Keywords

1 Introduction

Escalating complexity of socio-technical systems along with emerging technology-related risks as well as “known-unknown” and “unknown-unknown” risks denote an outstanding challenge for conventional system safety approaches. The rising complexity of socio-technical systems inevitably leads to a rise in emerging risks (Leveson 2016). The effects of these risks in asset management should be studied considering the organization’s external and internal context involving human performance and socio-economic as well as socio-cultural considerations. In such a strong complex environment of Asset Management (AM), extreme, rare, and disruptive events might arise because of uncertainties.

Scientists recommend that modern organizations should be studied as Complex Adaptive Systems (CAS) using the techniques of complex systems theory (complexity theory) which was built to cope with complex systems (Checkland 1981; Komljenovic et al. 2016). Industry 4.0 and its corollary industry 5.0 inevitably result in a CAS. The idea of Complex system governance (CSG) might help coping with complexity in CAS (Katina et al. 2021). The concept of CSG involves a framework for the enhancement of system performance. For more details on the latter concept, the reader is referred to Katina et al. (2021). In the same vein, Abdul-Nour et al. (2021) propose a resilience management framework and decision-making under risk and uncertainty (see Fig. 1). This framework recommends using either (i) traditional risk management or (ii) management under uncertainty or resilience management) designed for CAS. In the same vein, ISO (2018b) (draft) “Guidance for managing emerging risks to enhance resilience”, as well as CEN (2013) “Managing Emerging Technology-related Risks” provide foresight and insights about the issue of new emerging risks. The latter might cause the biggest challenges to business continuity and resilience as well as Enterprise Risk Management (ERM) and Occupational Safety and Health (OS&H) constraints and requirements. Still, ISO (2018b) should be used as a complementary tool to ISO (2018a). This will allow to manage with confidence both known risks (ISO 31000) and emerging technology-related risks (ISO 31050).

Fig. 1.
figure 1

Decision-making under risk, uncertainty, and resilience (Abdul-Nour et al. 2021)

Full size image

The major challenges for the most widely used conventional analysis techniques of safety risks are the rising complexity of socio-technical systems driven by industry 4.0 which inevitably leads to a rise in emerging risks. Examples of traditional analysis methods of safety risks are Failure Modes and Effects Analysis (FMEA), Fault Tree Analysis (FTA), Hazard and Operability Analysis (HAZOP), Event Tree Analysis (ETA), Bowtie analysis, etc. New tools are needed for the new problems. Nonetheless, it is worth emphasizing that traditional analysis techniques of safety risks should not be discredited but should be extended and enhanced. They perform best on mechanical elements or hardware. Though, they have serious limitations on for e.g., human operators, organizational and social considerations, software program-related aspects, etc. (Leveson 2016). On these arguments, both practitioners and scholars have been interested in relatively new advanced methods based on system theories. The most prominent are the FRAM (for e.g., Diop et al. 2022; Patriarca et al. 2020; Gattola et al. 2018) and the STAMP (Leveson 2016), as well as the RIDM (Gaha et al. 2021; Komljenovic et al. 2019; Dezfuli et al. 2010; Komljenovic et al. 2016; Zio and Pedroni 2012).

Our researcher's priority is to answer the research question arising from the need to bring together complementary approaches to risk management. On these grounds, the general objective of this research paper focus on developing a High-level Risk Management Framework combining FRAM, STAMP and RIDM for the assessment of industry 4.0 and its corollary industry 5.0 related new emerging technological risks in socio-technical systems, as well as extreme, rare and disruptive events.

The remainder of this paper is structured as follows: Sect. 2 summarizes the literature review in AM as well as industry 4.0/5.0 and FRAM, STAMP and RIDM. Section 3 describes the proposed approach for characterizing system safety risks in AM. Section 4 outlines the future case study. Finally, Sect. 5 concludes the study then provides new research directions as a starting point for upcoming targets for this research.

2 Literature Review

2.1 Asset Management Complexity and Uncertainty Associated with the Rising of Extreme, Rare and Disruptive Events

Strategy for managing asset involves a variety of interacting and mutually dependent activities at different levels of the organization (such as strategic, organization-wide, project, product, process, etc.). This is supposed to be strongly associated with the organization's strategic planning (IAM 2015; ISO 2014). Both practitioners and scholars will have to operate complex socio-technical systems along with decision-making processes at all stages of the organizational strategy. The process of managing these socio-technical systems should align with different levels of organizational strategy (corporate, business, and functional-level strategy) (Diop et al. 2019, 2021). The latter are characterized by unpredictability affecting the dimensions of resilience such as organizational, technical/technological, operational, social, economic, financial, reputational, and business model (Diop et al. 2021; Komljenovic et al. 2020). These systems are made up of a panoply of complex and uncertain technological objects including capital investment/definition of requirements/acquisition/installation/commissioning and decommissioning of assets (O&M)/shutdown and outage strategies/life cycle value realisation, etc. Furthermore, the context of aging assets obliges organizations to cope with dependability challenges. The latter are reliability, availability, maintainability of assets, coupled with OS&H constraints and requirements as well as ERM as mentioned by Komljenovic et al. (2016). Consequently, organizations have significant constraints as well as requirements to decrease equipment malfunctions or failures causing high-level expectations from maintenance. The Institute of Asset Management (IAM) has developed a conceptual AM model involving the six groups of themes primarily issued by the Global Forum on Maintenance and Asset Management (GFMAM). These themes are (i) strategy and planning, (ii) AM decision-making, (iii) lifecycle delivery, (iv) asset information, (v) organization and people, and (vi) risk and review (GFMAM 2014; IAM 2015). These are contained in the IAM “Asset Management - An Anatomy”, a framework made up of 39 subjects that detail the AM activities within an organization and aligned with the principles of ISO 55000 series of standards for evaluating AM maturity. The reader is referred to Diop et al. (2021) and their bibliographic references for more details on AM models for those unfamiliar with these models.

Faced with the severe international competition and the volatility of global markets, as well as the deep global insecurity of all kinds combined with complexity in modern socio-technical systems, managing asset turns out to be challenging. Organizations deal with dreaded risks and uncertainties of all types that can affect organizational objectives, along with meaningful impacts on technical and technological systems and human operator activities. Most of these new kinds of risks are emerging enabling propitious conditions for the rising of extreme, rare, and disruptive events that might badly disturb the performance of organizations. For instance, asset decision-makers and stakeholders grapple with effects of the severe socio-economic inflation of prices and impacts on the global economy. For instance, the unstable global economic context combined with the highly insecure political context inflected by the recent conflict between Russia and Ukraine, along with the coronavirus disease pandemic (COVID-19) are compelling asset decision-makers to revise their economic AM models. This will permit them to cope with these challenges and uncertainty that might affect substantial business investment decisions and elevate costs of commodity as well as the price of doing business. Hence, the challenges would be strategic planning, operational excellence, supply-chain management, regulatory compliance, financial management, health, and safety, etc.

In the electrical and nuclear power industry design and operation, such as power generation and transmission as well as distribution, AM and risk management play a pivotal role in the performance of assets. Electrical utilities management which are considered as capital-intensive assets need to get ready for complex emerging technology-related risks due to the rising in frequency and severity of extreme, rare, and disruptive events that might seriously disturb the performance of organizations. The World Energy Council (WEC) propose a “Dynamic Resilience Framework” which focuses on (i) extreme weather, (ii) cyber risks and (iii) geo-spatial analysis for managing those risks in order to contributes to creating capacity and capabilities (WEC 2022). For instance, the “Dynamic Resilience to extreme weather” stands as a blueprint for developing resilience to extreme weather issues. Examples are the Fort McMurray fire: 590,000 hectares damaged, 88,000 people displaced, 2,400 residences ruined, oil and gas operations threatened, 1% crash in GDP) (WEC 2022). The latter recommend improving the resilience to particular events and systemic changes by “situational awareness of the different types of risks preparedness for future developments”.

2.2 Industry 4.0/5.0 Challenges

Looking back over the past few years, the concept of industry 4.0 has developed rapidly and became a worldwide adopted term in the technologically advanced countries. Industry 4.0 does not arise from a digital divide like the three previous revolutions, viz. (i) mechanization of production through the steam engine and water at the 18th century, (ii) mass production (Henry Ford) and creation of the assembly line through electricity at the 19th century, (iii) automation of production through information technology and electronics in the 20th century. The arrival of the new era of industry 4.0 influences organizations in various domains. It involves cutting-edge technologies which are capable to capture, optimize and deploy massive data (big data). Technologies such as internet of things (IoT), artificial intelligence (AI), cyber-physical systems (CPS), and cloud computing communicate, interact, and adjust continuously. Industry 4.0 has been shaping the future of organizations provoking overwhelming changes in the way of doing business. The shift to more and more digital systems will be inexorably escorted by a multitude of new challenges and emerging risks associated with OS&H constraints and requirements as well as ERM. For example, major cyberattacks, interconnectivity of digital technologies and interoperability of systems, as well as acquisition and storage of massive data, workforce acquisition, training and their retention in the workplace, etc. Decision-makers who fully comprehend these shifts and the benefits associated with numerical technologies will be best prepared to tackle the various challenges related to industry 4.0. For more details about this concept and its numerous technologies, the reader is referred to the paper by Diop et al. (2021) and their bibliographic references.

The fifth industrial revolution (a.k.a. Industry 5.0) is an initiative from the European Commission (EC), the executive branch of the European Union (EU) (Breque et al. 2021). The EC announced the idea of industry 5.0 at the tenth anniversary of industry 4.0 introduction. According to the EC, this concept stands for a complement to the concept of industry 4.0 through supporting research and enablers of innovation. The latter is aimed to be used for the transition to a sustainable, human-centric, and resilient industry (Breque et al. 2021). It enables to position the comfort and safety of people at the centre of the manufacturing process, to realize societal objectives and social fairness beyond jobs and growth, in addition to deliver resilience of prosperity, respecting the boundaries of our planet. That is trying to capture the value of industry 4.0 tools while employing environmentally friendly processes at every stage in the production chain. Industry 5.0 entails three core values, namely (i) human-centric, (ii) sustainable and (iii) resilient, complementing industry 4.0. In other words, industry 5.0 is considered to be value-driven while industry 4.0 is deemed to be technology-driven. These fundamental principles move the spotlight away from the shareholder value to the stakeholder value as well as strengthen the responsibility of industry to society. The EC has identified six enabling technologies in Industry 5.0, namely (Müller 2020): (i) Individualized human-machine interaction, (ii) Bio-inspired technologies and smart materials, (iii) Digital Twins and simulation, (iv) Data transmission, storage, and analysis technologies, (v) Artificial Intelligence, (vi) Technologies for energy efficiency, renewables, storage, and autonomy.

2.3 Functional Resonance Analysis Method

The Functional Resonance Analysis Method (FRAM) is a relatively new performance assessment method for accident investigation and risk assessment. The FRAM is consistent with the philosophy of the resilience engineering and reflects the “Safety II” concept rather than “Safety I” concept (Hollnagel 2012, 2014). The “Safety I” concept which is a conventional hazard analysis method, such as Failure Mode and Effects Analysis (FMEA) and Hazard and Operability (HAZOP), puts the spotlights on what might goes wrong (that is, how an element may fail). FMEA and HAZOP are bottom-up approaches for risk analysis (Sun et al. 2022). The “Safety II” concept focuses on what goes right (that is, identify the mandatory functions for the system to achieve its purpose). In other words, Hollnagel (2012) mentioned that this method concentrates on “the nature of everyday activities rather than on the nature of failures”. The FRAM concept was established for the benefit of “going behind human error and beyond the failure concept” by modelling the required functions for everyday performance to be successful. At the early stages in 2004, the FRAM idea was motivated by the limitations of deterministic and probabilistic approaches to understand complex systems’ comportment, based on the Stochastic Resonance Theory in Physics (Hollnagel 2004). These days, FRAM is adopted to model complex and dynamic socio-technical systems to capture not only why things sometimes end up going wrong but also succeed (Hollnagel 2012). Hence, the FRAM method supports decision-makers to assess activities in complex and dynamic socio-technical systems in term of the system’s functions as well as complex dependencies and interactions among functions. Therefore, the system's functions and performance can be studied to understand where performance variability might arise before spreading all over the system. Sun et al. (2022) state that the socio-technical system must have appropriate resilience to withstand the disturbance and absorb the performance variability of its sub-systems and procedures.

2.4 System-Theoretic Accident Model and Processes

Leveson (2016) proposes a quite new system thinking approach for accident causation namely the System-Theoretic Accident Model and Processes (STAMP). The latter considers factors such as human operators and organisational considerations along with the technical and technological aspects. The STAMP is a top-down system engineering approach which its theoretical foundation is based on overall systems theory, capable to assess highly complex systems better than the traditional analysis methods of safety risks. The STAMP process describes system safety and security as a “dynamic control problem” (i.e., considering component interactions, control, or enforcement of safety constraints for both component failures and component interactions) rather than a “failure problem or reliability problem”. In the STAMP process, accidents arise when the safety control system does not handle effectively defective interactions among system components (i.e., violation of these constraints or requirements.). Be aware that independent component failure accidents remain contained within the model. The STAMP causality model includes a top-down hazard assessment technique called the System-Theoretic Process Analysis (STPA). The latter is a quite innovative hazard analysis method based on STAMP extended model of accident causation. The principal purpose of the STAMP-STPA is “to identify accident scenarios that encompass the entire accident process, not just the electromechanical components” (Leveson 2016). The STAMP-STPA method enables to control the comportment of both the components of the system and the system itself (taken as a whole) to make sure that safety requirements and constraints are implemented in the system in operation (Leveson 2016). Steps of the STAMP-STPA process are depicted in Fig. 2 as follows:

Fig. 2.
figure 2

Steps of STAMP-STPA process

Full size image

2.5 Risk-Informed Decision-Making

The concept of RIDM was developed by the US Nuclear Regulatory Commission (USNRC) and the National Aeronautics and Space Administration (NASA) in the 90s to cope with safety concerns that come with nuclear power and the aerospace industry. The International Atomic Energy Agency (IAEA) provides a generic framework for an integrated risk-informed decision-making (Lyubarskiy et al. 2011). For the intent of this study, the subsequent definition which is technology neutral is suggested: “Decision-making in which the decision maker considers all pertinent factors, including relevant uncertainties that have a potential impact on the resolution of the issue under consideration. These factors include both quantitative and qualitative factors that are weighted in the risk-informed decision-making process in accordance with the decision-maker’s judgment and experience. The “risk” component constitutes an adequately weighted input among others, whose significance is situation specific. It is opposed to a risk-based approach where decision-making is solely based on the numerical results of a risk assessment” (Komljenovic et al. 2016).

3 The Proposed Approach for Characterizing System Safety Risks in Asset Management

The proposed high-level risk management framework is a combination of the FRAM, the STAMP-STPA and the global RIDM as part of an overall asset management process. This model should be holistic and consider hazards occurring from the system dynamic to facilitate capturing the overall complexity of the socio-technical system. Figure 3 depicts a characterization of system safety investigation methods including the FRAM, the STAMP-STPA and the RIDM positioned in quadrant 2 for highly complex and difficult to control systems.

Fig. 3.
figure 3

(Source: Hollnagel et al. (2008) - modified)

Characterization of system safety investigation methods

Full size image

The proposed approach is three-fold as shown in Fig. 4:

  1. 1)

    To build a model using the FRAM process that can shows the coupling among functional modules described as the interaction and dependencies among functional modules. Therefore, we are capable to show the variability of upstream functional modules and their influences on other functional modules (downstream functional modules) by up-down coupling. In FRAM, risks might arise because of the variability of functional modules and their interactions as well as dependencies. This principle of functional resonance is in line with what Komljenovic et al. (2016) call a “combination of unusual circumstances should come together to produce an extreme or rare event”. These authors point out the growing complexity in modern socio-technical systems as the major causes of performance variabilities.

  2. 2)

    To build a model of the most variable functions from the FRAM model using the STAMP-STPA process that control the behaviour of both the components of the system and the system itself (taken as a whole) in order to make sure that safety requirements and constraints are implemented in the system in operation (Leveson 2016).

  3. 3)

    To use the outcomes from the FRAM model and the STAMP-STPA model, then outline the possibility to combine them into a single model with the RIDM model. The influence of the RIDM would support for long-term performance, and the sustainability of an organization in a constantly shifting and hardly predictable environment, then can consider the risks of extreme and rare events within the overall AM strategy and decision-making process.

Fig. 4.
figure 4

Depiction of the recommended approach

Full size image

The global RIDM process in asset management (AM) is a novel decision-making methodology appropriate for large projects such as long-term performance and sustainability recommended by Komljenovic et al. (2019). Figure 5 depicts the global RIDM process. Step 1 set up the decision-making framework. It helps to adequately define the question, the context, the options to be studied and the decision to be made as well as the scientific and technical assessment techniques to be utilized. It should not be neglected and can take a lot of time to achieve. Step 2 performs comprehensive qualitative and quantitative appraisals of engineering and risk, as well as current geopolitical and economical context. This phase is primarily conducted by dedicated subject matter experts by means of the suggested proper scientific and technical assessment methods, models and tools provided in Step 1. The outcomes will provide the decisions makers with relevant evidence-based information and insights to deliberate and make the final acceptable decision-making in Step 3. The latter is primarily achieved by the decision maker along with subject matter experts and stakeholders. Figure 6 describes in details aspects of the model in step 2 of the global RIDM process in AM which is made up of seven sub-models.

Fig. 5.
figure 5

(Source: own representation based on Diop et al. (2021); Komljenovic et al. (2019))

Depiction of Global RIDM process in AM

Full size image
Fig. 6.
figure 6

(Source: own representation based on Diop et al. (2021); Komljenovic et al. (2019))

Depiction of aspects of the model in step 2 of the global RIDM process in AM

Full size image

Furthermore, to perform generic analyses, we argue that it is required to develop a holistic AM strategy capable to consider key factors and components as well as complexity and risks. This requires integrating the seven sub-models and risk assessments outlined in the international standard ISO 31000 methodology (see Fig. 7 below).

Fig. 7.
figure 7

Depiction of the seven sub-models and ISO 31000 standard

Full size image

4 Future Case-Studies

In fine, it would be interesting to see what future case-studies will reveal about the effectiveness and usefulness of the proposed high-level risk management framework. The overall structure of these case-studies would be devoted to investigating and analyzing the impact of new emerging safety risks within industry 4.0, as well as the combination of uncommon circumstances which might generate extreme, rare, and disruptive events. Firstly, we will perform a study using the FRAM process for system safety risk assessment. Secondly, the STAMP-STPA process will be combined with the above-mentioned FRAM process to identify and assess the hazards associated with the system dynamic. This will enable capturing the overall complexity of the socio-technical system and provide safety control actions in the system. Moreover, it will be outlined the contribution of the RIDM on this framework for long-term performance, and the sustainability of an organization in the overall AM strategy and decision-making.

5 Conclusion

This research is aimed at providing an effective high-level risk management and decision-making framework for identifying, assessing, and managing those relatively new or unknown risks just a few years ago. In this respect, we have opted for a trio of concepts that we believe being the best method, viz. The FRAM, the STAMP and the RIDM in asset management. These techniques are much more powerful and useful than the traditional approaches to engineer the complex socio-technical systems. Further investigation would validate their efficiency and usefulness. Hence, upcoming research initiatives will be devoted to conduct case-studies in order to obtain more accurate data. This might well provide an understanding of the socio-technical system from the perspective of asset and risk management in the context of industry 4.0/5.0 and extreme, rare, and disruptive events.