Criteria for Measurement for CAE / Cyber Operations
The National Centers of Academic Excellence in Cyber Operations Education Program (CAE-Cyber Operations) is open to four-year colleges and graduate-level universities. CAE-Cyber Operations programs must be based within a computer science, electrical engineering or computer engineering department, or a degree program of equivalent technical depth, or a collaboration between two or more of these departments.
Applications must be submitted electronically via the on-line application process. Applications are assessed against a specific set of academic requirements and programmatic criteria, listed below, which are intended to measure the depth and maturity of programs of instruction in Cyber Operations at the graduate and/or undergraduate levels. The criteria and requirements will be updated year to year as the program matures, as technology advances and the cyber domain evolves.
Applications must clearly demonstrate how the program meets each of the requirements and criteria to obtain designation. Successful applicant institutions are designated as a CAE-Cyber Operations for a period of five academic years, after which they must successfully reapply to retain the designation. The criteria are reviewed annually and strengthened as appropriate to keep pace with the evolving nature of the Cyber Operations field. Designation as a National Center of Academic Excellence in Cyber Operations does not carry a commitment of funding from the CAE-Cyber Operations program sponsor (i.e., the National Security Agency).
MINIMUM REQUIREMENTS MUST BE MET FOR EACH OF THE CRITERIA.
The program must include "knowledge units" (single or multiple courses, or course modules within single or multiple courses) covering 100% of the mandatory academic content and a minimum of 10 of the 18 optional academic content.
Students meeting the academic criteria for the institution's cyber operations program must complete coursework to meet all ten of the mandatory KUs and at least four of the optional KUs offered by the institution.
Accreditation Board for Engineering and Technology (ABET) accreditation can be used to show satisfaction of required and optional academic content requirements (i.e., knowledge units) for topics explicitly covered by the ABET accreditation process. For academic content requirements not covered by ABET accreditation review and procedures, an on-site, detailed curriculum review, looking at the details of each course contributing to coverage of the knowledge units, will be performed by representatives of the CAE-Cyber Operations program office and the relevant faculty at the applying institution.
Students who participate sufficiently in the cyber operations curriculum (i.e., take and pass courses that completely satisfy all of the mandatory knowledge unit requirements and at least four of the optional knowledge unit requirements described in criterion 1) must be distinguished from other students through the awarding of a degree, certificate, or a reference to a focus area or specialization on their transcript and/or degree.
The CAE in Cyber Operations program must be based within a technically deep computer science, computer engineering or electrical engineering program, or a degree program of equivalent technical depth. Representatives of the CAE-Cyber Operations program office will perform an on-site, detailed curriculum review focused on course content, course relevance (how current it is), course frequency (how often is the course taught, when was it last taught) with the participation of the faculty members who maintain and teach each course.
All applicants may be subject to an on-site, detailed curriculum review. When the applying CS/EE/CE program is accredited by the Accreditation Board for Engineering and Technology (ABET), the CAE-Cyber Operations program office will rely on the accreditation review of course content, for those courses which were subject to the accreditation review. For cyber operations knowledge units not addressed by ABET accreditation, the CAE-Cyber Operations program office will conduct a curriculum review as described above.
This visit will likely be for one day, but may require a second day in some circumstances.
The goal of the CAE-Cyber Operations program is to produce graduating students with a well-rounded educational foundation that enables them to better function in the world of specialized cyber operations. To best achieve this, Cyber Operations must not be isolated as a different discipline, offered only as an option or set of elective courses. Instead, concepts related to specialized cyber operations must be appropriately integrated into existing CS, CE, and EE courses and programs within the institution, and then augmented with courses focused on specific cyber operations topics.
To demonstrate that the academic program being submitted for designation as a CAE in Cyber Operations is robust and active, the applicant institutions must provide a list of courses (number, title, catalog description) included in meeting the cyber operations academic requirements and provide data showing when each course was last taught. (Note: this is not a detailed mapping of the course content, but rather just the course identification of all courses that significantly contribute to the satisfaction of a knowledge unit requirement).
School policies on updating course materials to remain relevant should also be cited and included. If no explicit policy exists, the list of courses referenced above should also indicate the date when each course was last reviewed and updated.
All courses must be identified in the course catalog.
The application should provide evidence that the faculty involved in cyber operations education are also active in research related to cyber operations (i.e., with a particular emphasis on technologies and techniques related to specialized cyber operations such as collection, exploitation, and response).
Evidence may be provided in the form of information:
Since hands-on research reinforces the cyber operations curricula, the application should provide evidence that students are involved in cyber operations research (i.e., with a particular emphasis on technologies and techniques related to specialized cyber operations such as collection, exploitation, and response).
Evidence may be provided in the form of information showing:
Examples of cyber service-learning activities might include:
For initial application to the CAE-Cyber Operations Program, the applying institution must make a stated commitment to support CAE-Cyber Operations program. Examples of support could be in the form of student applications to the CAE-Cyber Operations Summer Internship Program, comprehensive faculty participation in Knowledge Unit review and changes, and/or faculty support in the form of briefing or teaching during the CAE-Cyber Operations Summer Intern Program.
For renewal applications to the CAE-Cyber Operations Program, the applying institution must provide evidence of, at a minimum, eight students and three faculty members, over the course of the five-year designation window.
There must be the equivalent of at least two full-time faculty members teaching relevant cyber operations courses who are also active in relevant cyber operations research.
For the purposes of meeting this criterion, full time is considered to be teaching 3 courses associated with the required knowledge units per semester. Faculty with significant active research clearly and directly associated with cyber operations, or who are advising multiple students at the Master's or Doctoral level on clearly cyber operations research topics, may request that credit for such be allowed for one or two of the required courses.
A biography or curriculum vitae for each faculty member must be provided as part of the program application.
Date Posted: Jan 10, 2012 | Last Modified: Nov 04 2015 | Last Reviewed: Nov 04 2015