Simulating Cyber Operations: A Cyber Security Training Framework

by Bryan K. Fite
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits best practices

While there are many security competitions and training platforms used to simulate the electromagnetic communication spectrum known as Cyber, they vary widely in effectiveness, assessment capabilities and flexibility. In addition, most are closed and proprietary in nature. What is needed is a publicly adopted Cyber&Operations simulation standard to support training, assessment and technique development of operators within the electromagnetic communications spectrum. This paper proposes an innovative way to model Cyber&Operations by representing the core simulation elements as Objects and describing their interactions via a Scenario& Definition&Language (SDL), which dictates the rules governing Object interactions. It further describes an approach used to create purposeTbuilt simulations, defines fundamental object types, presents a lexicon and shows how gaming can be used to support effective cyber operations training and assessment.