The United States' National Airspace System (NAS) is increasingly being subject to disruptions and attacks that involve its cyber (computing, communications, control) systems1-4. For instance, fleets for several major airlines have been grounded due to computer outages affecting flight manifests and other data, such as the May 2017 incident with British Airways that led to cancellation of about 800 flights and stranded passengers for several days. Likewise, computer outages affecting Air Route Traffic Control Center (ARTCC or Center) facilities have led to propagative impacts on traffic: for instance, computer failures led to almost complete closure of the Washington DC (ZDC) airspace for several hours, and necessitated restriction of traffic across the NAS. Meanwhile, a kinetic attack on the radar capabilities in Chicago Center airspace required major rerouting of traffic over a multi-week period in 2015, and failures to Department of Homeland Security computers with passenger data have also led to restriction of traffic. Although many of these events have been due to cyber-system failures rather than deliberate attacks, there is growing recognition and concern that the NAS is vulnerable and prone to attacks, which may have very wide-area impact. In a broad sense, the increasing frequency of cyber disruptions and/or attacks reflects both the growing integration of and reliance on networked cyber technologies in the air traffic system, and the increasing sophistication of cyber- systems and attackers. Thus, there is an urgent need for sophisticated models that allow assessment of the consequences of cyber threats (both disruptions and deliberate attacks), and in turn defense mechanisms and tools that can mitigate the impacts and/or protect particularly vulnerable resources.