Mission critical real-time systems often function in environments that cannot be modelled with static approaches. Because of their (externally-driven) wide dynamic range of system operation, the number of data elements to be processed in an arbitrary period is unknown at the time of system engineering (other than an extremely pessimistic worst case sense). While it may be possible to determine a theoretical upper bound on the number of data items, the construction and maintenance of system components to handle worst-case conditions can be prohibitively costly. To accommodate such dynamic mission critical real-time systems, it is useful to design computing systems that allow reconfiguration and reallocation of resources by sharing a pool of distributed computational resources. Unfortunately, the problem of continuously providing critical system functions in such dynamic real-time environments is exacerbated when one considers attack vulnerability. The Internet has made mission critical real-time computer systems subject to an ever-changing array of attacks for which current defence mechanisms are insufficient. In order to combat intruders in this new environment, new techniques must be developed that enable decision makers to detect unusual behaviour in their systems, correlate anomalies into higher-level attacker goals, plan appropriate response actions, and execute their plans. This special book presents current work in this general area of real-time system security.