Kostogryzov 10.12.2009

Prof. Prof. AndreyAndrey KostogryzovKostogryzovMoscow, Russia, RIAMC [email protected]@gmail.com , , www.mathmodels.netwww.mathmodels.net

INNOVATIVE INNOVATIVE APPROACH APPROACH

TO ANALYZE QUALITY TO ANALYZE QUALITY AND RISKSAND RISKS

mailto:[email protected]


http://www.mathmodels.net


AgendaAgenda1. The main changes in system standards (turn to system

engineering)2. Analysis of practice to provide system quality and safety

(for industrial, fire, radiating, nuclear, chemical, biological, transport, ecological systems, safety of buildings and constructions, information systems)

3. The way to purposeful rise of quality and safety for any system (identical input for mathematical modeling, uniform accessible models, probability of success and risk of failure in process development as results of modeling, dozens examples for different systems, fast analytical report in 3 minutes through Internet)

4. The original mathematical models and software tools as a brain of the offered innovative approach (based on the theory of random processes, system analysis and operation research)

5. Examples of forecasting system operation, interpretations of results, recommendations (for understanding acceptable probability levels of quality and risks in different spheres)

1. The main changes in 1. The main changes in system standardssystem standards

(turn to system engineering)(turn to system engineering)

The main problems The main problems in the field of system and in the field of system and software engineeringsoftware engineering ((interdependedinterdepended))

The problem of risks in The problem of risks in system life cycle system life cycle

(ISO/IEC15288, 16085, (ISO/IEC15288, 16085, Regulations etc.)Regulations etc.)

The problem of The problem of quality management quality management ((ISO/IEC15288,ISO/IEC15288, 9001, 9001,

10017,11462 10017,11462 etc.)etc.)

The problem of The problem of software quality software quality

(12207, 9126, 12119, (12207, 9126, 12119, 15504,15939 15504,15939 etc.)etc.)

The problem of information The problem of information systems operation quality systems operation quality

((GOST RVGOST RV 51987 51987 etc.)etc.)

The problem of The problem of information information

security (security (17799,17799,15408, 15443 15408, 15443 etc.)etc.)

The problem of The problem of system reliability system reliability

(IEC 300(IEC 300--1,2,3 1,2,3 etc.)etc.)

The problem of The problem of ““human factorhuman factor””(13407, 18529 (13407, 18529

etc.)etc.)

Point 1. There are objective needs for system analysis and optimization quality and risks

Point 2. Today processes and systems operation are Point 2. Today processes and systems operation are the main objects for analysisthe main objects for analysis

Example from ISO/IEC 15288

What about the objects for system analysis?What about the objects for system analysis?

2. Analysis of practice to 2. Analysis of practice to provide system quality and provide system quality and

safetysafety(for industrial, fire, radiating, nuclear, chemical, biological,(for industrial, fire, radiating, nuclear, chemical, biological,

transport, ecological systems, safety of buildings and transport, ecological systems, safety of buildings and constructions, information systems)constructions, information systems)

Method 1. The chord is longer, when its middle lays in a circle entered in a

triangle. The radius of this entered new circle is equal to half of radius of

an initial circle. Hence, the area of the entered circle is ¼ of the area of

an initial circle

Point 3. One problem can be solved by various correct methods, but results can essentially differ!

Let’s remember paradox of Bertrand J.L.(book “Calcul des probabilites”, 1889)

Simple problem. To find probability of that at random chord is longer than the party of the equipotential triangle entered in a circle

by areaP = ¼

by archesP = 1/3

by radiusP = 1/2

Method 3. Let's choose a random point on radius of a circle and we

take a chord which is perpendicular to this radius and passes through the

chosen point. Then the chord is longer if the point lays on that half of radius which is near to centre. P=1/2

Method 2. Triangle tops divide a circle into three equal

arches, and the casual chord is longer if it crosses this triangle, i.e. the required probability is equal 1/3

All results are correct but difference is 100%

Point 4. Generally risk estimations from one sphere do not use in other spheres because of methodologies for risk analysis are different, interpretations are not identical

As a result of analyzing practice approaches to safety(to industrial, fire, radiating, nuclear, chemical, biological, transport, ecological

systems, safety of buildings and constructions, information security)

Conclusion 1

For the spheres of industrial, fire, radiating, nuclear, aviation safety in which already there were numerous facts of tragedies - requirements to admissible risks are expressed quantitatively at probability level and qualitatively at level of necessary requirements to the initial materials, used resources, protective technologies and operation conditions

Point 5. The methods for quantitatively risk analysis are not created. The term “Admissible risk” can not be defined because of one depend on methods. Experience from other spheres is missing

Conclusion 2

For the spheres of chemical, biological, transport, ecological safety, safety of buildings and constructions, information security, including the conditions of terrorist threats – requirements to admissible risks are set mainly at qualitative level in the form of requirements to performance.It means impossibility of risks predictions and correct decisions of synthesis problems to substantiate preventive measures against admissible risk

General situation for todayPoint 1 Point 2 Point 3 Point 4 Point 5

Special models of Institutes (R&D)

and Critical Systems

Models of

Universities

The existing approach (everyone solves

the problems how can)

Resume1. All organizations need

quantitative estimations, but only some part from them uses modeling complexes

2. Used models are highly specialized, input and calculated metrics are adhered strongly to specificity of systems

3. Existing modeling complexes have been created within the limits of concrete order for the systems and as a rule are very expensive

Summary1. Analysis of quality and risks is carried out mainly at qualitative level with

assessments “better or worse”. Independent quantitative estimations at probability level are carried out for specially created models

2. Admissible risks in different areas of the application are not comparable. In general case optimization of risks is not carried out by solving classical problems of synthesis

3. Wide training is impossible

…

3. 3. The way to The way to purposeful rise of quality and safety for any for any

systemsystem(identical input for mathematical modeling, uniform (identical input for mathematical modeling, uniform accessible models, probability of success and risk of accessible models, probability of success and risk of failure in process development as results of modeling, failure in process development as results of modeling, dozens examples for different systems, fast analytical dozens examples for different systems, fast analytical

report in 3 minutes through Internet)report in 3 minutes through Internet)

prove the probability levels of «acceptable quality and admissible risk» for different systems in uniform interpretation,

create technics to solve different problems for quality and risk optimization, provide access for wide use and training

What is the offered way to improve essentially this situation?

From standard processesconsider

Generalproperties

of the processesdeveloped in time line

create universalmathematical models

and software tools

approve the models on practice examples

optimization ofquality and risks

It is important to support system making-decisions in quality and safety and/or avoid wasted expenses in system life cycle

Expected pragmatic effect from application

Generalproperties


Example 1 of considering

general properties for Risk analysis

The illustration of system protection against dangerous influences

- time between the neighboring diagnostics;

- a required period Treq of permanent secure operation; - as minimum, there is two diagnostics during a required period Treq (the illustration of Treq middle); - a required period Treq has ended after the last diagnostic; - a dander source has penetrated before the next diagnostic; - a dander source has not penetrated into system; - a penetrated dander source has activated before the next diagnostic; - a penetrated dander source has not activated before the next diagnostic

t

Cases: 1 2 3 4 5 … …

Industrial safety

Fire safety

Radiating, nuclear safety

Chemical, biologicalsafety

Ecological safety

Transport safety

Safety of buildings and constructions

Information securitysecurity

etc.etc.

System processes directs on maintenance ofsystem integrity (including risk-processes)

Generalproperties


Random processes of information gathering and processing, control and monitoring, threats development,

restoration of integrity are general

In all cases effective risk management

for any system is based on:

1) uses of materials, resources, protective

technologies with more best

characteristics from the point of view of

safety, including integrity restoration

2) rational application ofsituation analysis,

effective ways of thecontrol and monitoring

of conditions and operativerestoration of integrity

3) rational application of measures for risk

counteraction

Generalproperties


General properties of the processes in time line. Formalization of an

unauthorized access with due regard resources value considering period of

objective value (POV)

Example 2 of considering

general properties for analyzing information

systems operation Quality

Interacted systems

Subordinate

systems

SYSTEM

T he g eneral purpose of o peratio n:

to m eet requirements for providing reli able and t imel y

producing com plete, vali d and conf idential informat ion

for i ts following use

Information syst em

Users

Purposes

Requirements to

information system

Use condi tions

O perated objects

Higher systems

Resou rces

Sources

Generalproperties


Required information quality (ideal)

Reliable, timely, complete, valid andconfidential information

Used information(reflecting the potential threats realization)

non-confidential

non-actual

due to random errors missed during checking

with hidden distortions as aresult of unauthorized accesses

with hidden virus distortions

due to random faults of staff and usersincomplete

non-produced as aresult of system's

unreliability

untimely

due to processing intolerablemistakesdoubtful

INFORMATION SYSTEM

Hardware / Software

Users

Systems operation support, including information access, integrityand confidentiality providing

Operation service,check-up and control

Calls (t) Results (t+δ) Otherinformationsystems and

users

Operatedobjects

Real events andobjects of system'sapplication domain

. . .

t-∆

t-∆ t-∆…

Source 1

Source N

t-∆…

t t…

t t…

Datacommuni-

cation,check-up,

processing,storage andproduction

Datacommuni-cation,check-up,processing,storage andproduction

Data base

…

t-∆ … t-∆

… t-∆t-∆

required quality

The general purpose for any information system

Interacted systems

Subordinate

systems

SYSTEM

The general purpose of operation:

to meet requirements for providing reliable and timely

producing complete, valid and confidential information

for its following use

Information system

Users

Purposes

Requirements to information

system

Use conditions

Operated objects

Higher systems

Resources

Sources

The role of methodology in system life cycleThe role of methodology in system life cycle

4.4.The original mathematical The original mathematical models and software tools as models and software tools as

a brain of the offered a brain of the offered innovative approachinnovative approach

(based on the theory of random processes, system analysis (based on the theory of random processes, system analysis and operation research)and operation research)

Some mathematical models and their proofsSome mathematical models and their proofs--11from the book “APPLICABLE METHODS TO ANALYZE AND OPTIMIZE SYSTEM PROCESSES” —

Moscow: “Armament. Policy. Conversion”, 2007, 328 p. – www.mathmodels.net

basic

You can receive it on www.mathmodels.net





basic






basic






basic

basic






basicbasic

basic






basic






basic






basic






etc.

basic

basic

basic




The methodology to The methodology to support an assessment of support an assessment of standard system processes standard system processes according according

to ISO/IEC 15288 is implemented in software toolsto ISO/IEC 15288 is implemented in software tools

The offered 100 mathematical modelsThe offered 100 mathematical models

Agreement ProcessesAgreement ProcessesModeling Complex for Selecting a Suitable Supplier Modeling Complex for Selecting a Suitable Supplier ““AcquisitionAcquisition””

Modeling Complex for Assessing the Execution of the AgreeModeling Complex for Assessing the Execution of the Agreement ment ““SupplySupply””

Enterprise ProcessesEnterprise Processes

Modeling Complex for Enterprise Environment Modeling Complex for Enterprise Environment Management Management ““Environment ManagementEnvironment Management””

Modeling Complex for Investment Management Modeling Complex for Investment Management ““Investment Management Investment Management ””

Modeling Complex for System Life Cycle Processes Modeling Complex for System Life Cycle Processes Management Management ““Life Cycle ManagementLife Cycle Management””

Modeling Complex for Resource Management Modeling Complex for Resource Management ““Resource ManagementResource Management””

Modeling Complex for Quality Management Modeling Complex for Quality Management ““Quality ManagementQuality Management””

Project ProcessesProject Processes

Modeling Complex for Project Planning Modeling Complex for Project Planning ““Project PlanningProject Planning””

Modeling Complex for Project Assessment Modeling Complex for Project Assessment ““Project AssessmentProject Assessment””

Modeling Complex for Project Control Modeling Complex for Project Control ““Project ControlProject Control””

Modeling complex for decisionModeling complex for decision--making process making process ““DecisionDecision--makingmaking””

Modeling complex for risk management Modeling complex for risk management ““Risk managementRisk management””

Modeling complex for configuration management Modeling complex for configuration management ““Configuration managementConfiguration management””

Modeling complex for information managementModeling complex for information management““Information managementInformation management””

Technical Processes

Modeling complex for stakeholder requirements definition Modeling complex for stakeholder requirements definition ““Requirements DefinitionRequirements Definition””

Modeling complex for requirements analysis Modeling complex for requirements analysis ““Requirements analysisRequirements analysis”

Complex for architectural design Complex for architectural design ““Architectural designArchitectural design””

Modeling complex for evaluation human factor Modeling complex for evaluation human factor ““Human factorHuman factor ”

Modeling complex for system implementation Modeling complex for system implementation ““ImplementationImplementation””

Modeling complex for system integration Modeling complex for system integration ““IntegrationIntegration””

Modeling complex for system verification Modeling complex for system verification ““VerificationVerification””

Modeling complex for system transition Modeling complex for system transition ““TransitionTransition””

Modeling complex for system validation Modeling complex for system validation ““ValidationValidation””

Modeling complex for system operation Modeling complex for system operation ““OperationOperation””

Modeling complex for maintenance process Modeling complex for maintenance process ““MaintenanceMaintenance””

Modeling complex for disposal process Modeling complex for disposal process ““DisposalDisposal””

5.5. Examples of forecasting Examples of forecasting system operation, system operation,

interpretations of results,interpretations of results,recommendationsrecommendations

(for understanding(for understanding probability levels of acceptableprobability levels of acceptable quality quality and admissible risks in different spheres)and admissible risks in different spheres)

Some examples concerning Environmental and Sustainable

Energy Technologies

АнализАнализ рисковрисков вв опасномопасном производствепроизводстве

Input: a frequency of essential events - to 100 conditional events at 1h, there are no more 1 % of potentially dangerous events. Speed of semantic interpretation of event makes about 30 sec. Frequency of errors of the dispatching personnel and failures of software of SCADA-system is 1 error in a year

Example 1. Estimation of risk of inadequate interpretation of events by the dispatcher for 1 hour, 8 hours (one shift),

1 month, 1 year and 10 years of operation of SCADA-system

Such levels of risks for SCADA-systems can be recognized as acceptable

Example 2. The forecast of efficiency of counteraction measures to risks for 2 years and 15 years in pipes manufacture and use

1st measure – QMS at the supplier;

2nd measure -production quality check by all recommended kinds and methods of control within a year and improvement of times in 3 years;

3rd measure – the control by SCADA-system;

4th measure - remote sounding with preservation of efficiency within the days, carried out once a week;

5th measure - annual local inspections with preservation of efficiency within a month;

6th measure -integrated inspections of 1 times in 5 years with preservation of efficiency within a month;

7th measure -electrochemical protection of pipelines and means of telemechanics

-----------------------------1st measure – QMS

at the supplier;2nd measure - the

control by SCADA-system; 3rd measure –

helicopter inspection and regular radiographic methods of the analysis with preservation of efficiency within the days, carried out once a week;

4th measure -annual local inspections with preservation of efficiency within a month;

5th measure -integrated inspections of 1 times in 5 years with preservation of efficiency within a month;

6th measure -electrochemical protection of pipelines and means of telemechanics

The sample of the level of acceptable risk for other systems!Different measures are comparable by forecasted risks!

Example 3. Estimation of ecological safety of a regionRisk to lose ecological safety of

region within 5 years

1-st technology(old) provides processing of tests

and delivery of results of theanalysis within 3 days. Errorshappen 1 time in half a year.

In case of deviations a long of integrity restoration is a week

2-nd technology(modern) with use of IT

provides operative processing

within several minutes, about one error at 2 years,

integrity restoration is about one day

(Supervision stations: 1st category, 2-nd category)1 2

1

2

22

2

1

1 1

0.56

0.92

0.37

0.93

0.10

0.49

0.09

0.48

The operational effectiveness of stations of 1st

category at modern

technology of monitoring is high: risk no

more than 0.1 (!)

More frequent quality control of sea waters is recommended - to level of

frequency of the control stations of 1st category (the risk decreases with 0.5

to 0.3 and more

The increase of mean time between mistakes is recommended (the risk

decreases with 0.5 till 0.28 and more)

Duration of the control from 0.5 to 2 days influences insignificantly!

More frequent threats twice increases risk from 0.5 to 0.6

Mean time between mistakes

Time between control

Duration of the control

Frequency of threats

Points of supervision of 1st category are intended for quality Points of supervision of 1st category are intended for quality control of sea waters in coastal areas. The control is 2 times acontrol of sea waters in coastal areas. The control is 2 times amonth on reduced and once a month under the full program. month on reduced and once a month under the full program. Points of 2nd category are intended to control sea waters in Points of 2nd category are intended to control sea waters in areas of the high sea for researches of seasonal and annual areas of the high sea for researches of seasonal and annual variability of impurity of sea waters. The control is 5variability of impurity of sea waters. The control is 5--6 times a 6 times a year under the full programyear under the full program

1-ST COMPONENT – IDEAL BOILER-HOUSES, 2-ND -CENTRAL THERMAL POINT AND ELEVATED BOILER ROOMS; COMPONENTS FROM 3-RD TO 8-TH ARE HEATING MAIN BEAMS,

9-TH COMPONENT CHARACTERIZES THE TIME BETWEEN DAMAGES OF ALL NETWORK OF THE HEAT SUPPLY

Example 4. Estimations of ideal system of the centralized heat

supply during a cold season (214 days)

For ideal system mean time For ideal system mean time between failures is about 3 years!between failures is about 3 years!

Probability of reliable Probability of reliable heat supply is heat supply is 0.830.83

It is ideal It is ideal (unachievable (unachievable

maximum)maximum)!! 0.8325287h

On the moment of failure the probability of reliable heat supply

is 0.008

Estimations of existing system of the centralized heat supply

Mean time between failure is 93 hours (one failure in 3 days)

Probability of reliable heat

supply is 0.014

0.01493h

WITHOUT RESERVATION OF BEAMS OF THE HEATING SYSTEM

62 h 0.008

Mean time between

failures is 62 hours!

AS A RESULT ALL THE SAME

ZERO !!!

WITH RESERVATION OF BEAMS OF THE HEATING SYSTEM

1-ST COMPONENT – IDEAL BOILER-HOUSES, 2-ND -CENTRAL THERMAL POINT AND ELEVATED BOILER ROOMS; COMPONENTS FROM 3-RD TO 8-TH ARE HEATING MAIN BEAMS,

9-TH COMPONENT CHARACTERIZES THE TIME BETWEEN DAMAGES OF ALL NETWORK OF THE HEAT SUPPLY

Probability of reliable heat supply is 0.44

Probability of reliable heat supply is 0.035

Comparative estimation of variants of improvement of heat supply system

0.035

variant 1

variant 2

CostCost

variant 3

0.44

0.44

0.98

The most preferrable variant!

BUILDING OF NEW HOUSES WITH INDIVIDUAL HEATING ALLOWS TO

PROVIDE THE RELIABLE HEAT SUPPLY WITH PROBABILITY 0.98

CostCost

CostCost

1-ST COMPONENT – IDEAL BOILER-HOUSES, 2-ND -CENTRAL THERMAL POINT AND ELEVATED BOILER ROOMS; COMPONENTS FROM 3-RD TO 8-TH ARE HEATING MAIN BEAMS, 9-TH COMPONENT CHARACTERIZES THE TIME BETWEEN DAMAGES OF ALL

NETWORK OF THE HEAT SUPPLY

Basic feature:Basic feature:

unlike a land unlike a land problems of safety problems of safety should be resolved should be resolved

by own strength by own strength directly in the sea as directly in the sea as

remoteness from remoteness from coast and, probably, coast and, probably,

ice conditions for ice conditions for northern areas northern areas

exclude the help from exclude the help from the outsidethe outside

Typical structure

Example 5. Analysis of vulnerability for oil and gas systemsExample 5. Analysis of vulnerability for oil and gas systems--1 1

8 h. 1 day 1 week 1 month 1 year

0.000006 0.00002 0.0002

0.01

0.0008

Risk of erroneous analytical conclusions from the gathered on-line information and as a

consequence non-undertaking or undertaking inadequate countermeasures within only

a few business hours is very high!

Really

Optimisticallyas a result of decreasing mistakes

Input for modeling is according to data of a special public relations department of FBI

0.86

Estimation of the analysis process

Analysis of development of terrorist dangers in the external conditions similar to emergency danger

0.99980.89

0.39

0.07

Risk increases from 0.01 to 0.9998

owing to insufficient degrees of

recognition the terrorist

threats

Risk of uncontrollable development of a situationfor conditions of emergency danger

Risk of uncontrollable development of a situation for conditions of terrorist dangers

8 h. 1 day 1 week 1 month 1 year

0.390.18 0.18

0.860.97

0.02

Example 6. Model of threats, barriers against unauthorized access

System data

Characteristics of the Communication Subsystem

Characteristics of the means of gathering, storages and displays

It is required to predict quantitatively the level of information security for month and year and

to reveal bottlenecks

CommunicationSubsystem 2

Subordinatedenterprises -Subsystem 3

Means of gathering,

storages anddisplays -

Subsystem 3

HHeadead hholdingolding --ssubsystemubsystem 11

For safe system operation it is expedient, that all subsystems were strong equally. In an investigated exampleimplemented monitoring and control are ineffective. The technology of maintenance of information security in

case of emergency is necessary

Prediction of information security and revealing bottlenecksMean time of safe operation (h)

Probability of providing system securitywithin a month without monitoring and control within a month with monitoring and control

within a year with monitoring and controlwithin a year without monitoring and control

without monitoring and control

with monitoring and control

0.96 0.96

0.89

0.830.90

0.91

0.960.99917575 17533

59453544

867214

481267688 6579

0.67 0.67

0.400.29 0.43

0.47

0.85

0.99

Mor

e at

49.3

tim

es

mor

e at

1.86

tim

es3rd subsystem is

the most bottleneck in system! Narrow links

are means of gathering, storages and

displays of data

more at 112.8 times!

Within a year somecases of

overcoming ofbarriers are quite

possible

Within a month safe will be provided with probability 0.9 (i.e. it is figurative if scenarios of threats repeat 100 months about 90

months from them information security will be provided)

monitoring

For many years rare year will do without

safety infringement

are not effective!and control

Implemented

The general mean time of safe

operation will be more low, than only for the most critical link (3rd subsystem)

for system

For system

Subsystems1

1 12

2 2

221 3 31 1

33 3

32For system For system

for system for system

For 1st subsystem monitoring of 10th barrier is effective!

1st and 2nd subsystems

areaproximatelysafe equally

What about the modeling through Internet?

The offered approach to

mathematical modeling

standard processes through Internet

Resume1. Input (different

characteristics of time, frequency and expenses for standard processes) are identical. Models are based on the theory for random processes. As consequence –metrics are understandable, these are probabilities of successful development of processes or risks of failure2. Services through Internet

are more cheaper, than calculations by existing way

1. All organizations receive access to quality and risks analysis on uniform mathematical models according to requirements of system standards and taking into account experience and admissible risks for systems in different spheres2. Training is accessible to all connected to Internet

Service through

Detail analytical

report (50-70 pages) in 3 minutes Differences

-focus on requirements to system standard processes;-universality of initial data, metrics and the mathematical models, allowing an estimations and forecasts for given time;-support of decision-making process through Internet

Objective needs and preconditions for perfection of quality and risk management (1)

Methodology and supporting software tools (2)

Examples for different spheres of applications (3)Modeling through Internet (4)

From a pragmatical filtration ofinformation to generation of the proved ideas and effective decisions

INNOVATIVE APPROACH TO ANALYZE INNOVATIVE APPROACH TO ANALYZE QUALITY AND RISKSQUALITY AND RISKS

Scientific Publications and PresentationsScientific Publications and Presentations19941994

19919966

19919999

The models and software tools have been presented at seminars, The models and software tools have been presented at seminars, symposiums, symposiums, conferences and exhibitions since 1989 in Russia, conferences and exhibitions since 1989 in Russia, Australia, Australia, Canada, France, Canada, France,

Finland, Germany, Kuwait, Finland, Germany, Kuwait, the USAthe USA

-- 20052005

Thanks for your attention!

Prof. Prof. AndreyAndrey KostogryzovKostogryzovMoscow, Russia, [email protected]@gmail.com , ,

For more details and onFor more details and on--line system analysis with line system analysis with presented mathematical model: presented mathematical model:

www.mathmodels.netwww.mathmodels.net

INNOVATIVE APPROACH INNOVATIVE APPROACH TO ANALYZE QUALITY AND RISKSTO ANALYZE QUALITY AND RISKS





Date post:	16-Jun-2015
Category:	Business
Upload:	mathmodels-net
View:	178 times
Download:	0 times

Kostogryzov 10.12.2009

Business