Overview
The Risk Probability enumeration represents how frequently or likely a particular risk scenario will occur in operational or manufacturing contexts. In TestAuto2, probability ratings combine with Harm Severity to determine overall risk levels through matrix-based calculations, enabling systematic risk prioritization and control implementation decisions.
Enumeration Values
| Value | Level | Range | Description | Severity | Use Case |
|---|
| 0 | Unrated | N/A | No probability assessment performed; pending evaluation | — | Default state for new risk records requiring assessment |
| 1 | Very Low | 1-3 (P1×P2) | Extremely unlikely; highly improbable under normal operations | ✅ {.pg-1} Green | Scenarios where hazard/failure requires multiple simultaneous failures or exceptional circumstances |
| 2 | Low | 4-8 (P1×P2) | Low likelihood; may occur but rare in service life | ✅ {.pg-1} Green | Failures with effective prevention controls or inherently stable design characteristics |
| 3 | Medium | 9-15 (P1×P2) | Moderate likelihood; possible during system lifetime | {.pg-2} Yellow | Medium-concern scenarios requiring proportionate risk controls; threshold for ALARP decision-making |
| 4 | High | 16-20 (P1×P2) | Elevated likelihood; probable if controls not in place | ⚠️ {.pg-3} Orange | Demands prioritized mitigation; typically requires mandatory risk control implementation |
| 5 | Very High | 21-25 (P1×P2) | Highly probable; nearly certain without controls | ❌ {.pg-4} Red | Maximum criticality requiring immediate action; unacceptable residual risk unless controlled |
Probability Calculation Model
TestAuto2 implements a two-factor probability model where overall Risk Probability is computed as the product of two independent probability dimensions:
Risk Probability = P1 × P2
Where:
P1 = Probability that the hazardous situation occurs (0-5)
P2 = Probability that the situation results in harm (0-5)
Product range: 1-25 (with 0 reserved for unrated)
- Fine-grained probability assessment distinguishing scenario occurrence from consequence severity
- Separate risk reduction strategies targeting either hazard probability (P1) or harm probability (P2)
- Progressive mitigation tracking where pre-mitigation and post-mitigation P1/P2 values demonstrate control effectiveness
Example Calculation
| Scenario | P1 | P2 | Product | Rating | Interpretation |
|---|
| Common hazardous situation + high harm consequence | 4 | 4 | 16 | High | Risk requires active mitigation |
| Rare hazardous situation + minor harm consequence | 2 | 1 | 2 | Very Low | Acceptable without mitigation |
| Inherent design hazard + moderate consequence | 3 | 3 | 9 | Medium | ALARP evaluation necessary |
| Multiple simultaneous failures + severe consequence | 1 | 5 | 5 | Very Low | Acceptable due to inherent rarity |
Integration with Risk Matrices
Risk Probability combines with Harm Severity in formal risk acceptance matrices to generate risk levels:
Risk Level = f(Severity, Probability)
Probability
V. Low Low Medium High V. High
Severity S1 Low Low Low Med Med
S2 Low Low Med Med High
S3 Low Med Med High High
S4 Med High High High Crit
S5 High High High Crit Crit
The intersection of Severity and Probability cells determines which risks require active control measures. Higher-right quadrants (High Severity + High Probability) correspond to Critical or High risk levels demanding mandatory mitigation.
Risksheet Integration
Risk Control Plan Risksheet
In the Risk Control Plan Risksheet Configuration, Risk Probability appears in multiple contexts:
| Column Name | Field | Visibility | Formula |
|---|
| P1 (Hazard Probability) | riskRecord.p1Probability | Initial Evaluation view | Manual entry (1-5 scale) |
| P2 (Harm Probability) | riskRecord.p2Probability | Initial Evaluation view | Manual entry (1-5 scale) |
| Probability (Pre-Control) | Computed | Initial/Residual views | p1Probability × p2Probability |
| Probability (Post-Control) | riskRecord.p1ProbabilityPost | Residual Evaluation view | p1ProbabilityPost × p2ProbabilityPost |
| Risk Value | riskValuePre, riskValuePost | Measures view | riskValueBefore(severity, probability) |
HAZID Risksheet
In HAZID Risksheet Configuration, probability represents likelihood of hazard occurrence combining exposure and controllability:
- Initial Probability (Pre-Mitigation): Assessed before safety controls are implemented; reflects design-inherent or operational hazard occurrence rates
- Residual Probability (Post-Mitigation): Reassessed after risk controls active; demonstrates control effectiveness and residual risk acceptability
Cell Styling and Visual Indicators
Risksheet cells displaying Risk Probability values use conditional CSS classes for visual risk stratification:
| Probability Level | CSS Class | Background Color | Text Color | Icon |
|---|
| P1 - Incredible | probability-incredible | #eaf5e9 | #1d5f20 | $ok-sign |
| P2 - Very Low | probability-very-low | #eaf5e9 | #1d5f20 | $info-sign |
| P3 - Low | probability-low | #fff3d2 | #735602 | $info-sign |
| P4 - Medium | probability-medium | #fff3d2 | #735602 | $warning-sign |
| P5 - High | probability-high | #f8eae7 | #ab1c00 | $remove-sign |
Green (rpn1): Acceptable risk; controls typically not required unless driven by other factors.
Yellow (rpn2): ALARP threshold; evaluate additional controls per risk/benefit analysis.
Orange (rpn3): Unacceptable without controls; mandatory mitigation required.
Red (rpn4): Maximum criticality; immediate risk reduction action required.
Risk Acceptance Workflow
Risk Probability directly influences the formal risk acceptance decision sequence:
Risk Assessment Phase:
- Assign Pre-Control Probability (P1, P2) based on operational/design analysis
- Combine with Severity → Calculate Initial Risk Level
Risk Mitigation Phase:
- If risk unacceptable → Define risk controls (design changes, process controls)
- Implement controls
Risk Re-evaluation Phase:
- Reassess Probability (P1Post, P2Post) considering control effectiveness
- Recalculate Residual Risk Level
- Decision:
- Residual Risk acceptable? → Accept and document
- Still unacceptable? → Benefit-Risk Analysis or additional controls
Probability Assessment Criteria
Guidance for P1 (Hazardous Situation Occurrence)
| Rating | Occurrence Frequency | Examples | Assessment Method |
|---|
| 1 | <1 per 10,000 hours | Dual sensor failure, multiple component failures | FMEA analysis, historical field data, worst-case modeling |
| 2 | 1 per 1,000-10,000 hours | Sensor degradation, software anomaly | Component reliability data, operational statistics |
| 3 | 1 per 100-1,000 hours | Occasional sensor noise, transient interference | Test data, duty cycle analysis |
| 4 | 1 per 10-100 hours | Frequent environmental conditions, periodic malfunctions | Field experience, operational conditions |
| 5 | >1 per 10 hours | Continuous hazardous condition, inherent design state | Current design assessment, baseline conditions |
Guidance for P2 (Harm Consequence Given Hazard)
| Rating | Consequence Likelihood | Examples | Assessment Method |
|---|
| 1 | Hazard blocked by design fail-safes | Redundant detection prevents harm | Failure mode analysis, SOTIF assessment |
| 2 | Multiple operator interventions possible | Operator can mitigate before injury | Human factors analysis, reaction time studies |
| 3 | Operator may intervene | Situational awareness required | Operational scenarios, driver response modeling |
| 4 | Minimal operator opportunity | Rapid scenario progression | Dynamic simulation, accident reconstruction |
| 5 | No operator intervention possible | Immediate injury | Inherent design limitation |
- Harm Severity: Categorizes potential injury severity (Negligible → Catastrophic); combines with Probability for risk level
- HARA Severity (S0-S3): ISO 26262 functional safety severity for HARA analysis; similar concept for automotive context
- FMEA Occurrence: Single-factor occurrence probability for failure modes (1-10 scale); different from Risk Probability’s two-factor model
- Action Priority: High/Medium/Low prioritization for FMEA corrective actions; derived from Severity×Occurrence×Detection
Standards Alignment
ISO 14971 Medical Device Risk Management
Risk Probability implements ISO 14971 Clause 5.4 risk analysis requirements:
- Two-factor probability model (hazard occurrence × harm consequence)
- Pre- and post-mitigation assessment
- Residual risk acceptability decision framework
- Risk/benefit analysis for unacceptable residual risks
ISO 26262 Functional Safety
While ISO 26262 primarily uses ASIL classification rather than numeric probability matrices, Risk Probability supports supplementary HAZID analysis:
- Complements HARA severity/exposure/controllability assessment
- Enables numerical risk matrix visualization for stakeholder communication
- Supports design rationale documentation for safety requirements
Best Practices
Avoid subjective probability ratings without supporting evidence. Base assessments on:
- Historical field failure data from similar products
- Supplier component reliability reports and FIT rates
- Test data from design validation/verification activities
- Analytical models (FMEA, SOTIF hazard scenarios)
- Expert judgment (when data unavailable) with documented rationale
Track probability reduction as evidence of control effectiveness:Probability Reduction Factor = Pre-Control Probability / Post-Control Probability
Example: (16) High / (4) Low = 4× risk reduction
Medium (9-15) probability ratings typically trigger ALARP (As Low As Reasonably Practicable) analysis:
- Document additional controls considered but rejected (cost, feasibility)
- Evaluate benefit/risk trade-offs
- Determine acceptability with residual risk documented
Related Pages
