Dagstuhl Seminar 26422
Cyber Security Experimentation Beyond Exercises and Cyber Ranges
( Oct 11 – Oct 16, 2026 )
Permalink
Organizers
- Terry Benzel (USC - Marina del Rey, US)
- Maria Leitner (Universität Regensburg, DE)
- Olaf Maennel (University of Adelaide, AU)
- Teodor Sommestad (Swedish Defence Reseach Agency - Linköping, SE)
Contact
- Andreas Dolzmann (for scientific matters)
- Susanne Bach-Bernhard (for administrative matters)
Cyber attacks can disrupt critical infrastructures, compromise privacy, and cause severe economic losses. To address these challenges, it is essential to strengthen both our scientific understanding of the cyber domain and our ability to train and prepare skilled professionals. Simulation infrastructures are an important tool in these efforts.
Simulation and emulation infrastructures have been developed to enable cyber security researchers to test hypotheses, validate models, and reproduce results under controlled conditions. In parallel, similar infrastructures support hands-on training, exercises, and the assessment of human skills in cyber security. The technologies used and the processes emulated or simulated are often alike. In particular, both communities rely on virtualization to set up cyber ranges to carry out cyber attacks and intrusion handling under controlled conditions. Yet despite these overlaps, infrastructures are frequently developed in isolation, limiting opportunities for synergy.
The goal of this Dagstuhl Seminar is to bring these communities together. By focusing on cyber security experimentation and exercises in one forum, we aim to ensure that infrastructures are not created for narrow purposes but instead contribute to a broader, integrated ecosystem. For instance, researchers may conduct experiments on intrusion detection where the role of human analysts is crucial. At the same time, exercises evaluate the performance of human analysts using intrusion detection systems, generating insights that can inform the design of more effective scientific testbeds. Conversely, research results can improve the design and evaluation of training environments.
The seminar is planned to be highly interactive, featuring practice talks, demos, world cafés, and breakout sessions for in-depth discussions. These activities will focus on three guiding questions:- What is required from a simulation infrastructure to enhance scientific rigor in cyber security?
- How can the FAIR principles (Findable, Accessible, Interoperable, Reusable) be achieved in cyber security simulation infrastructures?
- How will artificial intelligence transform cyber security simulation infrastructures?
By engaging with these questions, participants are expected to identify common needs, share approaches, and explore how infrastructures can be designed to support both rigorous research and effective training. The seminar also aims to foster knowledge exchange on practical aspects such as principles and toolsets for data collection, scenario design, and evaluation methods.

Classification
- Cryptography and Security
- Emerging Technologies
- Systems and Control
Keywords
- cyber security exercises
- cyber ranges
- cyber security experimentation
- research infrastructures