28 departments, and 30+ years of cybersecurity research
Security and privacy failures don’t announce themselves. They appear in hospital systems that can’t treat patients, in power grids that flicker off, in supply chains quietly poisoned months before anyone notices. CERIAS exists because solving those problems requires more than a single discipline, more than a single institution, and more than a single generation of researchers.
CERIAS — the Center for Education and Research in Information Assurance and Security — is Purdue University’s interdisciplinary institute for cybersecurity and cyber-physical systems. We are the world’s largest and most broadly constituted academic center in the field: more than 150 researchers drawn from 7 colleges and 28 departments across Purdue’s campuses. Our work spans computer science, electrical engineering, nuclear engineering, law, philosophy, communication, psychology, statistics, and a dozen other disciplines, because the problems we study don’t fit cleanly inside any one of them.
What We Are
We are designated by the NSA and DHS as a Center of Academic Excellence in Cyber Research. We are founding members of the US Space ISAC. We are ranked #3 in US cybersecurity research by CSRankings (2026) and #4 in undergraduate cybersecurity education by U.S. News & World Report (2026). We are generally acknowledged as the world’s premier multidisciplinary academic institute for cybersecurity and trust.
Those aren’t goals. They are the result of more than 30 years of work.
How We Got Here
CERIAS traces its roots to 1991, when Professors Eugene Spafford and Samuel Wagstaff, Jr. founded the COAST laboratory (Computer Operations, Audit and Security Technology) in Purdue’s CS department with initial support from Sun Microsystems, Schlumberger, and Hughes Laboratories. Within six years, COAST had grown into the largest academic computer security research group in the country and had produced tools and ideas that shaped the field: the Tripwire file integrity monitor, the COPS security auditing system, foundational work in software forensics and intrusion detection, and the discovery of a critical encryption flaw in Kerberos 4.
What We Work On
Our research addresses security and privacy challenges across the full stack — from the mathematical foundations of cryptography to the human decisions that make systems fail despite good engineering.
Some of our work is deeply technical: formal verification of embedded firmware, microarchitectural defenses against side-channel attacks, privacy-preserving computation, and automated vulnerability discovery. Some of it is not: how people recognize — or miss — social engineering attempts; how organizations build security cultures that persist; how law and policy shape what defenders can actually do.
The majority of our most important work sits at the intersection.
- Artificial Intelligence and Machine Learning
- Assured Identity and Privacy
- Autonomous Systems
- Cryptology and Rights Management
- Cyber-Physical Systems
- End System Security
- Human Centric Security
- Network Security
- Policy, Law and Management
- Prevention, Detection and Response
- Security Awareness, Education, and Training
The CERIAS Community
The center’s strength is its community. More than 150 active faculty and research staff bring expertise from aeronautical engineering, agricultural systems, communication, computer science, economics, history, industrial engineering, linguistics, management, nuclear engineering, philosophy, political science, and statistics — and that is not an exhaustive list. Researchers affiliated with CERIAS have advised hundreds of graduate students who now lead teams at federal agencies, national laboratories, and private companies across the world. Many of our faculty have received the highest accolades for their scholarship and leadership, and occupy senior roles in professional societies and on major advisory boards.
Our community gathers formally each spring at the CERIAS Security Symposium — one of the longest-running academic cybersecurity conferences in the country — and informally each week at the Security Seminar Series, which is open to the public and has featured practitioners, policymakers, and researchers since 1992. We convene other events throughout the year and participate in university and discipline-specific meetings.
Met our faculty and research staff
Mission and Vision
Our mission: Advance the knowledge and practice of information assurance, security, and privacy through discovery, education, and engagement.
Our vision: To be recognized as the preeminent source of innovation, knowledge, and expertise in information assurance, security, and privacy — for Indiana, for the nation, and for the world.
How to Engage with CERIAS
CERIAS is not a closed research shop. We are intentionally outward-facing.
If you are a student — undergraduate or graduate, at Purdue or elsewhere — explore our graduate information security program, our summer undergraduate research (DUIRI) projects, and the CyberTap cyber range. The Security Seminar is open to all students, every week.
If you are a faculty member — at Purdue or another institution — CERIAS welcomes affiliation. Bring a research problem. Bring a course. Bring students who need a challenge that doesn’t fit their home department. Contact us for more details on how to do this.
If you represent industry or government — we partner on research that requires both academic rigor and real-world grounding. We have worked with defense contractors, national laboratories, civilian agencies, international bodies, and private companies across every sector that has serious security interests. Our partners page describes how those relationships work.
If you want to follow the work — the Security Seminar is podcast-accessible. The news and blog feed is active. The annual symposium is open to the public. Sign up, visit, and ask hard questions.
Contact CERIAS | Travel information | Public relations materials
