A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments

This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE mo...

ver descrição completa

Detalhes bibliográficos
Autores: Sánchez, Julia, Briones, Alan, Ricci, Sara, Cegan, Jakub, Chatzopoulou, Argyro, Danidou, Yianna, Menegatos, Andreas, Corral Torruella, Guiomar
Formato: artículo
Fecha de publicación:2026
País:España
Recursos:Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya)
Repositorio:Recercat. Dipósit de la Recerca de Catalunya
OAI Identifier:oai:recercat.cat:20.500.14342/5965
Acesso em linha:http://hdl.handle.net/20.500.14342/5965
https://doi.org/10.1007/s10207-025-01202-0
Access Level:acceso abierto
Palavra-chave:Cybersecurity education
Cybersecurity training
Cyber range training
European cybersecurity skills framework (ECSF)
Upskilling and reskilling
Certification framework
Instructional design
004
62
id ES_c7e0b60c6987cd5e758f366804a343f4
oai_identifier_str oai:recercat.cat:20.500.14342/5965
network_acronym_str ES
network_name_str España
repository_id_str
spelling A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environmentsSánchez, JuliaBriones, AlanRicci, SaraCegan, JakubChatzopoulou, ArgyroDanidou, YiannaMenegatos, AndreasCorral Torruella, GuiomarCybersecurity educationCybersecurity trainingCyber range trainingEuropean cybersecurity skills framework (ECSF)Upskilling and reskillingCertification frameworkInstructional design00462This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE model with certification mechanisms structured around ISO/IEC 17024:2012 standards. It provides a replicable model that guides training providers from learning outcome definition to course implementation and evaluation, ensuring full alignment with ECSF occupational profiles. The proposed framework integrates theoretical, practical, and evaluative components that can be delivered through Vocational Open Online Courses (VOOCs) within Virtual Learning Environments (VLEs) and by incorporating Cyber Range exercises. The methodology has been validated through its implementation in the European-funded REWIRE project, which served as a practical testbed for its application and refinement, and was later applied in the NG-SOC project. It supports both upskilling and reskilling pathways and enables transparent mapping between competences, roles, and certification levels. In general, this approach bridges the gap between cybersecurity education and the European labor market, promoting quality assurance, interoperability, and recognition of cybersecurity competences across EU Member States.info:eu-repo/semantics/publishedVersionSpringerUniversitat Ramon Llull. La SalleBrno University of TechnologyCyberSecurity HubApiroplus SolutionsEuropean University CypruUniversity of Piraeus2026info:eu-repo/semantics/article31 p.http://hdl.handle.net/20.500.14342/5965https://doi.org/10.1007/s10207-025-01202-0reponame:Recercat. Dipósit de la Recerca de Catalunyainstname:Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya)InglésInternational Journal of Information Security, 2026. Vol. 25, 46© L'autor/aAttribution 4.0 Internationalhttp://creativecommons.org/licenses/by/4.0/info:eu-repo/semantics/openAccessoai:recercat.cat:20.500.14342/59652026-05-29T05:05:01Z
dc.title.none.fl_str_mv A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
title A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
spellingShingle A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
Sánchez, Julia
Cybersecurity education
Cybersecurity training
Cyber range training
European cybersecurity skills framework (ECSF)
Upskilling and reskilling
Certification framework
Instructional design
004
62
title_short A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
title_full A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
title_fullStr A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
title_full_unstemmed A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
title_sort A framework for designing and certifying ECSF-aligned cybersecurity training through cyber ranges and virtual learning environments
dc.creator.none.fl_str_mv Sánchez, Julia
Briones, Alan
Ricci, Sara
Cegan, Jakub
Chatzopoulou, Argyro
Danidou, Yianna
Menegatos, Andreas
Corral Torruella, Guiomar
author Sánchez, Julia
author_facet Sánchez, Julia
Briones, Alan
Ricci, Sara
Cegan, Jakub
Chatzopoulou, Argyro
Danidou, Yianna
Menegatos, Andreas
Corral Torruella, Guiomar
author_role author
author2 Briones, Alan
Ricci, Sara
Cegan, Jakub
Chatzopoulou, Argyro
Danidou, Yianna
Menegatos, Andreas
Corral Torruella, Guiomar
author2_role author
author
author
author
author
author
author
dc.contributor.none.fl_str_mv Universitat Ramon Llull. La Salle
Brno University of Technology
CyberSecurity Hub
Apiroplus Solutions
European University Cypru
University of Piraeus
dc.subject.none.fl_str_mv Cybersecurity education
Cybersecurity training
Cyber range training
European cybersecurity skills framework (ECSF)
Upskilling and reskilling
Certification framework
Instructional design
004
62
topic Cybersecurity education
Cybersecurity training
Cyber range training
European cybersecurity skills framework (ECSF)
Upskilling and reskilling
Certification framework
Instructional design
004
62
description This paper presents the REWIRE Courses and Certification Framework, a methodological approach for designing, developing, and validating cybersecurity training aligned with the European Cybersecurity Skills Framework (ECSF). The framework combines instructional design principles based on the ADDIE model with certification mechanisms structured around ISO/IEC 17024:2012 standards. It provides a replicable model that guides training providers from learning outcome definition to course implementation and evaluation, ensuring full alignment with ECSF occupational profiles. The proposed framework integrates theoretical, practical, and evaluative components that can be delivered through Vocational Open Online Courses (VOOCs) within Virtual Learning Environments (VLEs) and by incorporating Cyber Range exercises. The methodology has been validated through its implementation in the European-funded REWIRE project, which served as a practical testbed for its application and refinement, and was later applied in the NG-SOC project. It supports both upskilling and reskilling pathways and enables transparent mapping between competences, roles, and certification levels. In general, this approach bridges the gap between cybersecurity education and the European labor market, promoting quality assurance, interoperability, and recognition of cybersecurity competences across EU Member States.
publishDate 2026
dc.date.none.fl_str_mv 2026
dc.type.none.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv http://hdl.handle.net/20.500.14342/5965
https://doi.org/10.1007/s10207-025-01202-0
url http://hdl.handle.net/20.500.14342/5965
https://doi.org/10.1007/s10207-025-01202-0
dc.language.none.fl_str_mv Inglés
language_invalid_str_mv Inglés
dc.relation.none.fl_str_mv International Journal of Information Security, 2026. Vol. 25, 46
dc.rights.none.fl_str_mv © L'autor/a
Attribution 4.0 International
http://creativecommons.org/licenses/by/4.0/
info:eu-repo/semantics/openAccess
rights_invalid_str_mv © L'autor/a
Attribution 4.0 International
http://creativecommons.org/licenses/by/4.0/
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv 31 p.
dc.publisher.none.fl_str_mv Springer
publisher.none.fl_str_mv Springer
dc.source.none.fl_str_mv reponame:Recercat. Dipósit de la Recerca de Catalunya
instname:Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya)
instname_str Varias* (Consorci de Biblioteques Universitáries de Catalunya, Centre de Serveis Científics i Acadèmics de Catalunya)
reponame_str Recercat. Dipósit de la Recerca de Catalunya
collection Recercat. Dipósit de la Recerca de Catalunya
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869419216340254720
score 15.812429