Software systems in safety-critical industrial automation systems, such as power plants and steel mills, become increasingly large, complex, and distributed. For assessing risks, like low product quality and project cost and duration overruns, to trustworthy services provided by software as part of automation systems there are established risk analysis approaches based on data collection from project participants and data models. However, in multi-disciplinary engineering projects there are often semantic gaps between the software tools and data models of the participating engineering disciplines, e.g., mechanic, electrical, and software engineering.
In this paper we discuss current limitations to risk assessment in (software+) engineering projects and introduce the SEMRISK approach for risk assessment in projects with semantically heterogene-ous software tools and data models. The SEMRISK approach provides the knowledge engineering foundation to allow an end-to-end view for service-relevant data elements such as signals, by provid-ing a project domain ontology and mappings to the tool data models of the involved engineering dis-ciplines.
We empirically evaluate the effectiveness and efficiency of the approach based on a real-world in-dustrial use case from the safety-critical power plant domain. Major results are that the approach was effective and considerable more efficient than the current approach at the industry partner.