Software systems in safety-critical industrial automation systems, such as power plants and steel mills, become increasingly large, complex, and distributed. For assessing risks, like low product quality and project cost and duration overruns, to trustworthy services provided by software as part of automation systems there are established risk analysis approaches based on data collection from project participants and data models. However, in multi-disciplinary engineering projects there are often semantic gaps between the software tools and data models of the participating engineering disciplines, e.g., mechanic, electrical, and software engineering. In this paper we discuss current limitations to risk assessment in (software+) engineering projects and introduce the SEMRISK approach for risk assessment in projects with semantically heterogeneous software tools and data models. The SEMRISK approach provides the knowledge engineering foundation to allow an end-to-end view for service-rel...