26 Jul CSIA 459 Wk 5
Technology Review #2: Emerging Application of Technology in a Critical Infrastructure
This paper is the second of two Technology Reviews that you will research and write for this course. For this paper, you must choose an emerging application of technology which is suitable for future use in systems, hardware, or software which are used to operate or support a critical infrastructure.
The technology review papers will be used to prepare your technology selection paper for the Analysis of Alternatives exercise later in the course. Your audience for these papers is a group of senior executives who will be meeting to decide which emerging technologies or emerging applications of infrastructure technologies should be selected for one or more security-focused, Internal Research & Development projects during the next budget cycle. Each of these executives is responsible for a business area that will (a) develop systems and services which incorporate the emerging technologies or (b) depend upon such systems and services to support their organization’s operation of portions of the identified critical infrastructure.
For this paper, you will perform the first three stages of the technology scan:
Technology scanning is an evaluation model that is used when you need to develop a list of candidate technology solutions. A technology scan can also be used when you need to obtain information about the latest advancements in security products and technologies.
SCOPING
The scoping phase of this technology scan has already been performed. For this paper, your scope is late stage1 and stages 2 through 5 (as shown in the figure below).
Image Source: http://web.archive.org/web/20160501225520/http://www.atp.nist.gov/eao/gcr02-841/chapt2.htm
Your scope is further restricted to technologies which are used in the computers, digital devices, and other electronic / electrical technologies (this includes networks and network infrastructures) which will be deployed or used in a critical infrastructure. For definitions of critical infrastructures, see https://www.dhs.gov/critical-infrastructure-sectors
SEARCHING
To begin, select a technology which is in the basic research or proof of concept / invention (stage 1 and early stage 2 in the diagram above) and which meets the scoping restriction. You may use news articles, press releases, and government or company Web sites to help you find an appropriate technology. (Remember to cite these sources in your paper.)
Suggested technologies include:
· Autonomous Vehicles (ground, sea, or air): Transportation Systems Sector
· Crypto Currencies: Financial Services Sector (DO NOT CHOOSE Bitcoins)
· Deep Space Communication Networks: Communications Sector
· Implantable Medical Devices: Healthcare and Public Health Sector
· Precision Agriculture (integrated systems using satellite imagery, GPS, Sensors, Robots): Food & Agriculture Sector
· Robot inspectors for physical infrastructures (buildings, roads, railways, pipelines, etc.): Multiple Sectors
· Smart Grid (also called Advanced Metering Infrastructure): Energy Sector (DO NOT CHOOSE Smart Meters)
· Wearable Sensors for Hazardous Materials Detection (e.g. CBRNE): Emergency Services Sector
You are encouraged to look for and investigate additional appropriate technologies before deciding upon your technology choice for this assignment.
If you decide to research a technology that is not on the suggested technologies list (see above), you must first request and receive your instructor’s permission. Your instructor may require that you do preliminary library searches for research papers and technical papers to prove that you can find a sufficient number of resources to complete the assignment.
Survey of the Professional Literature
During your survey of the professional literature, you will identify 10 research papers or technical papers which provide technical information about your selected technology (see selection requirements for each paper). These papers must be dated between 2012 and 2017 (five year window).
Allowable sources for research papers / technical papers are: (a) professional journals, (b) conference proceedings, (c) dissertations or theses, and (d) technical magazines (published by either the ACM or IEEE). If an article from one of the above sources does not have a reference list containing at least 3 references you may use it in your review paper but it WILL NOT COUNT towards the “10 research or technical papers” requirement.
The requirement to “survey the professional literature” must be met by using research papers/publications and technical papers which are available from the following UMUC online library databases: ACM Digital Library, Dissertations & Theses (Pro Quest), IEEE Computer Society Digital Library, and Science Direct.
EVALUATING
In this stage, you will evaluate and report upon the information found during your survey of the professional literature. Read the abstract, introduction section, and closing sections for each of the sources identified in your survey of the professional literature. From this information, develop a summary of the technology that includes: (a) a description of technology and (b) planned uses of the technology (products, services, etc.). IMPORTANT: your technology review must incorporate information from each of your 10 “papers” from the professional literature.
Note: You may use other sources in addition to the papers which comprise your survey of the professional literature.
Next, brainstorm the security implications of this technology (if these are not specifically discussed by your sources). You should consider use of the technology to improve cybersecurity and uses which will negatively impact the security posture of an organization or the security of individual consumers or users of the product. It is very important that you consider BOTH SIDES OF THIS ISSUE.
Note: Remember that the security posture of a system or product is framed in terms of risk, threats, vulnerabilities, etc. Improvements to the security posture (positive security implications) will result in reduced risk, increased resistance to threats or attacks, and decreased vulnerability. Negative impacts on the security posture will result in increased risk, decreased resistance to threats / attacks, and increased vulnerability (weakness).
Write down your thoughts and ideas about the security implications of this technology using (a) the Five Pillars of Information Assurance and/or (b) the Five Pillars of Information Security. For your paper, you do not need to include all ten “pillars” but you should address a minimum of three. If you are targeting an “A” on your paper, address at least five of the pillars. (See Technology Review #1 Detailed Project Description for definitions of the pillars and references.)
You should provide specific examples using characteristics and/or applications of the technology, e.g. an emerging nano technology which can be used to tag “genuine” parts with an identification code. Such a technology may be chosen to replace etched serial numbers or bar codes because the new tags will decrease the probability that substitute or non-genuine parts will enter the supply chain undetected. This will, in turn, decrease the risk of substitution which then decreases the probability of loss of availability caused by non-genuine parts. Decreasing the probability of a negative event will decrease the risk associated with that event.
WRITING YOUR EVALUATION
Your paper must provide the reader with an overview of the technology followed by information about the potential security risks and/or benefits of its use (the security posture ).You MUST use information paraphrased from the papers found during your Survey of the Professional Literature (with appropriate in-text citations).
Your Technology Review papers should be at least three pages in length but no more than five pages (excluding the title page and references page).
Your papers must comply with the formatting guidance provided by your instructor. All papers in this course must also comply with APA Style for references and citations.
You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. Together, these items constitute the professionalism category in the assignment grading rubrics (worth 20% of the assignment’s grade).
Grading: Consult the grading rubric for specific content and formatting requirements for this assignment.
APA Formatting: See the resources posted under Content > Course Documents > APA Resources.
| Criteria | Excellent | Outstanding | Acceptable | Needs Improvement | Needs Significant Improvement | Missing or Unacceptable |
| Identified an appropriate technology and provided an overview of the technology | 20 points
Provided an excellent overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
17 points
Provided an outstanding overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
15 points
Provided an overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview provided some details about how the technology is used. The overview drew some information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites. |
12 points
Identified an appropriate technology. Provided an overview or introduction that was lacking in detail and/or missing a discussion of the critical infrastructure sector (as defined by PDD-21). Information from the survey of the professional literature was used in the overview. |
9 points
Identified an appropriate technology but the overview of that technology lacked detail and/or was not well supported by information drawn from authoritative sources. |
0 points
The introduction and/or overview sections of the paper were off topic or failed to provide an overview of the emerging application of technology in the context of the critical infrastructure. |
| Surveyed Professional Literature (10 or more papers identified and cited) | 20 points
Identified 10 or more papers from the professional literature. All papers used in the survey were from the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used 10 or more papers from the survey of the literature throughout the discussion (as demonstrated by correctly formatted and placed citations). |
17 points
Survey of the literature was based upon eight papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 8 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations). |
15 points
Survey of the literature was based upon six or seven papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 6 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations). |
12 points
Survey of the literature was based upon four or five papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 4 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations). |
9 points
Survey of the literature was based upon three or more papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 3 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by paraphrasing and including correctly formatted and placed citations). |
0 points
Survey of the literature was based upon two or fewer papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Did not appropriately use papers from the survey of the literature throughout the discussion of the technology (as demonstrated by paraphrasing and including correctly formatted and placed citations). |
| Reported on how tech could be used to improve or support cybersecurity | 15 points
Provided an excellent discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc. in the context of an identified critical infrastructure sector (as defined by PDD-21). Discussion provided five or more specific examples of how these improvements would impact cybersecurity for information, information systems, and/or networks. The discussion appropriately used five or more “pillars” and was based upon information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
13 points
Provided an outstanding discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc. in the context of an identified critical infrastructure sector (as defined by PDD-21). Discussion provided four or more specific examples of how these improvements would impact cybersecurity for information, information systems, and/or networks. The discussion appropriately used four or more “pillars” and was based upon information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
11 points
Provided a discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity for information, information systems, and/or networks in a critical infrastructure sector (as defined by PDD-21). Discussion provided three or more appropriate examples, and used three or more “pillars.” Information from the survey of the professional literature was used. Additional information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites, may also be included. |
8 points
Discussion provided few details in regards to how the emerging technology or emerging application of technology could be used to improve or support cybersecurity. OR, discussion provided few details in regards to support or improvements for cybersecurity in the critical infrastructure sector (as defined by PDD-21). Information from the survey of the professional literature was used in the discussion. |
4 points
Discussed cybersecurity benefits from the use of the emerging technology but the discussion lacked detail and/or was not well supported by information drawn from the survey of the professional literature. |
0 points
The discussion of cybersecurity improvements / support from use of the emerging technology was not relevant to the identified critical infrastructure and/or did not apply to the identified technology. OR, discussion of improvements / support for cybersecurity was missing. |
| Reported on how tech could be used by attackers, criminals, terrorists, etc. (OR, discussed specific vulnerabilities to attack which are present in this technology) | 15 points
Provided an excellent discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Discussion fully described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
13 points
Provided an outstanding discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites. |
11 points
Provided a discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion drew some information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites. |
8 points
Discussion provided few details in regards to how the emerging technology or emerging application of technology could be used by attackers against a critical infrastructure (as defined by PDD-21). Provided few details regarding known or suspected (anticipated) vulnerabilities in the technology. Information from the survey of the professional literature was used in the discussion. |
4 points
Discussed attacks and/or reported on how the technology could be used against defenders but the discussion lacked detail and/or was not well supported by information drawn from the survey of the professional literature. |
0 points
Did not report on how the technology could be used by attackers, criminals, terrorists, etc. Did not discuss specific vulnerabilities to attack which are present or anticipated in the identified technology. |
| Addressed security issues using standard terms (e.g.5 Pillars IA, 5 Pillars Information Security) | 10 points
Demonstrated excellence in the use of standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS. |
8 points
Discussion showed an outstanding understanding and integration of standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS. |
7 points
Correctly used standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS. |
6 points
Correctly used standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from three or more pillars of IA/IS. |
4 points
Used some standard cybersecurity terminology to support discussion of the technology. OR, use of cybersecurity terms was not well supported by information drawn from the survey of the professional literature. |
0 points
Did not integrate standard cybersecurity terminology into the discussion OR misused or incorrectly defined standard terms from the pillars of IA/IS. |
| Professionalism Part I: APA Formatting for Citations and Reference List | 5 points
Work contains a reference list containing entries for all cited resources. Reference list entries and in-text citations are correctly formatted using the appropriate APA style for each type of resource. |
4 points
Work contains a reference list containing entries for all cited resources. One or two minor errors in APA format for in-text citations and/or reference list entries. |
3 points
Work contains a reference list containing entries for all cited resources. No more than 3 minor errors in APA format for in-text citations and/or reference list entries |
2 points
Work has no more than three paragraphs with omissions of citations crediting sources for facts and information. Work contains a reference list containing entries for cited resources. Work contains no more than 5 minor errors in APA format for in-text citations and/or reference list entries. |
1 point
Work attempts to credit sources but demonstrates a fundamental failure to understand and apply the APA formatting standard as defined in the Publication Manual of the American Psychological Association(6th ed.). |
0 points
Reference list is missing. Work demonstrates an overall failure to incorporate and/or credit authoritative sources for information used in the paper. |
| Professionalism Part II: Organization & Appearance | 5 points
Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type. |
4 points
Submitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions). |
3 points
Organization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved. |
2 points
Submitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement. |
1 point
Submitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance. |
0 points
No work submitted. |
| Professionalism Part III: Execution | 10 points
No formatting, grammar, spelling, or punctuation errors. |
8 points
Work contains minor errors in formatting, grammar, spelling or punctuation which do not significantly impact professional appearance. |
7 points
Errors in formatting, spelling, grammar, or punctuation which detract from professional appearance of the submitted work. |
6 points
Submitted work has numerous errors in formatting, spelling, grammar, or punctuation. Work is unprofessional in appearance. |
4 points
Submitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage. |
0 points
No work submitted. |
| Overall Score | Excellent 90 or more | Outstanding 80 or more | Acceptable 70 or more | Needs Improvement 56 or more | Needs Significant Improvement 36 or more | Missing or Unacceptable 0 or more |
bric Name: Technology Review #2
Copyright © 2017 by University of Maryland University College. All rights reserved.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.