In principle in this definition the word hazard could be replaced by threat and the definition would still be correct . That ’ s why in the context of trustworthiness of a system both definitions should be distinguished by assigning the following attributes to hazards :
• a hazard may lead to an incident in an unintentional , random way .
• a hazard may be well-known or unknown and hidden or visible .
In general , a system is protected against hazards with Trustworthiness Methods : If the process inside the system requires protection ( preventing a disruption ), they are Reliability Methods ; if humans need to be protected from harm of a hazard , they are Safety Methods ; If personal information needs protection , they are Privacy Methods ; and if the system itself requires protection , they are Resilience Methods .
If such methods cannot defend successfully against a hazard-caused incident , the status of a normally running system leads to disruption . And if the hazard cannot be stopped in the status of the interrupted system , there is a risk of damage or even total loss of the system . A good example could be an overheated battery in a robot which leads to an unexpected fire in the production which finally burns down the whole production facility . All such incidents , caused by hazards , are defined as accidents .
The dictionary definition of the term threat presents three different meanings . Collins [ 2 ] defines it as :
• A threat to a person or thing is a danger that something bad might happen to them .
• A threat is also the cause of this danger . (“ Variable Noun ”)
• A threat is a statement by someone that they will hurt you in some way , especially if you do not do what they want . (“ Countable Noun ”)
The first definition is very general : Any incident which challenges a system is also a threat for this system . Any hazard could be such a threat as well . That is why this definition is not useful for our purpose . The second and the third definitions are more appropriate :
• A threat is a cause of danger - in our case an incident .
• A threat is coming from a “ someone .” This most likely refers to a person ( or a group of people , like an army in a war ) but could also be an autonomous robot ( for example , a selfcontrolling drone or a military or criminal cloud service which automatically attacks a system as soon as a security weakness is discovered ).
• A threat is a statement , which means it is intentional and not random .
In general , a system is protected against hazards with Trustworthiness Security Methods . If such a method cannot block an attack-related incident , the status of a normally running system leads to disruption . Similarly , if the hazard cannot be blocked , the result may be more critical status
Journal of Innovation 9