Cybertown

IT (Information Technology) security tests are conducted by experts to identify vulnerabilities and evaluate overall risk. While numerous test methods are well established for IT networks, far less guidance exists on how to apply these methods to OT (Operational Technology) environments. Industry needs a detailed understanding of the application of existing and reliable test methods on OT networks to mitigate the various cybersecurity attacks.

Develop a testbed asset that enables industry participants to observe, in real time and with visual effects, how offensive tactics, techniques, and procedures (TTPs) impact OT environments. The testbed generates artifacts from both offensive actions and OT device responses and supports the creation of parsers that translate these artifacts into semantic formats consumable by cybersecurity tools (e.g., SOF-ELK). By doing so, the solution will provide cyber defense personnel with the capability to recognize malicious activity, strengthen detection, and develop effective mitigation strategies for threats in their production environments.

DIB (Defense Industrial Base) and OIB (Organic Industrial Base) members gain firsthand exposure to attack simulations in environments that reflect aspects of their own production systems. This experience deepens their understanding of the potential operational impacts of cyberattacks, highlights the challenges of detecting malicious activity, and demonstrate how open-source (free) software can be leveraged to enhance visibility into OT networks, enabling more effective identification and mitigation of offensive activity.