PROGRAM CRITERIA FOR CYBERSECURITY ENGINEERING AND ENGINEERING PROGRAMS THAT INCLUDE "SECURITY," "CYBERSECURITY," "COMPUTER SECURITY," "CYBER OPERATIONS," INFORMATION ASSURANCE," "INFORMATION SECURITY," OR SIMILAR MODIFIERS IN THEIR TITLES.
 
Co-Lead Societies: Institute of Electrical and Electronics Engineers, CSAB, International Council on Systems Engineering (INCOSE)
 
These program criteria apply to engineering programs that include “security”, “cybersecurity”, “computer security”, “cyber operations”, “information assurance”, “information security”, or similar modifiers in their titles.*

1. Curriculum

The structure of the curriculum must provide both breadth and depth across the range of engineering topics implied by the title of the program.

The curriculum must
  • Include probability, statistics, and cryptographic topics including applications appropriate to the program.
  • Include discrete math and specialized math appropriate to the program, such as, abstract algebra, information theory, number theory, complexity theory, finite fields.
  • Include engineering topics necessary to analyze and design complex devices, software, and systems containing hardware, software and human components.

Provide both breadth and depth across the range of engineering and computer science topics necessary for the:
  • application of security principles and practices to the design, implementation, and operations of the physical, software, and human components of the system as appropriate to the program
  • application of protective technologies and forensic techniques
  • analyzing and evaluation of components and systems with respect to security and to maintaining operations in the presence of risks and threats
  • consideration of legal, regulatory, privacy, ethics, and human behavior topics as appropriate to the program


2. Faculty

The program must demonstrate that faculty members teaching core engineering topics understand methods of engineering design, engineering problem solving, and engineering practice with specific relevance to security.

* 1. If you would like to provide comments regarding the proposed criteria, please provide them below.

T