A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE mo...
| Autores: | , , , , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2026 |
| País: | España |
| Institución: | Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya) |
| Repositorio: | Recercat. Dipósit de la Recerca de Catalunya |
| OAI Identifier: | oai:recercat.cat:20.500.14342/5965 |
| Acceso en línea: | http://hdl.handle.net/20.500.14342/5965 https://doi.org/10.1007/s10207-025-01202-0 |
| Access Level: | acceso abierto |
| Palabra clave: | Cybersecurity education Cybersecurity training Cyber range training European cybersecurity skills framework (ECSF) Upskilling and reskilling Certification framework Instructional design 004 62 |
| Sumario: | This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE model with certification mechanisms structured around ISO/IEC 17024:2012 standards. It provides a replicable model that guides training providers from learning outcome definition to course implementation and evaluation, ensuring full alignment with ECSF occupational profiles. The proposed framework integrates theoretical, practical, and evaluative components that can be delivered through Vocational Open Online Courses (VOOCs) within Virtual Learning Environments (VLEs) and by incorporating Cyber Range exercises. The methodology has been validated through its implementation in the European-funded REWIRE project, which served as a practical testbed for its application and refinement, and was later applied in the NG-SOC project. It supports both upskilling and reskilling pathways and enables transparent mapping between competences, roles, and certification levels. In general, this approach bridges the gap between cybersecurity education and the European labor market, promoting quality assurance, interoperability, and recognition of cybersecurity competences across EU Member States. |
|---|