{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-11238162","patent":{"patent_number":"US-11238162","title":"Method for systematically and objectively assessing system security risk","assignee":null,"inventors":[],"filing_date":"2019-06-27T00:00:00.000Z","publication_date":"2022-02-01T00:00:00.000Z","cpc_codes":["G06F","G06F","G06F","G06F"],"num_claims":17,"abstract":"A method for developing an information system specification includes: performing, from a design specification for an information system having a functional and structural component, an information assurance component and an anti-tamper component, a trust analysis identifying which components of the information system the information system must trust to enforce a security policy and providing a trust score; performing for each system element in the information system a trustworthiness assessment and providing a trustworthiness score; performing mitigation to reduce a trust gap as determined from the trust score and the trustworthiness score; performing a vulnerability assessment to identify residual vulnerabilities determined from the vulnerability assessment; mitigating the residual vulnerabilities by designing preventive and reactive countermeasures to reduce the number of residual vulnerabilities; designing and applying anti-tamper techniques to cyber RCPI to ensure countermeasure effectiveness; assessing the countermeasures applied to the information system; assessing the security risk associated with the remaining residual vulnerabilities to determine if such residual vulnerabilities are acceptable to protect critical data and technology in the information system; and changing and updating system requirements for the information system as required by the designing preventive and reactive countermeasures step and the designing and applying anti-tamper techniques step."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Method for systematically and objectively assessing system security risk","description":"A method for developing an information system specification includes: performing, from a design specification for an information system having a functional and structural component, an information ass","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-11238162","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-11238162","citation_suggestion":"Patentable. \"Method for systematically and objectively assessing system security risk\" (US-11238162). https://patentable.app/patents/US-11238162","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-11238162","json":"https://patentable.app/api/llm-context/US-11238162","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-31T12:36:52.661Z"}