Abstract
Cyber ranges have gained significant importance in cybersecurity training in recent years, and they are still playing a role of paramount importance, thanks to their ability to give trainees hands-on experience with real-world exercises. This paper presents the motivation and objective of the AERAS project, including a thorough analysis of data from ad hoc interviews and surveys specifically designed and administered for the project’s goals. AERAS aims to apply the cyber range concept to the critical healthcare sector. The AERAS platform will be a virtual cyberwarfare solution that will simulate the operation and effects of security controls and offer hands-on training on their development, assessment, use, and management.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Data availability
The questionnaire responses and interview data collected for this study were anonymous and kept confidential to ensure participants’ privacy. We will submit the anonymized data supporting this research’s findings to a public archive after publication.
Notes
General Data Protection Regulation, https://eur-lex.europa.eu/eli/reg/2016/679/oj
Health Insurance Portability and Accountability Act, https://www.hhs.gov/hipaa/index.html
References
Basile, M., Dini, G., Varano, D.: CYBERWISER.eu: Innovative cyber range platform for cybersecurity training in industrial systems. Electronic Communications of the EASST 79, 1–12 (2020). https://doi.org/10.14279/tuj.eceasst.79.1114.1065
ENISA: Cyber europe 2022: After action report. https://www.enisa.europa.eu/publications/cyber-europe-2022-after-action-report. Accessed: 15 Dec. (2022)
ENISA: ENISA Threat Landscape 2022. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2022. Accessed: 01 Dec (2022)
ENISA: NIS investments 2022. https://www.enisa.europa.eu/publications/nis-investments-2022 . Accessed: 30 Nov. (2022)
Ferguson, B., Tall, A., Olsen, D.: National cyber range overview. In: 2014 IEEE Military Communications Conference, pp. 123–128 (2014). https://doi.org/10.1109/MILCOM.2014.27
Hatzivasilis, G., Ioannidis, S., Smyrlis, M., Spanoudakis, G., Frati, F., Braghin, C., Damiani, E., Koshutanski, H., Tsakirakis, G., Hildebrandt, T., Goeke, L., Pape, S., Blinder, O., Vinov, M., Leftheriotis, G., Kunc, M., Oikonomou, F., Maglio, G., Petrarolo, V., Chieti, A., Bordianu, R.: The THREAT-ARREST cyber range platform. In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 422–427 (2021). https://doi.org/10.1109/CSR51186.2021.9527963
Karjalainen, M., Kokkonen, T.: Comprehensive cyber arena; the next generation cyber range. In: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 11–16 (2020). https://doi.org/10.1109/EuroSPW51379.2020.00011
Moustafa, A.A., Bello, A., Maurushat, a.: The role of user behaviour in improving cyber security management. Front Psychol. 12 (2021). https://doi.org/10.3389/fpsyg.2021.561011. https://pubmed.ncbi.nlm.nih.gov/34220596/
Rebecchi, F., Pastor, A., Mozo, A., Lombardo, C., Bruschi, R., Aliferis, I., Doriguzzi-Corin, R., Gouvas, P., Alvarez Romero, A., Angelogianni, A., Politis, I., Xenakis, C.: A digital twin for the 5g era: the spider cyber range. In: 2022 IEEE 23rd International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 567–572 (2022). https://doi.org/10.1109/WoWMoM54355.2022.00088
Smyrlis, M., Somarakis, I., Spanoudakis, G., Hatzivasilis, G., Ioannidis, S.: CYRA: A model-driven cyber range assurance platform. Applied Sciences 11(11) (2021). https://doi.org/10.3390/app11115165
Somarakis, I., Smyrlis, M., Fysarakis, K., Spanoudakis, G.: Model-driven cyber range training: A cyber security assurance perspective. In: Computer Security, pp. 172–184. Springer International Publishing (2020)
Ukwandu, E., Farah, M.A.B., Hindy, H., Brosset, D., Kavallieros, D., Atkinson, R., Tachtatzis, C., Bures, M., Andonovic, I., Bellekens, X.: A review of cyber-ranges and test-beds: Current and future trends. Sensors 20(24) (2020). https://doi.org/10.3390/s20247148
CELEDA, P., CEGAN, J., VYKOPAL, J., TOVARNÁK, D.: Kypo - a platform for cyber defence exercises. In: STO-MP-MSG-133: M &S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence. Munich (Germany): NATO Science and Technology Organization, pp. 1–12. NATO (2015)
Funding
This work has been partly funded by the European Commission within the H2020 MSCA project AERAS (Grant No. 872735).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflicts of interest related to this research.
Ethical approval
The authors received ethical approval to conduct this study from the Ethics Committee of the University of Milan. Additionally, all data collection procedures for non-personally identifiable information were approved by the Data Protection Officers of the AERAS project beneficiaries.This study involved the administration of questionnaires and interviews with human subjects. The study adhered to ethical principles, and participants’ consent was obtained before involvement. The authors ensured that all participants were informed about the nature of the study, their participation was voluntary, and their responses were kept confidential and anonymous.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Frati, F., Darau, G., Salamanos, N. et al. Cybersecurity training and healthcare: the AERAS approach. Int. J. Inf. Secur. 23, 1527–1539 (2024). https://doi.org/10.1007/s10207-023-00802-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00802-y