TPCM　is　an　essential　part　for　a　trusted　computer.　How　to　test　and　evaluate　whether　the　trusted　function　can　execute　in　a　trusted　computer　is　very　significant.　A　risk　assessment　model　for　TPCM　based　on　threat　analysis　is　proposed,　which　considers　comprehensively　the　essential　factors　of　the　information　security　risk　assessment,　including　the　asset,　threat　and　vulnerability　of　TPCM.　The　risk　computation　model　is　built　through　analyzing　the　threat　identify,　threat　consequence　attribute　and　threat　index.　The　risk　can　be　given　through　the　computation　of　possibility　of　the　threat　and　their　consequence　attributes　with　different　weights.　By　applying　the　security　risk　assessment　into　TPCM,　the　effectiveness　and　measurability　of　the　risk　assessment　process　can　be　improved,　which　also　provides　a　new　approach　for　the　test　of　the　TPCM.　©　2011　IEEE.