With the Increasingoccurrence of Various Cyber-Attacks Such As Distributed Denial of Service(Ddos) and Worm Attacks, Simulations Are Being Used to Develop Securitytechniques and Policies Against Such Attacks. In a Cyber-Security Environment,There Are Many Entities That Have Different Resources and Behaviors; Attack Anddefensive Behaviors Are Exhibited Upon Interaction With Other Entities. Inorder to Design Simulation Models For Various Cyber-Security Simulations, Notonly a Generalized Model That Can Represent Various Attacks and Target Entitiesbut Also a Modeling Method That Considers Different Types of Interactionsbetween Entities to Make Simulation Models Should Be Developed. In This Paper,We Describe a Modeling Methodology For the Cyber-Security Simulation Based Ondiscrete Event System Specification (Devs) Formalism. This Paper Describes Anew Hybrid Modeling and Simulation Architecture Developed For Understanding Anddeveloping Protections Against and Mitigations For Cyber Threats Upon Controlsystems. It First Outlines the Challenges to Pcs Security That Can Be Addressedusing These Technologies. the Paper Then Describes Virtual Control Systemenvironments (Vcse) That Use This Approach and Briefly Discusses Securityresearch That Sandia Has Performed Using Vcse. It Closes With Recommendationsto the Control Systems Security Community For Applying This Valuabletechnology. Computer Networks Are Nowrelied 011 More Than Ever Before For Gathering Information and Performingessential ...