CODE Cyber Range

ICE&T is a further development of a commercial product created by IAI and Avnet (ISR). It is a comprehensive and flexible Cyber Range solution based on an open, modular platform and architecture which allows to create and automate own content. Customized training environment topologies can be built.

The current state includes four virtual network infrastructures with scenarios addressing the topics blue-teaming, red-teaming and SCADA on various levels of difficulty. Additionally, it includes 80 individual exercises from 9 different areas.

Research Institute CODE (RI CODE),
Universität der Bundeswehr Munich

Munich, Germany

Provided Services

Education of Students
Training of Professionals
Cyber Defense Exercises
Cybersecurity Research
Testing of

The RI CODE operates a Cyber Range that provides an environment to specifically train so-called CNO (Computer Network Operation) or CERT skills of the Master Cyber Security students. The aim is to practice virtualized scenarios (cyber attacks) that represent the real world as precisely as possible in a virtualized environment an completely isolated from other networks.

 Additionally the Cyber Range also offers the possibility of testing and evaluating new IT security products / prototypes due to the isolation of the Cyber Range from other networks. 

In addition to the use of the Cyber Range in teaching (Master Cyber Security), concepts and technologies are analyzed and further developed at FI CODE as part of research projects in the Cyber Range. The focus here is particularly on the development and implementation of new cyber range scenarios.

Cooperation models

We’re performing joint research projects with national and international research partners. 

Additionally the CyberRange at the RI CODE is also be available on request for on-premise trainings for teams from other Bundeswehr facilities in Germany as well as companies and other authorities..


Cloud-based (private cloud)
Cloud-based (public cloud)

The infrastructure is based on VMWare. For the automation of activities Microsoft’s and VMWare’s Orchestrator are used. Due to its flexibility most components are interchangeable. For firewalling and routing Check Point and pfSense are used but any other firewall type can be installed as well. Inside the environments several security solutions are preinstalled as well, e.g. AlienVault OSSIM and McAfee ePolicy Orchestrator. The Cyber Range itself is separated from the remaining infrastructure. Students, trainers and administrators can connect via Microsoft Terminal Servers.

Content Management and Development

Due to its flexibility and modularity it is possible to import, create and edit content as long as VMWare can be used. It is also possible to include Hardware components. 

Exporting content needs more effort because currently no export functionality is implemented. Depending on the used technologies on other cyber ranges the Microsoft Orchestrator Runbooks need to be converted to the used technology. A possible export is restricted to the self-created scenarios due to the copyright.