Technology Evaluation Study Plan – Detailed Assignment Description
Choose one of the student-written Technology
Selection papers from the list posted by your instructor in the Week 7
conference.
Read your chosen Technology Selection
paper to learn more about the selected technology. Next, consider what type of
formal evaluation study could be used to learn more about this technology and
how it is likely to interact with people, processes, and technologies. Then, design
a formal evaluation study which could be used to obtain more information about
one or more of the following:
characteristics (features and capabilities) of the
technology
interactions among technologies, people, environments,
and processes (use cases or scenarios)
risks or vulnerabilities associated with adoption of
this technology
costs and benefits associated with adoption of this
technology
Choose Your
Evaluation Method
Your evaluation study design must use
one of the following:
Case Study
Delphi Study (panel of subject matter experts)
Quasi-Experiment (e.g. penetration testing or pilot
testing in a controlled environment)
Pilot Implementation (in a demonstration environment)
See the Technology
Evaluation Methods module in the Week 2 conference for detailed
descriptions of each of these types of evaluation methods.
Design Your Study
Identify
the specific questions that your formal evaluation study will address. These
questions must be security-focused and should address: threats,
vulnerabilities, attacks, countermeasures, risks, risk mitigations, etc. Your
design should include a description of the specific security issues which will
be tested or security capabilities which will be evaluated. Use standard
terminology when writing about security issues (see the rubric).
Develop Your Evaluation Study Plan
Use your study
design to prepare a high-level plan for your evaluation study. Your
plan must include the following:
Introduction
description of the emerging technology and justification
for including it in an evaluation study
Research Question(s)
These must be security focused (i.e. focused on
cybersecurity objectives such as confidentiality, integrity,
availability, etc.) and should address: threats, vulnerabilities, attacks,
countermeasures, risks, risk mitigations, etc.
Use “how” or “what” questions (writing good “why”
questions is beyond the scope of this course).
Examples
What vulnerabilities exist that could be attacked to
compromise confidentiality?
How could an attacker compromise availability?
For each research question, provide a brief
description of a scenario or use case which could be used to answer the
question. Your description should be one paragraph (no longer).
Methods
high level design of the study (focus upon the evaluation
model and your research questions)
description of how the technology will be
incorporated or used in the study (including specific security issues
which will be tested or security capabilities which will be evaluated)
notional system or network architecture diagram
showing the pilot test environment (only if you are doing a pilot study)
Limitations or Special Considerations
any special considerations or security concerns which
must be addressed (e.g. “clean room,” test data sanitization, or
isolation environment to prevent the pilot study from causing harm to
operational systems)
Timeline of Events (Notional)
A notional timeline (expressed in days or months
after start date) for your study
Notional Timeline
of Events
The notional timeline of events (stated
in days or months after start) that provides an estimate of how long you expect
your evaluation study to take. For a Delphi Method study, your study could take
as little as a day or two. For a Delphi Method Study, include the number of
“rounds” and how long each round will be (the time allotted for experts to
consider information and reply back with their opinion on the questions or
issues). For a case study, quasi-experimental, or pilot implementation design,
your study may span several months; in this case, divide your timeline into
phases (setup, testing, reporting).
Cost Estimate Is
Not Required
Normally, an evaluation study plan will
include a cost estimate. For this course, we will NOT be including cost
elements in our evaluation study plans as the information required to develop these
items is not readily available to students. If you wish to address this area of
a study plan, limit your discussion to a brief listing of the cost elements
(people, technologies, facilities) and state that a cost estimate will be
provided separately.
Document Your Plan
Your Technology Evaluation Study Plan
should be at least three pages in length but no more than ten pages (excluding
the title page and references page). This should be a high level design that
can be read quickly. Your study plan must contain the five major sections
defined above and comply with the formatting guidance provided by your
instructor.
Additional
Information
1.
Consult the
grading rubric for specific content and formatting requirements for this
assignment.
2.
Your 5 to 10 page
study plan document should be professional in appearance with consistent use of
fonts, font sizes, margins, etc. You should use headings and page breaks to
organize your paper.
3.
Your paper should
use standard terms and definitions for cybersecurity.
4.
The CSIA program
recommends that you follow standard APA formatting since this will give you a
document that meets the “professional appearance” requirements. APA formatting
guidelines and examples are found under Course Resources > APA Resources. An
APA template file (MS Word format) has also been provided for your use
CSIA_Basic_Paper_Template(APA_6ed,DEC2018).docx.
5.
You must include
a cover page with the assignment title, your name, and the due date. Your
reference list must be on a separate page at the end of your file. These pages
do not count towards the assignment’s page count.
6.
You are expected
to write grammatically correct English in every assignment that you submit for
grading. Do not turn in any work without (a) using spell check, (b) using
grammar check, (c) verifying that your punctuation is correct and (d) reviewing
your work for correct word usage and correctly structured sentences and
paragraphs.
7.
You are expected
to credit your sources using in-text citations and reference list entries. Both
your citations and your reference list entries must follow a consistent
citation style (APA, MLA, etc.).
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|