This paper presents a framework for integrated cyber-physical security propagation study within critical infrastructures (hospitals use case). The framework includes an ontology for the semantic modeling of cyber-physical security. The impact propagation approach relies on propagation rules inferring the cascading effects of security incidents occurring in hospitals. An impact score module allows evaluating impacts' severity, considering implemented protection measures. This work is part of the European project SAFECARE, which provides a set of tests and demonstration sessions in partnership with 3 hospitals in Europe. During these tests, we measured effectiveness and efficiency metrics, as well as end users' satisfaction feedback. Experiments performed on real attack scenarios, show high effectiveness rates and a common agreement from end-users about the added value of the solution to enhance risks analysis practice and increase hospitals mitigation strategies efficiency.