Recent intentional attacks on the chemical industries in Middle East and Algeria have greatly influenced the risk management mindset. Nominally, probabilistic risk assessment and management has focused on safety and unintentional acts in the chemical and petroleum industry. The focus now needs to be broadened to include intentional acts that will inflict damage on a chemical facility. The proposed Security Vulnerability Assessment, Prevention and Prediction (SVAPP) methodology utilizes an existing safety barrier approach and adapts it to suit the security facet. In total, seven barriers are proposed of which five barriers are utilized to prevent or deter an attack with two overseeing barriers. The five barriers that help deter the security attack are external, internal, interior, critical, and the fail-safe barrier. To reduce the effect of uncertainty in the model, a Bayesian updating technique is proposed along with a predictive capability. This is a key aspect of the model because; with any new information as it accumulates, the model can be updated to better reflect the updated conditions. To illustrate how the model can be executed, a case study is conducted on a figurative liquefied natural gas treating plant. The goal of this work is to raise awareness for the development of security vulnerability assessment related databases in the chemical plants so that they can be used for continually updating the much needed probabilistic security vulnerability assessment in the prevailing environment. (C) 2016 Elsevier Ltd. All rights reserved.