[TOC]
- Accident (or mishap): An unplanned event or sequence of events which results in human death or injury, damage to property, or to the environment.
- Asset: Something of value that has to be protected. The asset may be the software system itself or data used by that system.
- Attack: An exploitation of a system's vulnerability.
- Control: A protective measure that reduces a system's vulnerability.
- Damage: A measure of the loss resulting from a mishap.
- Exposure: Possible loss or harm to a computing system.
- Hazard: A condition with the potential for causing or contributing to an accident.
- Hazard probability: The probability of the events occurring that create a hazard.
- Hazard severity: An assessment of the worst possible damage that could result from a particular hazard.
- Human error or mistake: Human behavior that results in the introduction of faults into a system.
- Risk: This is a measure of the probability that the system will cause an accident.
- System error: An erroneous system state that can lead to system behavior that is unexpected by system users.
- System failure: An event that occurs at some point in time when the system does not deliver a service as expected by its users. No weather data is transmitted because the time is invalid.
- System fault: A characteristic of a software system that can lead to a system error.
- Threats:
- Vulnerability: A weakness in a computer-based system that may be exploited to cause loss or harm.