Tectonic is a cyber range designed to provide realistic cybersecurity scenarios for education and training through the deployment of networks, systems and applications that can be used to train users on cybersecurity topics. Key functionalities include customizable network configurations, real-time monitoring and automated attack simulations.
It incorporates existing tools from the infrastructure as code (IaC) approach, which allows for the specification of all the components of a cybersecurity scenario in a declarative manner. This specification is made in a high-level language that can be interpreted and allows for the automatic generation of scenarios on the laboratory underlying platform. Declarative descriptions of the scenarios make them easily versioned, maintained, and shared, facilitating collaboration with other institutions and laboratories of this type.
The following figure illustrates various components of the cyber range solution, the technologies used in the implementation, and the different use cases carried out by student users and instructors. The components are organized in five layers, each fulfilling a particular function in the platform's operation.
The underlying infrastructure constitutes the real-world infrastructure on which the systems and networks that form the basis of a particular scenario are deployed. Currently deployments on the AWS cloud or on-premises using Libvirt are supported, with more planned.
To achieve the deployment of the infrastructure in an automated manner, \textit{Infrastructrue as Code} (IaC) tools are used, such as Packer, Terraform and Ansible. These tools manage the resources to be deployed and the configurations to be applied to them. Ansible playbooks, in particular, are extensively used for configuration.
A Python component orchestrates these tools and manages the life cycle of the scenarios, including their deployment, elimination, powering on, powering off, and listing information. The scenarios themselves are described by a specification that allows users to declare various aspects, such as the machines to be deployed, the networks used to connect them, and the configurations to be applied to the machines, among others.
The following are the requirements to run Tectonic:
- Linux or Mac OS
- Python 3.11
- Ansible 2.15
- Terraform 1.6
- Packer 1.9
- Python modules (see pyproject.toml)
- AWS CLI
- GitLab credentials (optional for Terraform state storage)
- Optionally AWS credentials
Please see the detailed instructions for more information.
Terraform states are stored locally by default. It is possible to
store them in a gitlab repo (see gitlab_backend_url option in the
ini file configuration). It is necessary to have
Maintainer privileges on this repo and a GitLab access token. There
are two types of access token: personal or project-based. If the
latter is used, it must be associated with the project where the
states are stored.
You can install this module using the following command:
python3 -m pip install poetry
poetry installTectonic behaviour can be configured using an ini file with a
config section. You can find an example configuration file with the
default values here. Please see the ini
file documentation for details on the available
options.
The lab configuration is divided in two: a scenario specification that holds a static description of the lab that can be shared and reused, and information specific to a particular lab edition that defines things such as number of instances to deploy, public SSH keys for the teachers, etc.
The scenario specification consists of the following resources:
- A scenario description file in YAML syntax (required).
- Ansible playbooks for base image installation and after-clone
configurations, and optional files in the
ansibledirectory. - Elastic and kibana policies and resources, in the
elasticdirectory, if using elastic for evaluation. - SSH public keys for admin access to the machines in the
sshdirectory.
The lab edition file
Please check the description documentation for more details. The examples directory contains some example scenarios.
To deploy a scenario run:
tectonic -c <ini_conf_file> <lab_edition_file> deploy
To destroy a scenario use the destroy command.
See tectonic --help for a full list of options, and tectonic <command> -h for help on individual commands.
Tectonic was created by Grupo de Seguridad Informática of Universidad de la República Uruguay.
Please contact us at tectonic@fing.edu.uy.
Tectonic is licensed under the GNU General Public License v3.0 or later. See LICENSE to see the full text.