07 October 2020
CyberSec4Europe Maps European Cyber Ranges: Training Against Cyber Attacks is Active in Europe
European cyber ranges and their features have been studied by JAMK University of Applied Sciences. The comprehensive survey is the first of its kind in Europe.
Thirty-nine reported European cybersecurity training environments – cyber ranges – were found in the study. The most cyber ranges reported by country are in Finland, seven in total. Finnish cyber ranges can be found at JAMK’s Cyber Security Research, Development and Training Center (JYVSECTEC), VTT, the University of Tampere, Turku University of Applied Sciences, Rugged Tooling Oy and two actors which remain anonymous. There are four similar environments in Sweden, three in Germany and Greece and the rest are evenly distributed across Europe.
According to the study, cyber ranges were mainly used by companies and public organisations, as well as by students in engineering, bachelor’s and master’s degree programs.
“Companies and organisations use environments to develop staff skills and to develop business continuity and resilience to cyber security incidents. Cyber security exercises in training environments range from short-term exercises to multi-day national cyber-disorder exercises. Organisations from different countries participate in international co-operation exercises” says project manager, Jani Päijänen from JAMK’s IT Institute.
Industry-specific systems, often related to critical infrastructures such as industrial and process automation, IoT environments, and logistics, have been modelled for several environments. Few environments have been modelled from the perspective of realistic Internet use.
“Somewhat surprisingly, the study found that traditional office and computer network infrastructure systems were under-represented in cyber ranges. We also noticed that the international vocabulary related to cyber practice and training environments is inconsistent” says Päijänen.
The possibilities for cooperation in the cybersecurity environment were explored through interviews. The technical capacity for concerting cyber ranges was perceived as challenging, but collaboration is necessary. The technical federation of cyber ranges enables participants to have a more comprehensive and realistic training experience.
In order to interconnect or technically federate cyber ranges, a requirements specification was developed, which enables the composition of several different environments into a single training environment. Interconnection is possible with both open source and commercial products.
“The idea behind the requirements specification is to make it easier for companies and organisations to participate in more extensive cybersecurity exercises. The entity offers its users features that one operator would not be able to offer” says Juha Piispanen, JAMK’s expert who prepared the definition.
The connection method created on the basis of the definition will be tested in January 2021, when a two-day cybersecurity exercise for CyberSec4Europe partners will be organised at JAMK’s IT Institute. Due to travel restrictions, participants will join the exercise from their home countries using the subscription method specified in the requirements.
The study was carried out as part of the CyberSec4Europe research and development project, which involves 43 partners from 20 EU Member States and two Associated Countries. From Finland, JAMK University of Applied Sciences and VTT are involved. The project is funded under the Horizon 2020 research programme.
The full report can be downloaded from here.
Jani Päijänen, JAMK
This article was released by JAMK as a press release (in Finnish) and was picked up by the following Finnish publications: