For background information on the topic as a whole, scroll to the end of this page.
Background
Would it not be great to live in a world where computers never crash, trains always ride and banks are never hacked?
This is the ultimate goal of risk management. In FMT, we work on the risk analysis phase, where one identifies, evaluates and prioritizes risks, to come up with (cost-)effective countermeasures. By using mathematical models, we can not only reason about risk, but quantify risk as well. As risk models from industry become very large very quickly, creating algorithms that analyze risk models efficiently is an important area of research.
Prominent mathematical models include graph models such as fault trees (for safety), attack trees (for security), binary decision diagrams, and Bayesian networks. Application areas we have considered so far include cybersecurity, medical devices, and robotics, but we are interested in many applications: if you have one of your own, please come to us.
Projects for Formal methods for risk analysis roughly fall within some or more of the following categories:
- Modeling techniques: What types of risk can we model, and what do we want our models to express? For example, how do we model the interplay between safety and security?
- Model analyis: Can we find new ways to efficiently calculate risk parameters from models, such as the likelihood and impact of adverse events?
- Big data: How do we get from a large dataset to a risk model that is easy to analyze, yet retains as much relevant information as possible?
- Industrial case studies: Do one or more of the above for real-world data, in collaboration with companies, government bodies or risk consultancy firms.
If you have an idea related to any of these, please contact us directly. Alternatively, you can work on one of the concrete proposals below.
Some of the research in Formal methods for risk analysis is closely related to that of quantitative analysis, as it relies on stochastic model-checking techniques. Conversely, many examples and case studies for quantitative analysis come from risk management.

