Secure Infrastructure for Cyber-Physical Ranges
Original version
10.1007/978-3-031-33080-3_45Abstract
Industrial systems (IS), including critical ones, swiftly move towards integrating elements of modern Information Technology (IT) into their formerly air-gapped Operational Technology (OT) architectures. And, naturally, the more such systems become interconnected, the more alluring they pose to attackers. Concurrently, the twenty-four-seven availability of these systems renders it harder for defenders to promptly apply contemporary security controls. In this context, cyber ranges have emerged as a proper complementary solution for better comprehending and subsequently tackling the relevant risks without endangering the operation of the real systems. This work aspires to contribute a reference architecture for designing and developing cross-sector critical infrastructure (CI) cyber-physical ranges and security testbeds. A second key goal is to demonstrate the soundness of the proposed reference architecture through the implementation and evaluation of a number of cyber range instances specifically tailored for CIs of interest, including manufacturing, energy, and healthcare.