Your browser does not fully support modern features. Please upgrade for a smoother experience.
Classifying Cyber Ranges: A Case-Based Analysis Using the UWF Cyber Range: History
View Latest Version
Please note this is an old version of this entry, which may differ significantly from the current revision.
Contributor: Emily Miller , Dustin Mink , Peyton Spellings , Sikha S. Bagui , Subhash C. Bagui

To address the gaps in cyber range survey research, this entry develops and applies a structured classification taxonomy to support the comparison, evaluation, and design of cyber ranges. The entry will address the following question: What are the objectives and key features of current cyber ranges, and how can they be classified into a comprehensive taxonomy? The entry synthesizes existing frameworks and analyzes and classifies a variety of documented cyber ranges to find similarities and gaps in the current classification methods. The findings indicate recurring design elements across ranges, persistent gaps in standardization, and demonstrate how the University of West Florida (UWF) Cyber Range exemplifies the taxonomy application in practice. The goal is to facilitate informed decision-making by cybersecurity professionals when choosing platforms and to support academic research in cybersecurity education. Pulling information from studies about other cyber ranges to compare with the UWF Cyber Range, this taxonomy aims to contribute to the documentation of cyber ranges by providing a clear understanding of the current cyber range landscape.

  • cyber range
  • taxonomy
  • NIST standards
  • cybersecurity
  • cybersecurity education
  • UWF’s cyber range
  • virtual environment
  • simulate attacks
As modern technology has evolved, so has the rise in cybersecurity threats. Cyberattacks from the Morris Worm [1] to the Colonial Pipeline ransomware attacks [2] have impacted the way we approach defending our systems and infrastructure. More recently, the development of artificial intelligence (AI) has revolutionized the way we detect cyberattacks. Researching threats, testing different solutions, and training organizations on how to protect themselves has become necessary. Cyber ranges were developed to fill that need, to provide a platform for research, testing, and training.
A cyber range is a virtual environment used to simulate real-world attacks for cybersecurity training, testing, and research without harming working systems [3]. Cyber ranges offer a secure and adaptable environment for developing and honing abilities in a variety of fields, including incident response and penetration testing. Ranges provide focused instruction, realistic scenarios, and hands-on practice in a safe testing setting [4].
Persistent workforce and skills gaps continue to challenge the field of cybersecurity. 92% of organizations mention skills gaps, especially in areas like cloud security, artificial intelligence and machine learning (AI/ML), and Zero Trust implementation, with 67% of organizations reporting a shortage of cybersecurity personnel, according to the 2023 ISC2 Cybersecurity Workforce Study [5]. These results underline the urgent need for practical, scalable training programs like cyber ranges that can close these gaps across a variety of technical domains.
Initially, cyber ranges were confined to secret programs within the United States (U.S.) Department of Defense (DoD) and its contractors, only to be used by cleared employees on internal networks. They were considered the cybersecurity equivalent of the military’s “proving grounds” for tactical exercises [6]. The first “public” cyber range in the U.S. came from the University of Michigan, which intended to provide an unclassified environment for safe and world-class training [7]. From that development onwards, cyber ranges have spread globally as more organizations began to recognize the benefits of using them.
Despite this rise in creation and usage, there is a lack of standardization in how cyber ranges are structured. Most organizations create cyber ranges specific to their needs, which has led to fragmented implementations across sectors. As noted by Priyadarshini (2018) [8] and Ukwandu et al. (2020) [9], the scalability and reusability of cyber ranges across broader contexts have been limited by issues like high infrastructure costs, inconsistent architectural models, and narrow design targeting specific domains. Urias et al. (2018) [10] also stress that cross-institutional cooperation and coordinated development are hindered by platform incompatibilities. These limitations not only prevent wider adoption but also hinder the development of federated, scalable platforms that can accommodate a range of training requirements in academia, industry, and government.
Since a definitive cyber range framework is not widely used, many researchers would like to work towards creating a taxonomy of the current cyber range landscape. To address these gaps in the current cyber range survey research, this entry develops and applies a structured classification taxonomy to support comparison, evaluation, and design of cyber ranges. The research will address the following question: What are the objectives and key features of current cyber ranges, and how can they be classified into a comprehensive taxonomy?
Specifically, this entry contributes:
  • A synthesis of existing frameworks into a unified classification taxonomy;
  • A structured classification of ten cyber ranges across sectors, highlighting similarities and gaps in the current methods;
  • A live simulation case study of the UWF Cyber Range to validate the taxonomy in a real-world setting;
  • A discussion of persistent challenges in the field and identification of future research directions to support the development of cyber ranges that are operationally reliable, scalable, and pedagogically sound.
The goal is to facilitate informed decision-making for cybersecurity professionals choosing platforms and to support academic research in cybersecurity education. Pulling information from studies about other cyber ranges to compare with the University of West Florida (UWF) Cyber Range, this taxonomy aims to contribute to the documentation of cyber ranges by providing a clear understanding of the current cyber range landscape.
The rest of the entry is organized as follows. Section 2 presents the related works, including existing frameworks and taxonomy reviews; Section 3 presents the methodology using a case study approach and also explains UWF’s Cyber Range; Section 4 presents the results in terms of classifying the cyber ranges and the criteria used for the classification; Section 5 presents the gaps in current cyber range research; Section 6 discusses future directions for cyber range research; and finally Section 7 presents the conclusions.

This entry is adapted from the peer-reviewed paper 10.3390/encyclopedia5040162

References

  1. Orman, H. The Morris Worm: A Fifteen-Year Perspective. IEEE Secur. Priv. 2003, 1, 35–43.
  2. Beerman, J.; Berent, D.; Falter, Z.; Bhunia, S. A Review of Colonial Pipeline Ransomware Attack. In Proceedings of the 2023 IEEE/ACM 23rd International Symposium on Cluster, Cloud and Internet Computing Workshops (CCGridW), Bangalore, India, 1–4 May 2023; pp. 8–15.
  3. NIST. The Cyber Range: A Guide. 2023. Available online: https://www.nist.gov/system/files/documents/2023/09/29/The%20Cyber%20Range_A%20Guide.pdf (accessed on 10 July 2025).
  4. NICE. Cyber Ranges. Available online: www.nist.gov/system/files/documents/2018/02/13/cyber_ranges.pdf (accessed on 19 July 2025).
  5. ISC2. How the Economy, Skills Gap and Artificial Intelligence Are Challenging the Global Cybersecurity Workforce; ISC2 Cybersecurity Workforce Study; International Information Systems Security Certification Consortium; ISC2: Alexandria, VA, USA, 2023.
  6. Lohrmann, D. Cyber Range: Who, What, When, Where, How and Why? 2018. Available online: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/cyber-range-who-what-when-where-how-and-why.html (accessed on 5 July 2025).
  7. Lohrmann, D. Introducing the Michigan Cyber Range. 2012. Available online: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/introducing-the-michigan-cyber-111212.html (accessed on 11 July 2025).
  8. Priyadarshini, I. Features and Architecture of the Modern Cyber Range: A Qualitative Analysis and Survey. Master’s Theses, University of Delaware, Newark, DE, USA, 2018.
  9. Ukwandu, E.; Farah, M.A.B.; Hindy, H.; Brosset, D.; Kavallieros, D.; Atkinson, R.; Tachtatzis, C.; Bures, M.; Andonovic, I.; Bellekens, X. A Review of Cyber-Ranges and Test-Beds: Current and Future Trends. Sensors 2020, 20, 7148.
  10. Urias, V.E.; Stout, W.M.S.; Van Leeuwen, B.; Lin, H. Cyber Range Infrastructure Limitations and Needs of Tomorrow: A Position Paper. In Proceedings of the 2018 International Carnahan Conference on Security Technology (ICCST), Montreal, QC, Canada, 22–25 October 2018; pp. 1–5.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
This entry is offline, you can click here to edit this entry!
Academic Video Service
Feedback