SlideShare a Scribd company logo

2016-05-30 risk driven design

Jaap van Ekris
Jaap van Ekris

A presentation introducing students into Risk Driven System design.

Technology
1 of 35
Download to read offline
Risk Driven Development J.vanEkris@Delta-Pi.nl
My Projects
Reliability Availability Maintainability Safety
IEC 61508: Required activities for safety related systems
Risk and the design process • Each design step includes the refinement of the risk analysis • Each design solution has to be measured against the risk analysis • Constant design questions: – Is the design balanced? – Can it be made? – Can it be done simpeler?
Simplicity is prerequisite for reliability Edsger W. Dijkstra
Risk management process Slide 715 June 2016
Failure definitions • What can go wrong exactly? • When do we consider the system to be failed?
An example… • Not extracting landing gear when commanded without error indication • Spontaneous irreversible landing gear extraction while travelling overseas
Top-down vs. Bottom-Up analysis • Bottom-up: structured brainstorm about everything that could happen given a specific scope • Top-down: think about your biggest fears first, than find out what could cause it.
FME(C)A: bottom-up thinking • Failure Mode and Effect (Criticality) Analysis • Reasoning from failure of the components, thinking about the consequences
Risk: System does not perform trick?
Guide words… Look at every component and investigate what happens if: – It doesn’t work – It is very slow – Does the wrong thing – Sends messages spontanously – Loses messages/state – Leaks information
Structured FMECA approach Function Failure Mode Causes Local Effects System Effects Criticality Inwin Wrong output Logical error Unjustified open No closure Catastrophic Delayed output PLC error delayed closure Closure delayed Limited No output Application hang No closure No closure Catastrophic Spontanous output Switching error Unjustified open Onterechtesluit False Positive Process Wrong output Logical error Unjustified open No closure Catastrophic Delayed output PLC error delayed closure Closure delayed Limited No output Application hang No closure No closure Catastrophic Spontanous output Switching error Power failure No closure Catastrophic … … … … … … … … … … … … … … … … … … … … …
Certainty… Rank beliefs not according to their plausibility but by the harm they may cause. Nassim Nicholas Taleb Slide 1515 June 2016
Identifying measures • Risk = Chance * Impact • Moments allowing measures: – Preventive – Detection – Repression – Correction – Ignore – Accept Slide 1615 June 2016
You can’t mitigate everything… • You can’t prevent everything • You can’t plan for everything • You can’t predict everything • You couldn’t do any business • But, you can’t ignore everything either
Structured FMECA approach Function Failure Mode Causes Local Effects System Effects Criticality Detection Mitigating Measures Inwin Wrong output Logical error Unjustified open No closure Catastrophic None Multiprogramming Delayed output PLC error delayed closure Closure delayed Limited None No output Application hang No closure No closure Catastrophic None Failsafe behaviour Process Spontanous output Switching error Unjustified open Onterechtesluit False Positive None Process Wrong output Logical error Unjustified open No closure Catastrophic None Multiprogramming Delayed output PLC error delayed closure Closure delayed Limited None No output Application hang No closure No closure Catastrophic None Deadlock detection Spontanous output Switching error Power failure No closure Catastrophic None Safety relay … … … … … … … … … … … … … … … … … … … … … … … … … … … … … New functional and design requirements!
Disadvantages FME(C)A • It is impossible to calculate an overall risk exposure • Relation between risks is missing – Common mode failures usually aren’t modelled • Complex scenario’s are hard to model – Multiple failures aren’t modelled – Are there root causes that could trigger multiple failures? • Usually identifies irrelevant risks
Top-Down Risk analysis • Start with a dominant concern • Identify potential causes • Detail further
A small FTA
Typical risks identified • Components making the wrong decissions • Power failure • Hardware failure of PLC’s/Servers • Software failures • Network failure • External factors • Human maintenance error 22
Breaking a cut-set Alternate component Alternate service
Measures and FTA 15/06/2016 24 Before After
Design decisions… • Every design decision is accompanied by a Risk analysis focussing on RAMS aspects • In the end the cost, RAMS effects and other trade-off aspects will determine which design option will be used
Option 1
FTA Option 1
Option 2
FTA Option 2
Info Hoogtebepaling Aansturing Hoogtemeting Waterkering Diesels Meeta Meetb Stuura Stuurb Software failure Chance: 1/1.000 year Measurement error Chance: (1/1.000.000 year)3 Software failure Chance: 1/1.000.000 year Software failure Chance: 1/1.000 year Design Option 1
Info Hoogtebepaling Aansturing Hoogtemeting Waterkering Diesels Meeta Meetb Stuura Stuurb Software failure Chance: 1/10.000 year Measurement error Chance: (1/1.000.000 year)3 Software failure Chance: 1/100 year Software failure Chance: 1/10.000 year Design Option 2
IEC 61508: Required activities for safety related systems
Testing Function Impact wrong/not functioning Impact spontanous functioning Function 1 Small Medium Function 2 Disasterous Huge Function 3 Serious Huge Function 3 Serious Small Function 4 Serious Serious Function 5 Serious Small Function 6 Huge Huge …
Test depth and acceptable risk • Level A: Thorough endurancetest aiming to prove function reliability with high accuracy. • Level B: Thorough endurancetest aiming to prove function reliability with medium accuracy. • Level C: Thorough endurancetest aiming to prove function reliability with low accuracy. • Level D: Test to verify if the function works once. • Level E: Function testd alongside other functions, might leave paths untested. Test effort Level #Tests Effort Level A 50.000 120 hours Level B 10.000 24 hours Level C 1.000 4 hours Level D 1 1 hour Level E - PM
Test depth… Functie Not functioning Spont. Function Function 1 Level E NOT Function 2 Level A Level A Function 3 Level A Level A Function 3 Level B Level B Function 4 Level A Level A Function 5 Level E NOT Function 6 Level A Level A … … …

Recommended

2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giantsJaap van Ekris
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systemsJaap van Ekris
 
2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systemsJaap van Ekris
 
2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systemsJaap van Ekris
 
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Jaap van Ekris
 
2010-03-31 - VU Amsterdam - Experiences testing safety critical systems
2010-03-31 - VU Amsterdam - Experiences testing safety critical systems2010-03-31 - VU Amsterdam - Experiences testing safety critical systems
2010-03-31 - VU Amsterdam - Experiences testing safety critical systemsJaap van Ekris
 
Web Application Remediation - OWASP San Antonio March 2007
Web Application Remediation - OWASP San Antonio March 2007Web Application Remediation - OWASP San Antonio March 2007
Web Application Remediation - OWASP San Antonio March 2007Denim Group
 
Five Common Mistakes made when Conducting a Software FMECA
Five Common Mistakes made when Conducting a Software FMECAFive Common Mistakes made when Conducting a Software FMECA
Five Common Mistakes made when Conducting a Software FMECAAnn Marie Neufelder
 

Recommended

2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giants
2021 08-28, QONFEST 2021 - Reliability cenetered maintenance for sleeping giantsJaap van Ekris
 
2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systems2017 03-10 - vu amsterdam - testing safety critical systems
2017 03-10 - vu amsterdam - testing safety critical systemsJaap van Ekris
 
2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systems2016-04-28 - VU Amsterdam - testing safety critical systems
2016-04-28 - VU Amsterdam - testing safety critical systemsJaap van Ekris
 
2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systems2015 05-07 - vu amsterdam - testing safety critical systems
2015 05-07 - vu amsterdam - testing safety critical systemsJaap van Ekris
 
Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Testing Safety Critical Systems (10-02-2014, VU amsterdam)
Testing Safety Critical Systems (10-02-2014, VU amsterdam)Jaap van Ekris
 
2010-03-31 - VU Amsterdam - Experiences testing safety critical systems
2010-03-31 - VU Amsterdam - Experiences testing safety critical systems2010-03-31 - VU Amsterdam - Experiences testing safety critical systems
2010-03-31 - VU Amsterdam - Experiences testing safety critical systemsJaap van Ekris
 
Web Application Remediation - OWASP San Antonio March 2007
Web Application Remediation - OWASP San Antonio March 2007Web Application Remediation - OWASP San Antonio March 2007
Web Application Remediation - OWASP San Antonio March 2007Denim Group
 
Five Common Mistakes made when Conducting a Software FMECA
Five Common Mistakes made when Conducting a Software FMECAFive Common Mistakes made when Conducting a Software FMECA
Five Common Mistakes made when Conducting a Software FMECAAnn Marie Neufelder
 
2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systemsJaap van Ekris
 
Normal accidents and outpatient surgeries
Normal accidents and outpatient surgeriesNormal accidents and outpatient surgeries
Normal accidents and outpatient surgeriesJonathan Creasy
 
2016 virus bulletin
2016 virus bulletin2016 virus bulletin
2016 virus bulletinAdrian Sanabria
 
Steer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew RendellSteer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew RendellValtech UK
 
What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)Michael Diamant
 
Secure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael DenipottiSecure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael DenipottiRaphael Denipotti
 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsZane Lackey
 
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Jaap van Ekris
 
Building a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationBuilding a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationZane Lackey
 
Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?Thoughtworks
 
BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...BlueHat Security Conference
 
What the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping softwareWhat the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping softwareMichael Ewins
 
Functional safety by FMEA/FTA
Functional safety by FMEA/FTAFunctional safety by FMEA/FTA
Functional safety by FMEA/FTAmehmor
 
How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...AdaCore
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchSpencer Koch
 
Predict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is WrittenPredict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is WrittenAnn Marie Neufelder
 
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...Simone Onofri
 
Classic Testing Mistakes 0226
Classic Testing Mistakes 0226Classic Testing Mistakes 0226
Classic Testing Mistakes 0226MBA_Community
 
Introduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects AnalysisIntroduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects AnalysisAnn Marie Neufelder
 
Dfmea
DfmeaDfmea
Dfmeabsomerton
 
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…Jaap van Ekris
 
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijkJaap van Ekris
 

More Related Content

What's hot

2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systemsJaap van Ekris
 
Normal accidents and outpatient surgeries
Normal accidents and outpatient surgeriesNormal accidents and outpatient surgeries
Normal accidents and outpatient surgeriesJonathan Creasy
 
Steer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew RendellSteer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew RendellValtech UK
 
What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)Michael Diamant
 
Secure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael DenipottiSecure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael DenipottiRaphael Denipotti
 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsZane Lackey
 
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Jaap van Ekris
 
Building a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationBuilding a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationZane Lackey
 
Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?Thoughtworks
 
BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...BlueHat Security Conference
 
What the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping softwareWhat the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping softwareMichael Ewins
 
Functional safety by FMEA/FTA
Functional safety by FMEA/FTAFunctional safety by FMEA/FTA
Functional safety by FMEA/FTAmehmor
 
How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...AdaCore
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchSpencer Koch
 
Predict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is WrittenPredict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is WrittenAnn Marie Neufelder
 
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...Simone Onofri
 
Classic Testing Mistakes 0226
Classic Testing Mistakes 0226Classic Testing Mistakes 0226
Classic Testing Mistakes 0226MBA_Community
 
Introduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects AnalysisIntroduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects AnalysisAnn Marie Neufelder
 

What's hot (20)

2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems2011-05-02 - VU Amsterdam - Testing safety critical systems
2011-05-02 - VU Amsterdam - Testing safety critical systems
 
Normal accidents and outpatient surgeries
Normal accidents and outpatient surgeriesNormal accidents and outpatient surgeries
Normal accidents and outpatient surgeries
 
2016 virus bulletin
2016 virus bulletin2016 virus bulletin
2016 virus bulletin
 
Steer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew RendellSteer and/or sink the supertanker by Andrew Rendell
Steer and/or sink the supertanker by Andrew Rendell
 
What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)
 
Secure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael DenipottiSecure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
Secure Agile SDLC BSides 14 - 2017 - Raphael Denipotti
 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOps
 
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
Embedded Systems, Asset or Security Threat? (6 May 2014, (ICS)2 Secure Rotter...
 
Building a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationBuilding a Modern Security Engineering Organization
Building a Modern Security Engineering Organization
 
Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?Chaos Engineering, When should you release the monkeys?
Chaos Engineering, When should you release the monkeys?
 
BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...BlueHat v18 || Go build a tool - best practices for building a robust & e...
BlueHat v18 || Go build a tool - best practices for building a robust & e...
 
What the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping softwareWhat the music of the 1980s taught me about shipping software
What the music of the 1980s taught me about shipping software
 
Functional safety by FMEA/FTA
Functional safety by FMEA/FTAFunctional safety by FMEA/FTA
Functional safety by FMEA/FTA
 
How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...How should we build that? Evolving a development environment that's suitable ...
How should we build that? Evolving a development environment that's suitable ...
 
HouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from ScratchHouSecCon 2019: Offensive Security - Starting from Scratch
HouSecCon 2019: Offensive Security - Starting from Scratch
 
Predict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is WrittenPredict Software Reliability Before the Code is Written
Predict Software Reliability Before the Code is Written
 
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
OWASP AppSec EU 2016 - Security Project Management - How to be Agile in Secu...
 
Classic Testing Mistakes 0226
Classic Testing Mistakes 0226Classic Testing Mistakes 0226
Classic Testing Mistakes 0226
 
Introduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects AnalysisIntroduction to Software Failure Modes Effects Analysis
Introduction to Software Failure Modes Effects Analysis
 
Dfmea
DfmeaDfmea
Dfmea
 

Viewers also liked

2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…Jaap van Ekris
 
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijkJaap van Ekris
 
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...Jaap van Ekris
 
2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheid2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheidJaap van Ekris
 
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...Jaap van Ekris
 
What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)Jaap van Ekris
 
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)Jaap van Ekris
 

Viewers also liked (7)

2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
2010-09-21 - (ISC)2 - Protecting patient privacy while enabling medical re…
 
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
2011-04-29 - Risk management conference - Technische IT risico's in de praktijk
 
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
2016 02-15 - IASTED Innsbruck 2016 - the role and decompesition of delivery ...
 
2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheid2016 11-15 - nvrb - software betrouwbaarheid
2016 11-15 - nvrb - software betrouwbaarheid
 
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
2011-03-12 - PDAtotaal Usergroup meeting - Ervaringen met Windows Phone 7 in ...
 
What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)What the hack happened to digi notar (28-10-2011)
What the hack happened to digi notar (28-10-2011)
 
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
Windows Phone 7 and the cloud, the good, the bad and the ugly (17-06-2011, SDN)
 

Similar to 2016-05-30 risk driven design

18 Jul 2018 - FMEA and Risk Management in Practice
18 Jul 2018 - FMEA and Risk Management in Practice 18 Jul 2018 - FMEA and Risk Management in Practice
18 Jul 2018 - FMEA and Risk Management in Practice Intland Software GmbH
 
Incident Command: The far side of the edge
Incident Command: The far side of the edgeIncident Command: The far side of the edge
Incident Command: The far side of the edgeFastly
 
Risk Management
Risk ManagementRisk Management
Risk ManagementSaqib Raza
 
Failure Mode Effects & Analysis
Failure Mode Effects & AnalysisFailure Mode Effects & Analysis
Failure Mode Effects & AnalysisMuhammad Rezvani
 
Risk Based Testing in Agile context - Kees Blokland
Risk Based Testing in Agile context - Kees BloklandRisk Based Testing in Agile context - Kees Blokland
Risk Based Testing in Agile context - Kees BloklandKees Blokland
 
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)Jaap van Ekris
 
Risk Management Plan PowerPoint Presentation Slides
Risk Management Plan PowerPoint Presentation SlidesRisk Management Plan PowerPoint Presentation Slides
Risk Management Plan PowerPoint Presentation SlidesSlideTeam
 
Risk Management Plan Powerpoint Presentation Slides
Risk Management Plan Powerpoint Presentation SlidesRisk Management Plan Powerpoint Presentation Slides
Risk Management Plan Powerpoint Presentation SlidesSlideTeam
 
Safety and security in mission critical IoT systems
Safety and security in mission critical IoT systemsSafety and security in mission critical IoT systems
Safety and security in mission critical IoT systemsEinar Landre
 
PA2557_SQM_Lecture7 - Defect Prevention.pdf
PA2557_SQM_Lecture7 - Defect Prevention.pdfPA2557_SQM_Lecture7 - Defect Prevention.pdf
PA2557_SQM_Lecture7 - Defect Prevention.pdfhulk smash
 
Risk Event Modeling and Event Chains
Risk Event Modeling and Event ChainsRisk Event Modeling and Event Chains
Risk Event Modeling and Event ChainsIntaver Insititute
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsICS
 
The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Stealmozilla.presentations
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsICS
 
FAILURE MODE EFFECT ANALYSIS
FAILURE MODE EFFECT ANALYSISFAILURE MODE EFFECT ANALYSIS
FAILURE MODE EFFECT ANALYSISANOOPA NARAYANAN
 
Perfect Profilers Final Presentation
Perfect Profilers Final PresentationPerfect Profilers Final Presentation
Perfect Profilers Final PresentationJulie Michlinski
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseLancope, Inc.
 
HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software jamieayre
 
fmea-130116034507-phpapp01.pdf
fmea-130116034507-phpapp01.pdffmea-130116034507-phpapp01.pdf
fmea-130116034507-phpapp01.pdfRajendran C
 
Software Defects.pdf
Software Defects.pdfSoftware Defects.pdf
Software Defects.pdfNishaVatwani
 

Similar to 2016-05-30 risk driven design (20)

18 Jul 2018 - FMEA and Risk Management in Practice
18 Jul 2018 - FMEA and Risk Management in Practice 18 Jul 2018 - FMEA and Risk Management in Practice
18 Jul 2018 - FMEA and Risk Management in Practice
 
Incident Command: The far side of the edge
Incident Command: The far side of the edgeIncident Command: The far side of the edge
Incident Command: The far side of the edge
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Failure Mode Effects & Analysis
Failure Mode Effects & AnalysisFailure Mode Effects & Analysis
Failure Mode Effects & Analysis
 
Risk Based Testing in Agile context - Kees Blokland
Risk Based Testing in Agile context - Kees BloklandRisk Based Testing in Agile context - Kees Blokland
Risk Based Testing in Agile context - Kees Blokland
 
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
Testing safety critical systems: Practice and Theory (14-05-2013, VU Amsterdam)
 
Risk Management Plan PowerPoint Presentation Slides
Risk Management Plan PowerPoint Presentation SlidesRisk Management Plan PowerPoint Presentation Slides
Risk Management Plan PowerPoint Presentation Slides
 
Risk Management Plan Powerpoint Presentation Slides
Risk Management Plan Powerpoint Presentation SlidesRisk Management Plan Powerpoint Presentation Slides
Risk Management Plan Powerpoint Presentation Slides
 
Safety and security in mission critical IoT systems
Safety and security in mission critical IoT systemsSafety and security in mission critical IoT systems
Safety and security in mission critical IoT systems
 
PA2557_SQM_Lecture7 - Defect Prevention.pdf
PA2557_SQM_Lecture7 - Defect Prevention.pdfPA2557_SQM_Lecture7 - Defect Prevention.pdf
PA2557_SQM_Lecture7 - Defect Prevention.pdf
 
Risk Event Modeling and Event Chains
Risk Event Modeling and Event ChainsRisk Event Modeling and Event Chains
Risk Event Modeling and Event Chains
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory Teams
 
The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Steal
 
Bridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory TeamsBridging the Gap Between Development and Regulatory Teams
Bridging the Gap Between Development and Regulatory Teams
 
FAILURE MODE EFFECT ANALYSIS
FAILURE MODE EFFECT ANALYSISFAILURE MODE EFFECT ANALYSIS
FAILURE MODE EFFECT ANALYSIS
 
Perfect Profilers Final Presentation
Perfect Profilers Final PresentationPerfect Profilers Final Presentation
Perfect Profilers Final Presentation
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software HIS 2017 Paul Sherwood- towards trustable software
HIS 2017 Paul Sherwood- towards trustable software
 
fmea-130116034507-phpapp01.pdf
fmea-130116034507-phpapp01.pdffmea-130116034507-phpapp01.pdf
fmea-130116034507-phpapp01.pdf
 
Software Defects.pdf
Software Defects.pdfSoftware Defects.pdf
Software Defects.pdf
 

More from Jaap van Ekris

2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebbenJaap van Ekris
 
2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festival2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festivalJaap van Ekris
 
2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequenties2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequentiesJaap van Ekris
 
TOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleidingTOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleidingJaap van Ekris
 
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)Jaap van Ekris
 
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 72010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7Jaap van Ekris
 
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemenJaap van Ekris
 
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...Jaap van Ekris
 
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...Jaap van Ekris
 
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patternsJaap van Ekris
 
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…Jaap van Ekris
 
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?Jaap van Ekris
 
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...Jaap van Ekris
 
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...Jaap van Ekris
 

More from Jaap van Ekris (14)

2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
2020 09-08 - sdn - waarom klanten een hekel aan software ontwikkelaars hebben
 
2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festival2018-11-08 risk and reslience festival
2018-11-08 risk and reslience festival
 
2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequenties2015 10-08 Uitwijken, het hoe, waarom en de consequenties
2015 10-08 Uitwijken, het hoe, waarom en de consequenties
 
TOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleidingTOPAAS Versie 2.0, een praktische inleiding
TOPAAS Versie 2.0, een praktische inleiding
 
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
Cloud Security (11-09-2012, (ISC)2 Secure Amsterdam)
 
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 72010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
2010-04-17 - PDAtotaal Usergroup meeting - Introductie in Windows Phone 7
 
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
2009-07-09 - DNV - Risico en betrouwbaarheid van ICT systemen
 
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
2009-02-18 - IASTED Innsbruck 2009 - Factors in project management influencin...
 
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2009-02-12 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
 
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
2008-10-09 - Bits and Chips Conference - Embedded Systemen Architecture patterns
 
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
2008-07-15 - (ISC)2 - Mobile Phone Security, you have to let go in order t…
 
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?
2008-06-23 - SDN - Kwaliteit van software, wat is dat nu eigenlijk?
 
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...
2008-02-14 - IASTED Innsbruck 2008 - Customer Retention and Delivery Quality ...
 
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
2008-02-07 - VU Amsterdam - Customer Satisfaction and dealing with customers ...
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 

Recently uploaded (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 

2016-05-30 risk driven design

  • 4. IEC 61508: Required activities for safety related systems
  • 5. Risk and the design process • Each design step includes the refinement of the risk analysis • Each design solution has to be measured against the risk analysis • Constant design questions: – Is the design balanced? – Can it be made? – Can it be done simpeler?
  • 8. Failure definitions • What can go wrong exactly? • When do we consider the system to be failed?
  • 9. An example… • Not extracting landing gear when commanded without error indication • Spontaneous irreversible landing gear extraction while travelling overseas
  • 10. Top-down vs. Bottom-Up analysis • Bottom-up: structured brainstorm about everything that could happen given a specific scope • Top-down: think about your biggest fears first, than find out what could cause it.
  • 11. FME(C)A: bottom-up thinking • Failure Mode and Effect (Criticality) Analysis • Reasoning from failure of the components, thinking about the consequences
  • 12. Risk: System does not perform trick?
  • 13. Guide words… Look at every component and investigate what happens if: – It doesn’t work – It is very slow – Does the wrong thing – Sends messages spontanously – Loses messages/state – Leaks information
  • 14. Structured FMECA approach Function Failure Mode Causes Local Effects System Effects Criticality Inwin Wrong output Logical error Unjustified open No closure Catastrophic Delayed output PLC error delayed closure Closure delayed Limited No output Application hang No closure No closure Catastrophic Spontanous output Switching error Unjustified open Onterechtesluit False Positive Process Wrong output Logical error Unjustified open No closure Catastrophic Delayed output PLC error delayed closure Closure delayed Limited No output Application hang No closure No closure Catastrophic Spontanous output Switching error Power failure No closure Catastrophic … … … … … … … … … … … … … … … … … … … … …
  • 15. Certainty… Rank beliefs not according to their plausibility but by the harm they may cause. Nassim Nicholas Taleb Slide 1515 June 2016
  • 16. Identifying measures • Risk = Chance * Impact • Moments allowing measures: – Preventive – Detection – Repression – Correction – Ignore – Accept Slide 1615 June 2016
  • 17. You can’t mitigate everything… • You can’t prevent everything • You can’t plan for everything • You can’t predict everything • You couldn’t do any business • But, you can’t ignore everything either
  • 18. Structured FMECA approach Function Failure Mode Causes Local Effects System Effects Criticality Detection Mitigating Measures Inwin Wrong output Logical error Unjustified open No closure Catastrophic None Multiprogramming Delayed output PLC error delayed closure Closure delayed Limited None No output Application hang No closure No closure Catastrophic None Failsafe behaviour Process Spontanous output Switching error Unjustified open Onterechtesluit False Positive None Process Wrong output Logical error Unjustified open No closure Catastrophic None Multiprogramming Delayed output PLC error delayed closure Closure delayed Limited None No output Application hang No closure No closure Catastrophic None Deadlock detection Spontanous output Switching error Power failure No closure Catastrophic None Safety relay … … … … … … … … … … … … … … … … … … … … … … … … … … … … … New functional and design requirements!
  • 19. Disadvantages FME(C)A • It is impossible to calculate an overall risk exposure • Relation between risks is missing – Common mode failures usually aren’t modelled • Complex scenario’s are hard to model – Multiple failures aren’t modelled – Are there root causes that could trigger multiple failures? • Usually identifies irrelevant risks
  • 20. Top-Down Risk analysis • Start with a dominant concern • Identify potential causes • Detail further
  • 22. Typical risks identified • Components making the wrong decissions • Power failure • Hardware failure of PLC’s/Servers • Software failures • Network failure • External factors • Human maintenance error 22
  • 23. Breaking a cut-set Alternate component Alternate service
  • 25. Design decisions… • Every design decision is accompanied by a Risk analysis focussing on RAMS aspects • In the end the cost, RAMS effects and other trade-off aspects will determine which design option will be used
  • 30. Info Hoogtebepaling Aansturing Hoogtemeting Waterkering Diesels Meeta Meetb Stuura Stuurb Software failure Chance: 1/1.000 year Measurement error Chance: (1/1.000.000 year)3 Software failure Chance: 1/1.000.000 year Software failure Chance: 1/1.000 year Design Option 1
  • 31. Info Hoogtebepaling Aansturing Hoogtemeting Waterkering Diesels Meeta Meetb Stuura Stuurb Software failure Chance: 1/10.000 year Measurement error Chance: (1/1.000.000 year)3 Software failure Chance: 1/100 year Software failure Chance: 1/10.000 year Design Option 2
  • 32. IEC 61508: Required activities for safety related systems
  • 33. Testing Function Impact wrong/not functioning Impact spontanous functioning Function 1 Small Medium Function 2 Disasterous Huge Function 3 Serious Huge Function 3 Serious Small Function 4 Serious Serious Function 5 Serious Small Function 6 Huge Huge …
  • 34. Test depth and acceptable risk • Level A: Thorough endurancetest aiming to prove function reliability with high accuracy. • Level B: Thorough endurancetest aiming to prove function reliability with medium accuracy. • Level C: Thorough endurancetest aiming to prove function reliability with low accuracy. • Level D: Test to verify if the function works once. • Level E: Function testd alongside other functions, might leave paths untested. Test effort Level #Tests Effort Level A 50.000 120 hours Level B 10.000 24 hours Level C 1.000 4 hours Level D 1 1 hour Level E - PM
  • 35. Test depth… Functie Not functioning Spont. Function Function 1 Level E NOT Function 2 Level A Level A Function 3 Level A Level A Function 3 Level B Level B Function 4 Level A Level A Function 5 Level E NOT Function 6 Level A Level A … … …