Modern cyber-physical systems are enabled by electronic hardware and embedded systems. The security of these sub-components is a concern during the design and operational phases of cyber-physical system life cycles. Compromised electronics can result in mission-critical failures, unauthorized access, and other severe consequences. As systems become more complex and feature greater connectivity, system owners must make decisions regarding how to mitigate risks and ensure resilience and trust. This paper provides an overview of research efforts related to assessing and managing risks, resilience, and trust with an emphasis on electronic hardware and embedded systems. The research takes a decision-oriented perspective, drawing from the perspectives of scenario planning and portfolio analysis, and describes examples related to the risk-based prioritization of cyber assets in large-scale systems
