We investigate the properties of systems of systems in a cybersecurity context by using complex network methodologies. We are interested in resilience and attribution. The first relates to the system's behavior in case of faults/attacks, namely to its capacity to recover full or partial functionality after a fault/attack. The second corresponds to the capability to tell faults from attacks, namely to trace the cause of an observed malfunction back to its originating cause(s). We present experiments to witness the effectiveness of our methodology considering a discrete event simulation of a multimodal logistic network featuring 40 nodes distributed across Italy and daily traffic roughly corresponding to the number of containers shipped through in Italian ports yearly averaged daily
