FZI Participates in BSI's New Cybersecurity Training Platform
Cybersecurity training in realistic IT environments
Research focus: Security and Resilience
The Federal Office for Information Security (BSI) has comprehensively upgraded its network defense training center. The system serves as a digital training environment for IT security practices, where cyberattacks are realistically simulated and defensive measures are practiced. The Network Defense Training Center 2.0 is based on CAVE, an open platform for practical IT security training. The act digital group and the FZI Research Center for Information Technology were involved in its development.
The training center is primarily aimed at federal authorities, but can also be used by companies, organizations, and universities. The aim is to provide realistic training environments where specialists can conduct and analyze cyberattacks themselves and practice defensive measures.
CAVE: Platform for virtual cybersecurity training
CAVE is the technical basis of the BSI’s upgraded network defense training center. The platform enables the automated creation of complete virtual training environments, including servers, networks, and entire company infrastructures. These environments replicate real IT systems as realistically as possible and serve as secure training rooms.
A special approach: participants take on the role of attackers themselves. In the exercises, they try, for example, to find and exploit vulnerabilities in the IT systems of fictitious companies. This change of perspective is intended to strengthen understanding of typical attack methods and raise awareness of cybersecurity in public authorities and companies.
Typical training scenarios include, for example:
- Exploiting publicly available information to prepare targeted attacks
- Sending phishing emails and using malware to understand how attacks work
- Securing virtual IT infrastructures, for example in simulated corporate networks
- Finding and evaluating security vulnerabilities in web applications
The training sessions can take place individually or in teams. Each group is given its own isolated environment (“lab”) so that exercises can be conducted realistically without endangering real systems.
Open-source architecture for flexible training
The platform is entirely based on free software. It is technically implemented as ‘Infrastructure as Code’ and is designed to run on OpenStack. Virtual machines and networks are automatically generated using modules from the open-source OpenTofu tool. Access is possible via a VPN client or a browser. Participants can work on prepared practice machines, manage their training environment and restart it or submit results via a control panel.
Open learning platform with expandable modules
The modernized training center creates an open training and development platform for IT security that promotes collaborative learning and exchange in the field of cyber defense. The FZI contributes its expertise in the development of modern training infrastructures for cybersecurity, thereby supporting the strengthening of digital resilience. The platform is now publicly available thanks to the open-source release of the infrastructure and an initial five-day training module. The FZI plans to use the environment in teaching and other research projects in the future.
Trainings
The platform has already been used for several training weeks at the BSI and other federal authorities, with more training courses planned. The training content can be adapted for use in companies. If you are interested, please contact FZI scientist Niklas Goerke (goerke@fzi.de).