Skip to Main Content
Many risk assessment approaches evaluate the security by considering the status of equipments in the system separately, while the infrastructure of the system, which also has impact on assessing the system risk, is not taken into consideration properly. In this paper we propose a novel risk assessment method which considers the correlation of the equipments in the evaluated system. Where the risk of every equipment is divided into the individual one and the impact of other equipments. By setting vulnerability-threat conjunction matrix of the equipments, we give an approach which is facilitate to calculate the impact of other equipments. In the end of the paper, we propose an example to explain the correctness and efficiency of the proposed method.