GitHub - opencybersecurityalliance/interoperability-village (original) (raw)
π Introduction
In an era of increasingly complex security ecosystems, no single tool can stand alone. Interoperability is essentialβand yet testing often happens in isolation, constrained by proprietary infrastructure and limited collaboration. This project breaks down those silos
Our mission: enable real-world, hands-on interoperability testing through a flexible, distributed, and community-supported lab architecture.
The IoV serves as a vendor-neutral playground for:
- Open source tools
- Commercial cybersecurity frameworks
- Reference implementations of emerging standards
π What is the Interoperability Village?
The Interoperability Village is a federated ecosystem of virtual test labsβcalled Neighborhoodsβinterconnected over secure, decentralized virtual networks. Within each Neighborhood, participants can spin up modular environments called Huts, where individual tools and platforms are deployed, integrated, and tested together.
π Project Overview
The Interoperability Village (IoV) is a sub-project of the Open Cybersecurity Alliance (OCA), under the **Cyber Automation Sub-Project (CASP).
π― Core Objectives
- π Persistence β Retain knowledge, data, and tooling across iterations
- 𧩠Flexibility β Raspberry Pi to high-end clustersβbuild your lab your way
- πΈ Low Cost β Minimal infrastructure and support overhead
- βοΈ Centrally Provisioned β Headscale on AWS for global reach
- π Risk-Commensurate Security β Segmented, external-only access
- πΈοΈ Mesh Architecture β Distributed, scalable, and resilient
- ποΈ Ephemeral Labs β Along with persistent Neighborhoods and Huts, provide the capability to spin up one-off "*Villages" on demand
π§ͺ Key Use Cases
- Test integrations between OASIS standards, open-source, and commercial tools
- Develop and refine reference implementations
- Host regular Plugfests for live collaboration and demonstration
- Provide a safe, isolated, disposable testing environment for rapid prototyping
βοΈ Build. Break. Iterate. Interoperate.
π§° Core Use Cases
- β Validate tool interoperability in real-time
- β Run collaborative experiments with shared data models
- β Demonstrate threat intelligence sharing across platforms
- β Simulate attack chains across federated tools
𧱠Architecture Overview
Each participant connects through a Headscale-powered decentralized Tailscale network, enabling seamless and secure Layer 3 connectivity across disparate environments without needing to expose public IPs or configure firewalls.
π‘ Architecture: "The Village"
𧱠Neighborhoods & Huts
- A Neighborhood is your logical domain (lab, subnet, enclave).
- A Hut is any system, VM, container, or device you provision.
- From a $80 Raspberry Pi to a fleet of NVIDIA RTX Blackwell nodesβbring what you've got.
You bring your public IP and ACL, we provide an Agent Provisioning Script. Thatβs it.
π§° Hardware & Tooling
We've had excellent results using:
- Raspberry Pi 5 (16GB RAM) with NVMe SSD + 5TB SATA
- Docker for container orchestration
- Ansible for provisioning
- MeshCentral for remote control and central coordination
Supported Frameworks
- MISP
- OpenCTI
- Elastic Stack
- OpenBAS
- Dozens of Connectors and integrations
If it runs in a Docker container, it runs in IoV.
β Key Components
- Headscale: Self-hosted coordination server for WireGuard-based Tailscale nodes. Replaces MeshCentral.
- Neighborhood: A logically grouped set of Huts managed by a participant or organization.
- Hut: A single-purpose VM, container, or node running an open cybersecurity platform or tool.
π Why Headscale?
- Fully open source and self-hostable
- Peer-to-peer encrypted using WireGuard
- Supports ephemeral or long-lived keys for zero-trust overlays
- No cloud dependencies
π οΈ How to Participate
ποΈ Request a Neighborhood
Want to run your own Interoperability Village site?
Submit a GitHub issue or email interoperability@opencybersecurityalliance.org with:
name: "My Neighborhood Name" organization: "Org Name (if applicable)" maintainer: "Your Name and GitHub Handle" use_case: "Short description of your tools or focus (e.g., OpenCTI and OpenC2 translation)" preferred_location: "Optional - e.g., AWS us-east-1, self-hosted, etc."
We will provision:
- A Headscale identity and pre-authorized device keys
- A
neighborhood.ymlmanifest template for your infrastructure - Optionally, a starter Terraform/Ansible config for bootstrapping
π Request a Hut
Already part of a Neighborhood and want to spin up a new Hut?
You can:
- Fork and contribute a Hut spec under
huts/<your-name>/<tool-name> - Or request one via an issue or pull request
Example Hut types:
huts/misp/threat-intel-nodehuts/opencti/signal-ingesthuts/openc2/firewall-orchestrator
π€ Join the Conversation
Letβs build the future of cybersecurityβtogether. You can join the OCA Interoperability Village mailing list by sending an empty email to oca-interop-village+subscribe@lists.oasis-open-projects.org .
You can join the OCA Slack via this link. There is a #interoperability-village channel :).
List the current project maintainers, and their Github user IDs
Patrick Maroney packet-rat
ποΈ Community Engagement
To grow the Village, we focus on:
- π€ Stakeholder Engagement β Incorporating OCA community feedback
- πΌ Sponsor Outreach β Demonstrating value to funders and backers
- π§βπ» Volunteer Recruitment β Tapping the talent of the security ecosystem
- π Progress Transparency β Frequent updates to the OCA leadership & sponsors
- π Quarterly Plugfests β Real-world demos with stakeholders, tools, and standards
π License
This project is licensed under the Apache 2.0 License.
See LICENSE.md for full terms.
π§ Get Involved
π§ Ready to Build a Neighborhood?
Drop your public IP and request your provisioning script!
Build your 'Huts', test your tools, and join a growing community shaping the future of cybersecurity interoperability.
π Provisioning Flow
π§ͺ Testbed Topology
flowchart LR subgraph "Headscale Mesh Network" A[Neighborhood: Vermont] --- B[Neighborhood: California] A --- C[Neighborhood: Europe] B --- D[Neighborhood: Asia-Pacific] end
subgraph A [Neighborhood: Vermont]
H1[Hut: MISP Node]
H2[Hut: OpenCTI]
H3[Hut: OpenC2 Proxy]
endLoading
π§ͺ Plug-and-Play Testing
- π Rapid prototyping outside internal security gates
- β±οΈ Quick spin-up/tear-down cycles
- 𧬠Persistent test states for iterative development
- βοΈ Deploy anywhere: home lab, cloud, enterprise