The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Interdisciplinary Ph.D. Program in Information Security

Page Content

Last updated: 2021-07-13

This is not an official document and it is placed here for the potential applicants’ convenience. It is subject to constant change, especially in Areas B and C, as the participating departments change their offerings and/or the Program’s Graduate Committee modifies the requirements to meet the ever-developing needs of the field. One’s mileage can vary but one can always double check on the availability of a particular course in a particular session by visiting the websites of the appropriate departments.

Program Requirements

Students shall complete 90 credit hours of graduate course work beyond their Bachelors’ degrees, of which up to 30 credits can be earned in individual thesis research with the major professor (XXX 69900, with the designator of the department which will graduate the student—currently, COMM 69900, TECH 69900, or LING 69900).

The preliminary examinations, as negotiated with the student’s Thesis Advisory Committee, and the prospectus (proposal) should then be defended. Typically, the examinations will consist of two research papers supervised by a Committee Chair or member. The papers are research papers, and they are anything negotiated with the committee within the usual range. The idea behind the papers is to help the committee determine that the student is ready for candidacy. The papers can also be used to help advance the student’s progress professionally — by being publishable, being part of the dissertation, etc. Each paper is read by at least two members of the committee and approved or not. The thesis proposal is a synopsis of the dissertation that the whole committee needs to approve usually through an oral defense.

When it is apparent that the committee is generally in favor of what has been prepared, and at least 2 weeks prior to the proposal defense, a Form 8 is to be completed and submitted to the graduate school. The prelims and proposal defense are components of the Graduate School’s total prelim/qual requirements.

A minimum of 3 examiners are required for the proposal defense, 4 examiners for the dissertation defense. We prefer to have 4 throughout. A simple majority decides, and both in the cases of 3 or 4 members, it means that only one negative vote is allowed. The graduating program, (COM, LING, PHL, TECH) must have a faculty member, as Chair or Co-Chair. Any other faculty member, as approved by the Program’s Admission/Management committee may be a co-chair. We expect at least 50% of the students’ dissertation advisory committees to be Fellows or affiliated faculty of CERIAS to ensure a strong commitment to InfoSec in any Ph.D. dissertation we approve.

The student’s thesis must be completed and defended in a public oral examination administered by the Advisory Committee. A minimum of 2 academic semesters of research and writing must elapse between preliminary and doctoral examinations. For example a prelim in Spring 2022 would allow a doctoral defense in Spring 2023.

Students’ Masters’ degrees, if completed by admission time, count for 30 credits, and many of the credits, especially from degrees in related areas, will be approved by the Admission Committee for coverage credits. All the credits from the Purdue Masters’ Program in Information Security will count towards the Ph.D. requirements.

General requirements:

  • Eight (8) required courses from Area A below: four (4) technical courses, two (2) political/social courses, and 2 philosophical/ethical course;
  • A 5-course sub-concentration selected from the Areas A, B, and C below by the student in consultation with his/her advisory committee. Graduate courses taken prior and/or outside of the program may be approved to satisfy this requirement;
  • Sufficient electives to complete the credit requirements. These courses are also to be selected from the following list by the student and his/her advisory committee. At least three of the courses must be seminars;
  • Equivalents may be substituted upon approval of the student’s committee. Transfer courses may be used to satisfy up to two of the above courses, as per Purdue University’s rules, with approval of the student’s committee;
  • Prerequisites: Students are responsible for meeting all prerequisites and/or obtaining permissions, as per departmental regulations.
  • In addition to the courses listed in the requirement areas, the various departments and programs occasionally offer new courses and courses on specific topics that may meet area requirements, especially when they are taught by CERIAS principals and fellows. These include TECH 621 (when content is appropriate), CNIT 623 and 499 ( Prof. Julia (Taylor) Rayz), CNIT 581, LING 689 (Prof. Raskin), some CS 590 offerings, and others. The INSC program administration will announce such courses when they are available, but students are welcome to ask about any courses that might not be otherwise listed.”
  • Courses listed for graduation must total to a GPA of 3.0. or better. Any 300 or 400 course must be completed with a B- or better.

Area A. Required courses

Take 8 courses:

  1. Four technical courses:

    • CS 52600 or CNIT 55500, and
    • CS 55500 or CS 35500 and
    • CS 62600 or CS 52800, or CS 52900 or a graduate course from Area B approved by the student’s committee.
    • CS 65500 or special topics course in theoretical or applied cryptography beyond CS 55500, or a graduate course from Area B approved by the student’s committee—or equivalents

  2. Two philosophical/ethical courses:

    PHIL 52400 or PHIL 41100 or PHIL 42400 or PHIL 62400 or TECH 62100 IAE

    *PHIL 58000 is no longer available, but if you have already taken PHIL 58000, it will be recognized as meeting your requirements.

  3. Two political/social courses:

    POL 62000 and TECH 62100 TAP, CS 52300 (CS52300 Cannot be taken for both Area B and Area A)

Area B. Recommended courses

Any six courses not taken in Area A:

§ Note: May take one or the other of the following but not both:
* Unless Taken Under Area A

  1. CS 53600 or MGMT 54700
  2. PSY 57700 or IE 57700

When content is appropriate

Area C. Elective Courses

Any four courses:

Any course from Area B above, not taken to satisfy Area B requirement, can be taken in Area C.

** Note that COM 59000F and 59000G as well as COM 60000 and 60100 are restricted to only COM Ph.D. students.

Courses from at least five different graduate programs should be taken among Areas A, B, and C. Five graduate courses must constitute a declared and approved meaningful sub-concentration.

Specific Departmental Requirements

  • Students graduating via the Department of Communication must satisfy that department’s requirements for the Masters’ degree in Information Security, take COM 60000 and COM 60100 and make sure that they earn a minimum of 12 graduate credits in Communication;
  • Students graduating via Polytechnic Institute must satisfy that department’s requirements for the Masters’ degree in Information Security;
  • Students graduating via Linguistics must take LING 53100 and LING 68900: Natural Language Processing.

Responsible Conduct of Research (RCR) Requirement

All graduate students are required to complete the CITI RCR training module within 120 days of starting a graduate program and every five (5) years thereafter. More Information



Get Your Degree with CERIAS