You're right - reliability derives from component specification - the inverse of its expected (or designed- light bulbs) failure frequency (or expected working lifetime?). Risk is the probability of failure times the consequences of its failure (system mainly, but occasionally a component). You have to be careful how you define risk though. ERM (ISO 31000) defines it as "uncertainty". Slovic maintains it is an exercise (abuse) of power to specify any expected fatality rate, etc.!

If you enhance the reliability of the system's components, you will by definition, reduce the overall system risk. A better way is to add resilience (redundancy, fail safe, inherent safety design, etc.)

Thank you professor Slater,

Very useful contribution to my question.

Aven compared definitions of risk used across some scientific disciplines. He proposed assigning them into three distinct categories: risk as a concept based on events, consequences and uncertainties, risk as a modelled, quantitative concept; and risk descriptions. For example, the approach used in Polish railway context can be assigned to the category which treats risk as a modelled, quantitative concept. According to these definitions, risk of a hazard depends on the probability of the activation of the hazard under assessment, as well as on severity of its foreseen consequences. This probability in technical objects/systems could be expresed as 1 - Reliability

Serous, the concept of reliability and the concept of risk as normally defined are not directly related although the reliability of a particular entity may be a component of a particular risk.

Reliability is about the repeatability of some particular functioning of an entity which could be a widget, a person or even an algorithm. Risk is essentially an estimate of a likely loss and this could be influenced by the reliability of one or more components within its context. Reliability relates to the entity whereas risk is in the mind of the beholder/Observer – risk is therefore relativistic whereas I would suggest that reliability is not.

If your gun is particularly reliable than it may lower your risk of dying but may increase the risk of your enemy dying. Consider also that a poison will have a certain reliability regarding causing death but the risk to someone attempting suicide and the risk to a family member trying to prevent it will be quite different.

Hi Adrian,

Thank you for your answer. Would you please elaborate your last sentence. I believe there is something useful in idea expressed by this sentence.

Dear Ian,

Very useful point of view. You have introduced a new view point, at least for me. I need to read your answer many more times.

For many years I worked in oil and gas safety and reliability division. The prevailing logic was if we increased the safety of an installation , then the down time is reduced, thus the reliability would increase ( but not necessarily). For enhancing safety we identify risks (HAZID and HAZOP activities) and try to eliminate them.

Please add any more thought you have.

Hi all:

A quite interesting discussion indeed.

I would like to recommend the reference by N. Leveson "Engineering a Safer World" https://mitpress.mit.edu/books/engineering-safer-world which tackles relatively well this question.

In fact, one could have reliable but unsafe systems (eg. friendly fire where everything has technically functioned as expected (reliability was good), but with catastrophic consequences - risk is high). It means that in risks (or safety) we cannot neglect a system view as well as the organizational and human performance. In today's complex world, risk and safety are rather emergent system properties. Reliability is more linked to physical assets (equipment, components and technical systems). It is relatively well understood and scientific basis is rather solid.

We have discussed it at some extend with regard to safety/risks in mining industry, but the thinking is well applicable elsewhere (see attached).

Hi,

sorry for simplification... I should say that probability of element/entity failure = 1- reliability. I agree with Mr. Dalling that the reliability may be a component of a particular risk but I also think like Mr. Komljenovic, that reliability is more linked to physical assets... At first I would like to say that I understand and quantify risk as function expressed by the possibility of the activation of hazard and the size of the potential damage/losses resulting from its activation (I attach a png file). Moreover I think that everything depends on the assumption the consequences. For "dying due to shooting" we can not estimate risk only as a combonation of gun failure (expresed by the reliability) and lost of life because there are much more components of the possibilty fraction. The values of this possibility are not known. I could write /forgive these equations/ that eg. Risk(dying) = [1-Reliability(gun)]*P(?|?)*P(?|?)...*Consequences. What if the P(?|?)*P(?|?)... is certain event? Let's take a storage tank, loss-of-containment and the situation when the storage tank fail, and the loss of substance is a certain event. Can I then write that R(loss) ~ [1-Reliability(tank)]*$$?. I realize that reliability can also be made up of many fractions of probability events but for this we use it's known aggregated measure.

Ris and Reliability only are each others complements if (and only if) they together cover all the outcome space you want to consider.

In the tank example above: The tank is tight or it is not. So if reliability is defined as holding anything that might be in it than failure = 1- reliability. But (and there many of the reasonings go astray) you really want to know whether there is material getting out of the tank you should consider whether there is any liquid in the tank to come out. Furthermore, what constitutes "the tank" may be different from analyst to analyst also: it may comprise the appenditure as well

As far as the gun example: The failure of the gun increases (may be) the risk of the holder of the gun (which may be that the gun explodes in his hand or that the person he is pointing the gun at may shoot first), but it reduces the risk of the person he point the gun at (to be shot).

So any analysis of risk and of reliability should start with defining the outcome space and then define the demarcation between what is considered a succes and what is considered a failure.

Both the outcome space and the demarcation may be different depending on your point of view.

All good answers. I'd like to add to this an observation about risk made by scholars from the social sciences. When talking about risk, it depends on who is doing the talking, i.e. from whose point of view risk is defined. In healthcare this is particularly relevant, as perceptions of risk might vary between (individual) patients, healthcare professionals and policy makers. From this perspective, risk should be negotiated and re-negotiated between the stakeholders.

See a good editorial by the late Bob Wears:

http://dx.doi.org/10.1016/j.annemergmed.2014.02.012

All insightful answers.

A question for Dr Mark Sujan,

If the doctor in charge of a patine in a hospital assures (with evidence) all equipment, nurses and doctors are highly reliable, then should the patient feel safe, i.e. assuming less risk, or ignore such assertion as being irrelevant to the case?

Another good question, and I will attempt to put a complex issue into a few simple examples. I suppose the question is really about whether risk and reliability form the best possible basis for understanding patient safety. With my Safety-II hat on, I would argue that in healthcare at least (but probably in most complex systems) success and failure depend much on the ability of workers to make dynamic trade-offs.

Example 1: a "reliable" or good handover from the ambulance crew to the emergency care triage nurse should be conducted within 15 minutes of arrival, and the ambulance crew should be back onto the road within 30 minutes (having completed paperwork and readied the vehicle). However, sometimes ambulance crews violate this protocol on purpose (i.e. introduce unreliability). Why? They need to balance the risk to the patient under their care with the risk of the unmet need in the community. They have to decide whether it is safe for their patient to give a quick handover to the triage nurse (and therefore be quicker to arrive to the next patient) or whether it might be better to stay longer in the emegency department in order to convey additional detail about their patient to other clincial staff. That is because the triage nurse is concerned predominantly with the acuity of the patient, and the implications on the resources of the ED, but not as much with the clinical and psychosocial details of the patient.

Example 2: the ED is set up to deliver optimal care to patients. However, when they get very busy, they need to sacrifice some goals (reliability) and provide good enough care that ensures noboby is killed outright while waiting, even if it risks that some patients might be put at risk of other harms. An ED clinician might formulate an initial differential diagnosis and refer the patient onwards based on unconfirmed belief, and that belief might turn to be wrong later, which means the patient gets moved about the hospital needlessly. In an ideal situation, patient referals would take place upon confirmed diagnosis. But this adaptation allows the ED to function during times of stress.

To conclude, from a Safety-II perspective safety is about managing the tensions and contradictions within our systems through such dynamic trade-offs.

A couple of references where I explore these issues further:

Mark A. Sujan, Huayi Huang, Jeffrey Braithwaite, Learning from incidents in health care: Critique from a Safety-II perspective, In Safety Science, Volume 99, Part A, 2017, Pages 115-121, ISSN 0925-7535, https://doi.org/10.1016/j.ssci.2016.08.005

Sujan, M., Spurgeon, P. and Cooke, M., 2015. The role of dynamic trade-offs in creating safety—A qualitative study of handover across care boundaries in emergency care. Reliability Engineering & System Safety, 141, pp.54-62.

Did you see this? www.linkedin.com/pulse/direct-correlation-between-reliability-safety-bob-latino/?trackingId=n6lM1QE%2B%2Fe1M0drdYL85Vw%3D%3D

Professor Slater,

Thank you for the link. I read the post and I found some similarity between my understanding and Mr Latino's believes. He mostly relies on his feeling than providing a good argument. He is also wrong in his criticism of Nancy Leveson's assertion. I believe Miss Leveson has a valid point.

I will add where I am coming from.

Dear Sirous Yasseri ,

Reliability is a property of an object to keep in time within the established limits the values of all parameters characterizing the ability to perform the required functions in the specified modes and conditions of application, maintenance, storage and transportation.

Risk is the combination of probability and the consequences of adverse events.

Regards, Shafagat

Dear Shafagat,

Thank you for contributing to this discussion.

Dear Professor Sujan,

You have added another interesting dimension to my question. I will obtain the references, read them and com back to you.

Risk is some thing unwanted or undesirable for cautious. Taking risk is taking challenge it is for the brave. Any task that takes one to pinnacle of success ought to be naturally risky. Some times risk overrides success. A success without intervening risks is not a success at all!!

While reliability being opposite of probability is a thing which is desirable. A person need to be reliable, the outcomes of a process must be reliable. Reliability brings in a notion of certainty. I do not find any direct connect between risk and reliability.

In my view, the main parameter for the relationship between reliability and risk can be considered a duration of an event. The longer the duration the higher the reliability and the less the risk and vice versa. There are many examples.

For example, what is better: to make a patient a quick operation (when every second is expensive) in bad conditions on the spot with the help of a young doctor without practice or take the patient to a hospital and perform surgery with the help of a qualified professor and in good conditions. As another example, if one of the chess players is in a zugzwang state, then he is forced to make quick and risky moves in order not to lose the game.

In a modern view of risk, risk is the effect of uncertainty on objectives. (ISO31000 & ISO Guide 73)

Reliability is certainly an objective that can be affected by this effect of uncertainty (risk). This effect can be negative (less reliability), positive (more reliability) or both (which means that certain effects reduce reliability and other effects improve reliability).

In its turn, reliability is a risk source to other objectives, possibly increasing the positive outcome for those objectives, when reliability has a positive effect on those objectives.

As an example:

Yesterday Microsoft performed an update (risk source= update by Microsoft) on my laptop. This unexpected effect made my laptop unreliable , because the update lasted for 4 hours in which no use of the laptop was possible and I couldn't rely on it for my work (risk = updates of Microsoft make my laptop unavailable / unreliable for work) .

As such, the reliability of my laptop (risk source=unreliable laptop) has an effect on my work (risk = an unreliable laptop negatively affects my daily work).

In a chain of events, it is always interesting to find out what the risks and risk sources are in order to be able to manage them better, by increasing the likelihood of positive effects and reducing/eliminating negative effects.

Hi Peter,

My primary objective is how to achieve “High availability systems” and how we can we assure it. There are numerous methods to enhance the reliability of an oil & gas installation, including Simulations, analytical & numerical analyses (physics-based models), RAM. MTTF, MTTR, FEMA/FMECA. Fault tree analysis (FTA), Event Tree Analysis (ETA, block diagram and many more. However, the final arbiter is testing. Thus, all these dozen or so reliability analyses are augmented by numerous tests (FAT, EFAT, SIT) at various stages of manufacturing and installations. The final suit of tests for hand over is the operability tests on the as-built system, which is referred as the commissioning in some industries. Some of the above reliability methods (FTA, ETA, FEMA/FEMCA) are used in the risk analysis, which shows a commonality between risk and reliability.

I am talking about “systems” which I define as a collection of things (hardware/software) as well as ‘human elements’. A collection of hardware/software, which does not include human involvement, is not a system according to this definition; that is determining reliability/availability the context and function must be considered.

I consider that

• The reliability is addressing the loss of function
• The risk is addressing the loss of life, loss of asset, loss of revenue, injuries, damage to the environment etc.

Modern systems for their safety rely on electronics, software and mechanical systems (for the acting on a command). In the oil and gas industry, there are a number of equipment which is known as the “safety Critical elements”, which are controlled by software but they also include electronics and mechanical parts. Failure-on-demand of such systems must be below E-05. Without proper functioning of the safety-critical systems, an installation cannot be considered as safe

It seems safety/risk and reliability/availability are somewhat interlocked or at least have some intersection. Like two hands, they are different but both are needed to get the best performance.

The above support professor Ben Ale assertion (see his answer to my question) “Risk and Reliability only are each other’s complements if (and only if) they together cover all the outcome space you want to consider”- paraphrased.

My short answer:

Your actual risk is your future safety and performance when not managed.

In other words, risk will always be a perception of a future situation, which holds the element of uncertainty. The other elements of risk are the objectives and the effects affecting those objectives. When a possible situation realizes, the uncertainty is gone and the factual effects on the objectives remain, which then is a reflection of your safety and performance.

It is in managing risks, by finding out risk sources and understanding how these risk sources can affect your objective(s) that safety (reduced negative effects) and performance (increased positive effects) can be enhanced, whatever tool you use to achieve that aim.

Reliability and availability are certainly risk sources when safety and performance are the objectives. As such, reliability/availability is not a complement of risk, but rather a part of risk, concerning a possible positive effect on the objectives.

The question is: how is your objective of reliability/availability is exposed to other risk sources. This will give you a certain risk profile that can be the basis for further risk treatment and optimization of the concerned risk(s). In this, it is also important to look at gain instead of solely looking at the loss side of the objective. (e.g. what are the risk sources that can possibly enhance reliability/availability)

You can find more on Safety & Performance on my website byaz.be

Hi Sirous,

Your last comment is very interesting. Are you looking for a complementary way of defining a Perrow "Highly Reliable Organisation"? In which case perhaps we could look at resilience (rather than availablity) as being the inverse of risk? So a Highly Resilient Organisation would be more reliable and less risky. The problem is defining exactly what resilience means (currently the latest buzzword to get abstracts accepted?). But things like redundancy, inherently safe design, fail safe, etc. are all measures that would add resilience and decrease risk?

Hi Sirous (and David)

Precisely: if risk is defined as loss of life (say) and reliability that the system functions then they do not have (and probably never are) each others complements. A car that does not go (because the engine stalled) does not run over you (on the contrary). So the safest car is a car that has zero reliability as far as its function " go". However if reliability is defined as being able to brake, then there is a relationship, but not one to one either, because even if a car cannot brake (and is going) it does not necessarily kill anaybody either. It may just roll out or hit a tree.

Professor Ale,

Thank you for your clear and price answer. I am grateful for taking time and adding your valuable input. You have also given very good examples. I guess I can see the proverbial 'light at the end tunnel'. I totally agree with what you.

Let me put a different slant on my question. My primary quest is how to achieve a highly available production system. In this context risk is a secondary issue. However, I am worried about risks as long as they influence said. availability. risk reduction is a different activity, where reliability is a secondary issue.

Your emphasis is achieving a low-risk system. I am coming from a different direction.

In the context of my quest, I am concluding that if I don't pay attention to risks then the availability is less than what can be achieved. Even some ' trips and falls' may lead to shutting down the system.

I appreciate your thought, but this time please consider availability as the primary question and risk as a secondary concern.

Dear Professor Slater,

Thank you for taking time and adding your valuable comments. I found your and professor Ale’s comments very illuminating.

The context of my question is the availability of a high-value oil and gas installation. Any downtime of such installation is very costly in terms of loss of revenue, repair cost and commitment to customers (warranty).

There are a number equipment ( e.g. actuated valves, high integrity pressure protection system (HIPPS), etc. ), which are known as the ‘safety critical elements’ and are design as fail-safe systems. But, if they go down so does the availability. Fail-safe systems, of course, are desirable , but they don't enhance the availability. One might argue that they would limit the damage and hence it takes a shorter time to bring the system up, hence somehow they do affect availability.

The so-called 3Rs (redundancy, reliability and resilience) will help to maintain the availability though it may be in a reduced state; which is good.

Sirous, my apologies for not responding earlier to your request. Reliability is about confidence in functionality which may or may not impact a given risk (positively or negatively). Risk is relativistic because it depends on the need/expectation/aspiration of a stakeholder. Stakeholders each will have a differing prospect/risk perception and these may even conflict as in my example of the reliability of a gun which may increase or decrease a likely desirable outcome. When fighting a battle we normally want the reliability of the enemies weapons to be more but ours to be excellent. Some stakeholders may even desire that all sides weapons are extremely unreliable.

Risk practitioners often talk about positive and negative risk but this is more easily understood if we speak about prospect and risk which most people are very familiar with and plain language. This is the language of MSS 1000 which uses a universal management language set and taxonomy. There is a lot on the IMSIG web site http://cqiimsig.wixsite.com/imsig/mss-1000 The following blog may give you food for thought http://cqiimsig.wixsite.com/imsig/single-post/2016/05/22/Integrated-Management-of-Prospect-and-Risk-1

We welcome new members interested in joined up management thinking to join IMSIG http://cqiimsig.wixsite.com/imsig

Dear Ian,

Thank you for taking time and adding your thoughts.

Two papers which convince me our problem is we cannot yet agree on the dimensions of risk, let along the definition of the term, are one by Aven "The risk concept—historical and recent development trends" and a second by Slovic, Fischhoff and Lichtenstein "Why Study Risk Perception?". If it were as simple as risk = (likelihood * consequence), I hazard the debate would already be over. It might be risk = (likelihood * consequence * dread) for the person confronting the situation, and risk = (likelihood * consequence * empathy) for those calculating risk on behalf of others. I say this because I have seen risk perception change when risk assessors have gone from calculating the risk to a statistical life to their being placed into the target situation. The risk calculated increased because they failed to empathise with the exposed statistical "victim".

Hi Ray,

Thank you for your contribution.

We may disagree how to evaluate risk and what is acceptable. While academic argue about this, practitioners must make a decision; i.e. stop a project or allow it. They can't sit on the fence until fog disappear. If you look accidents at installations which were permitted using QRA, you would come to the conclusion that 'this flawed method' is not terrible; but of course we want improve it nevertheless.

My question was if risk and reliability are two distinct activities or they path will cross. For example for the high integrity protection systems we seek reliability.

Hi Sirius

The in principle definition of risk and or reliability is that it is a combination of probability nd consequences. After that principle the complications begin. If you are in the "quantification" mode, the primary question is what constitues the risk in the problem at hand. (see car example earlier). What to do with the answer is again another matter. It may well be that a probability that a rock falls is completely acceptable for most, but un acceptable for one (eg the one who's house is under the rock). The result of quantification should be the same in both instances. (even if there are uncertainties), because the process of falli9ng rocks is a process determined by laws of nature (Ah, i hear you say, you have to take into account somebody doing it on purpose: quite: as soon as people are involved analysis becomes more complicated). The decision making process using the results of an analysis is where emotions, empathies and just taste comes in. There is a law of nature that determines the terminal velocity of a falling rock. There is no law of nature that determines the acceptability of a risk (or a level of reliability). If one is in the decision making game for a long time, one will find out that muddling the two together eventually leads to a situation in which nobody will even trust laws of nature. (May be some unempathic sick technician has misrepresented the Newtons law). In this age of "fake news" it is even more important to separate facts from opinions.

Cf. "High Reliability Organisations Theory".

Hi Lhoussaine,

Can you expand your statement.

I think the problem with the idea of complementary relationship (e.g. Risk+Reliability=1 or any quantifiable relation) between Risk and Reliability is the doubtful existence of them as objective entities . Is Risk at a time and a situation a specific amount that we could "measure" it? The risk view of realists or frequentists is somehow lack of concrete basis here. I study risk in the container shipping system and, from my view, the traditional view of the risk concept is inadequate (likelihood and consequence), the other pillar here is uncertainty. It is uncertainty that make the complementary relationship questionable.

I still believe that quantitative risk analysis is vital in realizing risk situation, but the question is: How can we know that this risk analysis model is more effective than the other if the occurrence rate of the risk is dangerously low, or in some cases, did not happened? But apart from go back to the theoretical base of each study and examine each module of a technique, we still merely believe.

Hi Mr Nguyen,

As I understood from your message that there is no relationship between risk and reliability. There is no direct relationship between them, namely is reliability is high the risk is low. However, to keep risk low equipment must be reliable. an unreliable fire pump may not be available when you need it.

Son, Your comments and experience are practical and enlightened. Risk and reliability are headline properties that the traditional risk assessment approaches (SAFETY I) provide. This is good information as far as it goes, but as you say, thankfully, in general, ( and perhaps because of traditional risk management) , the occurrence rate is low (1 in a million?), or just hasn't happened stochastically yet (if you believe events occur randomly and your statistics base is classical, not Bayesian). (Or they could even Taleb Black Swans?) So we need an approach which looks at the data available when we manage to do it right (most of the time?)

This new complementary approach (SAFETY II) is becoming more widely recognised and accepted as necessary for today's more complex systems' operation. We had a very interesting international meeting in Cardiff recently, in which this more challenging and insightful approach was endorsed in applications as varied as Healthcare, Aviation and Marine situations.

Dear Dr. Yasseri, I think that there might be a relationship between them. By risk awareness and proactive strategies, we are able to act timely to improve the reliability of a system. However, I am not sure and will take a cautious approach toward any quantitative description of their relationship. If they are complementary, or at least, related, then we could investigate more about the characters of that relationship: is this relationship exclusive? Is there other elements involved in just like uncertainty in the case of reliability?

Dear Prof. Slater, thank you for your useful information. The idea of SAFETY II is interesting indeed, especially for risks that happen more frequently but with relatively lower severity. This change, or should we say, expand, of risk from reactive to proactive is like we change from defend to attack (with active learning). Reliability and Resilience will be considered together with Risk as a system management manner.

Exactly!

Should we not make a distinction between the prediction if someone or something will endure some harm (risk) and the prediction of the lifetime when considering the sum of harms? Intuitively, reliability and risk act on a different time scale.