Modern cyber domain is an extremely complex field to master. There are numerous capricious dependencies between networked systems and data. In cyber security, technology has a major role, but the knowledge and skills of the individuals combined with the incident response processes of the organisations are even more important assets. Those assets foster the cyber resilience of the organisation. The most effective ways to uphold these urgent assets are training and exercising. Cyber security exercises in particular have proven their efficiency in improving cyber security skillsets. During the cyber security exercises, it is possible to train cyber defence and incident response manoeuvres in stressful and hectic situations of being under cyber attack or intrusion. To achieve the capability to organise technical cyber security exercises with real attacks and real malware, technical training infrastructure mimicking real networks and systems is required. Such infrastructures are universally called cyber ranges or cyber arenas. Globally, cyber security exercises have become more common during the last decade, and there are several cyber ranges with diverse capabilities. Pooling and sharing the capabilities of cyber ranges raises the requirement to establish a cyber range technical federation. In this paper, a state-of-the-art implementation of the cyber range technical federation is introduced. In addition, the implementation demonstrated and evaluated during the Flagship 1 on-line cyber security exercise is discussed.
Authors
Tero Kokkonen, Tuomo Sipola, Jani Päijänen, Juha Piispanen
Cite as
Kokkonen, T., Sipola, T., Päijänen, J., Piispanen, J. (2023). Cyber Range Technical Federation: Case Flagship 1 Exercise. In: Dimitrakos, T., Lopez, J., Martinelli, F. (eds) Collaborative Approaches for Cyber Security in Cyber-Physical Systems. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-16088-2_1
Publication
https://doi.org/10.1007/978-3-031-16088-2_1
Acknowledgements
This research is funded by Cyber Security Network of Competence Centres for Europe (CyberSec4Europe) -project of the Horizon 2020 SU-ICT-03-2018 program. The authors would like to thank Ms. Tuula Kotikoski for proofreading the manuscript.