Cyber Ranges are complex infrastructures hosting high quality exercises that simulate cybersecurity scenarios of real-world complexity. Building the computing infrastructure is only the first step towards the successful execution of the cyber exercises. The design, verification and deployment of scenarios are costly and error-prone activities. As a matter of fact, a misconfiguration in the scenario can compromise the exercise and the training goals. This makes the design, development, and deployment of live-fire cyber exercises of real-world complexity so expensive that can be afforded only by a limited number of organizations. In this paper we present CRACK, a framework for the (i) design, (ii) model verification, (iii) generation, and (iv) automated testing of cyber scenarios. We introduce the CRACK SDL, a Scenario Definition Language based on TOSCA, an OASIS standard for the specification and orchestration of virtual infrastructures. CRACK SDL allows for the declarative specification of the scenario elements and their interplay, e.g., a vulnerability affecting a system. Through a formal encoding of the properties of an SDL specification, CRACK also supports the automatic verification of a scenario against its training objectives. After a successful verification, the scenario is automatically deployed in the Cyber Range and automatically tested to check the correspondence between the behavior of the deployed system and its specification. The key functionalities offered by CRACK are presented through a simple, yet representative case study. Experimental results confirm the effectiveness of the proposed approach.

Building next generation Cyber Ranges with CRACK

Costa G.;
2020

Abstract

Cyber Ranges are complex infrastructures hosting high quality exercises that simulate cybersecurity scenarios of real-world complexity. Building the computing infrastructure is only the first step towards the successful execution of the cyber exercises. The design, verification and deployment of scenarios are costly and error-prone activities. As a matter of fact, a misconfiguration in the scenario can compromise the exercise and the training goals. This makes the design, development, and deployment of live-fire cyber exercises of real-world complexity so expensive that can be afforded only by a limited number of organizations. In this paper we present CRACK, a framework for the (i) design, (ii) model verification, (iii) generation, and (iv) automated testing of cyber scenarios. We introduce the CRACK SDL, a Scenario Definition Language based on TOSCA, an OASIS standard for the specification and orchestration of virtual infrastructures. CRACK SDL allows for the declarative specification of the scenario elements and their interplay, e.g., a vulnerability affecting a system. Through a formal encoding of the properties of an SDL specification, CRACK also supports the automatic verification of a scenario against its training objectives. After a successful verification, the scenario is automatically deployed in the Cyber Range and automatically tested to check the correspondence between the behavior of the deployed system and its specification. The key functionalities offered by CRACK are presented through a simple, yet representative case study. Experimental results confirm the effectiveness of the proposed approach.
Automated design
Cyber Range
Cybersecurity
Scenario verification
Training
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S0167404820300316-main.pdf

non disponibili

Tipologia: Versione Editoriale (PDF)
Licenza: Nessuna licenza
Dimensione 5.2 MB
Formato Adobe PDF
5.2 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11771/15672
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 14
social impact