Chapter 3 elaborates on three critical types of human cognitive capabilities to fulfill four classes of CPS tasks in Fig. 3.2. For all of its advantages, the active presence of human cognition also brings vulnerabilities. Compared to computer programs and robots that strictly follow the algorithms and retain the same level of performance, human operators may violate security procedures or be prone to errors due to misaligned incentives, herding effects, inattention, fatigue, and bounded rationality. In Chap. 4, we classify cognitive vulnerabilities into innate vulnerabilities in Sect. 4.1 and acquired vulnerabilities in Sect. 4.2 based on whether they can be mitigated through short-term external interference, including security training and mechanism design in Fig. 1.8. For each cognitive vulnerability, we first illustrate its impact on HCPSs and how cognitive attacks can exploit it. Then, we present system-scientific perspectives to characterize the vulnerability, the attacks, and the defense methods in different security scenarios, which focus on the computational aspects of vulnerability analysis, exploitation, and mitigation in the literature.