Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity

Alan T. Sherman; Geoffrey L. Herman; Linda Oliva; Peter A.H. Peterson; Enis Golaszewski; Seth Poulsen; Travis Scheponik; Akshita Gorti

doi:10.1007/978-3-030-58703-1_1

Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity

Alan T. Sherman, Geoffrey L. Herman, Linda Oliva, Peter A.H. Peterson, Enis Golaszewski, Seth Poulsen, Travis Scheponik, Akshita Gorti

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

We reflect on our ongoing journey in the educational Cybersecurity Assessment Tools (CATS) Project to create two concept inventories for cybersecurity. We identify key steps in this journey and important questions we faced. We explain the decisions we made and discuss the consequences of those decisions, highlighting what worked well and what might have gone better. The CATS Project is creating and validating two concept inventories—conceptual tests of understanding—that can be used to measure the effectiveness of various approaches to teaching and learning cybersecurity. The Cybersecurity Concept Inventory (CCI) is for students who have recently completed any first course in cybersecurity; the Cybersecurity Curriculum Assessment (CCA) is for students who have recently completed an undergraduate major or track in cybersecurity. Each assessment tool comprises 25 multiple-choice questions (MCQs) of various difficulties that target the same five core concepts, but the CCA assumes greater technical background. Key steps include defining project scope, identifying the core concepts, uncovering student misconceptions, creating scenarios, drafting question stems, developing distractor answer choices, generating educational materials, performing expert reviews, recruiting student subjects, organizing workshops, building community acceptance, forming a team and nurturing collaboration, adopting tools, and obtaining and using funding. Creating effective MCQs is difficult and time-consuming, and cybersecurity presents special challenges. Because cybersecurity issues are often subtle, where the adversarial model and details matter greatly, it is challenging to construct MCQs for which there is exactly one best but non-obvious answer. We hope that our experiences and lessons learned may help others create more effective concept inventories and assessments in STEM.

Original language	English (US)
Title of host publication	National Cyber Summit Research Track, NCS 2020
Editors	Kim-Kwang Raymond Choo, Tommy Morris, Eric Imsand, Gilbert L. Peterson
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	3-34
Number of pages	32
ISBN (Print)	9783030587024
DOIs	https://doi.org/10.1007/978-3-030-58703-1_1
State	Published - 2021
Externally published	Yes
Event	National Cyber Summit, NCS 2020 - Huntsville, United States Duration: Jun 2 2020 → Jun 4 2020

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	1271 AISC
ISSN (Print)	2194-5357
ISSN (Electronic)	2194-5365

Conference

Conference	National Cyber Summit, NCS 2020
Country/Territory	United States
City	Huntsville
Period	6/2/20 → 6/4/20

Bibliographical note

Publisher Copyright:
© 2021, Springer Nature Switzerland AG.

Keywords

Computer science education
Concept inventories
Cryptography
Cybersecurity Assessment Tools (CATS)
Cybersecurity Concept Inventory (CCI)
Cybersecurity Curriculum Assessment (CCA)
Cybersecurity education
Multiple-choice questions

Access

10.1007/978-3-030-58703-1_1

OpenUrl availability

Full text

Cite this

Sherman, A. T., Herman, G. L., Oliva, L., Peterson, P. A. H., Golaszewski, E., Poulsen, S., Scheponik, T., & Gorti, A. (2021). Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity. In K.-K. R. Choo, T. Morris, E. Imsand, & G. L. Peterson (Eds.), National Cyber Summit Research Track, NCS 2020 (pp. 3-34). (Advances in Intelligent Systems and Computing; Vol. 1271 AISC). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-58703-1_1

Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity. / Sherman, Alan T.; Herman, Geoffrey L.; Oliva, Linda et al.
National Cyber Summit Research Track, NCS 2020. ed. / Kim-Kwang Raymond Choo; Tommy Morris; Eric Imsand; Gilbert L. Peterson. Springer Science and Business Media Deutschland GmbH, 2021. p. 3-34 (Advances in Intelligent Systems and Computing; Vol. 1271 AISC).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Sherman, AT, Herman, GL, Oliva, L, Peterson, PAH, Golaszewski, E, Poulsen, S, Scheponik, T & Gorti, A 2021, Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity. in K-KR Choo, T Morris, E Imsand & GL Peterson (eds), National Cyber Summit Research Track, NCS 2020. Advances in Intelligent Systems and Computing, vol. 1271 AISC, Springer Science and Business Media Deutschland GmbH, pp. 3-34, National Cyber Summit, NCS 2020, Huntsville, United States, 6/2/20. https://doi.org/10.1007/978-3-030-58703-1_1

Sherman AT, Herman GL, Oliva L, Peterson PAH, Golaszewski E, Poulsen S et al. Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity. In Choo KKR, Morris T, Imsand E, Peterson GL, editors, National Cyber Summit Research Track, NCS 2020. Springer Science and Business Media Deutschland GmbH. 2021. p. 3-34. (Advances in Intelligent Systems and Computing). doi: 10.1007/978-3-030-58703-1_1

Sherman, Alan T. ; Herman, Geoffrey L. ; Oliva, Linda et al. / Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity. National Cyber Summit Research Track, NCS 2020. editor / Kim-Kwang Raymond Choo ; Tommy Morris ; Eric Imsand ; Gilbert L. Peterson. Springer Science and Business Media Deutschland GmbH, 2021. pp. 3-34 (Advances in Intelligent Systems and Computing).

@inproceedings{552cf266f6c545ae9f2146ac33ec5679,

title = "Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity",

abstract = "We reflect on our ongoing journey in the educational Cybersecurity Assessment Tools (CATS) Project to create two concept inventories for cybersecurity. We identify key steps in this journey and important questions we faced. We explain the decisions we made and discuss the consequences of those decisions, highlighting what worked well and what might have gone better. The CATS Project is creating and validating two concept inventories—conceptual tests of understanding—that can be used to measure the effectiveness of various approaches to teaching and learning cybersecurity. The Cybersecurity Concept Inventory (CCI) is for students who have recently completed any first course in cybersecurity; the Cybersecurity Curriculum Assessment (CCA) is for students who have recently completed an undergraduate major or track in cybersecurity. Each assessment tool comprises 25 multiple-choice questions (MCQs) of various difficulties that target the same five core concepts, but the CCA assumes greater technical background. Key steps include defining project scope, identifying the core concepts, uncovering student misconceptions, creating scenarios, drafting question stems, developing distractor answer choices, generating educational materials, performing expert reviews, recruiting student subjects, organizing workshops, building community acceptance, forming a team and nurturing collaboration, adopting tools, and obtaining and using funding. Creating effective MCQs is difficult and time-consuming, and cybersecurity presents special challenges. Because cybersecurity issues are often subtle, where the adversarial model and details matter greatly, it is challenging to construct MCQs for which there is exactly one best but non-obvious answer. We hope that our experiences and lessons learned may help others create more effective concept inventories and assessments in STEM.",

keywords = "Computer science education, Concept inventories, Cryptography, Cybersecurity Assessment Tools (CATS), Cybersecurity Concept Inventory (CCI), Cybersecurity Curriculum Assessment (CCA), Cybersecurity education, Multiple-choice questions",

author = "Sherman, {Alan T.} and Herman, {Geoffrey L.} and Linda Oliva and Peterson, {Peter A.H.} and Enis Golaszewski and Seth Poulsen and Travis Scheponik and Akshita Gorti",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; National Cyber Summit, NCS 2020 ; Conference date: 02-06-2020 Through 04-06-2020",

year = "2021",

doi = "10.1007/978-3-030-58703-1_1",

language = "English (US)",

isbn = "9783030587024",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "3--34",

editor = "Choo, {Kim-Kwang Raymond} and Tommy Morris and Eric Imsand and Peterson, {Gilbert L.}",

booktitle = "National Cyber Summit Research Track, NCS 2020",

address = "Germany",

}

TY - GEN

T1 - Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity

AU - Sherman, Alan T.

AU - Herman, Geoffrey L.

AU - Oliva, Linda

AU - Peterson, Peter A.H.

AU - Golaszewski, Enis

AU - Poulsen, Seth

AU - Scheponik, Travis

AU - Gorti, Akshita

PY - 2021

Y1 - 2021

N2 - We reflect on our ongoing journey in the educational Cybersecurity Assessment Tools (CATS) Project to create two concept inventories for cybersecurity. We identify key steps in this journey and important questions we faced. We explain the decisions we made and discuss the consequences of those decisions, highlighting what worked well and what might have gone better. The CATS Project is creating and validating two concept inventories—conceptual tests of understanding—that can be used to measure the effectiveness of various approaches to teaching and learning cybersecurity. The Cybersecurity Concept Inventory (CCI) is for students who have recently completed any first course in cybersecurity; the Cybersecurity Curriculum Assessment (CCA) is for students who have recently completed an undergraduate major or track in cybersecurity. Each assessment tool comprises 25 multiple-choice questions (MCQs) of various difficulties that target the same five core concepts, but the CCA assumes greater technical background. Key steps include defining project scope, identifying the core concepts, uncovering student misconceptions, creating scenarios, drafting question stems, developing distractor answer choices, generating educational materials, performing expert reviews, recruiting student subjects, organizing workshops, building community acceptance, forming a team and nurturing collaboration, adopting tools, and obtaining and using funding. Creating effective MCQs is difficult and time-consuming, and cybersecurity presents special challenges. Because cybersecurity issues are often subtle, where the adversarial model and details matter greatly, it is challenging to construct MCQs for which there is exactly one best but non-obvious answer. We hope that our experiences and lessons learned may help others create more effective concept inventories and assessments in STEM.

AB - We reflect on our ongoing journey in the educational Cybersecurity Assessment Tools (CATS) Project to create two concept inventories for cybersecurity. We identify key steps in this journey and important questions we faced. We explain the decisions we made and discuss the consequences of those decisions, highlighting what worked well and what might have gone better. The CATS Project is creating and validating two concept inventories—conceptual tests of understanding—that can be used to measure the effectiveness of various approaches to teaching and learning cybersecurity. The Cybersecurity Concept Inventory (CCI) is for students who have recently completed any first course in cybersecurity; the Cybersecurity Curriculum Assessment (CCA) is for students who have recently completed an undergraduate major or track in cybersecurity. Each assessment tool comprises 25 multiple-choice questions (MCQs) of various difficulties that target the same five core concepts, but the CCA assumes greater technical background. Key steps include defining project scope, identifying the core concepts, uncovering student misconceptions, creating scenarios, drafting question stems, developing distractor answer choices, generating educational materials, performing expert reviews, recruiting student subjects, organizing workshops, building community acceptance, forming a team and nurturing collaboration, adopting tools, and obtaining and using funding. Creating effective MCQs is difficult and time-consuming, and cybersecurity presents special challenges. Because cybersecurity issues are often subtle, where the adversarial model and details matter greatly, it is challenging to construct MCQs for which there is exactly one best but non-obvious answer. We hope that our experiences and lessons learned may help others create more effective concept inventories and assessments in STEM.

KW - Computer science education

KW - Concept inventories

KW - Cryptography

KW - Cybersecurity Assessment Tools (CATS)

KW - Cybersecurity Concept Inventory (CCI)

KW - Cybersecurity Curriculum Assessment (CCA)

KW - Cybersecurity education

KW - Multiple-choice questions

UR - http://www.scopus.com/inward/record.url?scp=85091327152&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85091327152&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-58703-1_1

DO - 10.1007/978-3-030-58703-1_1

M3 - Conference contribution

AN - SCOPUS:85091327152

SN - 9783030587024

T3 - Advances in Intelligent Systems and Computing

SP - 3

EP - 34

BT - National Cyber Summit Research Track, NCS 2020

A2 - Choo, Kim-Kwang Raymond

A2 - Morris, Tommy

A2 - Imsand, Eric

A2 - Peterson, Gilbert L.

PB - Springer Science and Business Media Deutschland GmbH

T2 - National Cyber Summit, NCS 2020

Y2 - 2 June 2020 through 4 June 2020

ER -

Experiences and Lessons Learned Creating and Validating Concept Inventories for Cybersecurity

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access

OpenUrl availability

Other files and links

Fingerprint

Cite this