Developing fuzzy logic strength of evidence index and application in Bayesian networks for system risk management

Digitalization is becoming a trend in our modern society and systems. Meanwhile, risk analysis and management has rooted and been applied in various fields. Therefore, there is an increasing need to integrate risk analysis and management into the coming digital society. Risk has been represented digitally by the product of probability and consequence i


Introduction
Risk analysis and management are widely applied in various fields in modern society, where digitalization is leading a sound trend.Therefore, there is an increasing need to integrate risk analysis and management into the more digitalized society and its systems.In many practical applications, risk is usually represented by the product of probability and consequence i.e.R = P × C and expressed in risk matrices, which makes it appropriate for quick risk assessment and communication.This expression also makes it favorable to integrate risk as a quantitative index in various systems.However, risk related theories are developing along with their applications.With the gradual cognition of risk, e.g. it is understood as a construct shared by a social group, informed by available evidence (Aven and Renn, 2009;Thompson and Dean, 1996), there comes a trend on the discussion on fundamental issues in risk research.
One of the focuses in the researches is strength of evidence (SoE), also refereed as evidence uncertainty (U) in some literature.
Since risk is not a physical attribute of a system, but a construct attributed to a system in the mind of an assessor (Goerlandt and Montewka, 2015;Solberg and Nja, 2012).The evidence constructing the risk appears of high importance.However, it is missing in the traditional expression and application of risk = P × C. The need for considering SoE in making scientific claims has been argued for by Douglas (2009) on grounds that scientists have a responsibility to consider the consequences of error.This has also been emphasized by Rae et al. (2014), where all the potential flaws in quantitative risk assessment are discussed and addressed.If evidence is poor in the risk assessment and if this may lead to foreseeable changes to the conclusions of an inquiry, these uncertainties need to be made explicit.The lack of SoE treatment is a relatively common criticism of especially quantitative risk analysis (QRA), e.g.Shrader-Frechette (1993), O'Brien (2000) and Aven (2011), and has been confirmed in e.g. the maritime transportation and offshore oil and gas applications areas (Goerlandt and Montewka, 2015;Haugen and Vinnem, 2015).
Therefore, defining a more comprehensive and appropriate risk expression becomes important in risk analysis and management because it guides how the risk is treated in the analysis and how the results are communicated and applied in decision making.The current fundamental risk research tries to express risk by adding another indicator SoE, e.g.R~ (C, P, SoE).In some research, R (C, P, SoE|BK) is utilized so that the background knowledge (BK) is used to indicate that all of these aspects of the risk description are conditional to the available background knowledge.This also allows space to account for surprises, which are outside the background knowledge.
However, when SoE is included as another indicator, the treatment of SoE itself in a scientific way is challenging and receives gradually more discussions.Goerlandt andReniers (2016, 2017); Flage andAven (2017, 2018) conducted thoroughly theoretical discussions on the expressions of SoE.The fundamental discussions lead to a new stage for risk, especially on SoE.However, it also raised unsolved challenges in SoE expression and applications.In addition, when SoE is introduced as another indicator in risk expression, the current qualitative approach in the treatment of SoE adds complication in the risk analysis and communication as seen in Lu et al. (2019), Lu et al. (2020) andValdez Banda et al. (2016), which is not a benefit for practical applications, especially in the current society where systems are moving towards digital stages.Therefore, a new approach which on one hand can addresses the unsolved challenges in SoE expression and on the other hand can turn SoE to a digital way is highly needed.
Therefore, based on the state-of-the-art discussions, the research objective of this paper is twofold: 1) to develop an approach to standardize the SOE into an digital index in the expression R (C, P, SoE|BK) by following the recent discussions and giving a solution to the current issues and challenges raised by Goerlandt andReniers (2016, 2017); Flage andAven (2017, 2018); 2) to integrate SoE into a quantitative risk analysis (QRA) method, Bayesian networks (BNs), for risk analysis and management to exhibit a new system risk management approach in order to contribute to better risk communication towards risk digitalization.
In the rest of the paper, Section 2 firstly reviews state-of-the-art discussions on issues and challenges in SoE and risk matrix.Then, Section 3 describes the methods applied in this paper to give a solution to the reviewed issues and challenges.Section 4 demonstrates the progress to generate the fuzzy logic SoE index according to the method.Section 5 presents the application of the developed SoE index by integrating it into a QRA tool, BNs.Section 6 shows the practical risk management using BNs with the integrated feature of SoE index.Section 7 and 8 discuss and conclude separately.Goerlandt andReniers (2016, 2017), Flage andAven (2017, 2018) discussed thoroughly on the SoE in risk analysis.Reflections from stateof-the-art review and discussion can be concluded to two main parts: the overall rating classification scheme and individual evidential categorization.The following sections will describe in detail.

Ambiguity in overall rating classification scheme
Flage and Aven (2009) proposed a category classification for minor, moderate and significant uncertainty, (i.e.high, medium and low SoE), as seen in Table 1.In the discussion among Goerlandt andReniers (2016, 2017), Flage andAven (2017, 2018), the linguistic ambiguity in the schemes is raised.Goerlandt and Reniers (2017) gave an example that the assessor may have two different SoE assessment result based on the same descriptions of the given evidence.Details can be referred to Goerlandt and Reniers (2017).
In addition, it is pointed out that there exist mainly two types of focuses related to evidence strength, i.e. strength of evidence (SoE) and evidence uncertainty (U) as mentioned above also.Their essence remains the same and there is a consensus and a trend towards focusing on strength of evidence rather than on evidence uncertainty as a basic concept.Therefore, notation SoE is adopted in the rest of the paper.However, it should be noted that the requirement applied for the rating of the evidence uncertainty (U) or strength of evidence (SoE) varies among the literature, which can be seen in Table 2.
This inconsistence of requirements for rating SoE/U has also been raised in the discussions (Goerlandt and Reniers, 2017).However, the paper does not point out that the difference is caused in essence by different rating perspectives.For example, Table 2 summarizes existing requirements applied for rating SoE/U.If those requirements are analyzed further, it can be found that they can be represented by three perspectives, i.e. perspective Types 1-3 in Table 3.In each type, four evidence categories exist, i.e. data, judgement, model and assumptions according to Goerlandt and Reniers (2016), and their following discussions (Goerlandt and Reniers, 2017;Flage and Aven, 2017;2018).The

Significant uncertainty
One or more of the following conditions are met: • The phenomena involved are not well understood; models are non-existent or known/believed to give poor predictions.• The assumptions made represent strong simplifications.
• Data are not available, or are unreliable.
• There is lack of agreement/consensus among experts.

Minor uncertainty
All of the following conditions are met: • The phenomena involved are well understood; the models used are known to give predictions with the required accuracy.
• The assumptions made are seen as very reasonable.
• Much reliable data are available.
• There is broad agreement among experts.

Moderate uncertainty
Conditions between those characterizing significant and minor uncertainty, e.g.: • The phenomena involved are well understood, but the models used are considered simple/crude.• Some reliable data are available.

Table 2
Requirement applied for the categorization of the evidence uncertainty | strength of evidence, based on Goerlandt and Reniers (2017).Until here, it can be summarized that there is ambiguity in rating the overall SoE and there are different perspectives for rating which have not been explicitly investigated and discussed in previous research.In addition to the perspectives mentioned above, there is another perspective, Type 4, which is applied in Lu et al. (2020), shown also in Table 3. Flage and Aven (2017) presented a table (Table 4 showing the rating scheme of SoE after Goerlandt and Reniers (2016) raised the findings of ambiguity on the original rating classification scheme (Table 1.Instead of the words in Table 1, it gives a clear high (H), medium (M) and low (L) evidence category for each of the four aspects: phenomenological understanding/models, data, expert statements and assumptions, as shown in Table 4. Based on the individual rating of each evidence category, it rates the overall SoE.The difference between Table 1 and Table 4 is that all possible 81 combinations of the four individual SoE results are explicitly listed so that the rating scheme is clearer, and some unnecessary linguistic ambiguity is avoided.It can be noted that it applies Type 1 perspective to rate the overall SoE.Although the scheme in Table 4 becomes clear, another ambiguity appears which can be simplified in the following two expressions, i.e. 1) H . This is also pointed out by Goerlandt and Reniers (2017).For expression (1), it means if following Type 1 perspective, the overall SoE result seems to have two same L, while indeed the strength of evidence for the two scenarios should be different and distinguished.For expression (2), it means that the assessment of absence of certain type of evidence is still not clear, which will make overall SoE different for two scenarios.

Lack of individual evidential category description
Above, the focus is on the overall scheme.However, it should be noticed that there is a lack of individual evidential categorization description.Table 4 is proposed by Flage and Aven (2017) for the purpose of rating overall SoE clearly.However, there is no more description about what can be defined as H, M, L for each aspect.Thus, there will be difficulties when applying in practice.
In addition, individual evidential categorization influences the overall rating from the very beginning.Similar as the overall rating, one L may be quite different from another L even in the same evidence category already.It is also hard to distinguish difference between L and L for two cases or two different evidential categories.If we are able to classify this, then it also helps the overall rating.

On risk diagram
Goerlandt and Reniers (2017) conducted a state-of-the-art review of the risk diagrams including SoE and proposed two new visualization approaches.The proposal is comprehensive and advanced.However, it is noticed that the risk diagrams are event-based, i.e. it can only apply along with the event risk outcome, not for the process of risk analysis.Usually, an event is usually triggered by a system or systems.Therefore, if the visualization of risk diagram can be integrated in the process of risk analysis, i.e. systems, it will contribute further to risk management and communication.
In addition, the proposed risk diagram included refined SoE visualization, while the probability and consequence are still expressed by expected value or in intervals, which does not represent enough detail relatively.It would be more comprehensive if probability and consequence are in one-to-one association.

Research questions
Based on the review of state-of-the-art discussions and further investigations on SoE and risk expression in diagram, three main reflections can be concluded, also as the research question for this paper, serving the two objectives described in Section 1: 1) how to improve categorization of individual SoE for each evidential category; 2) how to improve the overall rating scheme for SoE to avoid ambiguity, meanwhile towards risk digitalization; 3) how to apply risk digitalization and visualization into system risk analysis and management.

Methodology
This section focuses on the illustration of the methods utilized in this paper.Based on the research questions in Section 2.3, the overall framework and steps to address the research questions are listed as in Fig. 1.Research question 1 & 2 are trying to be answered in section 4 to complete the objective 1 stated in Section 1. Research question 3 is answered through section 5 to 6 so that objective 2 is finished when SoE is integrated with BNs in system risk management.The main steps to achieve objective 1 is to apply the fuzzy logic theory, which includes establishing linguistic variables and fuzzy inference system (FIS), so that a new defined fuzzy SoE index can be calculated to represent the overall SoE, overcoming the ambiguity issues.For objective 2, the outcome of the objective 1 will be integrated into BNs in a system analysis so that the risk expression R (C, P, SoE|BK) can be applied for system risk analysis and meanwhile digitized and visualized for risk management.
The two methods fuzzy logic and Bayesian networks are described respectively in the following section 3.1 and 3.2.

Fuzzy logic
Fuzzy logic is a widely used theory in computer science to compute with words, i.e. the linguistic variables, whose values are not numbers but words or sentence in a natural or artificial language.A linguistic variable is characterized by a quintuple (X, T(X), U, G, M), in which X is the variable name; T(X) is the term-set of X, i.e. the collection of its linguistic values; U is a universe of discourse; G is a syntactic rule which generates the terms in T(X); and M is a semantic rule which associates with meaning of each linguistic value X.
A fuzzy subset of a universe of discourse U is characterized by a membership function µ A , which associates with each element of U in the interval [0, 1], with µ A (u) representing the grade of membership (Zadeh, 1965).Classical set A = {x|x ∈ U} only permits conclusions which are either true or false.While fuzzy set A fuzzy = {(x, μ A )|x ∈ U, μ A ∈ [0, 1]} is characterized by the membership function, providing a measure of the degree of similarity of an element in U to the fuzzy subset.Therefore, fuzzy set provides a means of approximate characterization of phenomena to be amenable to description in conventional quantitative terms.
The main process for application of fuzzy logic system is described in Fig. 2, consisting of the following main items (Zadeh, 1965;Pokorádi, 2002;Markowski & Mannan, 2008): 1. Fuzzification: this process maps crisp input into appropriate fuzzy sets according to fuzzy set principles using knowledge base.The membership function is utilized to transfer the input to fuzzy sets.
2. Inference and composition: this process maps input fuzzy sets into fuzzy output sets by means of a set of IF-THEN rules, i.e.IF X 1 AND X 2 AND… X n THEN Y.A Mamdani fuzzy inference algorithm can be utilized, which applies min operator for AND method and implication of the output set (Yen & Langari, 1999).After the rules have been implemented, the output fuzzy set for each rule is aggregated.The aggregating output membership function of a resultant output fuzzy set is expressed as where x 1 (p) ,… x n (q) are the fuzzy sets for input X 1 to X n , y(i) is the fuzzy sets for output Y defined on the universes of discourse, respectively.k is the number of rules, p, …, q and i are the number of fuzzy sets for inputs and output respectively.3. Defuzzification: this process weights and averages the outputs from all of the individual fuzzy rules into one single crisp output value.There are numbers of available defuzzification techniques.In this work, the center of area (CoA) or the centroid method is selected.The CoA calculates the weighted average of a fuzzy set.The result of applying CoA defuzzification for output index can be expressed by the formula

Bayesian networks
Bayesian networks (BNs) is a widely applied risk modelling and safety management tool (Fenton & Neil, 2012), e.g. in maritime risk analysis (Lim et al., 2018;Hänninen, 2014;Goerlandt and Montewka, 2015).And it has been proposed by the International Maritime Organization risk assessment (MSC, 2013).One feature is that BNs can present relatively complex problems and cope with uncertain and unobserved variables, while also having a graphical dimension.This makes BNs suitable for modeling complex systems, with the additional benefit of being able to incorporate different types of evidence in the model construction.The establishment of the BNs structure is based on a specific background knowledge, and consequences are reflected by a finite number of mutually exclusive states with corresponding probabilities of occurrence.The feature that the probability and consequence are in one-to-one association makes BNs have potential to improve the L. Lu et al. issues raised in Section 2.2, i.e. the probability and consequence in the event-based risk diagram are expressed only by expected value or in intervals, which is not always sufficiently clear.In addition, the visible graphical structure serves as a useful frame of reference to analyze the strength of evidence, see e.g.Mazaheri et al. (2016).Therefore, BNs are adopted to be utilized as the base QRA tool to integrate with developed fuzzy SoE index.
In mathematical terms, BNs represent a class of probabilistic graphical models, defined as a pair Δ={G(V,A),P} (Koller & Friedman, 2009), where G(V,A) is the graphical component and P the probabilistic component of the model.G(V,A) is in the form of a directed acyclic graph (DAG), where the nodes represent the variables V={V 1 ,…,V n } and the arcs (A) represent the conditional (in)dependence relationships between these.P consists of a set of conditional probability tables (CPTs) P (V i |Pa(V i )) for each variable V i , i = 1,…,n in the network.Pa(V i ) signifies the set of parents of V i in G: Pa(V i )={Y ∈ V|(Y,V i )}.A BNs encodes a factorization of the joint probability distribution (JDP) over all variables in V (Goerlandt and Montewka 2015): Marginal probability of V i is: In a BNs model, the variable V is considered as the model variable (MV) and G(V,A) compose the model structure (MS).These are the qualitative part of the BN model.In addition to the model variable and structure, the BN modelling also contains the quantitative part, defined as discretization (MD) and parameterization (MP) (Pitchforth and Mengersen, 2012).Quantitative part converts the various evidence to CPTs and thus complete the BN model.

Fuzzy logic SoE index
This section aims to create an overall SoE index by applying fuzzy logic so that the ambiguity raised in the rating scheme can be avoided.The first step is making individual SoE rating for each evidence category clear to create a crisp value as initial start.Then, the overall rating schemes from different perspectives will be used as the fuzzy rules (81 rules) in the fuzzy inference system (FIS) and FIS will give a crisp output which is the overall SOE index.

Individual SoE rating based on evidential characteristics and criteria
In order to apply the FIS, a crisp value is needed as input as well as its membership function.Therefore, the linguistic variable is established as described in Section 3.1.Detail illustration of one example SoE regarding to evidence category -data is shown in Fig. 3.The linguistic variable name is SoE (Data); the term-set of variable is {low, medium, high}; the universe of discourse is [0, 4]; the semantic rule denoting a fuzzy subset is as shown in Fig. 3.
As mentioned in Section 2.1.2,there is ambiguity in individual SoE categorization.Although, the application of fuzzy subset allows the precise description for SoE (data, models, judgements, and assumptions) by a crisp number or membership function, it still lacks criteria as a reference to allocate a justifiable initial crisp value for the linguistic variable.Therefore, the criteria proposed by Goerlandt and Reniers ( 2017) is adopted here to define a reference base value for each evidence type.As shown in Table 5, it gives evidential characteristics and criteria for SoE rating for the four evidence types.Take SoE (data) for an example, the characteristics and criteria are then embedded into the fuzzy subset as the baseline for number 1 and 3 for SoE (data) as in Fig. 3.This gives references for an assessor to give a more precise and justifiable crisp input.It should be noted that the criteria do not include the medium category, which may need further improvements later.In addition, it should be noted that it is assumed here that the assessor has enough knowledge to give a justifiable input when the criteria are clear.Therefore, the human uncertainties to obtain the reasonable inputs are not included as it is not the focus in this paper.However, in practice, it is an important aspect to consider and needs more investigations and researches on this.This is also shortly expended in the discussion in Section 7.
The fuzzy subsets for SoE regarding models, judgements and assumptions are under the same principle with relevant evidential criteria embedded, thus not shown repeatedly.Basically, high, medium and low in Table 5 are considered as the critical baseline value, i.e. 1, 2 and 3, in fuzzy subset.The overall SoE also uses the same membership functions and universe of discourse [0, 4].

Overall rating by FIS
Based on the established fuzzy subset for individual evidential SoE in Section 4.1, the FIS can then be created by applying the 81 'rules'.Table 4 shows Type 1 perspective rules and after applying the rules in FIS, an overall SoE index is able to be calculated.The process is as described in Section 3.1 and Fig. 2, i.e. four crisp values corresponding to each evidential SoE are given as inputs and then an overall SoE index will be calculated.
However, as mentioned in Table 3, there are four perspective types for the overall SoE rating scheme.Type 2 is not applicable as it causes overlaps already within the scheme.Thus, the rest three perspectives have their own 81 'rules'.In order to show how the SoE rating applying fuzzy logic avoids ambiguity comparing to the original ratings, the following sections conduct visualization and comparisons between them for each perspective.

Type 1: Min min perspective
In Type 1 perspective, the principle can be summarized as Therefore, it can be concluded that the proposed approach with FIS solves problem of this ambiguity.

Type 3: Min max perspective
In Type 3 perspective, the principle can be summarized as

The assumption has only local influence
The assumption has wider influence in the analysis The assumption greatly determines the results of the analysis This means only 4H leads to overall SoE as H and 4L leads to overall SoE as L; the rest are M.This is clearly reflected in the visualization in Fig. 5 (right), which applies traditional L-M-H level rating scheme with Type 3 perspective.While Fig. 5 (left), applied with FIS, again shows the gradient.The difference is also obvious when comparing with the left one.With the setting, the lowest overall SoE value with Type 3 perspective moves to 2, i.e.Type 3 perspective leads most results to medium level, as indicated in the principle.

Type 4: Max max perspective
In Type 4 perspective, the principle can be summarized as SoE overall = max i=1,4 SoE i , i.e. the overall SoE is decided by the highest individual SoE.It is a relative loose scheme, considering one best evidence category is sufficient to determine the overall result.Fig. 6 respectively show the overall SoE results by applying FIS and traditional rating scheme.Here, SoE Assumption and SoE Judgement are set as 1 and L respectively to see the changes when varying the other two evidence categories.Results from the FIS can reflect the variations of each evidence category in the overall SoE as describe also in Section 4.2.1 and 4.2.2.Meanwhile, Type 4 perspective can be seen as the opposite side of the Type 1, visually reflected also by comparing Fig. 4 and Fig. 6.

SoE index for different risk perspectives and N/A evidence category
Based on the analysis and results from section 4.2.1 to 4.2.3, it can be seen that the proposed fuzzy logic SoE approach can solve the ambiguity in SoE scheme and provide more precise overall SoE result.Therefore, the method is considered valid and can output numbers which can be used as an overall SoE Index.This digital index can be used in risk diagrams and risk analysis to reflect more precisely overall strength of evidence, instead of only L, M and H.
Meanwhile, there exist three applicable perspectives for calculating overall fuzzy logic SoE index and the results vary, reflecting the perspectives.Type 1 is strict on generating the high overall SoE, thus the majority are in the low level.While Type 4 is loose, thus the majority stay in high level.And Type 3 is strict for generating both high and low levels, the majority keeps in medium level.The three perspectives can be linked to risk-seeking, risk-averse and risk neutral perspectives for decision maker, which is also one of the aims for generating a more precise overall SoE index, i.e. for better communication in decision making.The three perspectives give space and good enough information and transparency for different decision makers.
However, there is another ambiguity raised by Goerlandt and Reniers (2017), i.e. for the case N/A-H-H-H, when there lacks evidence information for one or several categories.It is hard to give any relatively objective input for this kind of cases.A proposal here for this kind of cases is giving a L to the N/A evidence category to be conservative for the input at the very beginning.Then a subjective decision can be made by choosing different perspectives so that the overall SoE index can still be calculated however depending on the perspective of the decision maker.
So far, research questions 1 and 2 are answered, which enables all parameters for the event-based risk, (A, C, P, SoE|BK) , to be indexed digitally avoiding unnecessary ambiguity.However, usually there is a system behind an event A, e.g.causal system or networks, which leads to the third research question, i.e. how to integrate risk expressions R (C, P, SoE|BK) into system risk analysis and management.Following sections focus on this question.

Application of fuzzy SoE Index: Integration with BNs
Causal models or systems are usually needed to form a complete and systematic risk analysis and management.BNs is a widely applied method for system risk analysis and management, of which the principles have been described in Section 3.2.In addition to its benefits, e.g. it offers explicitly model causal factors and also nonmonotonic reasoning, i.e. reasoning from effect to cause and vice versa, and its capability to combine diverse types of evidence, arriving at decisions based on visible, auditable reasoning (Fenton & Neil, 2012), BNs have the feature that probability and consequence are in one-to-one association in each factor.This in-built feature can help improve the issues raised in Section 2.2, i.e. the probability and consequence in the event-based risk diagram are expressed by expected value or in intervals, which sometimes does not represent enough detail relatively.
Although BNs have above mentioned advantages, it has been also criticized for its incompetence to show the SoE underlying each node, which however is also the common issue for risk analysis generally.
Researches have been contributing to this drawback to improve BNs in the system risk analysis, e.g.evidence utilized in BNs begin to be listed clearly, also the SoE is assessed to indicate how good the evidence is in the BNs.However, all of these more or less apply the rating schemes in Table 4 or similar schemes, of which the challenges and issues have already been discussed.In addition, it also usually causes large tables or documents, which is not efficient for risk expression and communication.
As demonstrated in Section 4, the SoE index paves a new and precise way for including SoE.Therefore, this section focusses on how to integrate the SoE index with BNs to improve the system risk analysis and management.
In Bayesian Networks, the network is constituted by quantitative and  (Pitchforth and Mengersen, 2012).MV and MS are qualitative part, MD and MP are quantitative part.Therefore, a comprehensive SoE assessment of the whole network can be decoupled into the assessment on the four aspects respectively over each node.The evidence refers to the four evidence categories: data, model, judgement and assumption.This gives an assessment structure for each node in BNs as shown in Fig. 7.The top layer is the final overall SoE result of the corresponding node.The second layer can be referred as the component layer, which represents the compositions of the BNs node.The third layer is the evidence layer, which includes the four evidence categories underlying each node composition.In this way, the full SoE assessment from each evidence category perspective on each component of the BN model can be implemented with improved way, i.e.SoE index by utilizing FIS, which is more advanced and has not been performed previously.
In the SoE assessment, each component of BNs node is assessed from the evidence types: data, model, judgement and assumptions.More specifically, SoE index of MV, MS, MD and MP are firstly calculated separately by the FIS approach proposed in Sections 3 and 4. When the intermedium SoE index in the component layer is obtained regarding to each model component, the final overall SoE index of the node can be obtained using weight approach (WA), i.e.
where, SoE is the final overall SoE index for the node.SoE j is the intermedium SoE index for BNs node component j, 1 to 4 represents MV, MS, MD and MP respectively.w j is the corresponding weights assigned to BNs node component j. w j is assigned according to their functions in constructing the model, i.e.MV is the starting base doe modelling and for MS, and then MD is implemented based on MV and MS, MP finally completes modelling of BNs based on the other three components.Therefore, the weights w j = 0.4, 0.3, 0.2, 0.1 are assigned respectively for MV, MS, MD, MP.However, further investigations are also suggested on this.Based on the above described process and structure, SoE index for each node in BNs can be computed so that main components C, P, SoE in risk expressions R (C, P, SoE|BK) are fully digitized.Meanwhile, the challenges on risk diagram, concerning C-P and SoE, are tackled during the digitalization and integration process by taking advantage of features of fuzzy logic and BNs.

Risk visualization and management
With the fully digitalized risk representation for each factor in the analyzed system, risk visualization for the whole system network can become more straightforward.Firstly, BNs have a great feature to graphically show the complex system, with consequences (C1, C2, C3) and their corresponding probabilities able to be presented, see e.g.bottom layer (layer 2) in Fig. 8.When the SoE index is available for nodes in BNs, the following approach is proposed to visualize the SoE together with the BNs feature, i.e. the size of the node is used to indicate the SoE index, which can be expressed as where S n is the size of the node n, SoE n is the overall SoE calculated for node n and g is a simple function relating SoE n to the node size, the simplest is a linear equation.the node size so that the decision maker easily knows how strong the underlying evidence are.Meanwhile, layer 2 presents the bar chart view, where the consequences and corresponding probabilities in the network are visualized by just changing the icon view to bar chart.In this way, all the elements of risk R (C, P, SoE|BK) are visualized for decision and communication.In addition, if a more detailed indication of SoE is needed, then FIS and degree of membership of SoE for all the components in the network can be presented and further reviewed.
Based on the visualization of risk, risk management can also be conducted more efficiently and visually.In the risk analysis of a system, one of the main aims is to identify the critical factors in the system for better risk control in addition to the risk evaluation of the end event.Lu et al. (2020) proposed a framework for risk management with BNs to identify critical factors in a system.The identification of critical factors relies on two items: 1) sensitivity of the factors for the targeted event; 2) SoE for the factors, as shown in Fig. 9.
BNs has in-built sensitivity analysis, which use color to indicate the sensitivity values, as shown in layer 1 in Fig. 8.When it combines the SoE indicated by node size, they can visually show the combination of the sensitivity and SoE to identify the critical factors in the system to improve the risk management.In addition, as presented in Section 4.2, different results arising from risk-seeking, risk-averse and risk neutral perspectives are available, which give good enough information and transparency for different decision makers in terms of risk management and communication.

Procedure illustration
The approach towards risk digitalization so far completes with the ambiguity in SoE and risk diagram improved by the application of FIS and its integration with BNs.In order to make it clear for practical application, an illustration procedure which summarizes the approaches and methods proposed in previous sections is created as in Fig. 10, demonstrating the steps to include SoE with C and P in BNs and for risk analysis and management.

Discussion
Although as illustrated in Section 7.1, the procedure for including all three risk elements in system risk analysis and management has been completed.There are some items in the process to be noted and future work may be needed.First, the SoE index development begins from giving crisp value inputs to FIS.The inputs are given based on the criteria proposed by Goerlandt and Reniers (2017) in Table 5, which are embedded into the fuzzy subset as baselines.However, the criteria still lack the definitions for medium state for data and model evidence categories.Therefore, there is still a wide range for an assessor to wander, which will cause the deviations in overall SoE.The need to have a more detailed criteria thus emerges for future work to further standardize the process of calculating SoE index.The research of detailed criteria can be practical use oriented so that an assessor can give a more precise and justifiable input value easily.
In addition, as also shortly mentioned in Section 4, the experience and knowledge of assessors have impacts on the inputs although criteria for giving the input values may be sufficient.This is a relatively common and practical issue when human opinions are needed.This topic is not opened as it is in line with the focus of the paper.However, in the application period, this is an unavoidable topic.In practice, a perfect assessor may be rare, therefore usually more than one assessor may be preferred, then the numbers of assessors and the way to aggregate results from various assessors are also important factors which may affect the results.This may need further researches and possible experiments.
Second, membership function applied in this paper is the classical trapezoidal and triangle membership functions.A different membership function may be more suitable for different cases.Therefore, a comparison for the effects by using different membership functions can be further investigated.
Third, the final overall SoE index calculated by FIS is limited within the CoA of L membership function and CoA of H membership function, i. e. it cannot reach the same range as the individual SoE input number, 0-4.This seems a limitation, while on the other hand, this limitation seems more reflective to the reality or more conservative as evidence strength does fade with more combinations.It can be also considered as giving space for consideration of potential surprise, which is outside BK, i.e. final overall SoE can hardly reach to full in reality.
Forth, weighted approach (WA) is applied in obtaining the final overall SoE for each node in BNs as also adopted in Lu et al. (2020).This is considered reasonable; however, investigation and comparisons of other approaches are also suggested.Especially the weights for each component, MV, MS, MD, MP, is subject to more discussions and investigations.
Although, as discussed above, there are limitations in the proposed approach towards digital risk, they mainly concern some specific subitems in the process which can be improved in future work.The new approach to obtain a more accurate (without ambiguity) and digital SoE  index is solid and has been proved effective when comparing with the traditional approach.In addition, the defined three perspectives in Section 4.2, relating to the risk-seeking, risk-averse and risk neutral perspectives for decision makers are notable as they are not clarified in previous research and are practically of importance and useful for risk communication.
The application of fuzzy SoE index, i.e. its integration with BNs demonstrates the full digital expression of risk R (C, P, SoE|BK) in system risk analysis and management by also taking advantage of the features from BNs.The combination meanwhile improves the potential weakness pointed in Section 2.2 so that probability (P) and consequence (C) are in one-to-one association with SoE specified.Through the digitalization of the system risk analysis, the visualization also becomes convenient and thus leads to better and efficient risk management when the framework in Fig. 9 is applied.Considering the above-mentioned three perspectives, risk communication can be further improved based on the better visualizations with all risk parameters and transparent perspectives.
One possible concern is that SoE assessment structure for nodes in BNs (Fig. 7 expands relatively large details in the BNs, thus may bring more work in practice and may seems not practical-usage friendly.However, this expanded assessment is indeed quite needed as one of the drawbacks has been criticized on BNs or system analysis is its lack of sufficient evidence demonstration and transparency.The proposed SoE assessment structure is relatively more comprehensive and has been practically utilized in Lu et al. (2020), however only in a qualitative way.As the structure of assessments is relatively large, thus it does not need to be directly reported or communicated as the visualization of the digital risk expression has summarized and simplified the results for risk management and communication.However, it should be carried out and saved properly for further detailed investigated when thorough discussion or modification is needed.
In addition, as the systems in modern society are transferring to digitalization, digital risk fits better to the trend and is more flexible to be adopted to those systems.It also severs better in dynamic risk analysis for systems, which is also one of the leading trends in risk analysis and in digital systems, see e.g.Paltrinieri et al. (2015), Khan et al. (2016) and Villa et al. (2016).
In general, this paper shows a new approach towards digital risk which is in good correspondence to the new digitalization transition and is of importance.However, future research is needed so that it can be tested more in practice and compared further to other approaches previously applied as this paper mainly focuses on developing the new concept and approach.

Conclusion
This paper identifies three research questions based on state-of-theart discussions on SoE and risk diagrams in risk analysis.To answer the research questions, this paper proposes a way to develop fuzzy SoE index by transferring the linguistic variable to a numerical one based on fuzzy logic theory.This method shows its capability to solve the ambiguity issues mentioned in the research questions by comparing its output results with the traditional approach.Meanwhile, the explicitly clarified three perspectives for rating SoE are new and their links to risk appetites pave more transparent risk communication with decision makers.
An application of the developed fuzzy SoE index is implemented by integrating it with BNs to address the last research question in term of system risk analysis and management.The combination of BNs and SoE index plays both features from them thus addresses the issue mentioned and forms a new visual-efficient tool suitable for system risk management.
Additionally, the fuzzy SoE index is not only limited to the application here with BNs, it can be more widely applied in risk analysis and management.The digitalized SoE enables easily full digital parameters in term of risk expression (C, P, SoE|BK), thus has good potential in the coming digital systems and society, as well as in dynamic risk analysis.

Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.comments which have helped to improve a previous version of this article.
high SoE, L -Low SoE, M -Medium SoE; Xany from L, M, H.If we assume a numerical comparison relationship, then H > M > L. Subscript i means individual SoE result and i is from 1 to 4 for the four evidence categories: data, judgement, model and assumptions.Subscript o means overall SoE result combined from different category i.

Fig. 3 .
Fig. 3. Demonstration of generating a linguistic variable and embedding evidential characteristics and criteria as baseline for giving a FIS input for individual SoE category.
SoE overall = min i=1,4 SoE i , i.e. the overall SoE is determined by the lowest boundary in all evidence categories.Fig. 4 (left) shows the overall SoE by applying the Type 1 perspective with FIS.In order to visualize the overall SoE, two types of evidence are set as constant, i.e.SoE Assumption = 4, SoE Judgement = 4.A 3D visualization is made to see how the overall SoE change with SoE Model and SoE Data in the range of 0-4.The result shows a good gradient of final overall SoE result, which means FIS gives out the precise change on how each individual SoE can influence the overall result.In comparison, a traditional L-M-H level rating scheme with Type 1 perspective is conducted and the result is plotted in Fig. 4. Similarly, SoE Assumption and SoE Judgement are set as highest level H, and SoE Model and SoE Data change from L to H.It can be seen that there is no gradual gradient for the overall SoE, i.e. as pointed by Goerlandt and Reniers (2017): H-H-H-L = L is same as L-L-L-L = L for the overall SoE result.

Fig. 4 .
Fig. 4. Left: SoE Overall results by FIS with Type 1 perspective, when setting SoE Assumption = 4, SoE Judgement = 4 and changing SoE Model and SoE Data from 0 to 4. Right: SoE Overall results by traditional L-M-H level rating scheme with Type 1 perspective, when setting SoE Assumption = H, SoE Judgement = H and changing SoE Model and SoE Data from L to H.

Fig. 5 .
Fig. 5. Left: SoE Overall results by FIS with Type 3 perspective, when setting SoE Assumption = 4, SoE Judgement = 4 and changing SoE Model and SoE Data from 0 to 4. Right: SoE Overall results by traditional L-M-H level rating scheme with Type 3 perspective, when setting SoE Assumption = H, SoE Judgement = H and changing SoE Model and SoE Data from L to H.

Fig. 8
Fig. 6.Left: SoE Overall results by FIS with Type 4 perspective, when setting SoE Assumption = 1, SoE Judgement = 1 and changing SoE Model and SoE Data from 0 to 4. Right: SoE Overall results by traditional L-M-H level rating scheme with Type 4 perspective, when setting SoE Assumption = L, SoE Judgement = L and changing SoE Model and SoE Data from L to H.

Fig. 7 .
Fig. 7. SoE assessment structure for an individual node in BNs.MV, MS, MD and MP are the four model components.ED, EM, EJ, and EA are four main evidence types, representing data (ED), model (EM), judgement (EJ) and assumption (EA).

Fig. 8 .
Fig. 8. Layer 1 is the icon view of BNs with node size indicating SoE and color representing the sensitivity analysis; layer 2 is the bar chart view showing the consequences (C) and their associated probability (P).

Fig. 9 .
Fig. 9. Framework for identifying critical system risk factors for risk control.ICF stands for the identified critical factors.RP, RA and RC represent risk perspective (RP), risk analysis (RA) and risk control (RC).
SoE i .The linguistic requirements can be translated as the perspectives inTable 3. The other types are all presented in Table 3.It can be seen that Type 3 is the strictest perspective to rating both H o and L o SoE.Type 1 is strict for H o SoE and Type 2 gives most space for both H o and L o SoE.However, Type 2 cause overlaps for L o and H o cases, i.e. 1H1L2X condition can be categorized as both H o or L o for overall SoE.Therefore, this perspective will be avoided for application and discussion in the following sections.

Table 3
SoE perspective and interpretation.The requirements are listed based on Table 2.When H o and L o are determined, M o is determined.A more unified principle for each type is summarized in Sections 4.2.1 to 4.2.3.

Table 4
Strength Flage and Aven (2017)ation scheme reproduced based onFlage and Aven (2017).A total of 81 combinations (the numbers in the first column) are possible when rating SoE of the four aspects, phenomena/models, data, expert statement, and assumptions individually as either high (H), medium (M) or low (L).Symbol '/' functions as 'or' in the table.