Three main challenges are involved with ensuring the security of any given facility: (1) reaching an agreement that a security plan must be devised; (2) developing and implementing an effective and appropriate physical security plan; and (3) ensuring the safety of the facility and its critical assets without impacting daily operations. The first step toward creating an effective security plan is to conduct a comprehensive vulnerability assessment. This involves understanding the nature of the facility to be protected and its critical assets, which can include people, equipment, systems, and processes, or a combination of any of these. The key functions and subsidiary functions of the facility must be identified as well as the potential threat to the facility and where those threats might originate. While we often think of threats as coming from outside a facility, some threats can come from within. Plans must be in place to protect against both types of threats. Once the critical assets have been identified, it becomes important to determine how vulnerable to attack they are. One solution to assisting with this daunting task is AVERT a software package that offers a state-of-the-art tool for performing complex vulnerability assessments. The development, operation, and functionality of AVERT are described. Some of its key functions include Graph Theory, that provides users with the ability to rapidly consider all possible attack scenarios and Uncertainty Analysis that helps account for the randomness of reality.