Cyber ranges for training in threat scenarios are nowadays
highly demanded in order to improve people ability to detect vulnerabilities
and to react to cyber-threats. Among the other components, scenarios
deployment requires a modeling language to express the (software
and hardware) architecture of the underlying system, and an emulation
platform.
In this paper, we exploit a model-driven engineering approach to
develop a framework for cyber security scenarios deployment.We develop
a domain specific language for scenarios construction, which allows the
description of the architectural setting of the system under analysis, and
a mechanism to deploy scenarios on the OpenStack cloud infrastructure
by means of HEAT templates. On the scenario model, we also show how
it is possible to detect network configuration problems and structural
vulnerabilities. The presented results are part of our ongoing research
work towards the definition of a training cyber range within the EU
H2020 project THREAT-ARREST.