A step-by-step definition of a reference architecture for cyber ranges

Abstract

Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.