Agena White Paper W0704/01, Version 01.01, 17 September 2004 Page 1 ©Agena Ltd, 2004 Combining Evidence in Risk Analysis using Bayesian Networks Norman Fenton and Martin Neil Summary This paper is about helping people who make critical decisions improve the quality of their judgements. We provide a brief introduction to Bayesian Nets (BNs) and use an example in safety assessment. We show how BNs enable decision-makers to combine different types of evidence (including subjective judgements) to provide quantitative, auditable arguments. By using state-of- the-art BN technology it is now easy for decision-makers to develop solutions that scale up to the most complex types of problems. Consider the following problem: You are in charge of a critical system, such as a transport system or a nuclear installation. The system is made up of many components that you buy as black boxes from different suppliers. When you need a new type of component you invite a dozen suppliers to tender. If you are lucky you might be able to get some independent test results or even operational test data on the components supplied. Your task is to accept or reject a component. One of your key acceptance criteria will be the safety of the component. This might be measured in terms of the predicted number of safety related failures that the component can cause in a ten year life-span when integrated into your system. How do you make your decision and justify it? This is a classic risk assessment problem in which you have to come up with a quantified figure by somehow combining evidence of very different types. The evidence might range from subjective judgements about the quality of the supplier and component complexity, through to more objective data like the number of defects discovered in independent testing. In some situations you might have extensive historical data about previous similar components, whereas in other cases you will have none. Your trust in the accuracy of any test data will depend on your trust in the providence of the testers. Having little or no test data at all will not absolve your responsibility from making a decision and having to justify it. A decision based only on ‘gut feel’ will generally be unacceptable and, in any case, disastrous in the event of subsequent safety incidents with all the legal ramifications that follow. Increasingly, the above type of risk assessment problem is being successfully addressed in a wide range of application domains using Bayesian Networks (BNs) [1,2,3,4]. BNs provide effective decision- support for problems involving uncertainty and probabilistic reasoning. In particular, they are uniquely effective in enabling quantitative assessments by combining the kind of diverse data above.