Preliminary Risk Analysis (PRA) is a deductive analysis consisting in identifying the possible causes for failures (hardware, software, human) very early on, based on the system's feared events.
It is a risk control tool which is of particular significance when the analysis is conducted in the phases of the project furthest upstream.
The analysis gives rise to risk reduction recommendations/actions (see PAF-2 and PAF-3) such as, for instance, proposals for more in-depth Dependability analyses on certain critical points (FMECA, worst case analysis, fault tree analysis, etc.).
The PRA is conducted in a working group and serves to establish the Failure Detection, Isolation and Recovery (FDIR) policy and to determine the reconfiguration means to be implemented.
The Preliminary Risk Analysis (PRA) is initiated in phase A and updated in the subsequent development phases.
It is built up in accordance with the following principle: identification, organisation into a hierarchy and risk control, as per the process below:
- breakdown according to functions or into product phases,
- analysis of failure scenarios and identification of feared events,
- classification (hierarchy) of feared events,
- criticality of functions (hardware, software) or operations,
- recommendations for controlling the risks.
The following paragraphs describe each of these stages.
1. Breakdown according to functions or into phases
The functional analysis carried out in-house identifies all the product's functions and allows for a functional breakdown.
This analysis may be more or less in-depth and the resulting breakdown may be detailed to a lesser or greater degree, depending on the knowledge of the product.
For a breakdown into phases, the functional analysis will deal with critical sequencing (e.g. the satellite's launch and early operation phase) rather than with the functions in the strict sense of the term.
2. Analysis of failure scenarios and identification of feared events
Feared events are identified following:
- the analysis of functional failures, which is based on functional breakdown and make it possible to determine the effects (and therefore the resulting risks) of the loss, deterioration or untimely triggering of each function,
- the use of lessons learned, to avoid repeating an error which has happened in the past,
- the analysis of zones to avoid positioning components which could be mutually detrimental in close proximity to each other (e.g. optical instrument contaminated by a nozzle, shadow of an appendage in the field of an instrument),
The analysis only deals with single failures. Combinations of failures are envisaged as soon as safety-related aspects are involved.
3. Organisation of feared events into a hierarchy
Feared events are classified according to the level of severity (or criticality if the probability of occurrence can be quantified) of their consequences on the product itself and on its external environment (equipment, human, environment).
The table below gives an example of different classes of severity (extract from the CNES Standards Reference (RNC) document RNC-ECSS-Q-ST-30):
It will be defined for each project as part of the risk management policy and may be adjusted to suit the nature of the project.
4. Organisation of functions into a hierarchy
The functions contributing to the occurrence of a risk are classified at the same level of criticality as the risk itself.
The criticality of each function is evaluated in accordance with the scenario leading to the most significant repercussions.
This criticality makes it possible to deduce the criticality of the product when the function is "projected" onto the equipment or software product, and to define the efforts required in product development, particularly product assurance.
C. Typical content
After a brief reminder of the project's characteristics, this section gives a precise definition of the elements being studied, the limits of the PRA and indicates the phase in which it is featured.
2.1 Applicable documents
These are all the documents applicable to the Preliminary Risk Analysis.
2.2 Reference documents
They constitute the bibliography required to prepare the Preliminary Risk Analysis.
This defines the terminology and acronyms used in the document.
3. Functional model
This section lists the functions identified and those concerned by the study.
4. Risk classification grid
This section presents the selected classification scales for establishing the hierarchy of risks:
- probability of the occurrence of the functional failure mode
- severity of the effects
- criticality (severity x probability pair)
5. Summary of classified feared events
All risks are set out here and classified in accordance with their criticality (probability x severity pair).
6. Summary of recommendations
List of recommendations with associated risk and criticality.
7. Summary of functions by criticality
The appendices are functional failure analysis tables.
|Risks||Poor knowledge of technical risks|
|Recommandations||IDENTIFY THE RISKS, ORGANISE THEM HIERARCHICALLY, ACCEPT THEM OR REDUCE THEM |
Preliminary Analysis of Technical Risks