Risk Inheritance Calculator

Illustrative Tool

This calculator demonstrates conceptual models of risk propagation. Real systems may not follow these simplified rules. Use it to explore the ideas, not to make critical decisions about actual systems.

Interactive tool for calculating how trust flows through delegation chains and networks.

How to Use

1. Add nodes representing principals, coordinators, and executors
2. Add edges to define trust relationships between nodes
3. Select a propagation rule
4. Calculator shows effective trust from source to all reachable nodes

---

Nodes

+ Add Node

Trust Edges

+ Add Edge

Propagation Rule

Multiplicative (default)MinimumHarmonic MeanAt Least One Succeeds (parallel redundancy)

Effective trust = T₁ × T₂ × … × Tₙ along each path

Source Node:

Effective Trust from Source

Target	Effective Trust	Best Path

Graph Visualization

---

Propagation Rules Explained

Which rule should I use?

This is no longer an open choice. The framework’s canonical rule is multiplicative composition with a common-cause correction: $(1-\rho)\prod T_i + \rho \min T_i$. The minimum rule is the fully-correlated limit ($\rho = 1$), not an alternative; the harmonic rule is retained in this tool only for comparison and is incoherent for serial chains (it can rate a chain above its weakest link). See Risk Propagation: One Rule, Not a Menu for the derivation and Monte Carlo evidence.

Multiplicative (Canonical Default)

Trust compounds multiplicatively along a path — exact under independence, and conservative for serial chains even under correlation:

Effective Trust = T₁ × T₂ × ... × Tₙ

Example: Principal trusts Coordinator at 0.9, Coordinator trusts Executor at 0.8

• Effective trust: 0.9 × 0.8 = 0.72

Use when: Always, for serial delegation chains — it errs conservative under correlation. ⚠️ For parallel defense layers (verification stacks), the same multiplication applied to miss-rates errs optimistic under correlation — apply the common-cause correction from Risk Propagation.

Minimum

Trust is limited by the weakest link:

Effective Trust = min(T₁, T₂, ..., Tₙ)

Example: Same chain with 0.9 and 0.8

• Effective trust: min(0.9, 0.8) = 0.8

Use when: As the honest bound when correlation is high or unknown (components share a provider, training paradigm, or context). This is the $\rho = 1$ limit of the canonical rule, not an independent modeling choice.

Harmonic Mean

Balanced approach that penalizes low values:

Effective Trust = n / (1/T₁ + 1/T₂ + ... + 1/Tₙ)

Example: Same chain with 0.9 and 0.8

• Effective trust: 2 / (1/0.9 + 1/0.8) = 0.847

Use when: Don’t — retained for comparison only. Note the example above: 0.847 is higher than either approach would justify; for links (0.9, 0.8) no serial chain can be more trustworthy than its weakest stage allows. A “balance” between product and minimum is legitimate, but the principled interpolation is the common-cause mixture $(1-\rho)\prod T_i + \rho\min T_i$, not the harmonic mean.

At Least One Succeeds (Parallel Redundancy)

Models the probability that at least one parallel path succeeds — i.e., all paths must fail before the chain fails:

Effective Trust = 1 - [(1-T₁) × (1-T₂) × ... × (1-Tₙ)]

Example: Two parallel verifiers, each at 0.9 and 0.8 trust

• Failure probabilities: 0.1 and 0.2
• Both fail: 0.1 × 0.2 = 0.02 → combined trust: 1 - 0.02 = 0.98

Use when: The chain succeeds if any one path succeeds (parallel redundancy). Note this is the opposite of weakest-link (which would be min(T₁, T₂, ...) — the chain is only as strong as its weakest node). ⚠️ This formula assumes independence between paths; under common-cause correlation $\rho$, true combined failure approaches $\min(1-T_i)$ rather than $\prod(1-T_i)$. Budget with the mixture formula from Risk Propagation.

---

Multiple Paths

When multiple paths exist between source and target, this calculator shows the best path (highest effective trust). In practice, you might:

1. Take the maximum (optimistic): If any path succeeds, trust is established
2. Average paths (moderate): Blend multiple paths
3. Use only verified paths (conservative): Only count audited delegation chains

---

Practical Examples

Example 1: Simple Delegation Chain

Human → AI Orchestrator → Code Generator → Deployed Code

Trust levels: 0.95 → 0.80 → 0.70
Multiplicative: 0.95 × 0.80 × 0.70 = 0.532 (53.2%)

The effective trust to deployed code is only 53.2%, suggesting need for:

• Additional verification at each step
• Direct human review of deployed code

Example 2: Parallel Executors

        ┌→ Executor A (0.9)
Human → Coordinator ─┤
        └→ Executor B (0.7)

With Coordinator trust at 0.85:

• To Executor A: 0.85 × 0.9 = 0.765
• To Executor B: 0.85 × 0.7 = 0.595

Executor B should have limited capabilities or additional oversight.

Example 3: Redundant Verification

           ┌→ Verifier A (0.8) ─┐
Human → ──┤                     ├→ Action
           └→ Verifier B (0.8) ─┘

Using weakest link rule (both must pass):

• If both verify independently: 1 - (0.2 × 0.2) = 0.96

Redundancy significantly increases effective trust.

---

Design Implications

Effective Trust	Implication
> 80%	Can operate with standard monitoring
60-80%	Requires enhanced logging and periodic review
40-60%	Needs active human oversight
< 40%	Should not operate autonomously

---

Next Steps

• Delegation Risk Calculator — Calculate Delegation Risk
• Quick Start — Apply these concepts to your system
• Decision Guide — Choose implementation based on trust levels