Cyber resilient trade-off evaluation systems for operational technology environments, including related methods and computer readable media

What is claimed is: 1 . A system comprising: one or more networks including a digital twin and one or more cyber system components, the digital twin configured to emulate at least a portion of a physical system of an operational technology (OT) system; and one or more processors configured to perform operations to: select, from a set of candidate mitigative response measures, a candidate mitigative response measure to enable in the one or more networks for execution responsive to a simulated cyber attack; determine a physical system reaction and a cyber system reaction responsive to the simulated cyber attack and the selected candidate mitigative response measure; determine a resilience level for the OT system enabled with the selected candidate mitigative response measure responsive to the physical system reaction and the cyber system reaction; and repeat the operations to select the candidate mitigative response measure, to determine the physical system reaction and the cyber system reaction, and to determine the resilience level for the OT system, for respective next ones of candidate mitigative response measures of the set. 2 . The system of claim 1 , wherein the one or more processors are configured to: after the repeating of the operations for the respective next ones of candidate mitigative response measures of the set, identify one or more optimal mitigative response measures for the OT system at least partially based on determined resilience levels associated with respective candidate mitigative response measures that are above one or more resilience thresholds. 3 . The system of claim 1 , wherein the one or more processors are configured to: in the operations, determine an impact level on the OT system enabled with the selected candidate mitigative response measures responsive to the physical system reaction and the cyber system reaction; and after the repeating of the operations for the respective next ones of candidate mitigative response measures of the set, select, as one or more optimal mitigative response measures, one or more candidate mitigative response measures associated with the determined resilience levels that are above a resilience threshold and the determined impact levels that are below an impact threshold. 4 . The system of claim 1 , wherein respective ones of the candidate mitigative response measures comprise one or more cyber system-based mitigative response measures, one or more physical system-based mitigative response measures, or both. 5 . The system of claim 1 , wherein respective ones of the candidate mitigative response measures include a selected one or combination of multiple mitigative response components, and further include, for respective ones of the selected one or the combination of the multiple mitigative response components, a selected one of multiple configurations thereof, multiple settings thereof, and/or multiple parameters thereof. 6 . The system of claim 5 , wherein the one or more processors are configured to: select a subset of optimal candidate mitigative response measures at least partially based on a ranking of respective ones of the candidate mitigative response measures after the repeated operations, the ranking being at least partially based on determined resilience levels associated with the respective candidate mitigative response measures; generate an updated set of updated candidate mitigative response measures based on at least some of the optimal candidate mitigative response measures of the subset, the updated set of updated candidate mitigative response measures including the at least some of the optimal candidate mitigative response measures adapted with modifications to and/or variations on the respective selected ones or combinations of the multiple mitigative response components and/or the selected respective ones of the multiple configurations thereof, the multiple settings thereof, and/or multiple parameters thereof; and repeat the repeated operations for the updated set, the selecting of the subset of optimal candidate mitigative response measures, and the generating of the updated set of updated candidate mitigative response measures, one or more times as needed to identify one or more optimal mitigative response measures for the OT system, the one or more optimal mitigative response measures identified at least partially based on the determined resilience levels associated with respective candidate mitigative response measures that are above one or more resilience thresholds. 7 . The system of claim 2 , wherein the one or more processors are configured to identify the one or more optimal mitigative response measures for the OT system at least partially based on a genetics or evolutionary based algorithm. 8 . A method of identifying one or more optimal mitigative response measures to an anticipated cyber attack on an operational technology (OT) system using one or more networks, the one or more networks including a digital twin and one or more cyber system components, the digital twin configured to emulate at least a portion of a physical system of the OT system, the method comprising: selecting, from a set of candidate mitigative response measures, a candidate mitigative response measure for execution in response to a simulated cyber attack in the one or more networks; obtaining one or more physical system reaction indications at least partially based on a reaction output from the digital twin, the reaction output from the digital twin being at least partially responsive to the simulated cyber attack and the selected candidate mitigative response measure; obtaining one or more cyber system reaction indications at least partially based on a reaction output caused by the one or more cyber system components, the reaction output caused by the one or more cyber system components being at least partially responsive to the simulated cyber attack and the selected candidate mitigative response measure; determining a resilience level of the OT system enabled with the mitigative response measure at least partially based on the one or more physical system reaction indications and the one or more cyber system reaction indications; and repeating operations including the selecting of the candidate mitigative response measure, the obtaining of the one or more physical system reaction indications, the obtaining of the one or more cyber system reaction indications, and the determining of the resilience level of the OT system, for respective next ones of candidate mitigative response measures of the set. 9 . The method of claim 8 , further comprising: after the repeating of the operations for the respective next ones of candidate mitigative response measures of the set, identifying the one or more optimal mitigative response measures for the OT system at least partially based on determined resilience levels associated with the respective candidate mitigative response measures that are above one or more resilience thresholds. 10 . The method of claim 9 , further comprising: in the operations, determining an impact level on the OT system at least partially based on the one or more physical system reaction indications and the one or more cyber system reaction indications; and after the repeating of the operations for the respective next ones of candidate mitigative response measures of the set, selecting, as the one or more optimal mitigative response measures, one or more candidate mitigative response measures associated with the determined resilience levels that are above a resilience threshold and determined impact levels that are below an impact threshold. 11 . The method of claim 9 , further comprisi