Cyber-Physical Systems (CPS) are typically composed of interconnected hardware and software components, which individually may not be inherently highly reliable or secure. However, several CPS applications demand a high degree of safety, security, and reliability. Thus, the fundamental problem is constructing highly dependable CPS applications from building blocks that are, in themselves, not inherently reliable. There has been enormous progress made in understanding and patching various classes of vulnerabilities in large-scale distributed CPS. However, these efforts at designing and operating resilient CPS have often been stymied by the lack of understanding of the impact of any perturbation to the overall system, under the economic and policy constraints involved in any realistic real-world CPS. We define perturbations as failures due to: (1) unintended errors in hardware/software, (2) security attacks, (3) unexpected interactions among cyber-physical and human elements including natural disasters, and (4) incomplete cooperation among stakeholders. In this project, we address these shortcomings to challenges to create resilient, large-scale CPS through our CHORUS Frontier award. Chorus will develop rigorous, scientific mechanisms to enable CPS resilience against a large universe of perturbations. Our application domain is Connected and Autonomous Transportation Systems (CATS) and thus, the benefits of CHORUS will be demonstrated through improvements in safety and security in this domain.<br/><br/>We will achieve goals of CHORUS through three interacting intellectually challenging thrusts in the project. Thrust 1 is on Modeling which will create executable specifications of cyber, physical, and human assets, their interconnections, and the economic and policy constraints. The models will capture various stakeholders in the system and their degree of information sharing and cooperation in defense of the target CPS. Thrust 2 is centered on Proactive planning and deployment. We will develop rigorous game-theoretic formulations to model the spread of perturbations (natural and man-made), their effects, and the appropriate resource allocations that can be applied for resilience at the planning stage, i.e., prior to system deployment. We will also consider which defensive investments are feasible under a rational versus a bounded rational behavioral model of the stakeholders. Thrust 3 focuses on Runtime distributed detection and response. We will determine, at runtime, the security state of the system, through novel uses of existing sensors in the system even though they are imperfect. This will then trigger the response mechanisms, which will be proven to be approximately optimal, through analysis and experimentation. In terms of broader impact, the greatest impact will be that CPS owners will gain a higher degree of trust in the operation of the CPS and policy-makers will understand what level of cooperation among multiple stakeholders in a CPS to incentivize. We will create compelling demonstrations of CHORUS on a connected vehicle testbed distributed between our academic institutions and our industrial partner GM. We will also organize an annual student security competition and develop two MOOCS, both having foundational material on resilient CPS and one focusing more on the CATS application domain.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.