Risk. Risk Categories. Project Risk (aka Development Risk) Technical Risks. Business Risk. Example: Project Risk. Lecture 5, Part 1: Risk

Similar documents
Lecture 10: Managing Risk. Risk Management

DEVELOPING SAFETY-CRITICAL SOFTWARE REQUIREMENTS FOR COMMERCIAL REUSABLE LAUNCH VEHICLES

Risk Management. Andrea Polini. Software Project Management MSc in Computer Science University of Camerino A.Y. 2016/2017

Communication Model for Cooperative Robotics Simulator. Project Plan. Version 1.0

Software Risk Management

Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman. For non-profit educational use only

Understanding Model Representations and Levels: What Do They Mean?

Software Risk Management

Management of Software Engineering. Ch. 8 1

Chapter 6. Software Quality Management & Estimation

Software Quality. Unit 6: System Quality Requirements

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

Contents. Today Project Management. What is Project Management? Project Management Activities. Project Resources

Fatality Prevention/Risk Management

A Systems Approach to Risk Management Through Leading Indicators

Practical Risk Management: Framework and Methods

A Data Item Description for System Feasibility Evidence

LIFE CYCLE FACILITY ASSET MANAGEMENT. Presented by Pedro Dominguez Managing Principal, The Invenio Group

Software Design Decision Vulnerability Analysis

SMS Introduction. Industry View Josef Stoll, VP Business Improvement & Support Services EMEA & Asia

USING TELEMETRY TO MEASURE EQUIPMENT MISSION LIFE ON THE NASA ORION SPACECRAFT FOR INCREASING ASTRONAUT SAFETY

Risk Module: Risk Management, Fault Trees and Failure Mode Effects Analysis Exploration Systems Engineering, version 1.0

Evaluating CSIRT Operations

To understand the importance of defining a mission or project s scope.

CORE TOPICS Core topic 3: Identifying human failures. Introduction

Verification Module Exploration Systems Engineering, version 1.0

CMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide

Risk Methodology K-12

PROJECT MANAGEMENT. Quality Management (QM) Course 7 Project Management Knowledge Areas (5) Risk Management (RM)

Lothar Winzer Head of Software Product Assurance Section ESA/ESTEC Product Assurance and Safety Department. Apr-17-09

CMMI-SVC V1.3 CMMI for Services Version 1.3 Quick Reference Guide

Midterm Test Department: Computer Science Instructor: Steve Easterbrook Date and Time: 10:10am, Thursday 1st March, 2012

CMMI V2.0 MODEL AT-A-GLANCE. Including the following views: Development Services Supplier Management. CMMI V2.0 outline BOOKLET FOR print.

ISO 9001:2015 Expectations

Risk and Opportunity Management - Overview

March 16, Mr. William M. Dean Director, Office of Nuclear Reactor Regulation U.S. Nuclear Regulatory Commission Washington, DC

Fifteen Undeniable Truths About Project Cost Estimates, or Why You Need an Independent Cost Estimate

Lessons Learned in Seamless Integration of CMMI, TSP, and PSP Why All Three Are Needed. CMMI Technology Conference November 14, 2007

PART THREE: Work Plan and IV&V Methodology (RFP 5.3.3)

Gleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018

Promoting a safety culture in maintenance

PRACTICE NO. PD-ED-1273 PAGE 1 OF 7 QUANTITATIVE RELIABILITY REQUIREMENTS USED AS PERFORMANCE-BASED REQUIREMENTS FOR SPACE SYSTEMS.

BUSINESS STRATEGY: USING SHIFT LEFT PRINCIPLES TO MANAGE IT PROJECTS EFFECTIVELY

Software Development Software Development Activities

Too often, we act as if we can confine requirements discovery to

WORK PLAN AND IV&V METHODOLOGY Information Technology - Independent Verification and Validation RFP No IVV-B

Rethinking Risk Management

NASA Student Launch 2017

Failure Mode Analysis and How It Impacts Your Strategy

Risk Management. Risk Management. Risk Reduction Patterns. Typical Sources of Risk. Dr. James A. Bednar. Dr. David Robertson

Software Safety Testing Based on STPA

Establishing Requirements for Exception Handling Herbert Hecht SoHaR Incorporated

Risk-Based Testing: Analysis and Strategy. Presented at Quality Assurance Institute QUEST Conference Chicago, Ill., 2009

Software Project & Risk Management Courses Offered by The Westfall Team

Process Safety Management (PSM)

PMBOK Knowledge Areas. Project Risk Management. Objectives of Risk Management. Factors Influencing Successful Risk Management. Project Risk Management

Characteristics of a project

Increasing the Security & Reliability of the USA Electricity System

Managing Project Risks

Managing Safely Online Course User Guide

IDENTIFICATION AND ACCIDENTAL RISKS ANALYSIS. Neil Manning, Cortona

The Industry Issue: 1

ELEMENTS OF A HIGH PERFORMING SAFETY PROGRAM

Occupational Curriculum:

Risk Informed Project Management & Risk Assessments. John Holak Risk Assessment Manager Urban Engineers, Inc. (PMOC) Philadelphia, PA

Quantitative Benefit Methodology. July 2012

Section M: Evaluation Factors for Award HQ R LRDR Section M: Evaluation Factors for Award For HQ R-0002

IMS5330 Knowledge Management System Development

FMEA Failure Mode Effects Analysis. ASQ/APICS Joint Meeting May 10, 2017

Assuring Safety of NextGen Procedures

Westinghouse UK AP1000 GENERIC DESIGN ASSESSMENT. Resolution Plan for GI-AP1000-PSA-01. Success Criteria for the Probabilistic Risk Assessment (PSA)

The Pharmaceutical Industry s Supply Chain Planning Reliability and Risk Management

A System s Approach to Safety. Prof. Nancy Leveson Aeronautics and Astronautics MIT

HSE Integrated Risk Management Policy. Part 3. Managing and Monitoring Risk Registers Guidance for Managers

A Practical Guide to Implementing Levels 4 and 5

COSOSIMO Parameter Definitions Jo Ann Lane University of Southern California Center for Software Engineering

Introduction To The The Software Engineering Institute s Capability Maturity Model for Software

Job Hazard Analysis (JHA)

Software Risk Management and Risk Mitigation Technique

16987 Software Safety Analysis A New Requirement?

DIGGING DEEPER. CEO Guide to Risk. Take a closer look. Detailed questions to assess the effectiveness of your health and safety risk management

The Path to More Cost-Effective System Safety

TEAM E: CRITICAL DESIGN REVIEW

CMMI for Services Quick Reference

EVALUATION OF SAFETY CULTURE IN WANO PRE-STARTUP REVIEWS

MSL Technical and Replan Status

Use of PSA to Support the Safety Management of Nuclear Power Plants

Risk and Opportunity Management - Experiences and Lessons Learned a personal insight

Project Planning & Management. Lecture 11 Project Risk Management

Software Safety Program at NREL (It is Not Just for Nuclear Sites)

Performance Metrics Applied to the PMBOK and everything else! MEL SCHNAPPER, PH. D. CHIEF METRICS GURU MEL SCHNAPPER ASSOCIATES

Enterprise Risk Management

How to Monitor Food Equipment Critical Parts to Design Reliable Maintenance Tasks

BP Wind Energy s Perspective on Internal Controls. Carla Holly, Regulatory Compliance Manager October 8, 2013

Environment, Safety, and Occupational Health (ESOH), and Exercise

Complexity of Organizational Cybersecurity Capability Development

Governance Institute of Australia Ltd

SPE Seminar on Introduction to E&P Projects, 17 November 2016, London

Board Corporate Governance and Risk Committee

Software Metrics: An Essential Tool for determining software success

Transcription:

Risk Lecture 5, Part 1: Risk Jennifer Campbell CSC340 - Winter 2007 The possibility of suffering loss Risk involves uncertainty and loss: Uncertainty: The degree of certainty about whether the risk will happen. Loss: If the risk becomes a reality, unwanted consequences or losses will occur. CSC340 University of Toronto 2 Risk Categories Project Risk (aka Development Risk) Technical Risk Business Risk CSC340 University of Toronto 3 Risk Categories: Project (Development) Risks Schedule problems Personnel problems Customer problems Budget problems threaten the project plan. Requirements problems CSC340 University of Toronto 4 Example: Project Risk - A company introduced OO technology into its organization, using a well-defined project "X" as the pilot. - many Many project X personnel were familiar with OO, but it had not been part of their development process (had very little experience and training in application of OO). -it -It is taking project personnel longer than expected to climb the learning curve. - Some personnel are concerned that the modules implemented to date might be too inefficient to satisfy project "X" performance requirements. [SEI] CSC340 University of Toronto 5 Risk Categories: Technical Risks design problems implementation problems threaten the quality and timeliness of the software. maintenance problems interface problems verification problems CSC340 University of Toronto 6

Risk Categories: Business Risks no demand for product lose management support Reactive Risk Management Don t worry, I ll think of something! threaten the (economic) success of the project. lose resource commitments lose budget commitments CSC340 University of Toronto 7 CSC340 University of Toronto 8 Proactive Risk Management Principles of Risk Management The purpose of risk management is to identify potential problems before they occur so that action can be taken to reduce or eliminate the likelihood and/or impact of these problems should they occur. CSC340 University of Toronto 9 Global Perspective View software in context of a larger system For any opportunity, identify both: Potential value Potential impact of adverse results Forward Looking View Anticipate possible outcomes Identify uncertainty Manage resources accordingly Open Communications Free-flowing information at all project levels [DWA96] CSC340 University of Toronto 10 Principles of Risk Management [2] Integrated Management Project management is risk management! Continuous Process Continually identify and manage risks Shared Product Vision Everybody understands the mission Common purpose Collective responsibility Shared ownership Teamwork Work cooperatively to achieve the common goal Pool talent, skills and knowledge [DWA96] CSC340 University of Toronto 11 Continuous Risk Management 5. Correct for deviations from the risk mitigation plans. 4. Monitor risk indicators and reassess risks. 3. Choose and implement risk mitigation actions. 1. Produce list of projectspecific risks. 2. For each risk, identify probability, loss magnitude, and timeframe. Prioritize risks. [DWA96] CSC340 University of Toronto 12

1. Risk Identification Identify product-specific risks Risks that can only be identified by those with a clear understanding of the specifics (technology, people, environment) of the project Risk Identification Checklists Method of identifying risks Focuses on some known and predictable risks, CSC340 University of Toronto 13 1. Risk Identification: Top 10 Software Risks Personnel Shortfalls Unrealistic schedules/budgets Developing the wrong software functions Developing the wrong user interface Gold plating Continuing stream of requirements changes furnished components performed tasks Real-time performance shortfalls Straining computer science capabilities CSC340 University of Toronto 14 1. Risk Identification: Fault Tree Vital signs erroneously reported as exceeding limits etc Or-gate Frequency of measurement too low Wrong or inadequate treatment administered Computer fails to raise alarm Vital signs exceed critical limits but not corrected in time Event that results from a combination of causes Vital signs not reported Basic fault event requiring no further elaboration Nurse does not respond to alarm Computer does Nurse fails Human sets not read within Sensor to input them frequency required time failure or does so too low limits incorrectly CSC340 University of Toronto 15 [Lev95] 2. Risk Analysis Determine the probability and loss magnitude for each identified risk. Prioritize risks Some important concepts: Risk Exposure - For each risk: RE = p(unsat. outcome) X loss(unsat. outcome) Risk Reduction Leverage - For each mitigation action: RRL = (RE before -RE after ) / cost of intervention CSC340 University of Toronto 16 2. Risk Analysis: Measurement Quantitative: Measure risk exposure using standard cost & probability measures Note: probabilities are rarely independent Qualitative: Assess the risk probabilities and losses on a relative scale Undesirable outcome Loss of life Loss of Spacecraft Loss of Mission Degraded Mission 2. Risk Analysis: Qualitative Measurement Very likely Catastrophic Catastrophic High Likelihood of Occurrence Possible Catastrophic Moderate Unlikely High Low CSC340 University of Toronto 17 CSC340 University of Toronto 18

3. Risk Mitigation: Top 10 Risks (with management techniques) Personnel Shortfalls use top talent team building training Unrealistic schedules/budgets multisource estimation designing to cost requirements scrubbing Developing the wrong software functions better requirements analysis organizational/operational analysis Developing the wrong user interface prototypes, scenarios, task analysis Gold plating requirements scrubbing cost benefit analysis designing to cost Continuing stream of reqts changes high change threshold information hiding incremental development CSC340 University of Toronto 19 furnished components early benchmarking inspections, compatibility analysis performed tasks pre-award audits competitive designs 3. Risk Mitigation: Top 10 Risks [2] (with management techniques) Real-time performance shortfalls targeted analysis simulations, benchmarks, models Straining computer science capabilities technical analysis checking scientific literature CSC340 University of Toronto 20 4. Risk Monitoring and 5. Risk Control Periodically review risk items. Address problems with resolving risks. Re-rank the risks. Risk item Replacing sensorcontrol software developer Target hardware delivery delays Sensor data formats undefined This Month 1 2 3 Last Month 4 5 3 Num months Procurement procedural delays Action items to sw, sensor teams; due next month CSC340 University of Toronto 21 2 2 3 Risk-resolution progress Top replacement candidate unavailable Launched 3 Jan 1999 Mission Land near South Pole Dig for water ice with a robotic arm Fate: Arrived 3 Dec 1999 No signal received after initial phase of descent Cause: Several candidate causes Most likely is premature engine shutdown due to noise on leg sensors Case Study: Mars Polar Lander CSC340 University of Toronto 22 What happened? Investigation hampered by lack of data spacecraft not designed to send telemetry during descent This decision severely criticized by review boards Possible causes: Landing site too steep (plausible) Heatshield failed (plausible) Premature Shutdown of Descent Engines (most likely!) Parachute drapes over lander (plausible) Backshell hits lander (plausible but unlikely) CSC340 University of Toronto 23 Premature Shutdown Cause of error Magnetic sensor on each leg senses touchdown Legs unfold at 1500m above surface transient signals on touchdown sensors during unfolding software accepts touchdown signals if they persist for 2 timeframes transient signals likely to be long enough on at least one leg CSC340 University of Toronto 24

Premature Shutdown [2] Factors System requirement to ignore the transient signals But the software requirements did not describe the effect s/w designers didn t understand the effect, so didn t implement the requirement Engineers present at code inspection didn t understand the effect Not caught in testing because: Unit testing didn t include the transients Sensors improperly wired during integration tests (no touchdown detected!) Full test not repeated after re-wiring CSC340 University of Toronto 25 Premature Shutdown [3] Result of error Engines shut down before spacecraft has landed When engine shutdown s/w enabled, flags indicated touchdown already occurred estimated at 40m above surface, travelling at 13 m/s estimated impact velocity 22m/s (spacecraft would not survive this) nominal touchdown velocity 2.4m/s CSC340 University of Toronto 26 Learning the Right Lessons Understand the Causality Never a single cause; usually many complex interactions Seek the set of conditions that are both necessary and sufficient to cause the failure Causal reasoning about failure is very subjective Data collection methods may introduce bias e.g. failure to ask the right people e.g. failure to ask the right questions (or provide appropriate response modes) Human tendency to over-simplify e.g. blame the human operator e.g. blame only the technical factors Adapted from the Report of the Loss of the Mars Polar Lander and Deep Space Figure 2 Missions 7-9. MPL System -- JPL Requirements Special Mapping Review to Flight Board Software (Casani Requirements Report) - March 2000. See http://www.nasa.gov/newsinfo/marsreports.html CSC340 University of Toronto 27 CSC340 University of Toronto 28 Preventing Accidents References In most of the major accidents of the past 25 years, technical information on how to prevent the accident was known, and often even implemented. But in each case [this was] negated by organisational or managerial flaws. [Lev95] [DWA96] [Lev95] Boehm, B. W. 1991. Software Risk Management: Principles and Practices. IEEE Software, Vol. 8, no.1, p.32-41, Jan. 1991. Dorofee, A. J., Walker, J. A., Alberts, C. J., Higuera, R. P., Murray, T. J., and Williams, R. J. Continuous Risk Management Guidebook. Pittsburgh: Software Engineering Institute, Carnegie Mellon University, 1996. Leveson, N.G. SAFEWARE: System Safety and Computers. Addison-Wesley, 1995. Pressman, R. S. 1997. Software Engineering: A Practitioner s Approach. New York, USA: McGraw Hill. CSC340 University of Toronto 29 CSC340 University of Toronto 30

References [2] [SEI] Sofware Engineering Institute: http://www.sei.cmu.edu/sei-home.html CSC340 University of Toronto 31

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback