CONCORDIA

Airbus CyberRange

Airbus CyberRange is a multi-role cyber simulation platform. It has been developed to model IT / OT systems composed of tens to hundreds virtual component and play realistic scenarios including real cyber-attacks. As a system integrator, Airbus CyberSecurity designed its CyberRange as a sustainable industrial product, tackling the following objectives:

  • An open and customizable platform, allowing end users to integrate their own virtual assets, attack vectors and model representative IT/OT systems,
  • A scalable platform, able to manage several simulation environments concurrently, each one representing a system in the organization,
  • An easy to use platform. CyberRange technology is accessible through ergonomic web interfaces, it simplifies its installation as it relies on standard HTTPS/HTTPS protocol and do not require installation of additional software. Web interface is designed to hide the complexity related to the management of thousands virtual components, focusing end users on the modelling of their systems,
  • An easy to operate platform: CyberRange relies on best of breed virtualization technologies (incl. VMWare ESX and Docker) and has been elaborated to minimize administration efforts during its operation.

By means of these capabilities, users can immerse themselves in an environment customized to look like their system in operation. This support several use cases including operational qualification, testing, and training.

Airbus Cybersecurity

France / Germany / UK

Provided Services

Education of Students
Training of Professionals
Cyber Defense Exercises
Cybersecurity Research
Testing of
HW/SW

The Airbus CyberRange has been designed for and is used by critical organizations (CNI, governments, and military). Airbus CyberSecurity has also established partnerships with various engineering schools, universities and research centres offering specializations in cybersecurity. Within the framework of these partnerships, Airbus CyberSecurity, its university partners and its customers collaborate to develop and exchange library components, systems, IT or OT infrastructures and scenarios.

Education of Students / Training of Professionals
  • Airbus Cybersecurity developed Training programs as well as stand-alone trainings combining theoretical approach and practical exercises.
  • Airbus CyberRange is used by universities as part of their bachelor and master programs. Among the different use cases, CyberRange is used to organize challenge for recruitment and during events, or global cyber crisis management exercise as a final exam.
Cybersecurity Research / Testing of HW/SW
  • Airbus CyberRange was used as a testbed to benchmark OT sensors and make a clear recommendation to CNI customer on which solution should be used according to its needs. A representative environment has been designed on CyberRange and an automated test plan has been run
  • Airbus CyberRange is used as an integration platform and/or demonstration environment.
Cyber Defence Exercises / Challenge
  • Organization of Capture the flag challenge during the European Cyber Week for 5 years. These one day challenges covered different fields (such as encryption, log analysis, network, and hardening) and involved 48 participants per session.
Crisis management:
  • Multi-site crisis management exercise involving 50 participants from both an institution in charge of IT security and a critical national operator.
Airbus CyberRange in a transportable box
Airbus CyberRange management interface

Cooperation models

Airbus CyberRange technology is available in different delivery methods to fit end users’ needs and constraints.

Physical Platform

High performance servers easily deployable on premises. Ready to use, the platform includes all the required servers, switches and power supply to work in a fully isolated environment (air-gapped).Physical platform can be deployed either in end users data center or in an easily transportable box.

Cloud Platform

The Airbus CyberRange technology is also available as Software as a Service hosted in European based Cloud provider. Cloud allows a flexible and multisite collaborative experience for a competitive price.

Service

Airbus Cybersecurity experts deliver high grade services leveraging on the Airbus CyberRange such as Crisis management exercises, Professional training or Testing services. In such cases, the platform is fully managed by Airbus team.

Technology

Hardware-based
Virtualized
Cloud-based (private cloud)
Cloud-based (public cloud)

Airbus CyberRange combines cutting-edge technologies such as VMware vSphere, Docker, and its embedded LADE software that provides orchestration services and an intuitive, easy-to-use web interface.

VMware vSphere includes the VMware ESXi hypervisor and the VMware vCenter management server. The vSphere suite is well established, stable, and has many built-in features, including resource management and allocation (vSphere DRS), unified network management across the cluster (VMware Distributed Virtual Switch), hot-migration to rebalance the cluster, high availability (vSphere HA), and fault tolerance. Features and support make the technology a very powerful and trusted foundation for the CyberRange.

Docker is deployed in our infrastructure to deploy containerized applications in seconds. Containers minimize memory by sharing a Linux kernel, allowing the CyberRange to host thousands of applications. Template management is also easier than traditional applications isolated in a virtual machine since images are lighter and can be loaded with an improved cache mechanism based on Docker layers. The open source community and the open Docker Hub make Docker a very dynamic and rich product, providing thousands of images ready for use with the most popular technologies.

The LADE software is built on these features, using the high-level APIs of both products, making it easy to deploy hybrid and complex network topologies. CyberRange can run multiple Virtual Machines (VMware) and Containers (Docker) in each isolated environment (work area).

The CyberRange comes with a catalogue of models (VMs and Containers) that can be instantaneously relocated multiple times in the work areas and adapted to build a representative IT or OT topology. The platform provides documentation available from the LADE interface, containing examples and instructions for creating and importing new virtual machines and Containers, or converting existing virtual machines to be importable into the platform.

Content Management and Development

CyberRange offers several types of content to achieve its simulation capabilities: topologies, virtual machines, containers, attacks, traffic generators and scenarios. These elements can be backed up and restored in a structural format called a “Bundle”. The bundle format can integrate one or more elements to shape a coherent set of content for dedicated purposes.

The main advantages of this format:

  • customize the organization of the content,
  • backup/restore a complete set of components,
  • share components between users and platforms.

The Airbus CyberRange also offers the ability to create and fully customise new bundles from an existing infrastructure or part of it. Attacks and other actions, scenarios and topologies can be sorted into categories, with parent/child categories, allowing the user to have a view of the tree and easily manage content volumes.

Bundles can be saved and then exported to content easily shared across multiple CyberRange platforms or for backup.