{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,17]],"date-time":"2026-06-17T15:34:07Z","timestamp":1781710447063,"version":"3.54.5"},"reference-count":46,"publisher":"Oxford University Press (OUP)","issue":"5","license":[{"start":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:00:00Z","timestamp":1733961600000},"content-version":"vor","delay-in-days":1,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100013589","name":"Research England","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100013589","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,5,15]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>As the threat of cyber attacks increases, the cyber security sector continues to train professionals as one form of mitigation. Gamification and infrastructure like cyber ranges (CRs) have been proven useful in training cyber security specialists to detect and react to cyber-attacks in information technology. However, a subset of all digital threats target cyber-physical systems (CPS), not just information systems, and these threats have been growing rapidly in recent years. While those threats are increasing, training specific to cyber-physical threats is not growing as quickly as information technology training solutions. While CRs are useful for training and supporting events like cyber defence exercises and capture the flags events, limitations to CRs make it more difficult to make an immersive event for cyber-physical training. This paper demonstrates how to devise a cyber-physical training environment using a combination of CRs and CPS testbeds,and how to devise an accompanying immersive scenario to improve cyber-physical security skills through cooperative learning. To do this, an example training was created and implemented. This paper concludes with the results of running this event four times.<\/jats:p>","DOI":"10.1093\/comjnl\/bxae123","type":"journal-article","created":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T07:39:06Z","timestamp":1733989146000},"page":"445-459","source":"Crossref","is-referenced-by-count":4,"title":["Generating training events for building cyber-physical security skills"],"prefix":"10.1093","volume":"68","author":[{"given":"Avanthika","family":"Vineetha Harish","sequence":"first","affiliation":[{"name":"School of Engineering , Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA,","place":["United States"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Kimberly","family":"Tam","sequence":"additional","affiliation":[{"name":"School of Engineering , Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA,","place":["United States"]},{"name":"Data Centric Engineering , Alan Turing Institute, London NW1 2DB,","place":["United States"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Kevin","family":"Jones","sequence":"additional","affiliation":[{"name":"School of Engineering , Computing and Mathematics, University of Plymouth, Plymouth PL4 8AA,","place":["United States"]}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"286","published-online":{"date-parts":[[2024,12,11]]},"reference":[{"key":"2025052712493495200_ref1","volume-title":"Cooperation and Competition: Theory and Research","author":"Johnson","year":"1989"},{"key":"2025052712493495200_ref2","doi-asserted-by":"publisher","first-page":"11759","DOI":"10.1007\/s10639-022-11451-4","article-title":"Cybercompetitions: a survey of competitions, tools, and systems to support cybersecurity education","volume":"28","author":"Balon","year":"2023","journal-title":"Educ Inf Technol"},{"key":"2025052712493495200_ref3","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1080\/20464177.2024.2330176","article-title":"Future of maritime autonomy: cybersecurity, trust and mariner\u2019s situational awareness","volume":"23","author":"Palbar Misas","year":"2024","journal-title":"J Mar Eng Technol"},{"key":"2025052712493495200_ref4","first-page":"37","article-title":"Gamification of education","author":"Huang","year":"2013"},{"key":"2025052712493495200_ref5","doi-asserted-by":"publisher","first-page":"102470","DOI":"10.1016\/j.jnca.2019.102470","article-title":"An empirical survey of functions and configurations of open-source capture the flag (CTF) environments","volume":"151","author":"Kucek","year":"2020","journal-title":"J Netw Comput Appl"},{"key":"2025052712493495200_ref6","article-title":"CTF: state-of-the-art and building the next generation","volume-title":"2017 USENIX Workshop on Advances in Security Education (ASE 17)","author":"Taylor"},{"key":"2025052712493495200_ref7","doi-asserted-by":"publisher","first-page":"116759","DOI":"10.3389\/fpsyg.2014.01156","article-title":"Using technology to revolutionize cooperative learning: an opinion","volume":"5","author":"Johnson","year":"2014","journal-title":"Front Psychol"},{"key":"2025052712493495200_ref8","article-title":"Shell we play a game? CTF-as-a-service for security education","volume-title":"2017 USENIX Workshop on Advances in Security Education (ASE 17)","author":"Trickel"},{"key":"2025052712493495200_ref9","first-page":"172","article-title":"Guide for designing cyber security exercises","volume-title":"Proceedings of The 8th WSEAS International Conference on E-Activities and Information Security and Privacy","author":"Patriciu","year":"2009"},{"key":"2025052712493495200_ref10","author":"CCDCOE"},{"key":"2025052712493495200_ref11","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/CyberSecPODS.2018.8560673","article-title":"The concept of cyber defence exercises (CDX): planning, execution, evaluation","volume-title":"2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)","author":"Seker","year":"2018"},{"key":"2025052712493495200_ref12","doi-asserted-by":"publisher","DOI":"10.3390\/info14110587","article-title":"Securing the network: a red and blue cybersecurity competition case study","volume":"14","author":"Chindrus","year":"2023","journal-title":"Information"},{"key":"2025052712493495200_ref13","article-title":"Analysis of a cyber Defense exercise using exploratory sequential data analysis","volume-title":"Conference: The 16th International Command and Control Research and Technology Symposium (ICCRTS)At: Qu\u00e9bec City, Canada","author":"Gran\u00e5sen","year":"2011"},{"key":"2025052712493495200_ref14","article-title":"DefEX: hands-on cyber defense exercises for undergraduate students","volume-title":"SAM 2011 : proceedings of the 2011 international conference on security & management (Las Vegas NV, July 18-21, 2011)","author":"Glumich","year":"2011"},{"key":"2025052712493495200_ref15","volume-title":"CGI Cyber Escape 2.0 \u2014 CGI UK","author":"CGI"},{"key":"2025052712493495200_ref16","volume-title":"Cyber Escape Room \u2014 Thales Group","author":"Thales"},{"key":"2025052712493495200_ref17","first-page":"413","article-title":"A nerd dogma: introducing CTF to non-expert audience","volume-title":"Proceedings of the 21st Annual Conference on Information Technology Education, New York, NY, USA SIGITE\u201920","author":"Costa","year":"2020"},{"key":"2025052712493495200_ref18","doi-asserted-by":"publisher","first-page":"101607","DOI":"10.1016\/j.cose.2019.101607","article-title":"A framework for competence development and assessment in hybrid cybersecurity exercises","volume":"88","author":"Brilingait\u0117","year":"2020","journal-title":"Computers & Security"},{"key":"2025052712493495200_ref19","article-title":"Pedagogical resources for industrial control systems security: Design, implementation, conveyance, and evaluation","journal-title":"Journal of Cybersecurity Education, Research and Practice"},{"key":"2025052712493495200_ref20","article-title":"Cybersecurity Scenario Builder and Retrieval Toolkit","volume-title":"Innovations in Cybersecurity Education","author":""},{"key":"2025052712493495200_ref21","volume-title":"New Exercise Unveiled to Help Businesses in the Fight against Cyber Attacks","author":"University of Bristol","year":"2018"},{"key":"2025052712493495200_ref22","volume-title":"Decisions and Disruptions","author":"Lancaster Security","year":"2017"},{"key":"2025052712493495200_ref23","volume-title":"Immersive Cyber Outreach Event for Lancaster School Pupils","author":"Lancaster University","year":"2024"},{"key":"2025052712493495200_ref24","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1145\/3017680.3017783","article-title":"Capture the flag unplugged: an offline cyber competition","volume-title":"Proceedings of The 2017 ACM SIGCSE Technical Symposium on Computer Science Education","author":"Ford","year":"2017"},{"key":"2025052712493495200_ref25","volume-title":"Applications of Maritime Simulators in Industry and Research","author":"Zghyer","year":"2022"},{"key":"2025052712493495200_ref26","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/s13437-021-00242-2","article-title":"The continuum of simulator-based maritime training and education","volume":"20","author":"Kim","year":"2021","journal-title":"WMU J Marit Aff"},{"key":"2025052712493495200_ref27","volume-title":"Varjo how VR\/XR Is Reducing Maritime Training Costs by a Thousandfold. linkedin.com"},{"key":"2025052712493495200_ref28","volume-title":"Virtual Sailor NG - Naval Simulation at its Best!hangsim.com","author":"Papini"},{"key":"2025052712493495200_ref29","volume-title":"Command Home - Bridge Command \u2014 Bridgecommand.co.Uk"},{"key":"2025052712493495200_ref30","first-page":"16","article-title":"The use of cyber ranges in the maritime context: assessing maritime-cyber risks, raising awareness, and providing training","volume":"3","author":"Tam","year":"2021","journal-title":"Marit Technol Res"},{"key":"2025052712493495200_ref31","volume-title":"Analysis of Cyber Exercises Approaches","author":"Mokhor","year":"2020"},{"key":"2025052712493495200_ref32","volume-title":"Metasploitable 2 Documentation","author":"Rapid7"},{"key":"2025052712493495200_ref33","volume-title":"Others Cyber-SHIP: Developing Next Generation Maritime Cyber Research Capabilities","author":"Tam","year":"2019"},{"key":"2025052712493495200_ref34","volume-title":"OWASP Top 10:2021","author":"OWASP","year":"2021"},{"key":"2025052712493495200_ref35","volume-title":"How to Run a Cyber Exercise Part 7 - Injects","author":"Baars","year":"(  2024)"},{"key":"2025052712493495200_ref36","volume-title":"Reporting - The Penetration Testing Execution Standard","author":"PTES","year":"2014"},{"key":"2025052712493495200_ref37","volume-title":"CTF EVENTS Contemporary Practices and State-of-the-Art in Capture-the-Flag Competitions MAY 2021","author":"Rensburg","year":"2021"},{"key":"2025052712493495200_ref38","doi-asserted-by":"publisher","first-page":"744","DOI":"10.3389\/fpsyg.2018.00744","article-title":"The future cybersecurity workforce: going beyond technical skills for successful cyber performance","volume":"9","author":"Dawson","year":"2018","journal-title":"Front Psychol"},{"key":"2025052712493495200_ref39","volume-title":"Open Source Intelligence - The Cinderella of the Investigative Family? - The Police Foundation","author":"Rowley","year":"2021"},{"key":"2025052712493495200_ref40","volume-title":"Trace Labs \u2014 Search Party","author":"Labs","year":"2023"},{"key":"2025052712493495200_ref41","volume-title":"What Is a Digital Footprint?","author":"Kaspersky","year":"2022"},{"key":"2025052712493495200_ref42","doi-asserted-by":"publisher","DOI":"10.4236\/jtts.2022.121001","article-title":"Case Study of a Cyber-Physical Attack Affecting Port and Ship Operational Safety","volume":"12","author":"Tam","journal-title":"Journal of Transportation Technologies"},{"key":"2025052712493495200_ref43","volume-title":"Cyber 9\/12 Strategy Challenge - Atlantic Council","author":"Atlantic Council","year":"2024"},{"key":"2025052712493495200_ref44","volume-title":"The UK\u2019s Cross Discipline Student Cyber Security Competition \u2014 UK Cyber 9\/12 Strategy Challenge","author":"UK Cyber 9\/12 Strategy Challenge","year":"2024"},{"key":"2025052712493495200_ref45","volume-title":"HackerNoon Introducing the InfoSec Colour Wheel Blending Developers with Red and Blue Security Teams. \u2014 HackerNoon","year":"2018"},{"key":"2025052712493495200_ref46","volume-title":"Orange Is the New Purple","author":"Wright","year":"2017"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/68\/5\/445\/61051736\/bxae123.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/68\/5\/445\/61051736\/bxae123.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,27]],"date-time":"2025-05-27T16:50:24Z","timestamp":1748364624000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/68\/5\/445\/7921452"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,11]]},"references-count":46,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2024,12,11]]},"published-print":{"date-parts":[[2025,5,15]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxae123","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2025,5]]},"published":{"date-parts":[[2024,12,11]]}}}