Industrial control systems (ICS) are composed of sensors, actuators, control processing units, and communication devices all interconnected to provide monitoring and control capabilities. Due to the integral role of the networking infrastructure, such systems are vulnerable to cyber attacks. Indepth consideration of security and resilience and their effects to system performance are very important. This paper focuses on railway control systems (RCS), an important and potentially vulnerable class of ICS, and presents a simulation integration platform that enables (1) Modeling and simulation including realistic models of cyber and physical components and their interactions, as well as operational scenarios that can be used for evaluations of cybersecurity risks and mitigation measures and (2) Evaluation of performance impact and security assessment of mitigation mechanisms focusing on authentication mechanisms and firewalls. The approach is demonstrated using simulation results from a realistic RCS case study.