Fundamental principles for the design and application of cyber ranges for training cybersecurity specialists

Authors

  • Максим Михайлович ДЕЛЕМБОВСЬКИЙ Київський національний університет будівництва і архітектури https://orcid.org/0000-0002-6543-0701
  • Сергій Олександрович ГНАТЮК Державний університет "Київський авіаційний інститут" https://orcid.org/0000-0003-4992-0564
  • Борис Валерійович КОРНІЙЧУК Київський національний університет будівництва і архітектури https://orcid.org/0000-0003-3881-1581

DOI:

https://doi.org/10.18372/2225-5036.31.20703

Keywords:

cyber range, cybersecurity training, NICE Framework, Bloom’s taxonomy, Kolb’s cycle, Infrastructure as Code, scenario as code, digital twins, situational awareness, learning analytics, SIEM/SOAR, agentic RAG, multi-agent reinforcement learning, Purple Team

Abstract

This paper presents a comprehensive analysis of the fundamental principles for designing and applying cyber ranges as controlled learning and research environments for developing professional cybersecurity competencies. The evolution from static virtual labs to scalable cloud-based ecosystems and digital twins is outlined, emphasizing realistic network topologies, business services, and user behavior modeling. The study substantiates the need to combine technological automation with instructional design, including Bloom’s taxonomy and Kolb’s experiential learning cycle, and to align training outcomes with the NICE Workforce Framework. Particular attention is given to scenario lifecycle management, reproducibility through Infrastructure as Code and “scenario as code”, and objective performance assessment using learning analytics and situational awareness metrics. The paper also discusses the role of AI-driven automation, including agentic RAG approaches and multi-agent reinforcement learning, for adaptive scenario generation and dynamic adversary modeling, while highlighting the importance of verification and controlled use in training settings.

Downloads

Published

2025-08-22

How to Cite

ДЕЛЕМБОВСЬКИЙ , М. М., ГНАТЮК , С. О., & КОРНІЙЧУК , Б. В. (2025). Fundamental principles for the design and application of cyber ranges for training cybersecurity specialists. Ukrainian Scientific Journal of Information Security, 31(2), 104–111. https://doi.org/10.18372/2225-5036.31.20703

Issue

Vol. 31 No. 2 (2025): Ukrainian Scientific Journal of Information Security

Section

Cybersecurity & Critical Information Infrastructure Protection (CIIP)

License

The scientific journal "Ukrainian Scientific Journal of Information Security" adheres to the principles of open science and provides free, free and permanent access to all published materials. The goal of the policy is to increase the visibility, citation and impact of the results of scientific research in the field of information security. The journal works according to the principles of Open Access and does not charge a fee for access to published articles.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal Ukrainian Scientific Journal of Information Security:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.