Severity Levels

Choices: Grave Catastrophic Critical Devastating Serious Marginal Minor Insignificant Negligible Unknown

Num
Severity

Applies if an issue can
(MIL-STD-498)
(Table 65 Development & 70 Quality *)

Failure Effect Severity Levels
(MIL-STD-1629a)
(Table 15 *)

Security Threat Assessment Levels
(Table 28 *)

Security Failures
(Table 29 *)

1

Grave
1 Grave. Prevent accomplishment of an operational or mission essential capability. Jeopardize safety, security, or other requirement designated critical. Result in loss of life or health. - 1 Grave. Loss of life or Physical Harm 1 Grave. Three backup security mechanisms fail.

2

Catastrophic
2 Catastrophic. Adversely affect the accomplishment of an operational or mission essential capability and no work-around solution is known. Adversely affect technical, cost, or schedule risks to the project or to life cycle support of the system, and no work-around solution is known. 1 Catastrophic. A failure that could result in serious injury or death or system loss. 2 Financially Catastrophic. Financially destroys an organization or and individual, no chance of recovery 2 Financially Catastrophic. Two backup security mechanisms fail.

3

Critical
Devastating
3 Critical. Adversely affect the accomplishment of an operational or mission essential capability but a work-around solution is known.. Adversely affect technical, cost, or schedule risks to the project or to life cycle support of the system, but a work-around solution is known. 2 Critical. A failure that could result in severe injury, major property damage, or major system damage which will result in mission loss. 3 Financially Devastating. Financial losses causing reorganization or change in life style 3 Financially Devastating. Multiple security mechanisms fail.

4

Marginal
Serious
4 Marginal. Result in user operator inconvenience or annoyance but does not affect a required operational or mission essential capability. Result in inconvenience or annoyance for development or support personnel, but does not prevent the accomplishment of those responsibilities 3 Marginal. A failure that could result in minor injury, minor property damage, or minor system damage which will result in delay or loss of availability or mission degradation. 4 Financially Serious. Financial losses leading to setbacks in plans, investments, or savings / profits 4 Financially Serious. Security mechanism failed.

4

Minor
Insignificant
- 4 Minor. A failure not serious enough to cause injury, property damages, or system damage, but which will result in unscheduled maintenance or repair. 5 Financially Insignificant. No impact on organization or individual 5 Financially Insignificant. No security mechanisms triggered.

5

Negligible
5 Negligible. Any other effect - - -

* From Cassbeth Systems Analysis

Num	Severity	Applies if an issue can (MIL-STD-498) (Table 65 Development & 70 Quality *)	Failure Effect Severity Levels (MIL-STD-1629a) (Table 15 *)	Security Threat Assessment Levels (Table 28 *)	Security Failures (Table 29 *)
1	Grave	1 Grave. Prevent accomplishment of an operational or mission essential capability. Jeopardize safety, security, or other requirement designated critical. Result in loss of life or health.	-	1 Grave. Loss of life or Physical Harm	1 Grave. Three backup security mechanisms fail.
2	Catastrophic	2 Catastrophic. Adversely affect the accomplishment of an operational or mission essential capability and no work-around solution is known. Adversely affect technical, cost, or schedule risks to the project or to life cycle support of the system, and no work-around solution is known.	1 Catastrophic. A failure that could result in serious injury or death or system loss.	2 Financially Catastrophic. Financially destroys an organization or and individual, no chance of recovery	2 Financially Catastrophic. Two backup security mechanisms fail.
3	Critical Devastating	3 Critical. Adversely affect the accomplishment of an operational or mission essential capability but a work-around solution is known.. Adversely affect technical, cost, or schedule risks to the project or to life cycle support of the system, but a work-around solution is known.	2 Critical. A failure that could result in severe injury, major property damage, or major system damage which will result in mission loss.	3 Financially Devastating. Financial losses causing reorganization or change in life style	3 Financially Devastating. Multiple security mechanisms fail.
4	Marginal Serious	4 Marginal. Result in user operator inconvenience or annoyance but does not affect a required operational or mission essential capability. Result in inconvenience or annoyance for development or support personnel, but does not prevent the accomplishment of those responsibilities	3 Marginal. A failure that could result in minor injury, minor property damage, or minor system damage which will result in delay or loss of availability or mission degradation.	4 Financially Serious. Financial losses leading to setbacks in plans, investments, or savings / profits	4 Financially Serious. Security mechanism failed.
4	Minor Insignificant	-	4 Minor. A failure not serious enough to cause injury, property damages, or system damage, but which will result in unscheduled maintenance or repair.	5 Financially Insignificant. No impact on organization or individual	5 Financially Insignificant. No security mechanisms triggered.
5	Negligible	5 Negligible. Any other effect	-	-	-