The methodology used to calculate a system’s risks is a derivative of the classic risk assessment evaluation where risk has a direct relationship to vulnerability and probability of system failure. This is a commonly used methodology to assess system risks, develop security policy, procedures and action plans; and is used by organizations such as the Office of Homeland Security, Sandia National Laboratory, Federal Emergency Management Agency and the Environmental Protection Agency. The primary focus of a system-based assessment is to identify options to reduce risk by reducing vulnerability through addressing systems immediate and long-term weaknesses, limitations or deficiencies.
Probability of system failure can be determined by assessing the current electronics or electronic safety and security systems’ capability and assigning values from 1 to 5 for each of the assessment criteria listed. The system assessment total value provides a measure of the reliability a system may have in effectively preventing an event or protecting persons, property and operations from an event, threat or hazard.