隨著智慧製造與工業4.0的迅速發展，作業科技 (Operational Technology, OT) 的設備需要上網，以便智慧製造應用取得資料，並且進行控制。因此，OT 設備也會具有部分資訊科技 (Information Technology, IT) 的能力，而與 IT 設備的界線變得模糊。過去基於實體隔離或封閉網路環境以確保OT領域安全性的做法已不再適用。OT 設備有可能直接暴露在駭客攻擊的威脅之下。而 OT 設備因為通常採用專屬的協定，過去進行資訊設備維護的人並不熟悉，也不知道如何才能增進系統的安全性。需要讓 OT 設備的人員知道如何設計與實作考量 IT 安全風險的設備，也需要 IT 設備維護的人員了解如何保護 OT 設備的安全性。因此，資安訓練尤為重要。但在人員資安培訓方面，僅依賴傳統的課堂教育，難以產生實質的效果，攻防演練已被證實有助於資安意識的培養，而在OT領域的應用卻相對較少。建置供 OT 領域進行資安攻防演練的場域，就成為重要的議題。
本研究統整了2013年至2023年間OT領域資安攻防演練場域的文獻，並歸納出場域建置方法和培訓方式，並對這些方法進行分析。本研究主要分析涉及OT 資安演練場域建置方法和培訓方式的特性、優點和缺點。進而去彙整出當前OT 資安攻防演練場域應用、建置方法和培訓方式研究的現況，以及未來的發展趨勢。

With the rapid development of smart manufacturing and Industry 4.0, Operational Technology (OT) devices need to be connected to the Internet for smart manufacturing applications for data accessing and remote control. As a result, OT devices also possess some capabilities of Information Technology (IT), blurring the boundary between OT and IT devices. The practices of the past, which relied on physical isolation or closed network environments to ensure the security of OT devices, are no longer applicable. Currently, OT devices are susceptible to direct exposure to external threats. These devices often utilize specialized protocols that were unfamiliar to people maintaining information technology (IT) devices in the past, making it challenging to enhance system security. It's necessary for personnel working with OT devices to understand how to design and implement OT devices considering IT security risks. Also, IT maintenance personnel should understand how to protect the security of OT devices. Therefore, cybersecurity training is crucial. In this case, relying solely on traditional classroom education for personnel cybersecurity training may not yield significant results. Red team-blue team exercises have been proven effective in cultivating cybersecurity awareness, yet their application in the OT field has been relatively limited. Establishing environments for conducting cybersecurity red team-blue team exercises in the OT domain has become an important topic.
This study aims to address this knowledge gap by integrating literature from 2013 to 2023 concerning practical cybersecurity implementations in industrial control systems. This study primarily analyzes the characteristics, advantages, and disadvantages of methods and training approaches related to the establishment of OT cybersecurity exercise environments. Subsequently, it compiles the current status of applications, methods for establishing, and training approaches for OT cybersecurity red team-blue team exercises, as well as future development trends.

[1] Langner, R. (2011). Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy, 9(3), 49-51.
[2] Liang, G., Weller, S. R., Zhao, J., Luo, F., & Dong, Z. Y. (2016). The 2015 ukraine blackout: Implications for false data injection attacks. IEEE Transactions on Power Systems, 32(4), 3317-3318.
[3] Kumar, M. (2018). Tsmc chip maker blames wannacry malware for production halt. The Hacker News.
[4] International Information System Security Certification Consortium (ISC)².The (ISC)² Cybersecurity Workforce Study, Jan. 2022, [online] Available:
[5] S Wheatley, Top 5 Findings from the Global 2022 Cybersecurity Skills Gap Report, Apr. 2022, [online] Available:
[6] Lin, C. T., Wu, S. L., & Lee, M. L. (2017, August). Cyber attack and defense on industry control systems. In 2017 IEEE Conference on Dependable and Secure Computing (pp. 524-526). IEEE.
[7] Pliatsios, D., Sarigiannidis, P., Lagkas, T., & Sarigiannidis, A. G. (2020). A survey on SCADA systems: secure protocols, incidents, threats and tactics. IEEE Communications Surveys & Tutorials, 22(3), 1942-1976.
[8] Petersen, R., Santos, D., Wetzel, K., Smith, M., & Witte, G. (2020). Workforce framework for cybersecurity (NICE framework).
[9] Sadeh-Koniecpol, N., Wescoe, K., Brubaker, J., & Hong, J. (2017). U.S. Patent No. 9,558,677. Washington, DC: U.S. Patent and Trademark Office.
[10] Yam, W. (2016). Strategies Used In Capture The Flag Events Contributing To Team Performance. Naval Postgraduate School Monterey United States.
[11] Booth, A., Sutton, A., Clowes, M., & Martyn-St James, M. (2021). Systematic approaches to a successful literature review.
[12] Mocanu, S. (2017, June). ECO-Lab: an open lab for flexible distant education in digital technologies for energy. In 2017 27th EAEEIE Annual Conference (EAEEIE) (pp. 1-4). IEEE.
[13] Lieskovan, T., & Hajny, J. (2022, August). Security of Smart Grid Networks in the Cyber Ranges. In Proceedings of the 17th International Conference on Availability, Reliability and Security (pp. 1-8).
[14] Mathur, A. P., & Tippenhauer, N. O. (2016, April). SWaT: A water treatment testbed for research and training on ICS security. In 2016 international workshop on cyber-physical systems for smart water networks (CySWater) (pp. 31-36). IEEE.
[15] Ghaleb, A., Zhioua, S., & Almulhem, A. (2016, December). SCADA-SST: a SCADA security testbed. In 2016 World Congress on Industrial Control Systems Security (WCICSS) (pp. 1-6). IEEE.
[16] Alves, T., Das, R., & Morris, T. (2016, December). Virtualization of industrial control system testbeds for cybersecurity. In Proceedings of the 2nd Annual Industrial Control System Security Workshop (pp. 10-14).
[17] Sharma, G., Sherif, E., He, M., & Boiten, E. (2022, December). Analysis of Cyber-Attacks for Modern Digital Railway System Using Cyber Range. In 2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI) (pp. 1-6). IEEE.
[18] Longo, G., Orlich, A., Musante, S., Merlo, A., & Russo, E. (2023). MaCySTe: A virtual testbed for maritime cybersecurity. SoftwareX, 23, 101426.
[19] Ahmed, I., Roussev, V., Johnson, W., Senthivel, S., & Sudhakaran, S. (2016, December). A SCADA system testbed for cybersecurity and forensic research and pedagogy. In Proceedings of the 2nd Annual Industrial Control System Security Workshop (pp. 1-9).
[20] Del Canto, C. J., Prada, M. A., Fuertes, J. J., Alonso, S., & Domínguez, M. (2015). Remote laboratory for cybersecurity of industrial control systems. IFAC-PapersOnLine, 48(29), 13-18.
[21] Shangting, M., & Quan, P. (2021, January). Industrial cyber range based on QEMU-IOL. In 2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA) (pp. 671-674). IEEE.
[22] Puys, M., Thevenon, P. H., & Mocanu, S. (2021, August). Hardware-In-The-Loop Labs for SCADA Cybersecurity Awareness and Training. In The 16th International Conference on Availability, Reliability and Security (pp. 1-10).
[23] Koganti, V. S., Ashrafuzzaman, M., Jillepalli, A. A., & Sheldon, F. T. (2017, October). A virtual testbed for security management of industrial control systems. In 2017 12th International Conference on Malicious and Unwanted Software (MALWARE) (pp. 85-90). IEEE.
[24] Matoušek, P., & Ryšavý, O. (2021, September). Teaching ICS Security in Blended Classroom Environment. In 2021 30th Annual Conference of the European Association for Education in Electrical and Information Engineering (EAEEIE) (pp. 1-6). IEEE.
[25] Khan, M., Rehman, O., Rahman, I. M., & Ali, S. (2020, September). Lightweight testbed for cybersecurity experiments in scada-based systems. In 2020 International Conference on Computing and Information Technology (ICCIT-1441) (pp. 1-5). IEEE.
[26] Deckard, G. M. (2018, October). Cybertropolis: Breaking the paradigm of cyber-ranges and testbeds. In 2018 IEEE International Symposium on Technologies for Homeland Security (HST) (pp. 1-4). IEEE.
[27] Strasser, T., Stifter, M., Andrén, F., & Palensky, P. (2014). Co-simulation training platform for smart grids. IEEE Transactions on Power Systems, 29(4), 1989-1997.
[28] Domínguez, M., Prada, M. A., Reguera, P., Fuertes, J. J., Alonso, S., & Morán, A. (2017). Cybersecurity training in control systems using real equipment. IFAC-PapersOnLine, 50(1), 12179-12184.
[29] Stites, J., Siraj, A., & Brown, E. L. (2013, October). Smart grid security educational training with thundercloud: a virtual security test bed. In Proceedings of the 2013 on InfoSecCD'13: Information Security Curriculum Development Conference (pp. 105-110).
[30] Čeleda, P., Vykopal, J., Švábenský, V., & Slavíček, K. (2020, February). Kypo4industry: A testbed for teaching cybersecurity of industrial control systems. In Proceedings of the 51st acm technical symposium on computer science education (pp. 1026-1032).
[31] Domínguez, M., Morán, A., Alonso, S., Prada, M. A., Pérez, D., & Fuertes, J. J. (2019). Experimentation environment for industrial control systems cybersecurity: On-site and remote training. IFAC-PapersOnLine, 52(9), 248-253.
[32] Yardley, T., Uludag, S., Nahrstedt, K., & Sauer, P. (2014, October). Developing a smart grid cybersecurity education platform and a preliminary assessment of its first application. In 2014 IEEE frontiers in education conference (FIE) proceedings (pp. 1-9). IEEE.
[33] Antonioli, D., Ghaeini, H. R., Adepu, S., Ochoa, M., & Tippenhauer, N. O. (2017, November). Gamifying ICS security training and research: Design, implementation, and results of S3. In Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy (pp. 93-102).
[34] Leitner, M., Frank, M., Hotwagner, W., Langner, G., Maurhart, O., Pahi, T., ... & Warum, M. (2020, November). AIT cyber range: flexible cyber security environment for exercises, training and research. In Proceedings of the European Interdisciplinary Cybersecurity Conference (pp. 1-6)
[35] Bécue, A., Fourastier, Y., Praça, I., Savarit, A., Baron, C., Gradussofs, B., ... & Thomas, C. C. (2018, June). 1—Securing the industry 4.0 with cyber-ranges and digital twins. In Proceedings of the 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS), Imperia, Italy (pp. 13-15).
[36] Kandasamy, N. K., Venugopalan, S., Wong, T. K., & Leu, N. J. (2022). An electric power digital twin for cyber security testing, research and education. Computers and Electrical Engineering, 101, 108061.
[37] Khan, M. H., Tanveer, S., & Shah, M. A. (2022, June). MITRE att&ck TM based language for effective training in cyber range. In Competitive Advantage in the Digital Economy (CADE 2022) (Vol. 2022, pp. 105-110). IET.