Using protocol analysis to explore the creative requirements engineering process

Protocol analysis is an empirical method applied by researchers in cognitive psychology and behavioural analysis. Protocol analysis can be used to collect, document and analyse thought processes by an individual problem solver. In general, research subjects are asked to think aloud when performing a given task. Their verbal reports are transcribed and represent a sequence of their thoughts and cognitive activities. These verbal reports are analysed to identify relevant segments of cognitive behaviours by the research subjects. The analysis results may be cross-examined (or validated through retrospective interviews with the research subjects). This paper offers a critical analysis of this research method, its approaches to data collection and analysis, strengths and limitations, and discusses its use in information systems research. The aim is to explore the use of protocol analysis in studying the creative requirements engineering process.<br /

A protocol for multidimensional assessment in university online courses

This paper presents a protocol developed for multidimensional assessment for e-learning experiences based on socioconstructivist principles. First, we describe the structure of an e-learning course where the protocol as been developed and tested; second, we describe the protocol and how it has been used in that course. We believe this protocol is a useful tool for a twofold reason: on the one hand, it takes into account the complexity of the pedagogical architecture of socioconstructivist courses – where many teaching models and learning strategies are mixed, different individual and collaborative activities are proposed and students are asked to build a variety of final products. On the other hand, it promotes students’ assumption of responsibility and active role, with a particular reference to self-assessment competences. Instances of how we have applied the protocol will be described in the paper. The assessment protocol we present here is complex, nevertheless flexible. Therefore, although we have tested it in a specific course, it could also be used in similar or simpler course

Integrating case study and survey research methods: An example in information systems

The case for combining research methods generally, and more specifically that for combining qualitative and quantitative methods, is strong. Yet, research designs that extensively integrate both fieldwork (e.g. case studies) and survey research are rare. More¬over, some journals tend tacitly to specialize by methodology thereby encouraging purity of method. The multi-method model of research while not new, has not been appreciated. In this respect it is useful to articulate and describe its usage through example. By reference to a recently completed study of IS consultant engagement success factors this paper presents an analysis of the benefits of integrating case study and survey research methods. The emphasis is on the qualitative case study method and how it can compliment more quantitative survey research. Benefits are demonstrated through specific examples from the reference study.</i

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability