{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T12:31:41Z","timestamp":1764937901186,"version":"3.44.0"},"reference-count":38,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T00:00:00Z","timestamp":1751932800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T00:00:00Z","timestamp":1751932800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"The publication of the article in OA mode is financially supported by HEAL-Link (Hellenic Academic Libraries Link)."},{"DOI":"10.13039\/100018563","name":"University of Macedonia","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100018563","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,8]]},"abstract":"Abstract<\/jats:title>\n Serious games offer a promising avenue for effective cybersecurity awareness training due to their proven efficacy as educational tools in many fields. Although recent years have seen progress in developing standards and methodologies for designing serious games, there is a lack of studies on collaborative cybersecurity serious games. Under this prism, this study introduces Yellow Training, an innovative collaborative tabletop game designed to increase cybersecurity awareness for people who use computers individually and as part of their work. The study explores how Yellow Training establishes a Community of Practice through the team-centric Conceptual Framework for eLearning and Training (tCOFELET) which underpins the methodology of this research. Yellow Training implements key game mechanisms such as card-driven actions with associated costs and action points (or vitality points), multi-use cards, events introducing various challenges, and policy cards determining how actions can be performed reflecting realistic cybersecurity practices. Several attack patterns are modeled as tCOFELET Scenario Execution Flows based on cybersecurity standards. Through this approach, learners associate theoretical knowledge with practical skills. The game boards depict the company\u2019s assets and resources, demonstrating how the learners\u2019 actions influence the final results. A comparative evaluation presents the potential of Yellow Training to create collaborative gameplay and its compliance with modern learning theories. A pilot study conducted with postgraduate students demonstrated that the tCOFELET\u2019s key mechanisms (e.g., a common repertoire of actions, action limits) promote participants\u2019 realization of common goals, communication, collaboration, and resource sharing that are important factors in forming a pedagogically productive Community of Practice.<\/jats:p>","DOI":"10.1007\/s10207-025-01086-0","type":"journal-article","created":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T10:09:19Z","timestamp":1751969359000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Yellow training: a collaborative tCOFELET tabletop serious game for cybersecurity awareness and training"],"prefix":"10.1007","volume":"24","author":[{"given":"Menelaos N.","family":"Katsantonis","sequence":"first","affiliation":[]},{"given":"Athanasios","family":"Manikas","sequence":"additional","affiliation":[]},{"given":"Nikolaos","family":"Partarakis","sequence":"additional","affiliation":[]},{"given":"Ioannis","family":"Mavridis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,8]]},"reference":[{"key":"1086_CR1","doi-asserted-by":"publisher","unstructured":"Angafor, G.N., Yevseyeva, I., He, Y.: Bridging the cybersecurity skills gap: using tabletop exercises to solve the CSSG crisis. In: Joint International Conference on Serious Games, pp. 117\u2013131. Springer. https:\/\/doi.org\/10.1007\/978-3-030-61814-8_10 (2020)","DOI":"10.1007\/978-3-030-61814-8_10"},{"issue":"2","key":"1086_CR2","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1049\/iet-sen.2018.5095","volume":"13","author":"A Yasin","year":"2019","unstructured":"Yasin, A., Liu, L., Li, T., et al.: Improving software security awareness using a serious game. IET Softw. 13(2), 159\u2013169 (2019)","journal-title":"IET Softw."},{"key":"1086_CR3","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101827","volume":"95","author":"S Hart","year":"2020","unstructured":"Hart, S., Margheri, A., Paci, F.: Riskio: a serious game for cybersecurity awareness and education. Comput. Secur. 95, 101827 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101827","journal-title":"Comput. Secur."},{"key":"1086_CR4","doi-asserted-by":"publisher","unstructured":"Jayakrishnan, G., Banahatti, V., Lodha, S.: Design and execution challenges for cybersecurity serious games: an overview. https:\/\/doi.org\/10.48550\/arXiv.2307.09401 (2023)","DOI":"10.48550\/arXiv.2307.09401"},{"key":"1086_CR5","doi-asserted-by":"publisher","unstructured":"Batzos, Z., Saoulidis, T., Margounakis, D., et al.: Gamification and serious games for cybersecurity awareness and first responders training: an overview. TechRxiv. April 25. https:\/\/doi.org\/10.36227\/techrxiv.22650952.v1 (2023)","DOI":"10.36227\/techrxiv.22650952.v1"},{"issue":"11","key":"1086_CR6","doi-asserted-by":"publisher","first-page":"482","DOI":"10.3390\/info12110482","volume":"12","author":"T Zhao","year":"2021","unstructured":"Zhao, T., Gasiba, T., Lechner, U., et al.: Raising awareness about cloud security in industry through a board game. Information 12(11), 482 (2021). https:\/\/doi.org\/10.3390\/info12110482","journal-title":"Information"},{"issue":"4","key":"1086_CR7","doi-asserted-by":"publisher","first-page":"752","DOI":"10.1080\/08874417.2021.1913671","volume":"62","author":"S Hu","year":"2022","unstructured":"Hu, S., Hsu, C., Zhou, Z.: Security education, training, and awareness programs: literature review. J. Comput. Inf. Syst. 62(4), 752\u2013764 (2022). https:\/\/doi.org\/10.1080\/08874417.2021.1913671","journal-title":"J. Comput. Inf. Syst."},{"key":"1086_CR8","first-page":"69","volume":"5","author":"P Zaqueu","year":"2023","unstructured":"Zaqueu, P., Mawela, T.: Factors contributing to cybersecurity awareness, education, and training. Proc. NEMISA Digital Skills Conf. 5, 69\u201378 (2023)","journal-title":"Proc. NEMISA Digital Skills Conf."},{"issue":"3","key":"1086_CR9","doi-asserted-by":"publisher","first-page":"73","DOI":"10.3390\/fi11030073","volume":"11","author":"H Aldawood","year":"2019","unstructured":"Aldawood, H., Skinner, G.: Reviewing cybersecurity social engineering training and awareness programs\u2014pitfalls and ongoing issues. Future Int. 11(3), 73 (2019). https:\/\/doi.org\/10.3390\/fi11030073","journal-title":"Future Int."},{"issue":"2","key":"1086_CR10","doi-asserted-by":"publisher","first-page":"8","DOI":"10.13140\/RG.2.2.28488.14083","volume":"3","author":"AA Alshamsi","year":"2019","unstructured":"Alshamsi, A.A.: Effectiveness of cybersecurity awareness program for young children: a case study in UAE. Int. J. Inf. Technol. Lang. Stud. 3(2), 8\u201329 (2019). https:\/\/doi.org\/10.13140\/RG.2.2.28488.14083","journal-title":"Int. J. Inf. Technol. Lang. Stud."},{"key":"1086_CR11","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3408685","author":"MN Katsantonis","year":"2024","unstructured":"Katsantonis, M.N., Manikas, A., Mavridis, I., et al.: tCOFELET: Conceptual framework for team-centric e-learning and training. IEEE Access (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3408685","journal-title":"IEEE Access"},{"key":"1086_CR12","doi-asserted-by":"publisher","unstructured":"Manikas, A., Katsantonis, M.N., Mavridis, I.: K-12CYBERAWARENESS: a multiplayer serious game for cybersecurity training and awareness raising. In: Proceedings of EDULEARN24, pp. 3464\u20133474. https:\/\/doi.org\/10.21125\/edulearn.2024.0902 (2024)","DOI":"10.21125\/edulearn.2024.0902"},{"key":"1086_CR13","doi-asserted-by":"crossref","unstructured":"Vygotsky, L.S.: Thought and language. In: Hanfmann, E., Vakar, G. (eds) (Trans.). Wiley (1962)","DOI":"10.1037\/11193-000"},{"issue":"5","key":"1086_CR14","doi-asserted-by":"publisher","first-page":"576","DOI":"10.1108\/ICS-05-2022-0087","volume":"31","author":"P Shah","year":"2023","unstructured":"Shah, P., Agarwal, A.: Cyber Suraksha: a card game for smartphone security awareness. Inf Comput Secur 31(5), 576\u2013600 (2023). https:\/\/doi.org\/10.1108\/ICS-05-2022-0087","journal-title":"Inf Comput Secur"},{"key":"1086_CR15","doi-asserted-by":"publisher","unstructured":"Arushi, D.R.: \u201cPeriHack\u201d: Designing a serious game for cybersecurity awareness. In: 2022 IEEE International Conference on Teaching, Assessment and Learning for Engineering (TALE), pp. 630\u2013634. IEEE. https:\/\/doi.org\/10.1109\/TALE54877.2022.00108 (2022)","DOI":"10.1109\/TALE54877.2022.00108"},{"issue":"2","key":"1086_CR16","doi-asserted-by":"publisher","first-page":"5334","DOI":"10.35444\/IJANA.2022.14203","volume":"14","author":"PM Priya","year":"2022","unstructured":"Priya, P.M., Ranganathan, A.: Cyber awareness learning imitation environment (CALIE): a card game to provide cybersecurity awareness for various group of practitioners. Int. J. Adv. Netw. Appl. 14(2), 5334\u20135341 (2022). https:\/\/doi.org\/10.35444\/IJANA.2022.14203","journal-title":"Int. J. Adv. Netw. Appl."},{"key":"1086_CR17","doi-asserted-by":"publisher","unstructured":"Hart, S., Halak, B., Sassone, V.: MOTENS: a pedagogical design model for serious cyber games. arXiv:2110.11765. https:\/\/doi.org\/10.48550\/arXiv.2110.11765 (2021)","DOI":"10.48550\/arXiv.2110.11765"},{"key":"1086_CR18","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1016\/j.infsof.2017.12.002","volume":"95","author":"A Yasin","year":"2018","unstructured":"Yasin, A., Liu, L., Li, T., et al.: Design and preliminary evaluation of a cyber security requirements education game (SREG). Inf. Softw. Technol. 95, 179\u2013200 (2018). https:\/\/doi.org\/10.1016\/j.infsof.2017.12.002","journal-title":"Inf. Softw. Technol."},{"key":"1086_CR19","doi-asserted-by":"publisher","unstructured":"Denning, T., Lerner, A., Shostack, A., et al.: Control-alt-hack: the design and evaluation of a card game for computer security awareness and education. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 915\u2013928. https:\/\/doi.org\/10.1145\/2508859.2516753 (2013)","DOI":"10.1145\/2508859.2516753"},{"key":"1086_CR20","doi-asserted-by":"publisher","unstructured":"Aladawy, D., Beckers, K., Pape, S.: PERSUADED: fighting social engineering attacks with a serious game. In: Trust, Privacy and Security in Digital Business: 15th International Conference, TrustBus 2018, Regensburg, Germany, September 5\u20136, 2018, Proceedings 15, pp. 103\u2013118. Springer. https:\/\/doi.org\/10.1007\/978-3-319-98385-1_8 (2018)","DOI":"10.1007\/978-3-319-98385-1_8"},{"key":"1086_CR21","doi-asserted-by":"publisher","unstructured":"Katsantonis, M.N., Kotini, I., Fouliras, P., et al.: Conceptual framework for developing cybersecurity serious games. In: 2019 IEEE Global Engineering Education Conference (EDUCON) 2019, pp. 872\u2013881. IEEE. https:\/\/doi.org\/10.1109\/EDUCON.2019.8725061 (2019)","DOI":"10.1109\/EDUCON.2019.8725061"},{"key":"1086_CR22","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1016\/j.compedu.2015.03.023","volume":"87","author":"MB Carvalho","year":"2015","unstructured":"Carvalho, M.B., Bellotti, F., Berta, R., et al.: An activity theory-based model for serious games analysis and conceptual design. Comput. Educ. 87, 166\u2013181 (2015). https:\/\/doi.org\/10.1016\/j.compedu.2015.03.023","journal-title":"Comput. Educ."},{"issue":"1","key":"1086_CR23","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/BF02299477","volume":"47","author":"DH Jonassen","year":"1999","unstructured":"Jonassen, D.H., Rohrer-Murphy, L.: Activity theory as a framework for designing constructivist learning environments. Educ. Tech. Res. Dev. 47(1), 61\u201379 (1999). https:\/\/doi.org\/10.1007\/BF02299477","journal-title":"Educ. Tech. Res. Dev."},{"key":"1086_CR24","volume-title":"How We Think: A Restatement of the Relation of Reflective Thinking to the Educative Process","author":"J Dewey","year":"1933","unstructured":"Dewey, J.: How We Think: A Restatement of the Relation of Reflective Thinking to the Educative Process. D.C. Heath & Co Publishers, New York (1933)"},{"key":"1086_CR25","volume-title":"Mind in Society: The Development of Higher Psychological Processes","author":"LS Vygotsky","year":"1978","unstructured":"Vygotsky, L.S.: Mind in Society: The Development of Higher Psychological Processes. Harvard University Press, New York (1978)"},{"key":"1086_CR26","volume-title":"The Acquisition and Retention of Knowledge: A Cognitive View","author":"DP Ausubel","year":"2012","unstructured":"Ausubel, D.P.: The Acquisition and Retention of Knowledge: A Cognitive View. Springer, New York (2012)"},{"issue":"2","key":"1086_CR27","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1080\/00071005.2015.1133799","volume":"64","author":"V Farnsworth","year":"2016","unstructured":"Farnsworth, V., Kleanthous, I., Wenger-Trayner, E.: Communities of practice as a social theory of learning: a conversation with Etienne Wenger. Br. J. Educ. Stud. 64(2), 139\u2013160 (2016). https:\/\/doi.org\/10.1080\/00071005.2015.1133799","journal-title":"Br. J. Educ. Stud."},{"key":"1086_CR28","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511803932","volume-title":"Communities of Practice: Learning, Meaning, and Identity","author":"E Wenger","year":"1998","unstructured":"Wenger, E.: Communities of Practice: Learning, Meaning, and Identity. Cambridge University Press (1998)"},{"key":"1086_CR29","doi-asserted-by":"publisher","unstructured":"Russo, E., Ribaudo, M., Orlich, A., et al.: Cyber range and cyber defense exercises: gamification meets university students. In: Proceedings of the 2nd International Workshop on Gamification in Software Development, Verification, and Validation, pp. 29\u201337. https:\/\/doi.org\/10.1145\/3617553.3617888 (2023)","DOI":"10.1145\/3617553.3617888"},{"key":"1086_CR30","doi-asserted-by":"publisher","DOI":"10.1201\/9781003179184","volume-title":"Building Blocks of Tabletop Game Design: An Encyclopedia of Mechanisms","author":"G Engelstein","year":"2022","unstructured":"Engelstein, G., Shalev, I.: Building Blocks of Tabletop Game Design: An Encyclopedia of Mechanisms. CRC Press, London (2022)"},{"key":"1086_CR31","doi-asserted-by":"publisher","unstructured":"Kritz, J., Mangeli, E., Xex\u00e9o, G.: Building an ontology of board game mechanics based on the BoardGameGeek database and the MDA framework. In: XVI Brazilian Symposium on Computer Games and Digital Entertainment, Curitiba, pp. 182\u2013191. IEEE. https:\/\/doi.org\/10.1007\/978-3-030-96296-8_98 (2017)","DOI":"10.1007\/978-3-030-96296-8_98"},{"key":"1086_CR32","doi-asserted-by":"publisher","first-page":"114051","DOI":"10.1109\/ACCESS.2021.3103198","volume":"9","author":"D Samarasinghe","year":"2021","unstructured":"Samarasinghe, D., Barlow, M., Lakshika, E., et al.: A data-driven review of board game design and interactions of their mechanics. IEEE Access 9, 114051\u2013114069 (2021). https:\/\/doi.org\/10.1109\/ACCESS.2021.3103198","journal-title":"IEEE Access"},{"key":"1086_CR33","doi-asserted-by":"crossref","unstructured":"Yusoff, A., Crowder, R., Gilbert, L., et al.: A conceptual framework for serious games. In: 2009 9th IEEE International Conference on Advanced Learning Technologies, pp. 21\u201323. IEEE (2009)","DOI":"10.1109\/ICALT.2009.19"},{"key":"1086_CR34","unstructured":"Berserk Games: Tabletop simulator [Software] (2015)"},{"key":"1086_CR35","unstructured":"Patton, M.Q.: Qualitative evaluation checklist. Western Michigan University. https:\/\/wmich.edu\/sites\/default\/files\/attachments\/u350\/2014\/qualitativeevalchecklist.pdf (2003)"},{"key":"1086_CR36","volume-title":"Educational Research: Planning, Conducting, and Evaluating Quantitative and Qualitative Research","author":"JW Creswell","year":"2012","unstructured":"Creswell, J.W.: Educational Research: Planning, Conducting, and Evaluating Quantitative and Qualitative Research, 4th edn. Pearson, New York (2012)","edition":"4"},{"key":"1086_CR37","unstructured":"MITRE: Common attack pattern enumeration and classification (CAPEC). https:\/\/capec.mitre.org (2020)"},{"issue":"3","key":"1086_CR38","doi-asserted-by":"publisher","first-page":"3","DOI":"10.17083\/ijsg.v8i3.437","volume":"8","author":"MN Katsantonis","year":"2021","unstructured":"Katsantonis, M.N., Mavridis, I.: Evaluation of HackLearn COFELET game user experience for cybersecurity education. Int. J. Ser. Games 8(3), 3\u201324 (2021). https:\/\/doi.org\/10.17083\/ijsg.v8i3.437","journal-title":"Int. J. Ser. Games"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01086-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01086-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01086-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,5]],"date-time":"2025-09-05T11:33:36Z","timestamp":1757072016000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01086-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,8]]},"references-count":38,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,8]]}},"alternative-id":["1086"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01086-0","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"type":"print","value":"1615-5262"},{"type":"electronic","value":"1615-5270"}],"subject":[],"published":{"date-parts":[[2025,7,8]]},"assertion":[{"value":"13 June 2025","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 July 2025","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"171"}}