Threat effects analysis: Applying FMEA to model computer system threats

As the 21^st century progresses, computer systems have become a target for a new type of criminal who attacks software with malicious intent. Failure Modes and Effects Analysis, which is normally used to improve system reliability by identifying and mitigating the effects of potential system failures, provides a basic framework that can be applied to counter the threats a computer system will encounter in its operational environment. The process consists of: 1) becoming familiar with the system and system components; 2) developing a threat model by identifying external dependencies and security assumptions; 3) identifying and classifying the types of threats to the system; 4) determining the effects of the threat; and 5) making changes to counter the potential threats. This approach ensures that the assessment of the threat will be done in a systematic and meticulous manner that is more likely to result in a secure and reliable system.