Risk Comparison — Vendor vs DIY

For each risk, rated Likelihood × Impact for both builds. Impact is measured in "how much crop / money / trouble".

Crop-loss risks (highest impact)

Risk 1 — Flowering HVAC undersized, crop damage in July/August heatwave

	Vendor	DIY
Likelihood	HIGH — 15 kW nameplate derates to ~9.6 kW effective vs 20 kW demand. Every hot day the room creeps to 30+ °C canopy.	LOW — 6 × 5.2 kW Midea = 31 kW nameplate, ~20 kW effective, sized for the load.
Impact	€15–30 k lost yield per bad week, terpenes volatilised, quality crash	Minimal — room holds setpoint ±2 °C
Mitigation	Add a second UCHA60 per room (€3 200 × 2 = €6 400 + install)	Already mitigated by N+2 sizing

Risk 2 — HVAC single-point failure mid-flower

	Vendor	DIY
Likelihood	MEDIUM — 1 unit per flowering room, Chinese commercial, 5-year nominal life	LOW (for crop-loss) — requires 3 of 6 units to fail simultaneously
Impact	Crop dead in 4–8 hours; replacement 4–6 weeks; €15–30 k lost	Temps rise 2 °C for 48 h, €500 swap in 3 hours
Mitigation	Keep a spare €3 200 UCHA60 on site + trained installer on call	Keep 2 × €500 spare Mideas on site (already in BOM)

Risk 3 — Dehumidifier saturation → botrytis outbreak

	Vendor	DIY
Likelihood	MEDIUM — 276 L/day sized to upper edge of moisture load, no headroom	LOW — same units + 1 backup 90 L/day
Impact	Botrytis spreads to whole room in 72 h, ~20–40 % of crop unsaleable	Same impact if it happens, but less likely
Mitigation	Add a standby 90 L/day unit ready to deploy	Already in BOM

Risk 4 — Grid outage > 4 h during flower → crop dead

	Vendor	DIY
Likelihood	MEDIUM — Malta has summer outages	MEDIUM — same grid
Impact (vendor, no backup)	Full crop loss if outage > 4 h during day cycle	Minimal — Ecoflow battery holds HA + critical sensors + can gracefully kill lighting contactor
Mitigation	Add €3 200 backup + graceful shutdown (not in vendor bid)	Already in BOM

Risk 5 — Cloud outage → Growlink or Autogrow offline

	Vendor	DIY
Likelihood	HIGH — every ISP, every vendor cloud, eventually	ZERO — no cloud dependency
Impact	Alerts stop, remote monitoring stops, schedule updates stop. Local schedule continues executing. 3 AM dehu failure goes unnoticed until morning = botrytis start.	Zero
Mitigation	Buy cellular backup router + hope both vendor clouds stay up	N/A

Risk 6 — Growlink / Autogrow company folds or discontinues cloud

	Vendor	DIY
Likelihood	LOW–MEDIUM over 5 years — Growlink is small; Revolv, Wink, Insteon precedent	ZERO — Home Assistant is FOSS, forkable, sustained by Nabu Casa + community
Impact	Entire €11.3 k Growlink kit turns into paperweight. Replacement = rebuild automation from scratch.	Zero
Mitigation	None — single-vendor lock-in by definition	N/A

Compliance risks

Risk 7 — Malta licensing inspection fails on security

	Vendor	DIY
Likelihood	HIGH — no cameras, no access control, no door logging in bid	LOW — full security in BOM
Impact	Licence delay / revocation	Zero

Risk 8 — Neighbour complaint on odour

	Vendor	DIY
Likelihood	CERTAIN once flowering starts — no carbon filtration in vendor bid	LOW — Phresh carbon on all scrubbed rooms
Impact	Legal action, enforced shutdown until remediated, emergency install of €3 k scrubbers	Zero

Risk 9 — Electrical inspection fails

	Vendor	DIY
Likelihood	LOW — vendor installs commercial hardware	MEDIUM — DIY control panels may not pass without licensed electrician sign-off
Impact	Rework	Rework
Mitigation	Vendor covers	Non-negotiable: licensed Polish electrician pre-wires, licensed Maltese electrician signs off the mains side. Budget in DIY BOM.

Operational risks

Risk 10 — Sensor fails silently in flowering room

	Vendor	DIY
Likelihood	MEDIUM — Growlink Canopy LINK + Terralink are reliable but single-sensor per room	LOW — HA runs median of 4 canopy sensors per room, rejects bad probes
Impact	Wrong climate decisions, quality drop	Minimal

Risk 11 — Water sensor / dosing pump failure → bad EC/pH batch

	Vendor	DIY
Likelihood	LOW — Autogrow IntelliDose has internal diagnostics	LOW (we keep IntelliDose) + downstream Atlas EZO catches drift
Impact	1 day of bad irrigation; flushable	Same

Risk 12 — LED board failure in year 3

	Vendor	DIY
Likelihood	HIGH for Chinese no-name at €399 — expect 30–40 % attrition by year 4	LOW for Mars Hydro / Spider Farmer — 2 yr warranty + typical 5–7 yr real life
Impact	Replacement cost €400 per fixture, downtime	Warranty replacement if within 2 years, minor loss if out-of-warranty

Risk 13 — CO₂ poisoning worker incident

	Vendor	DIY
Likelihood	LOW if CO₂ actually gets installed (which is a scope gap); HIGH if it's bolted on later without safety integration	LOW — hardware CO₂ alarm wired into contactor coil, independent of HA
Impact	Worker injury / death, criminal liability	Same if it happens
Mitigation	Vendor's Growlink Climalink controls the solenoid but there's no standalone alarm in the bid	€160 standalone alarm already in BOM and non-negotiable.

Financial / business risks

Risk 14 — Hidden scope discovered after lease signed

	Vendor	DIY
Likelihood	HIGH — €10–12 k of hidden scope (CO₂, carbon, backup, security, drip lines, etc.)	ZERO — DIY BOM is explicit
Impact	Schedule delay + cost overrun	Zero

Risk 15 — User (DIY builder) unavailable mid-build

	Vendor	DIY
Likelihood	N/A — vendor-delivered	MEDIUM — any single-integrator DIY build depends on the integrator
Impact	N/A	Build stalls, customer inherits half-finished facility
Mitigation	N/A	Document everything. Train customer's staff on HA dashboards. Write runbooks for common failure modes.

Risk 16 — HA / Home Assistant learning curve for customer

	Vendor	DIY
Likelihood	N/A	MEDIUM — customer has to learn HA for day-to-day adjustments
Impact	N/A	2–4 weeks of hand-holding post-install, or permanent dependency on the integrator
Mitigation	N/A	Build customer-facing dashboards that hide HA complexity (read-only operator view, write-only admin view)

Risk 17 — Insurance won't cover DIY-built facility

	Vendor	DIY
Likelihood	LOW — vendor-installed commercial hardware is standard	UNKNOWN — check with Maltese insurer before committing. DLC-listed fixtures + F-gas install certificate + licensed electrician sign-off usually satisfy insurers.
Impact	Uninsurable = cannot operate	Same
Mitigation	N/A	Action item before signing anything: get insurer quote on both builds.

Summary heat map

Risk	Vendor likelihood × impact	DIY likelihood × impact
HVAC undersized → heat damage	🔴 HIGH × HIGH	🟢 LOW × LOW
HVAC single-point failure	🟡 MED × HIGH	🟢 LOW × LOW
Dehu saturation → botrytis	🟡 MED × HIGH	🟢 LOW × HIGH
Grid outage → crop loss	🔴 MED × EXTREME	🟢 LOW × LOW
Cloud outage	🔴 HIGH × MED	⚪ N/A
Vendor folds	🟡 LOW × EXTREME	⚪ N/A
Licensing — security	🔴 HIGH × HIGH	🟢 LOW × LOW
Odour complaint	🔴 CERT × HIGH	🟢 LOW × LOW
Electrical inspection	🟢 LOW × MED	🟡 MED × MED (mitigated by licensed sign-off)
Sensor silent fail	🟡 MED × MED	🟢 LOW × LOW
LED board failure yr 3	🔴 HIGH × MED	🟢 LOW × LOW
CO₂ poisoning	🟡 LOW × EXTREME	🟢 LOW × EXTREME
Hidden scope	🔴 HIGH × MED	🟢 LOW × LOW
User unavailable	⚪ N/A	🟡 MED × MED
HA learning curve	⚪ N/A	🟡 MED × LOW
Insurance incompatibility	🟢 LOW × EXTREME	🟡 UNKNOWN × EXTREME (verify first)

Net risk posture

Vendor build is a cheaper-looking bid with higher tail risk: the €82 584 number hides €10–12 k of scope gaps and a handful of single-point-of-failure crop-killing risks. In a good year the facility works. In a bad year (summer heatwave + grid outage + cloud outage + botrytis outbreak) the vendor build has no fallback.

DIY build is a fully-scoped bid with mitigated tail risk: higher upfront documentation burden, modest user-dependency risk, and one genuine unknown (insurance). In exchange: no single-point-of-failure in crop-critical systems, full local operation, N+2 HVAC, and no cloud lock-in.

The DIY approach trades vendor dependency for integrator dependency. That's a real tradeoff and the customer needs to understand it before signing.