The second evaluation criteria is, "Will the proposed pilot evaluate relevant security risks?"
I don't see anything in this design document about security risks. I see descriptions of specific features, but no explanation of the risks they address or attempt to address. The word "risk" is not present. In general, I am unaware of ANY documentation XSEDE has produced that enumerates the security risks XSEDE is managing, and I believe this is a significant problem. This makes pilots like these challenging because they lack any context for their evaluation.
I agree. Evaluating security risks was not a goal of the pilot. I believe Security Operations is refreshing the XSEDE risk assessment this year.
I removed this security risks review criteria.