SAI - Systems Assurance Institute

Certificate of Advanced Study in Systems Assurance

The Department of Electrical Engineering and Computer Science at Syracuse University offers a Certificate of Advanced Study in Systems Assurance, established in concert with the Systems Assurance Institute. This Certificate program reflects our strength in the formal and rigorous analysis of systems and in experimental systems. The courses cover the wide spectrum of system assurance, including the theoretical foundations, the synthesis of assured software and hardware, and the deployment of large-scale systems.

This Certificate of Advanced Study in Systems Assurance (CASSA) fits within the scope of the Computer Engineering (CE) and Computer Science (CS) Master's programs. To receive this Certificate, students must be enrolled in either the CE or the CS program and be accepted into the Certificate program. More details appear below.

Background of Program

Requirements

Course Descriptions

How to Apply

Scholarship Opportunities

Background

What is Systems Assurance?

The National Security Agency defines Information Assurance as the use of

"[i]nformation operations ... [that] protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and nonrepudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities."

At SAI, our concept of Systems Assurance extends this definition by emphasizing the need for high confidence that a system behaves correctly, including its availability, integrity, confidentiality, and scalability.

Educational Objectives and Desired Outcomes

SAI's educational purpose is to prepare students to design, develop, and deploy complex systems with confidence in the systems' ability to meet assurance requirements. Our goal is that students who receive this Certificate will have developed a broad background in security and information assurance, distinguishing themselves by their ability to:

Analyze, synthesize, and make judgments based on engineering and computer science principles; and
Use analytical techniques to evaluate the implications of policies, standards, and procedures; the ramifications of changes; and the potential dangers of refinements.

In designing the curriculum for the Certificate of Advanced Study in Systems Assurance, we focused on our expectations for those students who successfully complete our program. Our goal was to develop a comprehensive and coherent collection of courses to ensure the following three educational outcomes:

Students comprehend the concepts underlying security and system assurance.
Students can apply those concepts to construct assured systems.
Students can critically analyze and evaluate systems' conformance to their requirements.

Requirements

The CASSA program builds on foundations established in standard undergraduate Computer Engineering and Computer Science programs. Incoming students are expected to have undergraduate-level mastery of discrete mathematics, predicate calculus, algorithms, networking, and operating systems.

To be admitted to the CASSA program, students must first be accepted to---or currently enrolled in---either the Computer Engineering (CE) or the Computer Science (CS) Master's Program. See the How to Apply section for further information on program admission.

All students are bound by all requirements of their home programs, such as GPA requirements or project/thesis requirements. In addition, each student must satisfy the following CASSA-specific requirements:

Successfully complete CIS/CSE 583, the Systems Assurance Seminar.

Successfully complete a total of five courses from the Foundations for Assurance and Assurance Applications tracks, including at least two courses from each track.

Foundations for Assurance Track

CIS 628 -- Introduction to Cryptography
CIS 632 -- Modeling Concurrent Systems
CIS/CSE 774 -- Principles of Distributed Access Control
CIS/CSE 690 -- IA Foundations Independent Project

Assurance Applications Track

CIS 752 -- Wireless Network Security
CIS/CSE 758 -- Internet Security
CIS/CSE 785 -- Computer Security
CIS/CSE 690 -- IA Applications Independent Project

Note: Other courses may be added to these collection of courses.

Successfully complete one course from the following list of approved Nontechnical Assurance Electives

Nontechnical Assurance Electives

IST 618 -- Survey of Telecommunications and Information Policy
IST 625 -- Risk Management
IST 629 -- Organizational Information Security
IST 642 -- Electronic Commerce
IST 643 -- U.S. Federal Information Policies
IST 682 -- Telecommunications Policy and Regulation
IST 728 -- Information Security Policy

PSC 655 -- Global Information Technology Policy
PSC 755 -- Politics and Governance in the Information Age

Note: Other courses may be added to this collection of courses.

Course Descriptions

The following descriptions are from the official Graduate Course Catalog. Links (where provided) point to the web pages for the most recent offering of the courses.

CIS/CSE 583 (Systems Assurance Seminar) Basic terminology of assurance and cryptography. Social and privacy issues of assurance. Ethics in computing. Legal aspects and implications of systems assurance. Weekly presentations by external and internal speakers.

CIS/CSE 628 (Introduction to Cryptography) An introduction to classical and public-key cryptography. Topics include: classical cryptosystems and their cryptanalysis, RSA and other public-key cryptosystems, pseudo-random sequences, zero-knowledge protocols, related ethical and social concerns. Prereq: CIS 575 or CIS 675 or MAT 534 or MAT 541.

CIS/CSE 632 (Modeling Concurrent Systems) Formal methods for specifying, modeling, and analyzing concurrent systems, and the mathematical basis for such methods. Automated and semi-automated tools to apply these methods to analyze emergent behavior of computing-related applications. Prereq: CIS 521 or CIS/CSE 607.

CIS/CSE 758 (Internet Security) TCP/IP architectural model. IP addressing. TCP/IP network protocol security. Network layer and application layer security. Firewalls. Router security. Denial of service attacks. Domain name server attacks. Prereq: CIS 655 or CSE 661 or ELE 658 or IST 634.

CIS/CSE 774 (Principles of Distributed Access Control) Specification, verification, and design of secure networks using formal logic. Includes historical access control methods, role-based access control, and logics for reasoning about authentication, authorization, audit, delegation, and trust. Prereq: CIS 521 or CIS/CSE 607.

CIS/CSE 785 (Computer Security) Traditional cryptography. Private-key versus public-key cryptography. Steganography. Digital signatures. Key certificates. Unix security. Theft of information. Theft of service. Prereq: CSE 661 or CIS 657.

How to Apply

The Certificate of Advanced Study in Systems Assurance (CASSA) is available only to students who are enrolled in the Computer Engineering or Computer Science Master's programs. In addition, students must be accepted into the CASSA program.

To apply, send the CASSA application to the following address:

Address for submitting materials:

CASSA Admissions Committee
c/o Ms. Rosanne Leary
EECS Department, CST 2-177
Syracuse University
Syracuse, NY 13244-1200

IMPORTANT: If you are already enrolled in the Computer Engineering or Computer Science Master's program, then you should also include a copy of your Syracuse University transcript.

Applications to the CE and CS Master's programs are available via the Graduate School at http://gradsch.syr.edu.

For Additional Information

If you have additional questions about the Certificate of Advanced Study in Systems Assurance, please email Dr. Susan Older at sueo@ecs.syr.edu.