Risk Analysis and Assessment

Risk assessment (and the corresponding analysis supporting the assessment) is required both to ensure that a system is acceptably safe, and that the effort made to make the system safe is commensurate with the risk.

Risk assessment is often based on the frequency and severity of an outcome, but sometimes can also be based upon the level of control a system has over that outcome. There is no one fixed basis for risk assessment across all domains, and some standards (e.g., MIL-STD-882C "System Safety Program Requirements") suggest different dimensions be used for the assessment of software.

While analysis can be based upon domain expertise, more exact techniques can be used, e.g., frequencies being based upon Fault Tree Analysis (FTA) and severities being based upon vulnerability analysis, both needing to be based upon appropriate mathematical and statistical calculations.

For software (and systematic failures in general) some approaches use the assumption that since traditional statistical methods cannot be used to predict failure rates, the assumption should be made that the failure will occur.


A risk assessment is a necessary prerequisite to the development of adequate safety requirements.


For risk assessment to be meaningful, there must be a definition of acceptably safe and adequate hazard identification performed.