Assignment: Evaluating Emerging Technologies
Technology Evaluation Study Plan - Detailed Assignment Description
Choose one of the student-written Technology Selection papers from the list posted by your instructor in the conference.
Read your chosen Technology Selection paper to learn more about the selected technology. Next, consider what type of formal evaluation study could be used to learn more about this technology and how it is likely to interact with people, processes, and technologies. Then, design a formal evaluation study which could be used to obtain more information about one or more of the following:
o characteristics (features and capabilities) of the technology
o interactions among technologies, people, environments, and processes (use cases or scenarios)
o risks or vulnerabilities associated with adoption of this technology
o costs and benefits associated with adoption of this technology
Choose Your Evaluation Method
Your evaluation study design must use one of the following:
o Case Study
o Delphi Study (panel of subject matter experts)
o Quasi-Experiment (e.g. penetration testing or pilot testing in a controlled environment)
o Pilot Implementation (in a demonstration environment)
See theTechnology Evaluation Methods module in the Week 2 conference for detailed descriptions of each of these types of evaluation methods.
Design Your Study
Identify the specific questions that your formal evaluation study will address. These questions must be security-focused (review the Pillars of Information Security and Pillars of Information Assurance for ideas). Your design should include a description of the specific security issues which will be tested or security capabilities which will be evaluated. Use standard terminology when writing about security issues.
Develop Your Evaluation Study Plan
Use your study design to prepare a high-level plan for your evaluation study. Your plan must include the following:
o Introduction
- description of the emerging technology and justification for including it in an evaluation study
o Research Question(s)
- These must be security focused. Use the Five Pillars of Information Assurance and / or the Five Pillars of Information Security.
- Use "how" or "what" questions (writing good "why" questions is beyond the scope of this course).
- Examples
- What vulnerabilities exist that could be attacked to compromise confidentiality?
- How could an attacker compromise availability?
- For each research question, provide a brief description of a scenario or use case which could be used to answer the question. Your description should be one paragraph (no longer).
o Methods
- high level design of the study (focus upon the evaluation model and your research questions)
- description of how the technology will be incorporated or used in the study (including specific security issues which will be tested or security capabilities which will be evaluated)
- notional system or network architecture diagram showing the pilot test environment (only if you are doing a pilot study)
o Limitations or Special Considerations
- any special considerations or security concerns which must be addressed (e.g. "clean room," test data sanitization, or isolation environment to prevent the pilot study from causing harm to operational systems)
o Timeline of Events (Notional)
- A notional timeline (expressed in days or months after start date) for your study
Notional Timeline of Events
The notional timeline of events (stated in days or months after start) that provides an estimate of how long you expect your evaluation study to take. For a Delphi Method study, your study could take as little as a day or two. For a Delphi Method Study, include the number of "rounds" and how long each round will be (the time allotted for experts to consider information and reply back with their opinion on the questions or issues).For a case study, quasi-experimental, or pilot implementation design, your study may span several months; in this case, divide your timeline into phases (setup, testing, reporting).
Cost Estimate Is Not Required
Normally, an evaluation study plan will include a cost estimate. For this course, we will NOT be including cost elements in our evaluation study plans as the information required to developthese items is not readily available to students. If you wish to address this area of a study plan, limit your discussion to a brief listing of the cost elements (people, technologies, facilities) and state that a cost estimate will be provided separately.
Document Your Plan
Your Technology Evaluation Study Plan should be at least three pages in length but no more than ten pages (excluding the title page and references page). This should be a high level design that can be read quickly. Your study plan must contain the five major sections defined above and comply with the formatting guidance provided by your instructor.
Additional Information
1. Consult the grading rubric for specific content and formatting requirements for this assignment.
2. Your 3-10 page study plan document should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper.
3. Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts Review for recommended resources.
4. The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the "professional appearance" requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,DEC2018).docx.
5. You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment's page count.
6. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
7. You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.