Hazard and Operability studies have been extensively used in chemical engineering and designing safety critical systems. Its rigorous analysis based on discovering deviations and hazard makes it ideal in the study of designs and experiments with confounding variables. In this paper, HAZOP methodology is applied to a case study of network security experiment to reliably measure the IP tracking behavior of malicious websites using a low interaction client honeypot. The experiment's design involves a large number of factors and components which could potentially introduce bias in the study and result in invalid analysis. We demonstrate that HAZOP can be applied to security experiments to create a proper experimental design and properly control potential bias of confounding variables.