Optimization of Cyber Defense Exercises Using Balanced Software Development Methodology

Investor logo

Warning

This publication doesn't include Faculty of Arts. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

OŠLEJŠEK Radek PITNER Tomáš

Year of publication 2021
Type Article in Periodical
Magazine / Source International Journal of Information Technologies and Systems Approach
MU Faculty or unit

Faculty of Informatics

Citation
Web Permalink to the web of publisher
Doi http://dx.doi.org/10.4018/IJITSA.2021010108
Keywords Cybersecurity; Training; Learning; Phase; Discipline; Agile; Disciplined; Cyber Range; Development Method; CDX; SPEM
Attached files
Description Cyber defense exercises (CDXs) represent an effective way to train cybersecurity experts. However, their development is lengthy and expensive. The reason lies in current practice where the CDX life cycle is not sufficiently mapped and formalized, and then exercises are developed ad-hoc. However, the CDX development shares many aspects with software development, especially with ERP systems. This paper presents a generic CDX development method that has been derived from existing CDX life cycles using the SPEM standard meta-model. The analysis of the method revealed bottlenecks in the CDX development process. Observations made from the analysis and discussed in the paper indicate that the organization of CDXs can be significantly optimized by applying a balanced mixed approach with agile preparation and plan-driven disciplined evaluation.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.