{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T09:59:09Z","timestamp":1776074349966,"version":"3.50.1"},"reference-count":128,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T00:00:00Z","timestamp":1770249600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T00:00:00Z","timestamp":1770249600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["621701-EPP-1-2020-1-LT-EPPKA2-SSA-B"],"award-info":[{"award-number":["621701-EPP-1-2020-1-LT-EPPKA2-SSA-B"]}],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]},{"name":"European Cybersecurity Competence Centre","award":["101145874"],"award-info":[{"award-number":["101145874"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE model with certification mechanisms structured around ISO\/IEC 17024:2012 standards. It provides a replicable model that guides training providers from learning outcome definition to course implementation and evaluation, ensuring full alignment with ECSF occupational profiles. The proposed framework integrates theoretical, practical, and evaluative components that can be delivered through Vocational Open Online Courses (VOOCs) within Virtual Learning Environments (VLEs) and by incorporating Cyber Range exercises. The methodology has been validated through its implementation in the European-funded REWIRE project, which served as a practical testbed for its application and refinement, and was later applied in the NG-SOC project. It supports both upskilling and reskilling pathways and enables transparent mapping between competences, roles, and certification levels. In general, this approach bridges the gap between cybersecurity education and the European labor market, promoting quality assurance, interoperability, and recognition of cybersecurity competences across EU Member States.<\/jats:p>","DOI":"10.1007\/s10207-025-01202-0","type":"journal-article","created":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T08:26:50Z","timestamp":1770280010000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments"],"prefix":"10.1007","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9949-4746","authenticated-orcid":false,"given":"Julia","family":"S\u00e1nchez","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2009-8669","authenticated-orcid":false,"given":"Alan","family":"Briones","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0842-4951","authenticated-orcid":false,"given":"Sara","family":"Ricci","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5467-7055","authenticated-orcid":false,"given":"Jakub","family":"\u010cegan","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6111-929X","authenticated-orcid":false,"given":"Argyro","family":"Chatzopoulou","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1722-9701","authenticated-orcid":false,"given":"Yianna","family":"Danidou","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2469-5535","authenticated-orcid":false,"given":"Andreas","family":"Menegatos","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7309-2223","authenticated-orcid":false,"given":"Guiomar","family":"Corral","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,2,5]]},"reference":[{"key":"1202_CR1","unstructured":"RAND. Threats to critical infrastructure. https:\/\/www.rand.org\/content\/dam\/rand\/pubs\/research_reports\/RRA2300\/RRA2397-2\/RAND_RRA2397-2.pdf, 2024. Accessed: 27 Sept 2025"},{"key":"1202_CR2","unstructured":"CISA Agency. The attack on colonial pipeline. https:\/\/www.cisa.gov\/news-events\/news\/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years, 2023. Accessed: 27 Sept 2025"},{"key":"1202_CR3","unstructured":"UK National Cybersecurity Centre. Russia behind cyber attack with europe-wide impact an hour before ukraine invasion. https:\/\/www.ncsc.gov.uk\/news\/russia-behind-cyber-attack-with-europe-wide-impact-hour-before-ukraine-invasion, 2022. Accessed: 27 Sept 2025"},{"key":"1202_CR4","unstructured":"Bloomsbury Intelligence and Security Institute. Cyberattacks disrupted flights across europe. https:\/\/bisi.org.uk\/reports\/cyberattacks-disrupted-flights-across-europe, 2025. Accessed: 30 Nov 2025"},{"key":"1202_CR5","unstructured":"The HIPAA Journal. Commonspirit health issues update confirming 164 facilities affected by ransomware attack. https:\/\/www.hipaajournal.com\/commonspirit-health-issues-update-confirming-164-facilities-affected-by-ransomware-attack\/, 2023. Accessed: 27 Sept 2025"},{"key":"1202_CR6","unstructured":"REWIRE Project Consortium. R.2.1.1. pestle analysis results. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/04\/R2.1.1-PESTLE-analysis-results_FINAL-v1.1_compressed.pdf, 2022. Accessed: 17 July 2025"},{"issue":"2","key":"1202_CR7","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1109\/TE.2023.3340868","volume":"67","author":"S Ricci","year":"2024","unstructured":"Ricci, S., Parker, S., Jerabek, J., Danidou, Y., Chatzopoulou, A., Badonnel, R., Lendak, I., Janout, V.: Understanding cybersecurity education gaps in europe. IEEE Trans. Educ. 67(2), 190\u2013201 (2024)","journal-title":"IEEE Trans. Educ."},{"key":"1202_CR8","unstructured":"REWIRE Project. https:\/\/rewireproject.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR9","unstructured":"CONCORDIA Project. https:\/\/www.concordia-h2020.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR10","unstructured":"REWIRE Project Consortium. R4.1.1. cyber range establishment methodology and roadmap. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/12\/R4.1.1-Cyberrange-Establishment-methodology-and-roadmap_vFINAL.pdf, 2022. Accessed: 22 Apr 2025"},{"key":"1202_CR11","unstructured":"ENISA. European cybersecurity skills framework (ecsf). https:\/\/www.enisa.europa.eu\/sites\/default\/files\/publications\/European%20Cybersecurity%20Skills%20Framework%20Role%20Profiles.pdf, 2022. Accessed: 25 Apr 2025"},{"key":"1202_CR12","unstructured":"European Union Agency for Cybersecurity (ENISA). https:\/\/www.enisa.europa.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR13","unstructured":"Cyber security cOmpeteNce fOr Research anD InnovAtion (CONCORDIA). A proposal for a cybersecurity skills certification framework. https:\/\/www.concordia-h2020.eu\/blog-post\/a-proposal-for-a-cybersecurity-skills-certification-framework\/, 2021. Accessed: 23 May 2024"},{"key":"1202_CR14","unstructured":"ISO Committee on conformity assessment.(CASCO). Iso\/iec 17024:2012. conformity assessment \u2013 general requirements for bodies operating certification of persons. https:\/\/www.iso.org\/obp\/ui\/en\/#iso:std:52993:en, 2012. Accessed: 25 Apr 2025"},{"key":"1202_CR15","unstructured":"SPARTA Project. https:\/\/www.sparta.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR16","unstructured":"ECHO Project. https:\/\/echonetwork.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR17","unstructured":"CyberSec4Europe Project. https:\/\/cybersec4europe.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR18","unstructured":"NIST - National Initiative for Cybersecurity Education (NICE). https:\/\/www.nist.gov\/itl\/applied-cybersecurity\/nice. Accessed: 27 Sept 2025"},{"key":"1202_CR19","unstructured":"Australian Computer Society (ACS). https:\/\/www.acs.org.au\/. Accessed: 27 Sept 2025"},{"key":"1202_CR20","unstructured":"Google. Google cybersecurity professional certificate. https:\/\/www.coursera.org\/professional-certificates\/google-cybersecurity\/. Accessed: 29 Aug 2025"},{"key":"1202_CR21","unstructured":"SANS. Sans cybersecurity training community. https:\/\/www.sans.org\/mlp\/eu-cybersecurity-training-community. Accessed: 29 Aug 2025"},{"key":"1202_CR22","unstructured":"CodeAcademy. Introduction to cybersecurity. https:\/\/www.codecademy.com\/learn\/introduction-to-cybersecurity. Accessed: 29 Aug 2025"},{"key":"1202_CR23","unstructured":"HackTheBox. Main website. https:\/\/www.hackthebox.com\/. Accessed: 29 Aug 2025"},{"key":"1202_CR24","unstructured":"TryHackMe. Main website. https:\/\/tryhackme.com\/. Accessed: 30 Nov 2025"},{"key":"1202_CR25","unstructured":"Masaryk University. Kypo cyber range platform. https:\/\/crp.kypo.muni.cz\/. Accessed: 29 Nov 2025"},{"key":"1202_CR26","unstructured":"CR14. Cr14 (an estonian government-owned and operated entity) maintains nato cyber range. https:\/\/www.cr14.ee\/about-us\/#nato-support. Accessed: 30 Nov 2025"},{"key":"1202_CR27","unstructured":"Google. Google secure ai framework (saif). https:\/\/safety.google\/cybersecurity-advancements\/saif\/. Accessed: 27 Sept 2025"},{"key":"1202_CR28","unstructured":"European Skills, Competences and Occupations (ESCO). https:\/\/esco.ec.europa.eu. Accessed: 27 Sept 2025"},{"key":"1202_CR29","unstructured":"Europass. The european qualifications framework. https:\/\/europass.europa.eu\/en\/european-qualifications-framework-eqf. Accessed: 27 Sept 2025"},{"key":"1202_CR30","unstructured":"European Commission. The european qualifications framework for lifelong learning (eqf). https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/HTML\/?uri=CELEX:32017H0615(01)&from=EN, 2017. Accessed: 08 May 2025"},{"key":"1202_CR31","unstructured":"European Comission. European e-competence framework (e-cf). https:\/\/esco.ec.europa.eu\/en\/about-esco\/escopedia\/escopedia\/european-e-competence-framework-e-cf. Accessed: 27 Sept 2025"},{"key":"1202_CR32","unstructured":"European Committee for Standardization (CEN). e-competence framework (e-cf) - a common european framework for ict professionals in all sectors - part 1: Framework. https:\/\/standards.cencenelec.eu\/dyn\/www\/f?p=205:110:0::::FSP_PROJECT:67073&cs=15E62ED24D608A5F10D6BEE8E6D50FA10, 2019. Accessed: 25 Sept 2025"},{"key":"1202_CR33","unstructured":"REWIRE Project Consortium. Cyberability platform. https:\/\/rewireproject.eu\/cyberability\/. Accessed: 27 Sept 2025"},{"key":"1202_CR34","doi-asserted-by":"crossref","unstructured":"Ricci, S., Sikora, M., Parker, S., Lendak, I., Danidou, Y., Chatzopoulou, A., Badonnel, R., Alksnys, D.: Job adverts analyzer for cybersecurity skills needs evaluation. In Proceedings of the 17th International Conference on Availability, Reliability and Security, pages 1\u201310, (2022)","DOI":"10.1145\/3538969.3543821"},{"key":"1202_CR35","unstructured":"REWIRE Project Consortium. R3.4.1 mapping the framework to existing courses and schemes. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/03\/REWIRE_R3.4.1_Deliverable-v8-Final-EC-Check.pdf, 2023. Accessed: 26 Aug 2025"},{"key":"1202_CR36","unstructured":"REWIRE Project Consortium. R3.5.1 cybersecurity career pathway analysis. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/10\/R3.5.1.-Cybersecurity-career-pathway-analysis_Final_v1.0.pdf, 2022. Accessed: 25 Sept 2025"},{"key":"1202_CR37","doi-asserted-by":"crossref","unstructured":"Khalil, M.K., Elkhider, I.A.: Applying learning theories and instructional design models for effective instruction. Advances in physiology education, (2016). American Physiological Society Bethesda, MD","DOI":"10.1152\/advan.00138.2015"},{"key":"1202_CR38","unstructured":"REWIRE Project Consortium. R4.3.2. rewire scenario sharing platform. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/12\/R4.3.2_REWIRE_Scenario_Sharing_Platform_WEB.pdf, 2023. Accessed: 30 Nov 2025"},{"key":"1202_CR39","unstructured":"REWIRE Project Consortium. R4.4.1. technical specifications for the rewire vle. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/05\/R4.4.1-VLE-Specs_FINAL_web.pdf, 2023. Accessed: 29 Sept 2025"},{"key":"1202_CR40","unstructured":"REWIRE Project Consortium. R4.4.2. rewire vle. https:\/\/rewireproject.eu\/wp-content\/uploads\/2024\/04\/R4.4.2-REWIRE-VLE_final.pdf, 2023. Accessed: 29 Sept 2025"},{"key":"1202_CR41","unstructured":"REWIRE Project Consortium. Rewire vle platform hosting cybersecurity vooc courses. https:\/\/vle.rewireproject.eu\/. Accessed: 27 Oct 2025"},{"key":"1202_CR42","unstructured":"REWIRE Project Consortium. R4.5.6. - cybersecurity skills assessment recommendation. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/02\/REWIRE_R4.5.6_Web-1.pdf, 2022. Accessed: 25 Apr 2025"},{"issue":"1","key":"1202_CR43","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1016\/j.cose.2006.10.005","volume":"26","author":"BD Cone","year":"2007","unstructured":"Cone, B.D., Irvine, C.E., Thompson, M.F., Nguyen, T.D.: A video game for cyber security training and awareness. Computers & Security 26(1), 63\u201372 (2007)","journal-title":"Computers & Security"},{"key":"1202_CR44","doi-asserted-by":"crossref","unstructured":"Raman, R., Lal, A., Achuthan, K.: Serious games based approach to cyber security concept learning: Indian context. In 2014 International Conference on Green Computing Communication and Electrical Engineering (ICGCCEE), pages 1\u20135. IEEE, (2014)","DOI":"10.1109\/ICGCCEE.2014.6921392"},{"key":"1202_CR45","unstructured":"CyberSec4Europe Project Consortium. Guidelines for enhancement of societal security awareness. https:\/\/cybersec4europe.eu\/wp-content\/uploads\/2022\/04\/D3.19-Guidelines-for-Enhancement-of-Societal-Security-Awareness_v1.0_submitted.pdf, 2022. Accessed: 29 Nov 2025"},{"key":"1202_CR46","unstructured":"CompTIA. What is on the comptia security+ exam? https:\/\/www.comptia.org\/en-eu\/blog\/what-is-on-the-comptia-security-exam\/. Accessed: 29 Nov 2025"},{"key":"1202_CR47","unstructured":"ISC2. Cissp - certified information systems security professional. https:\/\/www.isc2.org\/certifications\/cissp. Accessed: 29 Nov 2025"},{"key":"1202_CR48","unstructured":"HackThis. Main page. https:\/\/hackthis.hackillinois.org\/. Accessed: 29 Nov 2025"},{"key":"1202_CR49","unstructured":"Leban, B., Bendre, M., Tabriz, P.: Web application exploits and defenses. https:\/\/google-gruyere.appspot.com\/. Accessed: 29 Nov 2025"},{"key":"1202_CR50","unstructured":"MME Security audits and Training. bwapp, an extremely buggy web app! http:\/\/www.itsecgames.com\/. Accessed: 29 Nov 2025"},{"key":"1202_CR51","unstructured":"Hack This Site. Main page. https:\/\/www.hackthissite.org\/. Accessed: 29 Nov 2025"},{"issue":"4","key":"1202_CR52","doi-asserted-by":"publisher","first-page":"1809","DOI":"10.3390\/app11041809","volume":"11","author":"N Chouliaras","year":"2021","unstructured":"Chouliaras, N., Kittes, G., Kantzavelou, I., Maglaras, L., Pantziou, G., Ferrag, M.A.: Cyber ranges and testbeds for education, training, and research. Appl. Sci. 11(4), 1809 (2021)","journal-title":"Appl. Sci."},{"key":"1202_CR53","unstructured":"NIST.gov. The cyber range: A guide. https:\/\/www.nist.gov\/system\/files\/documents\/2023\/09\/29\/The%20Cyber%20Range_A%20Guide.pdf. Accessed: 29 Nov 2025"},{"key":"1202_CR54","unstructured":"Aries Security. What is a cyber range? a definitive guide and definition. https:\/\/www.ariessecurity.com\/what-is-a-cyber-range-a-definitive-guide-and-definition\/. Accessed: 29 Nov 2025"},{"key":"1202_CR55","unstructured":"CYBERWISER.eu. What is a cyber range? https:\/\/www.cyberwiser.eu\/content\/what-cyber-range. Accessed: 29 Nov 2025"},{"key":"1202_CR56","unstructured":"government technology. Cyber range: Who, what, when, where, how and why? https:\/\/www.govtech.com\/blogs\/lohrmann-on-cybersecurity\/cyber-range-who-what-when-where-how-and-why.html. Accessed: 29 Nov 2025"},{"key":"1202_CR57","unstructured":"cloudshare. Cyber range. https:\/\/www.cloudshare.com\/virtual-it-labs-glossary\/what-is-a-cyber-range\/. Accessed: 29 Nov 2025"},{"key":"1202_CR58","doi-asserted-by":"crossref","unstructured":"Urias, V.E., Stout, W.M.S., Van Leeuwen, B., Lin, H.: Cyber range infrastructure limitations and needs of tomorrow: A position paper. In 2018 international Carnahan conference on security technology (ICCST), pages 1\u20135. IEEE, (2018)","DOI":"10.1109\/CCST.2018.8585460"},{"key":"1202_CR59","doi-asserted-by":"crossref","unstructured":"Karjalainen, M., Kokkonen, T.: Comprehensive cyber arena; the next generation cyber range. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 11\u201316. IEEE, (2020)","DOI":"10.1109\/EuroSPW51379.2020.00011"},{"key":"1202_CR60","doi-asserted-by":"crossref","unstructured":"Deckard, G.M.: Cybertropolis: breaking the paradigm of cyber-ranges and testbeds. In 2018 IEEE international symposium on technologies for homeland security (HST), pages 1\u20134. IEEE, (2018)","DOI":"10.1109\/THS.2018.8574134"},{"key":"1202_CR61","unstructured":"European Cyber\u00a0Security Organisation. Understanding cyber ranges: From hype to reality. Tech. Rep., (2020)"},{"key":"1202_CR62","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101636","volume":"88","author":"MM Yamin","year":"2020","unstructured":"Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security 88, 101636 (2020)","journal-title":"Computers & Security"},{"issue":"24","key":"1202_CR63","doi-asserted-by":"publisher","first-page":"7148","DOI":"10.3390\/s20247148","volume":"20","author":"E Ukwandu","year":"2020","unstructured":"Ukwandu, E., Farah, M.A.B., Hindy, H., Brosset, D., Kavallieros, D., Atkinson, R., Tachtatzis, C., Bures, M., Andonovic, I., Bellekens, X.: A review of cyber-ranges and test-beds: Current and future trends. Sensors 20(24), 7148 (2020)","journal-title":"Sensors"},{"key":"1202_CR64","unstructured":"\u010celeda, P., \u010cegan, J., Vykopal, J., Tovar\u0148\u00e1k, D.: Kypo\u2013a platform for cyber defence exercises. (2015)"},{"key":"1202_CR65","doi-asserted-by":"crossref","unstructured":"Childers, N., Boe, B., Cavallaro, L., Cavedon, L., Cova, M., Egele, M., Vigna, G.: Organizing large scale hacking competitions. In International conference on detection of intrusions and malware, and vulnerability assessment, pages 132\u2013152. Springer, (2010)","DOI":"10.1007\/978-3-642-14215-4_8"},{"key":"1202_CR66","unstructured":"Davis, J., Magrath, S.: A survey of cyber ranges and testbeds. Defence Science and Technology Organisation Edinburgh (Australia) Cyber and Electronic Warfare Div, (2013). page 38"},{"issue":"4","key":"1202_CR67","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1145\/2829988.2790033","volume":"45","author":"M Ernits","year":"2015","unstructured":"Ernits, M., Tammek\u00e4nd, J., Maennel, O.: i-tee: A fully automated cyber defense competition for students. ACM SIGCOMM Computer Communication Review 45(4), 113\u2013114 (2015)","journal-title":"ACM SIGCOMM Computer Communication Review"},{"key":"1202_CR68","unstructured":"Leblanc, S.P., Partington, A., Chapman I., Bernier, M.: An overview of cyber attack and computer network operations simulation. In Proceedings of the 2011 Military Modeling & Simulation Symposium, pages 92\u2013100, (2011)"},{"key":"1202_CR69","doi-asserted-by":"crossref","unstructured":"Maennel, K., Ottis, R., Maennel, O.: Improving and measuring learning effectiveness at cyber defense exercises. In Nordic Conference on Secure IT Systems, pages 123\u2013138. Springer, (2017)","DOI":"10.1007\/978-3-319-70290-2_8"},{"key":"1202_CR70","unstructured":"O\u0161lej\u0161ek, R., Toth, D., Eichler, Z., Bursk\u00e1, K.: Towards a unified data storage and generic visualizations in cyber ranges. In ECCWS 2017 16th European Conference on Cyber Warfare and Security, page 298. Academic Conferences and publishing limited, (2017)"},{"issue":"2","key":"1202_CR71","first-page":"1","volume":"3","author":"C Siaterlis","year":"2010","unstructured":"Siaterlis, C., Masera, M., et al.: A survey of software tools for the creation of networked testbeds. Int. J. Adv. Secur. 3(2), 1\u201312 (2010)","journal-title":"Int. J. Adv. Secur."},{"key":"1202_CR72","doi-asserted-by":"crossref","unstructured":"Stites, J., Siraj, A., Brown, E.L.: Smart grid security educational training with thundercloud: a virtual security test bed. In Proceedings of the 2013 on InfoSecCD\u201913: Information Security Curriculum Development Conference, pages 105\u2013110, (2013)","DOI":"10.1145\/2528908.2528927"},{"key":"1202_CR73","unstructured":"Vykopal, J., O\u0161lej\u0161ek, R., \u010celeda, P., Vizvary, M.: Design and use cases, Kypo cyber range (2017)"},{"key":"1202_CR74","doi-asserted-by":"crossref","unstructured":"Vykopal, J., Vizvary, M., Oslejsek, R., Celeda, P., Tovarnak, D.: Lessons learned from complex hands-on defence exercises in a cyber range. In 2017 IEEE Frontiers in education conference (FIE), pages 1\u20138. IEEE, (2017)","DOI":"10.1109\/FIE.2017.8190713"},{"key":"1202_CR75","doi-asserted-by":"crossref","unstructured":"Beuran, R., Pham, C., Tang, D., Chinen, K., Tan, Y.: An integrated cybersecurity training framework, Cytrone (2017)","DOI":"10.5220\/0006206401570166"},{"key":"1202_CR76","volume":"88","author":"V Kampourakis","year":"2025","unstructured":"Kampourakis, V., Gkioulos, V., Katsikas, S.: A step-by-step definition of a reference architecture for cyber ranges. J. Inf. Secur. Appl. 88, 103917 (2025)","journal-title":"J. Inf. Secur. Appl."},{"issue":"4","key":"1202_CR77","doi-asserted-by":"publisher","first-page":"1005","DOI":"10.1007\/s10207-023-00680-4","volume":"22","author":"MN Katsantonis","year":"2023","unstructured":"Katsantonis, M.N., Manikas, A., Mavridis, I., Gritzalis, D.: Cyber range design framework for cyber security education and training. Int. J. Inf. Secur. 22(4), 1005\u20131027 (2023)","journal-title":"Int. J. Inf. Secur."},{"key":"1202_CR78","unstructured":"CyberRangeCZ. Main page. https:\/\/www.cyberrange.cz\/. Accessed: 27 Oct 2025"},{"key":"1202_CR79","unstructured":"Peterson, C.: Bringing addie to life: Instructional design at its best. J. Educ. Multimedia Hypermedia 12(3), 227\u2013241 (2003). Association for the Advancement of Computing in Education (AACE)"},{"key":"1202_CR80","unstructured":"Reilley, D.: Tigerlearn blog - course development process (the addie model). https:\/\/tigerlearn.fhsu.edu\/course-development-process-the-addie-model\/. Accessed: 27 Sept 2025"},{"issue":"4","key":"1202_CR81","doi-asserted-by":"publisher","first-page":"205","DOI":"10.5860\/crln.74.4.8934","volume":"74","author":"AL Davis","year":"2013","unstructured":"Davis, A.L.: Using instructional design principles to develop effective information literacy instruction: The addie model. College & Research Libraries News 74(4), 205\u2013207 (2013)","journal-title":"College & Research Libraries News"},{"key":"1202_CR82","doi-asserted-by":"crossref","unstructured":"Spatioti, A.G., Kazanidis, I., Pange, J.: A comparative study of the addie instructional design model in distance education. Information 13(9), 402 (2022). MDPI","DOI":"10.3390\/info13090402"},{"key":"1202_CR83","unstructured":"REWIRE Project Consortium. R2.2.2. cybersecurity skills needs analysis. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/04\/R2.2.2-Cybersecurity-Skills-Needs-Analysis_FINAL_v1.1.pdf, 2023. Accessed: 26 Aug 2025"},{"key":"1202_CR84","unstructured":"REWIRE Project Consortium. R.2.2.3. methodology to anticipate future needs. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/05\/R.2.2.3-MethodologyToAnticipateFutureNeeds-FINAL-v1.1_compressed.pdf, 2023. Accessed: 26 Aug 2025"},{"key":"1202_CR85","unstructured":"ENISA. Ecsf practical tool. https:\/\/enisaeu.github.io\/ECSF\/#\/profiles. Accessed: 27 Sept 2025"},{"key":"1202_CR86","unstructured":"REWIRE Project Consortium. R3.3.1. cybersecurity skills framework. https:\/\/rewireproject.eu\/wp-content\/uploads\/2022\/11\/R3.3.1.-Cybersecurity-Skills-Framework_FINAL.pdf, 2023. Accessed: 26 Aug 2025"},{"key":"1202_CR87","unstructured":"ENISA. Crosswalk between esco and ecsf. https:\/\/www.enisa.europa.eu\/topics\/skills-and-competences\/skills-development\/european-cybersecurity-skills-framework-ecsf\/crosswalk-between-esco-and-ecsf. Accessed: 26 Aug 2025"},{"key":"1202_CR88","unstructured":"REWIRE Project Consortium. Mapping methodology between rewire skill groups and ecsf profiles. https:\/\/cyberability-platform.informacni-bezpecnost.cz\/mapping\/REWIRE-ENISA-mapping.xlsx. Accessed: 26 Aug 2025"},{"key":"1202_CR89","unstructured":"REWIRE Project Consortium. R3.6.1 european cybersecurity blueprint. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/10\/REWIRE_R361_Blueprint_V1_Final_Clean.pdf, 2023. Accessed: 25 Sept 2025"},{"key":"1202_CR90","unstructured":"IT Professionalism Europe. The e-cf explorer interactive tool. https:\/\/ecfexplorer.itprofessionalism.org\/. Accessed: 25 Sept 2025"},{"key":"1202_CR91","unstructured":"European Committee for Standardization (CEN). https:\/\/www.cencenelec.eu\/about-cen\/. Accessed: 27 Sept 2025"},{"key":"1202_CR92","unstructured":"Europass. Description of the eight eqf levels. https:\/\/europass.europa.eu\/en\/description-eight-eqf-levels. Accessed: 25 Sept 2025"},{"key":"1202_CR93","unstructured":"ENISA. European cybersecurity skills framework (ecsf) - user manual. https:\/\/www.enisa.europa.eu\/sites\/default\/files\/publications\/European%20Cybersecurity%20Skills%20Framework%20User%20Manual.pdf, 2022. Accessed: 25 Sept 2025"},{"key":"1202_CR94","unstructured":"Anderson, L.W. Krathwohl, D.R.: A Taxonomy for Learning, Teaching, and Assessing: A Revision of Bloom\u2019s Taxonomy of Educational Objectives. Pearson, ISBN-13:978-0801319037, (2000)"},{"key":"1202_CR95","unstructured":"Andrew, C.: Bloom\u2019s digital taxonomy, 2010. Australian School Library Association NSW Incorporated. Accessed: 25 Sept 2025"},{"key":"1202_CR96","unstructured":"Mas, X., Garc\u00eda, G., Mart\u00ednez-Aceituno, T., G\u00f3mez, D.: Evoluci\u00f3n de la taxonom\u00eda de bloom en la era de la inteligencia artificial. https:\/\/uoc2thefuture.uoc.edu\/es\/recursos-conozco\/evolucion-taxonomia-bloom-inteligencia-artificial\/, 2023. Accessed: 25 Sept 2025"},{"key":"1202_CR97","unstructured":"REWIRE Project Consortium. R4.2.1. wp4 rewire curricula and training framework. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/08\/R4.2.1-REWIRE-Curricula-and-Training-Framework_Website.pdf, 2023. Accessed: 22 Apr 2025"},{"key":"1202_CR98","doi-asserted-by":"crossref","unstructured":"Delgado, A.B., Ricci, S., Chatzopoulou, A., Cegan, J., Dzurenda, P., Koutoudis, I.: Enhancing cybersecurity education in europe: the rewire\u2019s course selection methodology. In Proceedings of the 18th International Conference on Availability, Reliability and Security, pages 1\u20137, (2023)","DOI":"10.1145\/3600160.3605091"},{"key":"1202_CR99","doi-asserted-by":"publisher","unstructured":"Stronati, C.: The design of upper secondary education across oecd countries: Managing choice, coherence and specialisation. OECD Education Working Papers 288, OECD Publishing, Paris, (2023). https:\/\/doi.org\/10.1787\/158101f0-en","DOI":"10.1787\/158101f0-en"},{"key":"1202_CR100","unstructured":"REWIRE Consortium. https:\/\/rewireproject.eu\/partners\/. Accessed: 30 Nov 2025"},{"key":"1202_CR101","unstructured":"ECSO. European cybersecurity education and professional training: Minimum reference curriculum - ecso. Technical report, SWG 5.2 I Education & Professional Training, 2022"},{"key":"1202_CR102","unstructured":"Miller, S.: Comptia certifications explained: Overview of every comptia certification | infosec. https:\/\/www.infosecinstitute.com\/resources\/professional-development\/every-comptia-certification-explained\/, 2024. Accessed: 12 Jun 2025"},{"issue":"1","key":"1202_CR103","doi-asserted-by":"publisher","first-page":"307","DOI":"10.19173\/irrodl.v16i1.2000","volume":"16","author":"Rob Koper","year":"2015","unstructured":"Koper, Rob: How do students want to learn in online distance education? profiling student preferences. Int. Rev. Res. Open Distrib. Learn. 16(1), 307\u2013329 (2015). https:\/\/doi.org\/10.19173\/irrodl.v16i1.2000","journal-title":"Int. Rev. Res. Open Distrib. Learn."},{"key":"1202_CR104","doi-asserted-by":"crossref","unstructured":"Marcotte, K.M., Gruppen, L.D.: Competency-based education as curriculum and assessment for integrative learning. Education Sciences 12(4), 267 (2022). MDPI","DOI":"10.3390\/educsci12040267"},{"issue":"6","key":"1202_CR105","first-page":"22","volume":"19","author":"AJ Arnold","year":"2021","unstructured":"Arnold, A.J., Keyel, J., Soysal, A., Kretser, M., Sagheb, S., Rikakis, T.: Toward an integrative professional and personal competency-based learning model for inclusive workforce development. J. syst. cybern. informatics. 19(6), 22\u201329 (2021)","journal-title":"J. syst. cybern. informatics."},{"key":"1202_CR106","doi-asserted-by":"crossref","unstructured":"Dzurenda, P., Ricci, S., Sikora, M., Stejskal, M., Lend\u00e1k, I., Ad\u00e3o, P.: Enhancing cybersecurity curriculum development: Ai-driven mapping and optimization techniques. In Proceedings of the 19th International Conference on Availability, Reliability and Security, pages 1\u201310, (2024)","DOI":"10.1145\/3664476.3670467"},{"key":"1202_CR107","unstructured":"Baker-Stein, M.: Why employers should embrace competency-based learning in cybersecurity | nist. Technical report, 2022. https:\/\/www.nist.gov\/blogs\/cybersecurity-insights\/why-employers-should-embrace-competency-based-learning-cybersecurity. Accessed: 12 Jun 2025"},{"key":"1202_CR108","doi-asserted-by":"crossref","unstructured":"Albaladejo-Gonz\u00e1lez, M., Strukova, S., Ruip\u00e9rez-Valiente, J.A., G\u00f3mez M\u00e1rmol, F.: Exploring the affordances of multimodal data to improve cybersecurity training with cyber range environments. Ediciones de la Universidad de Castilla-La Mancha: Cuenca, Spain, 379, (2021)","DOI":"10.18239\/jornadas_2021.34.52"},{"key":"1202_CR109","unstructured":"Potter, K., Stilinski, D., Adablanu, S.: Multimodal deep learning for integrated cybersecurity analytics. tech. rep, EasyChair (2024)"},{"key":"1202_CR110","doi-asserted-by":"crossref","unstructured":"Bordel, B., Alcarria, R., Robles, T., Martin, D.: Flipped classroom and educational videos to improve the cybersecurity competencies in future computer engineers. In EDULEARN21 Proceedings, pages 221\u2013225. IATED, (2021)","DOI":"10.21125\/edulearn.2021.0080"},{"key":"1202_CR111","unstructured":"REWIRE Project Consortium. R4.3.1. rewire cyber range scenario and development framework. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/05\/R4.3.1-REWIRE_WEB.pdf, 2023. Accessed: 11 May 2025"},{"key":"1202_CR112","unstructured":"REWIRE Project Consortium. R4.1.2. rewire cyber range. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/05\/R4.1.2_REWIRE_Cyber_Range_WEB.pdf, 2023. Accessed: 11 May 2025"},{"key":"1202_CR113","doi-asserted-by":"publisher","unstructured":"Vir\u00e1g, C., Cegan, J., Lieskovan, T., Merialdo, M.: The current state of the art and future of european cyber range ecosystem. In 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pages 390\u2013395. https:\/\/doi.org\/10.1109\/CSR51186.2021.9527931 (2021). Accessed: 09 May 2025","DOI":"10.1109\/CSR51186.2021.9527931"},{"key":"1202_CR114","unstructured":"LearnDash. https:\/\/www.learndash.com\/. Accessed: 27 Sept 2025"},{"key":"1202_CR115","unstructured":"REWIRE Project Consortium. R4.5.1. results of the 1st cybersecurity voocs delivery. https:\/\/rewireproject.eu\/wp-content\/uploads\/2024\/07\/R4.5.1-REWIRE-1st-VOOC-delivery_Website.pdf, 2024. Accessed: 29 Sept 2025"},{"key":"1202_CR116","unstructured":"REWIRE Project Consortium. R4.5.2. results of the 2nd cybersecurity voocs delivery. https:\/\/rewireproject.eu\/wp-content\/uploads\/2025\/01\/R4.5.1-REWIRE-2nd-VOOC-delivery_Website.pdf, 2025. Accessed: 29 Sept 2025"},{"key":"1202_CR117","doi-asserted-by":"crossref","unstructured":"Joshi, A., Kale, S., Chandel, S., Kumar Pal, D.: Likert scale: Explored and explained. British journal of applied science & technology 7(4), 396 (2015). Sciencedomain International","DOI":"10.9734\/BJAST\/2015\/14975"},{"key":"1202_CR118","unstructured":"O\u2019Brien, K., Downie, A.: What is net promoter score (nps)? https:\/\/www.ibm.com\/think\/topics\/net-promoter-score. Accessed: 27 Sept 2025"},{"key":"1202_CR119","unstructured":"REWIRE Project Consortium. R4.6.1 cybersecurity skills certification scheme core. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/08\/R.4.6.1-REWIRE-Certification-Scheme_core_Final.pdf, 2023. Accessed: 25 Nov 2025"},{"key":"1202_CR120","unstructured":"REWIRE Project Consortium. R4.6.2 r.4.6.2 cybersecurity skills qualification standards. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/08\/R.4.6.2-REWIRE-CISO-Certification-Scheme_SITE.pdf, 2023. Accessed: 25 Nov 2025"},{"key":"1202_CR121","unstructured":"CONCORDIA European funded project. Concordia cybersecurity skills certification framework. https:\/\/www.concordia-h2020.eu\/wp-content\/uploads\/2022\/12\/CONCORDIA_Certification_Framework_1.0.pdf, 2022. Accessed: 25 Apr 2025"},{"key":"1202_CR122","unstructured":"EUROPEAN COMMITTEE FOR STANDARDIZATION. Cwa 16458-1. https:\/\/itprofessionalism.org\/wp-content\/uploads\/2025\/03\/ICT-professionals-role-profiles-Pt-1-CWA-16458-1.pdf, 2018. Accessed: 25 Apr 2025"},{"key":"1202_CR123","unstructured":"REWIRE Project Consortium. R4.6.3 cybersecurity skills certification scheme examination material. https:\/\/rewireproject.eu\/wp-content\/uploads\/2023\/08\/R.4.6.3-Cybersecurity-Skills-Certification-Scheme-Examination-material_Final.pdf, 2023. Accessed: 25 Apr 2025"},{"key":"1202_CR124","unstructured":"ENISA. Certifications mapped to the ecsf. https:\/\/www.enisa.europa.eu\/topics\/skills-and-competences\/skills-development\/european-cybersecurity-skills-framework-ecsf\/certifications-mapped-to-the-ecsf, 2024. Accessed: 25 Apr 2025"},{"key":"1202_CR125","unstructured":"NG-SOC Project. https:\/\/ng-soc.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR126","unstructured":"NG-SOC Project Consortium. D5.1 skills development strategy report. https:\/\/ng-soc.eu\/article\/NG-SOC_D5.1_20v1.0.pdf, 2025. Accessed: 21 Nov 2025"},{"key":"1202_CR127","unstructured":"ECSO. Main page. https:\/\/ecs-org.eu\/. Accessed: 27 Sept 2025"},{"key":"1202_CR128","unstructured":"OpenEdX. Main page. https:\/\/openedx.org\/. Accessed: 27 Sept 2025"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01202-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01202-0","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01202-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T09:18:01Z","timestamp":1776071881000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01202-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,2,5]]},"references-count":128,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2026,4]]}},"alternative-id":["1202"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01202-0","relation":{"has-preprint":[{"id-type":"doi","id":"10.21203\/rs.3.rs-7988565\/v1","asserted-by":"object"}]},"ISSN":["1615-5270"],"issn-type":[{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,2,5]]},"assertion":[{"value":"30 October 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 December 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 February 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that this work was developed within the framework of the REWIRE - Cybersecurity Skills Alliance: A New Vision for Europe project, which has received support from the Erasmus+ Programme of the European Union. REWIRE is co-funded by the European Commission under Grant Agreement No. 621701-EPP-1-2020-1-LT-EPPKA2-SSA-B. Two of the authors (Yianna Danidou and Argyro Chatzopoulou) serve as guest editors for the Special Issue to which this paper has been submitted. They were not involved in the peer review process of this manuscript and will have no access to reviewer information or decisions.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing Interests"}},{"value":"Parts of this document, including language refinement and text fluency, were supported by generative AI tools. The authors reviewed, verified, and approved all the generated content to ensure its accuracy, consistency, and compliance with scientific standards.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declaration of Generative AI Use"}}],"article-number":"46"}}