A Hazard is a type of risk that can be included in a RiskTree. It represents risks that are not caused by a malicious attacker, but instead occur by accident. This could include a flood, a power failure, or a piece of equipment failing. It will have different assessment values to an attack risk. In place of the four attacker values, RiskTree uses a single value for the likelihood of the attack; this expresses the probability that the attack will occur, from highly unlikely (1) to highly likely (6). Hazards are indicated in RiskTree with a symbol.
To set a risk as a Hazard, simply click on the Hazard checkbox when creating the risk node. This will automatically change the selection of risk assessment values for the node. Intermediate nodes (i.e., those with children) can be defined as Hazards too. It is good practice not to mix Hazards and attacks, so we recommend creating one or more branches of your RiskTree for Hazards, with all of the nodes set with this flag. RiskTree will not let you create attack nodes as children of Hazard nodes.
Hazard nodes are identifiable from the symbol on them. If they have assessment values, these will be in white text on a blue stripe, as shown below.
The editor for a Hazard node is as follows:
In this example, the Hazard checkbox has been ticked and disabled, because it is the child of another Hazard node and therefore it must also be a Hazard.
Within the risk table (on the Risks tab), Hazards will be identified with the symbol, and the Likelihood value will span the columns normally used for attacker assessment values.
The countermeasures applied to Hazard nodes have risk affectors for the same three assessment values, and are referred to as Hazard countermeasures. They will be shown in the Countermeasure table with the likelihood value spanning the attacker assessment value columns.
Since they have different risk affectors, they cannot be copied onto nodes that are not Hazards (either as a new countermeasure or a linked countermeasure). Similarly, countermeasures from standard risk nodes cannot be copied onto Hazard risks. In either case an error will be shown.
Existing nodes can be converted between attack and Hazard states by selecting Edit node from the node menu and changing the Hazard tickbox. You cannot convert some nodes:
If you convert a node that has countermeasures, the countermeasures will be converted as well. The damage and replay assessment values will remain the same, but all other assessment values will be reset to No effect. You will need to update each of the countermeasures as required. A message box will be displayed to remind you to update the countermeasures.