Welcome to the
AIT Cyber Range –
The AIT Austrian Institute of Technology has designed a unique digital and hybrid simulation platform and operates a training center at its premises in Vienna – the AIT Cyber Range. The facility can accommodate up to twenty-four in-presence participants (depending on social distancing requirements). In the training room, participants can access the AIT Cyber Range using high-quality computing equipment. Additionally, practical hands-on exercises can be conducted in the training room, using industrial control systems equipment. The advanced audio-video setup in the training room allows participants to engage flexibly with each other, e.g., participants can share their screen with the entire class on large projector screens. This can be used to facilitate group discussions. Reflecting the need to accommodate online events and participants, the training room includes facilities to live stream video and audio to the Internet. Co-located with the main training room are a multitude of other breakout rooms and space to host refreshments and social events. Our goal is to provide a flexible, professional and welcoming environment for our training course and exercise participants.
Cyber Range Scenarios
The AIT conducts research into the cyber security of current and next generation digitalized critical infrastructures. As part of this research, with our partners, we develop a deep understanding of these environments and the threats they face. Moreover, we participate in cyber threat intelligence sharing activities, including research projects and forums, such as the European Energy ISAC. Because of this knowledge, we create advanced scenarios for training and exercises, which are representative of those found in societally critical infrastructures and include threat scenarios that reflect the increasingly sophisticated nature of the cyber security threat. Example scenarios have been executed for energy distribution systems, nuclear facilities, manufacturing systems, and enterprise environments. Threat scenarios have been created that include elements of most advanced ransomware and targeted attacks to industrial control systems.
The development and execution of cyber security exercises can become complex, especially if the exercise involves many participants and teams. To help us manage this complexity, we have developed a web-based control interface, which consists of two closely related components. Our Game Maker Control interface is designed to be easy to use and to allow for the creation of complex scenarios. The Game Maker Runner interacts with provisioned infrastructure to run exercises (i.e. deliver injects). As a living product, we constantly improve this software component.
Cyber Range Technologies
The AIT Cyber Range architecture consists of three system modules which have a distinct purpose and are loosely dependent on each other, to make changing the underlying technologies or implementation as easy as possible. There is a strong emphasis on the use of open-source technology in the implementation of the range, which supports adoption of the technology and exercises by our clients in their own infrastructure environments.
The implementation of the core open-source modules of the AIT Cyber Range can be summarized, as follows:
At the core of every cyber range is the ability to simulate and integrate systems to build complex networked infrastructure setups. The AIT Cyber Range uses a self-hosted OpenStack cluster as its compute engine, consisting of a mostly default configuration run on multiple Ubuntu-based nodes. Recently, AIT has expanded the capacity by using a Cloud-based service provider to support the execution of exercises with larger numbers of participants.
The infrastructure provisioning module is the component that is used to create testbed configurations and orchestrate them on a computing platform. OpenStack has the features required for the infrastructure provisioning module in the form of the OpenStack Heat project. While OpenStack Heat would provide everything needed, the range uses the infrastructure-as-code tool Terraform instead, as it supports a variety of computing platforms and allows the definition of reusable complex infrastructure modules. Due to its infrastructure-as-code nature, configurations can also be subject to version control and stored using program code versioning systems (e.g. GIT).
The software provisioning module is used to add (and configure) functionality to virtual machines on the cyber range. The AIT Cyber Range software provisioning module is implemented using the configuration management tool Ansible. Ansible provides AIT with the ability to define software deployments and configurations as “templatable” code. Like Terraform, it also allows to modularize Ansible code using so-called Ansible Roles.
A more extensive overview of the AIT Cyber Range can be found in a published article .
AIT operates as worldwide first IAEA Collaborating Centre in the field of cyber security for nuclear safety in IAEA´s member states.