Existing risk assessment methods often overlook the critical roles of entities and their semantic relationships in failure propagation. Method: This paper proposes DODGE, a novel framework introducing the Object-Directed Interruption Graph (ODG)—the first formalism to embed COVER ontology semantics (e.g., parthood, participation) into fault trees and attack trees, thereby explicitly modeling entities as central agents in interruption propagation. DODGE further defines ODGLog, a formal logical foundation, and ODGLang, a domain-specific query language, enabling interpretable root-cause analysis, probabilistic reasoning, and risk-level inference. Contribution/Results: The framework achieves cross-layer, fine-grained risk quantification with transparent causal attribution. Evaluated on cybersecurity and critical infrastructure scenarios, DODGE demonstrates significantly enhanced modeling expressiveness and assessment reliability compared to conventional approaches.

When considering risky events or actions, we must not downplay the role of involved objects: a charged battery in our phone averts the risk of being stranded in the desert after a flat tyre, and a functional firewall mitigates the risk of a hacker intruding the network. The Common Ontology of Value and Risk (COVER) highlights how the role of objects and their relationships remains pivotal to performing transparent, complete and accountable risk assessment. In this paper, we operationalize some of the notions proposed by COVER -- such as parthood between objects and participation of objects in events/actions -- by presenting a new framework for risk assessment: DODGE. DODGE enriches the expressivity of vetted formal models for risk -- i.e., fault trees and attack trees -- by bridging the disciplines of ontology and formal methods into an ontology-aware formal framework composed by a more expressive modelling formalism, Object-Oriented Disruption Graphs (ODGs), logic (ODGLog) and an intermediate query language (ODGLang). With these, DODGE allows risk assessors to pose questions about disruption propagation, disruption likelihood and risk levels, keeping the fundamental role of objects at risk always in sight.