The utilisation of Domain-Specific Modelling (DSM) in software development has a significant positive impact on productivity. The productivity increase is caused by the utilisation of modelling languages and generators that are especially suitable for a specific problem domain instead of those designed for solution domains. The prerequisite for this significant productivity increase is that the languages and the automation function correctly. To ensure the suitability of the languages and tools, we need to be able to use the verification and validation (V&V) techniques in the context of DSM. In this position paper we study what V&V actually stands for in this particular context and what the current means are for performing V&V. We found that although there are some means available for verification, comprehensive methods still do not exist. For validation, we believe that maintaining a bidirectional trace link between requirements, models and the generated deliverables is a promising approach to significantly facilitate the validation process.
Cyber ranges are often used to enhance the cybersecurity posture of a company by training relevant skills. These environments are traditionally used to host exercises that simulate cybersecurity scenarios, improve the cybersecurity skills of employees and enhance the security of networks and processes. By using digital twins, it is possible to organise more targeted cyber range trainings to companies operating in the critical infrastructure sector. Especially in this sector it is important to consider the cybersecurity of these environments themselves as they often may handle companyspecific confidential information. This study presents several cybersecurity related threats and challenges that cyber ranges may face during different phases of use. Cyber threats may be exposed to the actual systems that the ranges are meant to protect if these issues are not taken into consideration and mitigated. Malicious attackers may use the information in the cyber ranges to learn the weaknesses in the actual system. We approach the subject by reviewing the relevant literature, which is currently very limited especially when looking at the cybersecurity issues of cyber ranges. We divide the subject into the different phases of cyber range development and use, and also discuss relevant cloud security issues. Finally, we present actions to mitigate the identified cybersecurity threats and issues in cyber ranges when using them for training and awareness activities.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.