An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11981)


There are significant concerns regarding the lack of proficient cybersecurity professionals with a background in both Information Technology (IT) and Operational Technology (OT). To alleviate this problem, we propose an open and flexible laboratory for experimenting with an IT/OT infrastructure and the related cybersecurity problems, such as emulating attacks and understanding how they work and how they could be identified and mitigated. We also report our experience in using the laboratory during a one-week training event with 24 students from 7 different high-schools at the mechatronics prototyping facility ProM in Rovereto (Italy).


Education CyberSecurity Laboratory Operational Technology Information Technology 


  1. 1.
    Galadima, A.A.: Arduino as a learning tool. In: 2014 11th International Conference on Electronics, Computer and Computation (ICECCO), September 2014.
  2. 2.
    Banks, A., Briggs, E., Borgendale, K., Gupta, R.: MQTT Version 5, March 2019.
  3. 3.
    Banks, A., Gupta, R.: MQTT Version 3.1.1, December 2015.
  4. 4.
    Hu, Y., Yang, A., Li, H., Sun, Y., Sun, L.: A survey of intrusion detection on industrial control systems. Int. J. Distrib. Sens. Netw. 14(8) (2018). Scholar
  5. 5.
    Information Systems Audit and Control Association: State of cybersecurity 2018. Survey, ISACA, October 2017.
  6. 6.
    Information Systems Audit and Control Association: State of cybersecurity 2019. Survey, ISACA, November 2018.
  7. 7.
    Kaspersky Lab ICS CERT: Industrial CTF. Accessed 30 June 2019
  8. 8.
    Lundgren, L., Hindocha, N.: Light Weight Protocol: Critical Implications. Accessed 30 June 2019
  9. 9.
    Modbus-IDA: MODBUS TCP/IP Implementation Guide, October 2006.
  10. 10.
    Palmieri, A., Prem, P., Ranise, S., Morelli, U., Ahmad, T.: MQTTSA: a tool for automatically assisting the secure deployments of MQTT brokers. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642–939X, pp. 47–53, July 2019.
  11. 11.
    Ponemon Institute LLC: 2018 Cost of Insider Threats: Global.
  12. 12.
    Spanish National Cybesecurity Institute: Protocols and Network Security in ICS Infrastructure, February 2017.
  13. 13.
    Yassein, M.B., Shatnawi, M.Q., Aljwarneh, S., Al-Hatmi, R.: Internet of Things: survey and open issues of MQTT protocol. In: 2017 International Conference on Engineering MIS (ICEMIS), pp. 1–6, May 2017.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Security & Trust, Fondazione Bruno KesslerTrentoItaly

Personalised recommendations