A risk assessment method used in process safety to evaluate if there are sufficient independent protection layers to mitigate hazards. Each “layer” could be a safety instrumented function, an alarm with operator action, or a relief device, etc. The analysis calculates the risk reduction and whether it meets tolerable levels. In OT context, you might hear this in relation to SIS design. LOPA results help determine what Safety Integrity Level (SIL) a safety function needs. It’s not directly a cybersecurity term, but as with HAZOP, it’s part of the safety-minded culture in industrial operations. (And conceptually, you can think of defense-in-depth in security as a kind of layered protection like LOPA aims for in safety.)
