In the last years, significant work has been undertaken by Governments and local agencies with respect to the protection of critical infrastructures and public-private sector coordination in the event of a cyber-attack. Threats to cities and their social infrastructures, e.g. from crime, and terrorism, endanger human life directly and indirectly. Resilience of critical infrastructures is gaining importance as a core concept to cope with such threats. In general, this means strengthening social infrastructures to prevent or mitigate such threats and to consistently deliver the intended services in a trustworthy and "normal" way even in changing situations.

 Information and communication infrastructure (ICT) is a primary part of the social infrastructure and therefore one of the central objects of these attacks. As a consequence, effective response capabilities must be properly organized and closely coordinated because, at the time of a cyber-attack, it is not possible to immediately determine whether the attacker is a script kiddie, an insider, a rogue actor (organized crime, terrorist organization, or radical), or a nation state. Unlike traditional Defense categories (i.e., land, air, and sea), the capabilities required to respond to an attack on critical infrastructures will necessarily involve infrastructure owned and operated by both the public and the private sector.

 Exercising for effective digital systems security becomes thus a crucial task in order to strengthen the resilience of IT systems against arising threats. Advanced information technologies that are able to analyze and interpret complex patterns or situations and take the proper decisions in terms on countermeasures the basic building blocks of the above solutions. In this context, it is worth noting research that combines security and defense aspects with achievements in designing advanced systems for the acquisition and sophisticated semantic analysis of complex image patterns and group behaviors. Such systems use cognitive models of semantic interpretation and can be applied to develop e.g., algorithms and protocols used for the security of computer systems themselves, but also to ensure the confidentiality and security of communication networks.