PNNL

Abstract

Critical infrastructure has become a focal point of cyberattacks, as previously isolated operational technology (OT) networks that were once perceived to be air-gapped are becoming Internet-exposed through increased connectivity with informational technology networks. Recent adversarial tendencies have led to an increase in targeted cyberattacks against industrial control systems (ICS) and building automation systems. Furthermore, the insufficient supply of a cyber workforce exacerbates the challenges for organizations to defend their systems. Game-based learning is gaining traction and studies have shown that it is an effective educational element. Training facility operators responsible for critical services can be achieved through gamification of security policies and controls. The Network Defense Training Game (NDTG) is a cybersecurity training platform that encompasses a series of cybersecurity events that the player must assess and react to throughout the scenario to defend the network by thwarting the adversary’s attack. The NDTG uses scenario narratives based on historical cyber incidents that affect ICS. It is designed to train facility owners and operators to evaluate their cybersecurity posture and to apply cybersecurity frameworks before and during the process of addressing cyber events and incidents. This study provides a detailed technical overview and design architecture of NDTG, and demonstrates its efficacy in advancing the ICS cybersecurity workforce.