基于贝叶斯网络的项目组合风险度量

项目组合的交互效应特性使得项目组合风险不能通过单个项目风险的线性叠加获得。基于贝叶斯网络建模提出了一种项目组合风险度量的新方法。该方法通过将专家知识与K2算法相结合,求得项目组合风险的贝叶斯网络结构,并通过度量交互效应对项目风险的影响计算网络中每个节点的条件概率表,实现项目组合风险的贝叶斯网络推理。为了得到K2算法所需的有序节点输入,计算项目风险间的互信息,并基于互信息与条件独立检验求得项目节点的顺序。最后通过一个高新技术企业项目组合的应用实例说明该方法的实用性和有效性。     

A conceptual framework for road safety and mobility applied to cycling safety

Scientific literature lacks a model which combines exposure to risk, risk, and the relationship between them. This paper presents a conceptual road safety framework comprising mutually interacting factors for exposure to risk resulting from travel behaviour (volumes, modal split, and distribution of traffic over time and space) and for risk (crash and injury risk). The framework's three determinants for travel behaviour are locations of activities; resistances (generalized transport costs); needs, opportunities, and abilities. Crash and injury risks are modelled by the three ‘safety pillars’: infrastructure, road users and the vehicles they use. Creating a link in the framework between risk and exposure is important because of the ‘non-linear relationship’ between them, i.e. risk tends to decrease as exposure increases. Furthermore, ‘perceived’ risk (a type of travel resistance) plays a role in mode choice, i.e. the perception that a certain type of vehicle is unsafe can be a deterrent to its use. This paper uses theories to explain how the elements in the model interact. Cycling is an area where governments typically have goals for both mobility and safety. To exemplify application of the model, the paper uses the framework to link research on cycling (safety) to land use and infrastructure. The model's value lies in its ability to identify potential consequences of measures and policies for both exposure and risk. This is important from a scientific perspective and for policy makers who often have objectives for both mobility and safety.     

Knowledge elicitation for risk mapping in concurrent engineering projects

Concurrent Engineering aims to incorporate the overlapping of processes in order to reduce its time-to-market and thereby sustain the existence of organizations in increasingly competitive times. Although faster product design, development, and delivery are the intended outcomes of concurrent engineering, one of the undesirable by-products is an increase in risks as a consequence of uncertainties between interdependent processes. Hence, the risks need to be identified, assessed, and mitigated together with concurrent engineering considerations for the elimination of the ‘domino-effect’ within risk management. This paper concentrates primarily on knowledge elicitation techniques that were used to provide information to the Intelligent Risk Mapping and Assessment System (IRMAS?) to identify, prioritise, analyse, and assist project managers to manage perceived sources of CE risks. Techniques such as expert interviews, brainstorming, the Delphi technique, and the analogy process are discussed in relation to compiling the knowledge used for this expert system. A total of 589 risk items were identified for different project types, and information on 4372 items and 136 lessons learned were collected from experts at HdH. The core of the research is a reasoning methodology used for Knowledge Elicitation of a Risk Mapping and Assessment System which will not only support the decision-making process of the user but also aid the knowledge retrieval, storage, sharing, and updating process of manufacturing organizations. This research provides a systematic engineering approach to risk management of concurrent product and process development.     

The underdeterrence,underperformance response to privacy,data protection laws

The digital economy has been defined in the economic literature as one with near zero marginal cost, unmonetized services but also an escalating data flow. After a careful review of the most recent economic papers, we offer an alternative theory on the cost of privacy and data protection regulations. We have observed that the characteristics of the regulation lead not only to the amplification of costs that have been traditionally assigned as variable costs by the literature, but also of costs that used to be fixed but have been outsourced in the digital economy, meaning that significant new variable costs might trigger diseconomies of scale. At the same time, privacy and data protection regulations have created incentives that are making the dominant firms insource, in what seems to be a way back to increased sunk fixed costs for these firms. Having all that in mind, we claim that the perception of deterrence and compliance costs has affected how firms might decide to incur higher risks to avoid costs. Although compliance costs are high, we claim that an efficient implementation of the regulation avoids much of these costs. Our claim is supported by evidence that a relevant share of the regulatory costs are now variable costs, leaving room for at least two efficient strategies that medium-sized firms might implement in order to avoid them. First, firms can lower the volumes of data that they use without significantly impairing the predictive functions of their algorithms. Second, firms can invest in security at a comparatively lower degree than dominant firms considering their lower exposure to strong regulatory action.     

Examining the State of Risk Management Research in New Product Development Process

New products are major sources of competitive advantage and success for a manufacturing enterprise. However, not all new product development (NPD) initiatives result in a successful product and are therefore a major cause of wasted resources. Furthermore, NPD processes are becoming increasingly complex and risky due to today’s globalized market and customers’ desire for technologically advanced products. While there has been a significant interest in academia about NPD risks, the existing literature is spread across multiple outlets, making it difficult for any practitioner or researcher to synthesize the current work. This article aims to minimize that gap by providing a comprehensive overview of current research activities in the field of risk management in NPD process in one place. The research design is based on mapping and classification of the existing body of knowledge into the domains of NPD risk analysis and management. The article analyzes the contemporary NPD risk analysis methods on three fronts: risk identification, risk assessment, and risk mitigation. Based on the review, the article then identifies and discusses several key areas for future research significant to engineering management practices. Finally, an integrated framework is presented to provide a holistic approach toward risk management in the NPD process, followed by the practical implications for engineering managers and practitioners.     

Project risk management processes: improving coordination using a clustering approach

Projects are dealing with bigger stakes and facing an ever-growing complexity. In the first place, project risks have increased in number and criticality. Lists of identified project risks thus need to be broken down into more manageable clusters. Existing techniques for this are generally based on a well-known parameter such as the nature of the risk or its ownership. The limits of this approach are that project risk interactions are not properly considered. Project interdependent risks are thus often analysed and managed as if they were independent. The consequence is that there may be a lack of consideration of potential propagation through this risk network. A change may have dramatic consequences if the propagation chain is not clearly identified and/or not managed. Our objective in this paper is to propose a methodology for grouping risks so that the project risk interaction rate is maximal inside clusters and minimal outside. What we hope to achieve is a method that facilitates the coordination of complex projects which have many interrelated risks with many different risk owners. We contend that the capacity of risk owners to communicate and make coordinated decisions will be improved if they are grouped in such a way. This proposed reconfiguration of organisation is complementary to existing configurations. To do this, we first model project risk interactions through matrix representations. Then, the mathematical formulation of the problem is presented, and two heuristics are introduced. A case study in the civil engineering industry (a large infrastructure public–private partnership project) is presented, which enables us to propose global recommendations, conclusions and perspectives.     

Quality risk management in pharmaceutical development

The objective of ICH Q8, Q9 and Q10 documents is application of systemic and science based approach to formulation development for building quality into product. There is always some uncertainty in new product development. Good risk management practice is essential for success of new product development in decreasing this uncertainty. In quality by design paradigm, the product performance properties relevant to the patient are predefined in target product profile (TPP). Together with prior knowledge and experience, TPP helps in identification of critical quality attributes (CQA’s). Initial risk assessment which identifies risks to these CQA’s provides impetus for product development. Product and process are designed to gain knowledge about these risks, devise strategies to eliminate or mitigate these risks and meet objectives set in TPP. By laying more emphasis on high risk events the protection level of patient is increased. The process being scientifically driven improves the transparency and reliability of the manufacturer. The focus on risk to the patient together with flexible development approach saves invaluable resources, increases confidence on quality and reduces compliance risk. The knowledge acquired in analysing risks to CQA’s permits construction of meaningful design space. Within the boundaries of the design space, variation in critical material characteristics and process parameters must be managed in order to yield a product having the desired characteristics. Specifications based on product and process understanding are established such that product will meet the specifications if tested. In this way, the product is amenable to real time release, since specifications only confirm quality but they do not serve as a means of effective process control.     

Overview of the key risks in the pioneering stage of the Malaysian biomass industry

Renewable energy sources have increasingly become important in recent decades not only as ways for improving energy security and mitigating climate change, but they also help contribute to economic growth and job creation. As the second-largest producer of crude palm oil, Malaysia has abundance of biomass residues from palm oil industries and other renewable organic matters which can be converted to bio-energy and bio-chemicals. Recognizing the roles of biomass for sustainability and wealth creation, the government has stepped up efforts to promote the growth of the industry. However, despite institutional arrangements, policy frameworks, funding mechanisms and incentives to support the growth of the biomass industry, the industry has not been able to create value along the industry’s value chain. While there are many attractive reasons to venture into the biomass industry, there are also potential risks. Lack of understanding of risks associated with the biomass industry is often cited as one of the reasons for the industry’s slow growth. An industry evolves through life cycle stages and at each stage presents risk factors. This paper identifies several key risks associated with early stage of the biomass industry in Malaysia. The overview of risks associated with the biomass industry not only will provide a perspective from which an industry’s viability can be evaluated but also will help industry participants to better understand key risks and improve their risk assessment methods as well as plan their risk management and mitigation strategies more effectively.     

Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications

As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations, related stakeholders need a means to assess the trustworthiness of the applications involved within. It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy. Therefore, this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications. The framework divides itself into different implementation domains, i.e., organization security, application security, consensus mechanism security, node management and network security, host security and perimeter security, and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains. In addition, a case study, including a security testing and risk evaluation on each stack of a specific organization, is demonstrated as an implementation instruction of our proposed risk management framework. According to the best of our knowledge, this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can contribute to the adoption of permissioned blockchain-enabled technologies. Furthermore, application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.     

Family planning and the health of women and children

Use of family planning has the potential to produce reductions of 10–20% in infant and child mortality. Similar reductions in the mortality rate associated with pregnancy can be expected for mothers. A larger impact on maternal mortality is possible through fertility reduction with decreased exposure to the risks of pregnancy. First births carry excess risks for mothers and children, but these are, by definition, unavoidable. Births to young mothers also pose increased risks for mothers and children. High birth order and older age of mothers probably have been overemphasized as risk factors for children. Very high parity does pose risks to mothers. Poor spacing of births is associated with increased health risks to children. Estimation of mortality reduction through family planning requires knowledge of risk distribution as well as relative risk. High-risk births are relatively rare, and most deaths occur to mothers and babies at average or low risk. Family planning does not avert all high-risk pregnancies because of a lack of acceptance and imperfect use.     

On the Relation Between the Benefits of Risk Pooling and the Variability of Demand

The benefits of pooling risks, manifested in inventory management by consolidating multiple random demands in one location, are well known. What is less well understood are the determinants of the magnitude of the savings. Recently there has been speculation about the impact of demand variabilities on the benefits of risk pooling. We provide an example where increased variability of the individual demands actually reduces the benefits of risk pooling. We prove, however, that if we restrict increased variability to a common linear transformation, the greater the demand variabilities the larger the benefits of consolidating them, in agreement with intuition. We also provide bounds on the benefits of the consolidation of demands. Our results do not require independence of the demands, apply to any number of pooled demands, and are obtained in a pure cost-driven model.     

Natural disasters and the challenge of extreme events: risk management from an insurance perspective

Loss statistics for natural disasters demonstrate, also after correction for inflation, a dramatic increase of the loss burden since 1950. This increase is driven by a concentration of population and values in urban areas, the development of highly exposed coastal and valley regions, the complexity of modern societies and technologies and probably, also by the beginning consequences of global warming. This process will continue unless remedial action will be taken. Managing the risk from natural disasters starts with identification of the hazards. The next step is the evaluation of the risk, where risk is a function of hazard, exposed values or human lives and the vulnerability of the exposed objects. Probabilistic computer models have been developed for the proper assessment of risks since the late 1980s. The final steps are controlling and financing future losses. Natural disaster insurance plays a key role in this context, but also private parties and governments have to share a part of the risk. A main responsibility of governments is to formulate regulations for building construction and land use. The insurance sector and the state have to act together in order to create incentives for building and business owners to take loss prevention measures. A further challenge for the insurance sector is to transfer a portion of the risk to the capital markets, and to serve better the needs of the poor. Catastrophe bonds and microinsurance are the answer to such challenges. The mechanisms described above have been developed to cope with well-known disasters like earthquakes, windstorms and floods. They can be applied, in principle, also to less well investigated and less frequent extreme disasters: submarine slides, great volcanic eruptions, meteorite impacts and tsunamis which may arise from all these hazards. But there is an urgent need to improve the state of knowledge on these more exotic hazards in order to reduce the high uncertainty in actual risk evaluation to an acceptable level. Due to the rarity of such extreme events, specific risk prevention measures are hardly justified with exception of attempts to divert earth-orbit crossing meteorites from their dangerous path. For the industry it is particularly important to achieve full transparency as regards covered and non-covered risks and to define in a systematic manner the limits of insurability for super-disasters.     

Biotechnological recovery of heavy metals from secondary sources—An overview

The demand for heavy metals is ever increasing with the advance of the industrialized world, whereas worldwide reserves of high-grade ores are diminishing. However, there exist large stockpiles of low and lean grade ores that are yet to be exploited. In addition, heavy metals that are present in a spectrum of waste streams including mine drainage, industrial effluents, river sediments, electronic scraps and ashes are also available for recovery and utilization. Heavy metal recovery from low and lean grade ores using conventional techniques such as pyrometallurgy, etc. chemical metallurgy encompass several inherent constraints like, high energy and capital inputs, and high risk of secondary environmental pollution. As environmental regulations become ever more stringent, particularly regarding the disposal of toxic wastes, the costs for ensuring environmental protection will continue to rise. Therefore, there is a need to utilize more efficient technologies to recover heavy metals from secondary sources in order to minimize capital outlay, environmental impact and to respond to increased demand. Biohydrometallurgy, which exploits microbiological processes to recover heavy metal ions, is regarded as one of the most promising and revolutionary biotechnologies. The products of such processes are deposited in aqueous solution thereby rendering them to be more amenable to containment, treatment and recovery. On top of this, biohydrometallurgy can be conducted under mild conditions, usually without the use of any toxic chemicals. Consequently, the application of biohydrometallurgy in recovery of heavy metals from lean grade ores, and wastes, has made it an eco-friendly biotechnology for enhanced heavy metal production.     

基于EBP模型的服务化制造业集群知识共享风险评价

通过与传统制造业集群的对比,分析了服务化制造产业集群的知识共享过程,识别了服务化制造业集群知识共享过程中关系、利益与知识共享能力三方面的知识流并生风险,构建了基于EBP（熵值法和BP神经网络法）的服务化制造业集群知识共享风险组合评价模型。通过实证分析验证了模型的有效性与合理性,并通过与BP神经网络模型的误差对比分析,证实了该模型在知识共享风险识别方面的准确度更高。所提供的模型方法可为服务化制造业集群企业知识共享风险管理提供决策支持。     

A fuzzy model for assessing the risk exposure of procuring infrastructure mega-projects through public-private partnership: The case of Hong Kong-Zhuhai-Macao Bridge

Considering the rapid urbanization growth rate particularly in developing countries, the number of infrastructure mega-projects over the past years has risen tremendously. Essentially, because infrastructure mega-projects require huge investment funds, better management skills, well qualified and experienced international expertise and technology innovation, they are mostly preferred to be procured using the PPP method compare to the use of the traditional bid-build system. In this regard, this paper aims to develop a fuzzy evaluation model for assessing the suitability of procuring infrastructure mega-projects through PPP by considering their risk exposure. The main body of Hong Kong-Zhuhai-Macao Bridge (HZMB) is used as a case project to demonstrate the practicality of the risk evaluation model. The risk evaluation model consists of four critical risk groupings, these include, construction and land risks, commercial risks, operational risks and political risks. Using the risk evaluation equation, a risk index of 4.53 out of 5.00 is computed for the selected project if it is procured through the PPP scheme. This outcome shows that the case project is not suitable for the PPP approach because its risk exposure is very high. The model developed will enable PPP practitioners to predict the likely risk exposure of procuring infrastructure mega-projects through the PPP scheme.     

Knowledge transfer in time of crisis: evidence from the Trentino region

The last decade has shown a shift of focus of the literature on networks to a more dynamic perspective, and towards the study of mechanisms that drive network evolution inside regions. The strategic behaviour of network agents and the evolution of networks may be affected by the occurrence of macroeconomic events external to the region. This paper assesses the impact of different factors on the trust created between agents through repetition of previous collaborations before and after the global economic recession of 2008. Main findings show that actors in periods of crisis prefer collaboration with trustful actors with whom they cooperated in the past, than to actors with whom they share common characteristics (proximities). In high-risk periods, the knowledge network is more inert, while in low risk periods, actors prefer to expand the knowledge network of the region, investing in global pipelines and importing knowledge from distant regions.     

The role of risk perception for risk management

Are risks social constructions of different societal actors that can be checked at best against standards of consistency, cohesion and internal conventions of deduction, but cannot claim any validity outside of the actor's logical framework? Or are technical estimates of risk representations of real hazards that can and will affect people as predicted by the statistical values, regardless of the beliefs or convictions of those who conduct the assessments? Which of the two sides one takes determines the legitimate function of risk perception for management purposes. The paper argues that both extremes, the constructivist and the realist perspective, miss the point, as risks are always mental representations of threats that are capable of claiming real losses. Over the last two decades, risk analysts have dealt with both sides of risk in an additive fashion. In times in which risk management has been under serious pressure to demonstrate effectiveness and cost-efficiency, the parallel approach of pleasing the technical elite and the public alike has lost legitimacy. In order to integrate risk assessment and perception, the paper analyses the strengths and weaknesses of each approach to risk analysis and highlights the potential contributions that the technical sciences and the social sciences can offer to risk management. Technical assessments provide the best estimate for judging the average probability of an adverse effect linked to an object or activity. First, public perception should govern the selection of criteria on which acceptability or tolerability are to be judged. Second, public input is needed to determine the trade-offs between criteria. Third, public preferences are needed to design resilient strategies for coping with remaining uncertainties. A public participation model is introduced that promises an integration of analytic knowledge and deliberative process involving those who will be affected by the respective risk.     

A Recommendation Approach Based on Bayesian Networks for Clone Refactor

Reusing code fragments by copying and pasting them with or without minor adaptation is a common activity in software development. As a result, software systems often contain sections of code that are very similar, called code clones. Code clones are beneficial in reducing software development costs and development risks. However, recent studies have indicated some negative impacts as a result. In order to effectively manage and utilize the clones, we design an approach for recommending refactoring clones based on a Bayesian network. Firstly, clone codes are detected from the source code. Secondly, the clones that need to be refactored are identified, and the static and evolutions features are extracted to build the feature database. Finally, the Bayesian network classifier is used for training and evaluating the classification results. Based on more than 640 refactor examples of five open source software developed in C, we observe a considerable enhancement. The results show that the accuracy of the approach is larger than 90%. We believe our approach will provide a more accurate and reasonable code refactoring and maintenance advice for software developers.     

Optimal degree of openness in open innovation: A perspective from knowledge acquisition & knowledge leakage

Open innovation has become an important mode for firms to improve innovation performance. If the openness is too low, it will reduce the opportunity to acquire external knowledge, while too open will increase the risk of internal knowledge leakage. Therefore, the degree of openness plays a key role in the use of open innovation to improve innovation performance. We use the openness breadth and openness depth to describe the openness of innovation. We conduct an agent-based simulation methodology to study the optimal degree of openness. Our findings show that there are great differences in the optimal degree of openness under different situations. Moreover, as the situation changes, the optimal degree of openness changes regularly. More specifically, the more a firm's knowledge network structure holes, the smaller the optimal openness breadth and the greater the optimal openness depth. The higher a firm's knowledge network centrality, the greater the optimal openness breadth and the smaller the optimal openness depth. The worse the institutional environment, the smaller the optimal openness breadth and openness depth. The fiercer the market competition, the greater the optimal openness breadth and the smaller the optimal openness depth.     

Estimation of the risk for early thermal cracking for SCC containing fly ash

Cracking of concrete must be avoided during the hardening phase in order to minimize the risk of durability problems in the future, such as corrosion of the reinforcement, water tightness and damages due to frost. Estimation of the risk of early age cracking requires knowledge of the combined effects from temperature development and mechanical behaviour during the hydration. In the present paper, the influence of fly ash on the young concrete behaviour has been investigated. The concrete is based on a Swedish cement aimed for civil engineering structures, and the fly ash is of class F. A comparison of crack risks between concrete containing fly ash in different amounts with concrete without fly ash is presented. Also a previously tested concrete containing limestone filler is considered. The fly ash was added to replace a part of the aggregate, which gives a higher heat evolution. However, a numerical stress analysis showed that the risk for early age through cracking for a typical civil engineering structure is significantly decreased in the mixes containing fly ash. The denotation typical civil engineering structure is used here for concrete structures such as tunnels, bridges, and ramps of common cross-section dimensions. In the case of fly ash added to concrete by a partial replacement of cement, the crack risk will probably be further decreased. For a self-balancing structure of young concrete there is no restraint from adjacent structures, and the temperature and moisture gradients within the young concrete cause self-stresses governed by equilibrium with zero external forces for any cut. The estimated risk for surface cracking on a self-balancing wall or slab was not improved by an addition of fly ash. It is probably an effect of the increased heat development, which most likely counteracts the positive effect of the increased early age creep for concrete containing fly ash. If the heat evolution decreases when cement is partly replaced with fly ash, the use of fly ash might reduce the risk of surface cracks.