In an era of increasingly complex security ecosystems, no single tool can stand alone. Interoperability is essential—and yet testing often happens in isolation, constrained by proprietary infrastructure and limited collaboration. This project breaks down those silos
Our mission: enable real-world, hands-on interoperability testing through a flexible, distributed, and community-supported lab architecture.
The IoV serves as a vendor-neutral playground for:
- Open source tools
- Commercial cybersecurity frameworks
- Reference implementations of emerging standards
The Interoperability Village is a federated ecosystem of virtual test labs—called Neighborhoods—interconnected over secure, decentralized virtual networks. Within each Neighborhood, participants can spin up modular environments called Huts, where individual tools and platforms are deployed, integrated, and tested together.
The Interoperability Village (IoV) is a sub-project of the Open Cybersecurity Alliance (OCA), under the **Cyber Automation Sub-Project (CASP).
- 🔁 Persistence – Retain knowledge, data, and tooling across iterations
- 🧩 Flexibility – Raspberry Pi to high-end clusters—build your lab your way
- 💸 Low Cost – Minimal infrastructure and support overhead
- ☁️ Centrally Provisioned – Headscale on AWS for global reach
- 🔐 Risk-Commensurate Security – Segmented, external-only access
- 🕸️ Mesh Architecture – Distributed, scalable, and resilient
-
- 🏗️ Ephemeral Labs – Along with persistent Neighborhoods and Huts, provide the capability to spin up one-off "*Villages" on demand
- Test integrations between OASIS standards, open-source, and commercial tools
- Develop and refine reference implementations
- Host regular Plugfests for live collaboration and demonstration
- Provide a safe, isolated, disposable testing environment for rapid prototyping
⚙️ Build. Break. Iterate. Interoperate.
- ✅ Validate tool interoperability in real-time
- ✅ Run collaborative experiments with shared data models
- ✅ Demonstrate threat intelligence sharing across platforms
- ✅ Simulate attack chains across federated tools
Each participant connects through a Headscale-powered decentralized Tailscale network, enabling seamless and secure Layer 3 connectivity across disparate environments without needing to expose public IPs or configure firewalls.
- A Neighborhood is your logical domain (lab, subnet, enclave).
- A Hut is any system, VM, container, or device you provision.
- From a $80 Raspberry Pi to a fleet of NVIDIA RTX Blackwell nodes—bring what you've got.
You bring your public IP and ACL, we provide an Agent Provisioning Script. That’s it.
We've had excellent results using:
- Raspberry Pi 5 (16GB RAM) with NVMe SSD + 5TB SATA
- Docker for container orchestration
- Ansible for provisioning
- MeshCentral for remote control and central coordination
- MISP
- OpenCTI
- Elastic Stack
- OpenBAS
- Dozens of Connectors and integrations
If it runs in a Docker container, it runs in IoV.
- Headscale: Self-hosted coordination server for WireGuard-based Tailscale nodes. Replaces MeshCentral.
- Neighborhood: A logically grouped set of Huts managed by a participant or organization.
- Hut: A single-purpose VM, container, or node running an open cybersecurity platform or tool.
- Fully open source and self-hostable
- Peer-to-peer encrypted using WireGuard
- Supports ephemeral or long-lived keys for zero-trust overlays
- No cloud dependencies
Want to run your own Interoperability Village site?
Submit a GitHub issue or email [email protected] with:
name: "My Neighborhood Name" organization: "Org Name (if applicable)" maintainer: "Your Name and GitHub Handle" use_case: "Short description of your tools or focus (e.g., OpenCTI and OpenC2 translation)" preferred_location: "Optional - e.g., AWS us-east-1, self-hosted, etc."
We will provision:
- A Headscale identity and pre-authorized device keys
- A
neighborhood.ymlmanifest template for your infrastructure - Optionally, a starter Terraform/Ansible config for bootstrapping
Already part of a Neighborhood and want to spin up a new Hut?
You can:
- Fork and contribute a Hut spec under
huts/<your-name>/<tool-name> - Or request one via an issue or pull request
Example Hut types:
huts/misp/threat-intel-nodehuts/opencti/signal-ingesthuts/openc2/firewall-orchestrator
Let’s build the future of cybersecurity—together. You can join the OCA Interoperability Village mailing list by sending an empty email to [email protected] .
You can join the OCA Slack via this link. There is a #interoperability-village channel :).
To grow the Village, we focus on:
- 🤝 Stakeholder Engagement – Incorporating OCA community feedback
- 💼 Sponsor Outreach – Demonstrating value to funders and backers
- 🧑💻 Volunteer Recruitment – Tapping the talent of the security ecosystem
- 📈 Progress Transparency – Frequent updates to the OCA leadership & sponsors
- 🔌 Quarterly Plugfests – Real-world demos with stakeholders, tools, and standards
This project is licensed under the Apache 2.0 License.
See LICENSE.md for full terms.
Drop your public IP and request your provisioning script!
Build your 'Huts', test your tools, and join a growing community shaping the future of cybersecurity interoperability.
flowchart LR
subgraph "Headscale Mesh Network"
A[Neighborhood: Vermont] --- B[Neighborhood: California]
A --- C[Neighborhood: Europe]
B --- D[Neighborhood: Asia-Pacific]
end
subgraph A [Neighborhood: Vermont]
H1[Hut: MISP Node]
H2[Hut: OpenCTI]
H3[Hut: OpenC2 Proxy]
end
- 🔄 Rapid prototyping outside internal security gates
- ⏱️ Quick spin-up/tear-down cycles
- 🧬 Persistent test states for iterative development
- ☁️ Deploy anywhere: home lab, cloud, enterprise

