查看文章

In this paper we discuss a work in progress to create a socio-technical system design framework for cyber security training exercises (STSD-CSTE) to support the development of cyber security training in the Norwegian Cyber Range. The process to create the framework started by first performing a socio-technical systems root cause analysis of an Advanced Persistent Threat (APT) incident called “Operation Socialist”. Operation Socialist was the code name given by the British signals and communications agency Government Communications Headquarters (GCHQ) to an operation in which they successfully breached the infrastructure of the Belgian telecommunications company Belgacom (now Proximus Group) between 2010 and 2013. To extract relevant information from the case four socio-technical systems models were tested. The four models integrated into one framework were a Cassano-Piche Structural Hierarchy model, the “Security By Consensus” model, the Kowalski Socio-Technical systems dynamic model and Withword’s 8 criterial model. After this framework has been reviewed by the socio-technical research community we plan to test the framework with exercises in the Norwegian Cyber Range (NCR) environment. NCR will be an arena where testing, training, and exercise will be used to expose individuals, public and private organizations and government agencies to simulate socio-technical cyber security events and situations in a realistic but safe environment.