Training Program 2019/20
Introduction
This training proposal has been written for the benefit of a number of stakeholders: the Bank of PNG, the PNG Civil Identification and Registration Office (CIRO)/NID, the PNG Digital Commerce Association (DCA), the ICT Cluster (ICTC), and the potential participants, members, and foundation shareholders of the ‘YuTru’ digital trust framework scheme operated by the Digital Identification Bureau Ltd.
Training delivery is proposed over the period 2019-2020 at an average of 1 day per month or 3 days training each quarter. The proposal suggests 6 topics in the fields of computer science, information technology, and cybersecurity.
The suggestions made are motivated by (i) requests gathered during two training courses delivered: (a) “How to Trust a Stranger” and (b) Digital Certificates and Signatures; (ii) observations made, over the course of 95+ consultations in the second half of 2018 by Neocapita; and (iii) the work agenda ahead for the operations and maintenance of the YuTru digital trust framework, at the earliest point possible must be undertaken by domestic suppliers and providers with a tapering off of Neocapita’s involvement.
Structure
Time Commitment
Each course will require candidates to register online and attend 5 hours of course time each day, the time is broken into 3 sessions each day. The number of days for each course varies from 1 to 3 days each.
Activities
Candidates will be asked to take an online pre-test, progress quizzes at the end of each training day, an online post-test, and then be awarded a certificate of either participation or completion. A set of course materials will be sent to registered attendees no later than 1 work-week prior to the start of each course.
Certification Criteria
Certificates of participation are awarded if candidates are present for 80% or more of the course time. Certificates of completion are awarded if they meet the criteria for participation, and achieve a score in the post-test of 60% or greater. Certificates will be awarded in the name of the PNG Digital Commerce Association.
Diversity & Inclusion
YuTru is deeply committed to principles of diversity and inclusion, recognising all people regardless of race, age, culture, ability, ethnicity or nationality, gender identity and expression, sexual orientation, marital status, religious affiliation, and socioeconomic status. We encourage the selection of participants by our partners with these principles in mind.
Participant Numbers
The number of participants in each course session should be limited to 40-50 participants so that 8-10 smaller workgroups of 4-5 people can be formed for ‘breakout’ sessions for team work to take place during the course.
Proposed Coursework
| # | Course Name and Description | Duration | Proposed |
| 1 | Understanding Biometric Technology In this module, we introduce the essential features of biometric identification systems. Where passwords are used by a system to make a binary decision to grant or deny access, biometric technology depends on statistical models and decision making. Biometric security systems depend on the characteristics of sensors to read measurements from the physical world and computing power to make light work of complex statistical decision making. The strengths and weaknesses of different biometric modalities are examined, the pipeline of operations a biometric system executes is explained, and the effectiveness of biometric modalities is ranked. |
1 day | 27/08/2019 |
| 2 | Introduction to Distributed Ledger Technologies In this module, we survey current development and government literature on distributed ledger (or blockchain) technologies. We explore how distributed ledgers (or blockchains) have been used since 2007 in government, and how they are now being used to speed up interbank transaction settlement, transaction clearance, provide people with incorruptible land titles, drug and patent registration, public notarisation, management of complex supply chains, and document provenance; are just some examples. As important, is the fact that the blockchain provides the necessary platform and infrastructure for the execution of laws and regulations as code – ‘smart contracting’ is explained and how it enables disintermediation is looked at closely. The properties of various distributed ledgers are compared and contrasted: Ethereum, Cardano, Lisk, Hyperledger, and even the original Bitcoin blockchain are exposed for how they implement global execution of computer programs. We expose how the ecosystem of the ledger arrives at consensus, how much computation is required, and what computation is done. Finally, we provide participants with a set of factors that can be used as a “ready reckoner” for whether a particular use case justifies the use of an immutable ledger. |
2 days | 26/09 & 01/10/2019 |
| 3 | The Cybersecurity Toolbox for Surveillance, Analysis & Evidence Gathering This module introduces the participant to specific computer security tools used by state and non-state actors for efficient and effective cybersecurity surveillance, analysis, and evidence collection capabilities. Participants will learn about hardware-based file systems, the Microsoft Windows file explorer, and how computer networking operates both in wireless and wired modes. Computer forensics tools are explained and a comprehensive cyber threat profile is provided, along with specific examples of cyber-attacks and how they are conducted and detected. Participants learn about proxies, virtual private networks, and The Onion Router (TOR) and how these tools can be used for both legal and illegal purposes. Mobile networks are explained and how mobile phones can be captured for forensic analysis, along with a list of the commercial tools used to preserve data on a phone which is especially for law enforcement or surveillance units. Techniques for forensic data analysis particularly in an evidence gathering and preservation activity is explained, as well as network traffic capture and analysis. Participants will leave with a good sense of awareness of how digital information leaves traces behind and how those traces can be used to understand the activity. The limitations of these tools and techniques are also discussed at length. |
3 days | tbd |
| 4 | An Introduction to Cybersecurity: Protecting Digital Assets In this module, we map out today’s computer and information security ‘landscape’ to understand how it has evolved and where security practices are headed. Globally, cybersecurity professionals are in high demand. In this module, we provide a foundation of common security terminology, outline the key factors to consider in modern system security design (both physical and logical), and relate these to the underlying ‘best practice’ security principles that should be followed. Participants are also given hands-on examples to try out for themselves, which they can then use in real-world situations to make systems more secure: how to keep email private, how to create and use a digital signature, how to establish the integrity of a document, and how to “see” more of the computer networks they connect to; are some of the basic technical skills participants will learn. Finally, we present some of the latest challenges and solutions brought about by the Internet of Things. Participants will leave with a comprehensive set of learning resources with which to continue their cybersecurity education. |
2days | 18 & 19/11/2019 |
| 5 | Developing Robust Applications for End-user Systems and DevOps In this module, we show participants the most common ‘templates’ for the development of stable, scalable, and robust computer applications both for the development of end-user systems, as well as for ”DevOps” – i.e. the operation of a software system development ‘pipeline’. Participants will develop skills to quickly recognise what ‘templates’ or patterns should be used depending on objectives. Participants will take away knowledge of turn-key cloud-based services and how to assemble them to develop meaningful digital services with little more than an Internet-connected computer. |
3 days | tbd |
| 6 | Integrating Technology Systems into Organisations In this module, we examine the other dimensions of the planning and development of system implementation and describe their importance and how they contribute to the success of ICT projects. A number of non-technical factors are explored: a communications protocol, change management, agile planning and work, diagramming and notation, clear lines of authority and responsibility, work products that focus on documentation, and selecting metrics and understanding the results of the measurement. In particular, government-class initiatives require political support, awareness of the economic context, the natural environment, human resources, existing and proposed processes, among other factors, in order to go smoothly and for the intended benefits to be realised. Examples of activities in each of these dimensions are provided along with methods for estimating capital and operational expenditure associated with them. A lot has been learned about successful ICT projects in recent decades and this module will share case studies to illustrate the importance of the non-technical factors of system implementation. |
2 days | tbd |
| 7 | The STEM of Well-known Digital Capabilities Science, technology, engineering, and mathematics (STEM) education are vital ingredients for creating and understanding modern technology. In this module, we take a close look at well-known digital capabilities and then decompose them into the constituent STEM skills, bodies of knowledge, and practices that went into creating them. The aim of this module is to help participants develop a deep appreciation for the rigour, precision, and complexity inherent in modern technology and to highlight the importance of STEM education. How can a computer recognise an object in the real world? How does Google Maps make its 3-dimensional buildings? What’s the point of “big data”? How does a machine learn? How close are we to artificial intelligence that can pass the ‘Turing Test’? What is the role of cryptography in modern life? How can hardware and biology be programmed? These are some of the questions we answer in this module. We leave participants with an appreciation for how technology is “compounded”. We share insight into how some of today’s well-known digital capabilities have been built up, layer by layer. This course aims to give participants an ability to recognise what STEM subjects make up the digital capabilities that operate in our world today, with an eye to where these capabilities will take us individually, and collectively as a society. |
2 days | 10 & 11/12/2019 |