## Risk

1. Fault Tree - used for root CAUSE analysis
2. Event Tree - identify WAYs
3. CCA - Consequence Cause Analysis - combines the Event Tree and Fault Tree analysis to show both failure WAYS and CAUSES everything can fail. A complete failure perspective.
4. Risk management plan -> risk breakdown structure -> risk register -> qualitative analysis -> quantitative analysis (expected monetary value) -> control for risk
5. Risk Math
1. Logical AND: multiply subordinate branch probabilities together.
2. Logical OR: this one is a bit harder. 1-product of the complements. a complement is (1-probability). for example, suppose the probabilities of three subordinate branches are 20%, 30%, and 40%. the total branch probability is 1-(1-0.2)*(1-0.3)*(1-0.4).
3. For more background check out Ted Lewis's book Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation.

## Error

Error means different things to different sciences

### Types of Error - Electrical Engineering

• Having trouble finding clear (non-engineer) speak for different types of error? here's West Point-EE362's exact definitions from the class Lab Policy and Procedure:
• Error Type i. Parametric errors occur when using general or standard component and device values to calculate expected results instead of the actual measured component values
• Error Type ii. Measurement error is the result of measuring voltage, current, resistance, frequency and time with instruments of limited accuracy or precision. Describing the errors associated with making the measurement is very dependent on the procedures used to obtain the data
• Error Type iii. Modeling errors account for the many approximations and simplifications used to arrive at simple theoretical relationships, thus resulting in limited model accuracy.

### Types of Error - Biometrics / Access Control

• Type I Error: false rejection. this means that you prevent the correct person access. after enough data, you can calculate the FFR (false rejection rate) and tune appropriately because if the FRR is too high, your system is either too sensitive or probably maybe not a good system.
• Type II Error: Whoops, you gave access to someone not authorized. After enough data you can calculate the FAR (false acceptance rate).
• The CER (crossover error rate) is when FRR = FAR. Minimize the CER!