Yes you can define multiple Risk layers with its own configuration for each of them within the same project. In this case, you could differentiate the Software and Hardware risks or still production ones for example and have specific Risk analysis per category.
As you can have multiple Risk categories per project now with their own configuration, the Risk configuration is managed via the Risk field in its Risk category. In each Risk category you’ll then be able to create a specific configuration (See Risk Configuration Options).
You'll have to create your new Risk category, via Item Categories in your project:
Then you'll have to add a Risk field in this new category (and other needed fields):
Old project created in a version before 2.2 can still have the Risk configuration managed under the project settings (global for all risk categories). If needed, this configuration can easily be transferred to the Risk category doing the conversion in the specific Risk field: