IVLE4C a Conceptual Learning Environment for Teaching Enterprise Cybersecurity

The authors are working to improve students’ understanding of and classroom experience with enterprise cybersecurity. Central to this effort is development of the Integrated Virtual Learning Environment for Cybersecurity (IVLE4C), a teaching and learning tool intended for use by both teachers and students. The authors are endeavoring to incorporate into IVLE4C best practices from the knowledge domains of education, model-based systems engineering, and cybersecurity. A modern digital enterprise is a large-scale, complex system of systems. Enterprise cybersecurity is a special subset of the larger knowledge domain that merits special consideration when instructing students who lack relevant work experience. This lack of work experience creates a gap in students’ knowledge about the structure, operation, and control of a modern digital enterprise. Our guiding precept – coined Greer’s Rule of Thumb – is that: it is impossible to defend what cannot be visualized and described. Therefore, it is essential to address the student enterprise knowledge gap before attempting to teach the means for assuring enterprise cybersecurity. Viste and Skartveit (2004) propose using an interactive virtual learning environment with reality abstraction models when teaching the structure, operation, and control of a large-scale complex system. The creation of a virtual model enables a modern digital enterprise to be brought into the classroom. This allows for learning that is complementary to experiential learning that occurs during an internship and, possibly, a viable alternative when internships are unavailable or come later in a curriculum path. Once developed, a library of models representing different digital enterprise types can be used to accelerate student enterprise cybersecurity education in a controlled classroom environment. During the presentation, the authors will provide an update on the use of model-based system engineering practices and how they are being integrated into IVLE4C for developing a tailored, enterprise risk management strategy. This approach is consistent with guidance provided in the NIST Cybersecurity Framework. Research shows model-based systems engineering is increasingly being used for developing engineered cybersecurity solutions. An example of this is research performed by Robles-Ramirez et.al. (2020) on the application of model-based Cybersecurity Engineering for Connected and Automated Vehicles. Key is the notion of turning a cyber-attack surface into a trust boundary at targeted levels. IVLE4C version 1.0 is currently being used to teach Cyber Supply Chain Security at UNCW. Version 2.0 is a dynamic data driven web application, that is being developed for teaching Enterprise Security

Integrated Virtual Learning Environment for Cybersecurity (IVLE4C)

The authors are working to improve students’ understanding of and classroom experience with enterprise cybersecurity. Central to this effort is development of the Integrated Virtual Learning Environment for Cybersecurity (IVLE4C), a teaching and learning tool intended for use by both teachers and students. The authors are endeavoring to incorporate into IVLE4C best practices from the knowledge domains of education, model-based systems engineering, and cybersecurity. A modern digital enterprise is a large-scale, complex system of systems. Enterprise cybersecurity is a special subset of the larger knowledge domain that merits special consideration when instructing students who lack relevant work experience. This lack of work experience creates a gap in students’ knowledge about the structure, operation, and control of a modern digital enterprise. Our guiding precept – coined Greer’s Rule of Thumb – is that: it is impossible to defend what cannot be visualized and described. Therefore, it is essential to address the student enterprise knowledge gap before attempting to teach the means for assuring enterprise cybersecurity. Viste and Skartveit (2004) propose using an interactive virtual learning environment with reality abstraction models when teaching the structure, operation, and control of a large-scale complex system. The creation of a virtual model enables a modern digital enterprise to be brought into the classroom. This allows for learning that is complementary to experiential learning that occurs during an internship and, possibly, a viable alternative when internships are unavailable or come later in a curriculum path. Once developed, a library of models representing different digital enterprise types can be used to accelerate student enterprise cybersecurity education in a controlled classroom environment. During the presentation, the authors will provide an update on the use of model-based system engineering practices and how they are being integrated into IVLE4C for developing a tailored, enterprise risk management strategy. This approach is consistent with guidance provided in the NIST Cybersecurity Framework. Research shows model-based systems engineering is increasingly being used for developing engineered cybersecurity solutions. An example of this is research performed by Robles-Ramirez et.al. (2020) on the application of model-based Cybersecurity Engineering for Connected and Automated Vehicles. Key is the notion of turning a cyber-attack surface into a trust boundary at targeted levels. IVLE4C version 1.0 is currently being used to teach Cyber Supply Chain Security at UNCW. Version 2.0 is a dynamic data driven web application, that is being developed for teaching Enterprise Security

Meaningful Assessment

Assessment of student learning outcomes is a key process used in education to both evaluate students’ level of achievement and to identify opportunities for continuous improvement. The most prevalent technique for analyzing data collected from direct assessment methods is to distill the data to a single measure of central tendency, typically the arithmetic mean. Despite well-known awareness and understanding of the limitations of the arithmetic mean, it is still commonly used because it is easy to calculate from the readily available data and is familiar to most educators. This paper argues that use of arithmetic mean alone is a poor assessment practice, and an alternate evaluation technique is presented in detail. To illustrate our conceptual arguments, a case study involving the assessment of an intermediate, college-level information technology course is presented. For the evaluation of an outcome in this course, assessment of student performance for the embedded indicators of that outcome are shown using both the commonly used arithmetic mean and what we believe to be a better, more meaningful assessment technique that places individual student performance data points into categories using an Individual Indicator Metric and then evaluates the group’s overall performance based on the distribution of these student performances across the categories using a Group Indicator Metric. The paper’s concluding section briefly addresses integrating indirect (subjective) evidence, combining all data source evaluations to evaluate an outcome, identifying and acting on opportunities for improvement, and reassessing changes. The central theme of the paper is that the veracity of assessment can be significantly improved with minimal extra effort

Using Virtual Machines To Improve Learning and Save Resources in an Introductory IT Course

Information technology courses often require the use of software and hardware to support classroom learning. These systems can assist in achieving the learning objectives for a course through classroom problems and laboratory exercises. The procurement and maintenance of these systems can be a challenge even for well resourced organizations. In this paper we discuss how virtual machines can relieve organizations of some of their resource burdens while effectively achieving course learning objectives and provide examples of how that is currently done at the United States Military Academy

The Dalradian rocks of the north-east Grampian Highlands of Scotland

The north-east Grampian Highlands, as described here, are bounded to the north-west by the Grampian Group outcrop of the northern Grampian Highlands and to the south by the Southern Highland Group\ud outcrop in the Highland Border region. The Dalradian succession therefore encompasses the whole of the Appin and Argyll groups, but also includes an extensive outlier of Southern Highland Group strata in the north of the region. The succession includes shallow-marine sequences, glacigenic deposits at two stratigraphical levels, the earliest evidence for volcanism in the Dalradian, a later major development of basaltic and picritic sub-marine lavas, and thick turbiditic sequences. In the south, the Grampian–Appin group boundary is a high-strain zone, with no obvious dislocation or stratigraphical excision, which was formerly termed the Boundary Slide. Shear-zones at higher structural levels are associated with pre-tectonic granites, such as the Ben Vuirich Granite, which have been dated at c. 600 Ma and hence place limits on the timing of sedimentation, deformation and metamorphism. The region is divided from north to south by a major zone of shearing and dislocation with associated igneous intrusions, termed the Portsoy Lineament. To the west of the lineament, the stratigraphy is more-or-less continuous along strike with that of the central Grampian Highlands. D1, D2 and D3 structures extend from the Tummel Steep Belt north-eastwards throughout this area. The stratigraphical succession is broadly continuous across the Portsoy Lineament but to the east, in the Buchan Block, correlations are more tenuous and do not extend below subgroup level. High-grade migmatitic paragneisses were once interpreted as pre-Dalradian basement but they are now assigned to the Crinan Subgroup, within the Dalradian succession. Within the Buchan Block the outcrop pattern is controlled by two broad, open, post-metamorphic folds, the Turriff Syncline and the Buchan Anticline. The Buchan Block is the international type area for the high-temperature/low-pressure Buchan-type regional metamorphism. To the south and west, this passes into higher pressure Barrovian-type metamorphism. South of Deeside, metamorphic conditions reached 820 8C and over 8 kbar, well into granulite facies and the highest recorded in the Grampian Terrane. The detailed relationship between the high heat-flow and the emplacement of large bodies of basic and silicic magma is a matter of ongoing research. Plutons of the north-east Grampian Basic Suite, emplaced at c. 474–470 Ma, during or shortly after the peak of metamorphism and the D3 deformation, provide key evidence for the timing of the Grampian orogenic event