Autonomous Systems (AS) are ubiquitously infused into the fabric of society either complementing or supplementing human-operated systems across a variety of safety, service or cost-critical applications. Many AS are mission oriented; they operate in environments that range across terrestrial, aquatic and aerospace environments to support an ever-growing and diverse range of civilian, industrial and military applications (monitoring, search & rescue, autonomous driving, micro-robots for surgery, assisted living, logistics, industrial automation, computing agents), and with direct and indirect safety implications on the users and the operational environment. The diversity of AS entities also extends to varying levels of capabilities e.g., from information-rich complex macro-drones/vehicles to information/resource-limited micro-AS. The mission-critical utility of a Trustworthy Autonomous System (TAS) comes from the safe & secure delivery of desired functionality despite the occurrence of any cyber-physical disruptions. As an AS should operate autonomously (either fully or partially), it needs to adapt to changing circumstances. These include the mission-relevant dynamic environment of interactions across the various AS assets, the data control, networking surfaces and the operational environment (which includes the users as mission-supporting or collateral). As such, an AS is highly dynamic, with internal states (stability, information, energy etc.) that vary in accordance with both the environment and mission profiles. This implies that the security profiles (including the changing threats) of an AS are often dynamic and ill-defined. The challenge is further exacerbated by networked AS (NAS) that achieve complex “swarm” behaviour in an adaptive and compositional manner. This introduces cascade security threats that are poorly understood. The consensus from academia and practitioners is the need to provide rigorous and verifiable guarantees of structured security in the unstructured NAS operational space. Our research is inherently challenge-led and focused on the application-agnostic foundations of AS security.