The document summarizes an experience report on modelling and simulating railway emergency response plans. It discusses using declarative process models and collaborative simulation to study how emergency plans may be impacted by combined physical and cyber attacks. Key steps involved collaboratively mapping out emergency response procedures with experts, and then simulating scenarios using the process model to explore vulnerabilities and make recommendations. The approach was tested on a case study of the Great Belt Bridge incident, and conclusions were that collaborative mapping and simulation is a viable way to study cyber-physical vulnerabilities in critical infrastructure.