logo

Technology Review #2: Emerging Application of Technology in a Critical Infrastructure

  • Home
  •  
  • Technology Review #2: Emerging Application of Technology in a Critical Infrastructure
    • 10 DEC 20
    • 0

    Technology Review #2: Emerging Application of Technology in a Critical Infrastructure

    Technology Review #2: Emerging Application of Technology in a Critical Infrastructure

    This paper is the second of two Technology Reviews that you will research and write for this course. For this paper, you must choose an emerging application of technology which is suitable for future use in systems, hardware, or software which are used to operate or support a critical infrastructure.

    The technology review papers will be used to prepare your technology selection paper for the Analysis of Alternatives exercise later in the course. Your audience for these papers is a group of senior executives who will be meeting to decide which emerging technologies or emerging applications of infrastructure technologies should be selected for one or more security-focused, Internal Research & Development projects during the next budget cycle. Each of these executives is responsible for a business area that will (a) develop systems and services which incorporate the emerging technologies or (b) depend upon such systems and services to support their organization’s operation of portions of the identified critical infrastructure.

    For this paper, you will perform the first three stages of the technology scan:

    Technology scanning is an evaluation model that is used when you need to develop a list of candidate technology solutions. A technology scan can also be used when you need to obtain information about the latest advancements in security products and technologies.

    SCOPING

    The scoping phase of this technology scan has already been performed. For this paper, your scope is late stage1 and stages 2 through 5 (as shown in the figure below).

    Image Source: http://web.archive.org/web/20160501225520/http://w…

    Your scope is further restricted to technologies which are used in the computers, digital devices, and other electronic / electrical technologies (this includes networks and network infrastructures) which will be deployed or used in a critical infrastructure. For definitions of critical infrastructures, see https://www.dhs.gov/critical-infrastructure-sectors

    SEARCHING

    To begin, select a technology which is in the basic research or proof of concept / invention (stage 1 and early stage 2 in the diagram above) and which meets the scoping restriction. You may use news articles, press releases, and government or company Web sites to help you find an appropriate technology. (Remember to cite these sources in your paper.)

    Suggested technologies include:

    • Autonomous Vehicles (ground, sea, or air): Transportation Systems Sector
    • Crypto Currencies: Financial Services Sector (DO NOT CHOOSE Bitcoins)
    • Deep Space Communication Networks: Communications Sector
    • Implantable Medical Devices: Healthcare and Public Health Sector
    • Precision Agriculture (integrated systems using satellite imagery, GPS, Sensors, Robots): Food & Agriculture Sector
    • Robot inspectors for physical infrastructures (buildings, roads, railways, pipelines, etc.): Multiple Sectors
    • Smart Grid (also called Advanced Metering Infrastructure): Energy Sector (DO NOT CHOOSE Smart Meters)
    • Wearable Sensors for Hazardous Materials Detection (e.g. CBRNE): Emergency Services Sector

    You are encouraged to look for and investigate additional appropriate technologies before deciding upon your technology choice for this assignment.

    If you decide to research a technology that is not on the suggested technologies list (see above), you must first request and receive your instructor’s permission. Your instructor may require that you do preliminary library searches for research papers and technical papers to prove that you can find a sufficient number of resources to complete the assignment.

    Survey of the Professional Literature

    During your survey of the professional literature, you will identify 10 research papers or technical papers which provide technical information about your selected technology (see selection requirements for each paper). These papers must be dated between 2012 and 2017 (five year window).

    Allowable sources for research papers / technical papers are: (a) professional journals, (b) conference proceedings, (c) dissertations or theses, and (d) technical magazines (published by either the ACM or IEEE). If an article from one of the above sources does not have a reference list containing at least 3 references you may use it in your review paper but it WILL NOT COUNT towards the “10 research or technical papers” requirement.

    The requirement to “survey the professional literature” must be met by using research papers/publications and technical papers which are available from the following UMUC online library databases: ACM Digital Library, Dissertations & Theses (Pro Quest), IEEE Computer Society Digital Library, and Science Direct.

    EVALUATING

    In this stage, you will evaluate and report upon the information found during your survey of the professional literature. Read the abstract, introduction section, and closing sections for each of the sources identified in your survey of the professional literature. From this information, develop a summary of the technology that includes: (a) a description of technology and (b) planned uses of the technology (products, services, etc.). IMPORTANT: your technology review must incorporate information from each of your 10 “papers” from the professional literature.

    Note: You may use other sources in addition to the papers which comprise your survey of the professional literature.

    Next, brainstorm the security implications of this technology (if these are not specifically discussed by your sources). You should consider use of the technology to improve cybersecurity and uses which will negatively impact the security posture of an organization or the security of individual consumers or users of the product. It is very important that you consider BOTH SIDES OF THIS ISSUE.

    Note: Remember that the security posture of a system or product is framed in terms of risk, threats, vulnerabilities, etc. Improvements to the security posture (positive security implications) will result in reduced risk, increased resistance to threats or attacks, and decreased vulnerability. Negative impacts on the security posture will result in increased risk, decreased resistance to threats / attacks, and increased vulnerability (weakness).

    Write down your thoughts and ideas about the security implications of this technology using (a) the Five Pillars of Information Assurance and/or (b) the Five Pillars of Information Security. For your paper, you do not need to include all ten “pillars” but you should address a minimum of three. If you are targeting an “A” on your paper, address at least five of the pillars. (See Technology Review #1 Detailed Project Description for definitions of the pillars and references.)

    You should provide specific examples using characteristics and/or applications of the technology, e.g. an emerging nano technology which can be used to tag “genuine” parts with an identification code. Such a technology may be chosen to replace etched serial numbers or bar codes because the new tags will decrease the probability that substitute or non-genuine parts will enter the supply chain undetected. This will, in turn, decrease the risk of substitution which then decreases the probability of loss of availability caused by non-genuine parts. Decreasing the probability of a negative event will decrease the risk associated with that event.

    WRITING YOUR EVALUATION

    Your paper must provide the reader with an overview of the technology followed by information about the potential security risks and/or benefits of its use (the security posture ).You MUST use information paraphrased from the papers found during your Survey of the Professional Literature (with appropriate in-text citations).

    Your Technology Review papers should be at least three pages in length but no more than five pages (excluding the title page and references page).

    Your papers must comply with the formatting guidance provided by your instructor. All papers in this course must also comply with APA Style for references and citations.

    You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs. Together, these items constitute the professionalism category in the assignment grading rubrics (worth 20% of the assignment’s grade).

    Grading: Consult the grading rubric for specific content and formatting requirements for this assignment.

    APA Formatting: See the resources posted under Content > Course Documents > APA Resources.

    Rubrics

    Criteria

    Provided an excellent overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided an outstanding overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided an overview of an emerging technology or emerging application of technology in the context of an identified critical infrastructure sector (as defined by PDD-21). The overview provided some details about how the technology is used. The overview drew some information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites.

    Identified an appropriate technology. Provided an overview or introduction that was lacking in detail and/or missing a discussion of the critical infrastructure sector (as defined by PDD-21). Information from the survey of the professional literature was used in the overview.

    Identified an appropriate technology but the overview of that technology lacked detail and/or was not well supported by information drawn from authoritative sources.

    The introduction and/or overview sections of the paper were off topic or failed to provide an overview of the emerging application of technology in the context of the critical infrastructure.

    Identified 10 or more papers from the professional literature. All papers used in the survey were from the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used 10 or more papers from the survey of the literature throughout the discussion (as demonstrated by correctly formatted and placed citations).

    Survey of the literature was based upon eight papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 8 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations).

    Survey of the literature was based upon six or seven papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 6 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations).

    Survey of the literature was based upon four or five papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 4 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by correctly formatted and placed citations).

    Survey of the literature was based upon three or more papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Appropriately used at least 3 papers from the survey of the literature throughout the discussion of the technology (as demonstrated by paraphrasing and including correctly formatted and placed citations).

    Survey of the literature was based upon two or fewer papers from one or more of the four approved sources (ACM Digital Library, IEEE Computer Society Digital Library, Pro Quest Dissertations and Theses, and Science Direct). Did not appropriately use papers from the survey of the literature throughout the discussion of the technology (as demonstrated by paraphrasing and including correctly formatted and placed citations).

    Provided an excellent discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc. in the context of an identified critical infrastructure sector (as defined by PDD-21). Discussion provided five or more specific examples of how these improvements would impact cybersecurity for information, information systems, and/or networks. The discussion appropriately used five or more “pillars” and was based upon information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided an outstanding discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc. in the context of an identified critical infrastructure sector (as defined by PDD-21). Discussion provided four or more specific examples of how these improvements would impact cybersecurity for information, information systems, and/or networks. The discussion appropriately used four or more “pillars” and was based upon information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided a discussion of how the emerging technology or emerging application of technology could be used to improve or support cybersecurity for information, information systems, and/or networks in a critical infrastructure sector (as defined by PDD-21). Discussion provided three or more appropriate examples, and used three or more “pillars.” Information from the survey of the professional literature was used. Additional information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites, may also be included.

    Discussion provided few details in regards to how the emerging technology or emerging application of technology could be used to improve or support cybersecurity. OR, discussion provided few details in regards to support or improvements for cybersecurity in the critical infrastructure sector (as defined by PDD-21). Information from the survey of the professional literature was used in the discussion.

    Discussed cybersecurity benefits from the use of the emerging technology but the discussion lacked detail and/or was not well supported by information drawn from the survey of the professional literature.

    The discussion of cybersecurity improvements / support from use of the emerging technology was not relevant to the identified critical infrastructure and/or did not apply to the identified technology. OR, discussion of improvements / support for cybersecurity was missing.

    Provided an excellent discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Discussion fully described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided an outstanding discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion appropriately used information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers and authoritative Web sites.

    Provided a discussion of how the emerging technology or emerging application of technology could be used by attackers to further their own goals and/or how specific anticipated or known vulnerabilities could be exploited. Described how the technology could by attackers against an identified critical infrastructure sector (as defined by PDD-21). The discussion drew some information from the survey of the professional literature in addition to information from other sources, i.e. news articles, industry or government white papers or from authoritative Web sites.

    Discussion provided few details in regards to how the emerging technology or emerging application of technology could be used by attackers against a critical infrastructure (as defined by PDD-21). Provided few details regarding known or suspected (anticipated) vulnerabilities in the technology. Information from the survey of the professional literature was used in the discussion.

    Discussed attacks and/or reported on how the technology could be used against defenders but the discussion lacked detail and/or was not well supported by information drawn from the survey of the professional literature.

    Did not report on how the technology could be used by attackers, criminals, terrorists, etc. Did not discuss specific vulnerabilities to attack which are present or anticipated in the identified technology.

    Demonstrated excellence in the use of standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS.

    Discussion showed an outstanding understanding and integration of standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS.

    Correctly used standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from five or more pillars of IA/IS.

    Correctly used standard cybersecurity terminology to support discussion of the technology. Appropriately used terminology from three or more pillars of IA/IS.

    Used some standard cybersecurity terminology to support discussion of the technology. OR, use of cybersecurity terms was not well supported by information drawn from the survey of the professional literature.

    Did not integrate standard cybersecurity terminology into the discussion OR misused or incorrectly defined standard terms from the pillars of IA/IS.

    Work contains a reference list containing entries for all cited resources. Reference list entries and in-text citations are correctly formatted using the appropriate APA style for each type of resource.

    Work contains a reference list containing entries for all cited resources. One or two minor errors in APA format for in-text citations and/or reference list entries.

    Work contains a reference list containing entries for all cited resources. No more than 3 minor errors in APA format for in-text citations and/or reference list entries

    Work has no more than three paragraphs with omissions of citations crediting sources for facts and information. Work contains a reference list containing entries for cited resources. Work contains no more than 5 minor errors in APA format for in-text citations and/or reference list entries.

    Work attempts to credit sources but demonstrates a fundamental failure to understand and apply the APA formatting standard as defined in the Publication Manual of the American Psychological Association (6th ed.).

    Reference list is missing. Work demonstrates an overall failure to incorporate and/or credit authoritative sources for information used in the paper.

    Submitted work shows outstanding organization and the use of color, fonts, titles, headings and sub-headings, etc. is appropriate to the assignment type.

    Submitted work has minor style or formatting flaws but still presents a professional appearance. Submitted work is well organized and appropriately uses color, fonts, and section headings (per the assignment’s directions).

    Organization and/or appearance of submitted work could be improved through better use of fonts, color, titles, headings, etc. OR Submitted work has multiple style or formatting errors. Professional appearance could be improved.

    Submitted work has multiple style or formatting errors. Organization and professional appearance need substantial improvement.

    Submitted work meets minimum requirements but has major style and formatting errors. Work is disorganized and needs to be rewritten for readability and professional appearance.

    No work submitted.

    No formatting, grammar, spelling, or punctuation errors.

    Work contains minor errors in formatting, grammar, spelling or punctuation which do not significantly impact professional appearance.

    Errors in formatting, spelling, grammar, or punctuation which detract from professional appearance of the submitted work.

    Submitted work has numerous errors in formatting, spelling, grammar, or punctuation. Work is unprofessional in appearance.

    Submitted work is difficult to read / understand and has significant errors in formatting, spelling, grammar, punctuation, or word usage.

    No work submitted.
    Overall Score

    "Get 15% discount on your first 3 orders with us"
    Use the following coupon
    FIRST15

    Order Now
    Leave a reply →
    • Posted by
    • admin

Photostream

"Get 15% discount on your first 3 orders with us"
Use the following coupon
FIRST15

Order Now
© Copyright - Medic Papers. All Rights Reserved.
Top

Hi there! Click one of our representatives below and we will get back to you as soon as possible.

Chat with us on WhatsApp