This paper describes a method for identifying and analyzing threats and vulnerabilities of process plants to cyber system attacks by terrorists, saboteurs, and other criminals, and provides an example of its use. The approach considers bow cyber assets can be exploited by assailants to cause harm. It defines threat events by pairing threats with cyber assets, and considers vulnerabilities to attack, existing countermeasures, and the need for new or improved countermeasures. Previous security vulnerability analysis (SVA) methods have focused on physical and personnel security. Cyber security has not been explicitly addressed, Studies using the method described can be performed as adjuncts to existing SVAs, as part of future SVAs, or as stand-alone cyber SVAs (CM). The method can also be used to consider all types of security issues in a single analysis, including physical, personnel, information and cyber security, or to study any of these areas individually.