem Your trouble : The page that

912 views • 68 slides

More recommend