Threat modelling is a set of techniques to identify the level of risk to assets from their interactions with their operating environment. Some threat modelling methodologies and tools are linked below for reference:
PASTA – Process for Attack Simulation and Threat Analysis. The link has details of an online banking use case.
DREAD – Damage [potential], Reproducibility, Exploitability, Affected users, Discoverability
STRIDE – Spoofing of user identity, Tampering, Repudiation, Information disclosure (privacy breach or data leak), Denial of service , Elevation of privilege
Attack trees – similar to fault trees, it show the relatedness of cause/effect; an good example for a SCADA system is here.