We are investigating methods for improving the resilience of cyberphysical systems to malicious attack. In a collaboration with colleagues at the Singapore University of Technology and Design, we are experimenting with new approaches to software security in the context of two real cyberphysical systems: a water purification plant and an electricity distribution grid. Both are full systems with standard components and software, but which, as smaller scale testbeds, allow full access to code and physical plant. In an initial study, we used constraint solving to synthesize attacks on the water purification plant, and validated the attacks by applying them in real time. We are now investigating architectural interventions to guard against such attacks.