Based on the presentation of the security vulnerability of the event-driven system, this paper points out the deep reasons for the vulnerability of system: (1) The system ignores the inherent correlation among events; (2) The system trusts events from any sources without condition. In view of these two reasons, this paper presents an analytical model for security of event sequence, and an evaluation model of trustworthiness based on event source. Furthermore, this paper constructs an improved event-driven system infrastructure based on the two models.