Queen's School of Computing

The cybersecurity graduate programs are specializations of the existing graduate degree programs at Queen's or RMC. Students must first be accepted into the relevant unit, and then to the cybersecurity Graduate Specialization. See "How to Apply" for application procedures and requirements.

The cybersecurity CREATE program offers an enriched experience in cybersecurity, including specialized courses in cybersecurity, and professional development, a range of technical courses, a social science course, an internship, and a red team/blue team exercise. It is designed to prepare you for a career in cybersecurity.

You must meet both the requirements of the degree program you enroll in, and the requirements of the CREATE program.

The following course lists are referenced below (4 letter courses codes are for courses offered at Queen’s, 2 and 3 letter course codes for courses offered at RMC):


One CORE course EE578 Computer System and Network Security OR CISC 866 Introduction to Cybersecurity.
One Social Science course (SS) MPA 535 Cyber Threat OR MPA591 Managing Cyber/Information Operations OR MBA503 Advanced Topics in Management II (all offered online through RMC)
Cyber option courses as constrained by your program (CYBER) CISC 848 Software Security and Reliability,
CISC 8XX Introduction to Cryptography (from 2021),
CISC 850 Cyber-Physical System Security
CISC 878 Cyberspace and Policing,
MATH 818 Cryptography,
ELEC 877 AI for cybersecurity,
EE547 Digital Forensics,
EE569 Malware Analysis,
EE593 Advanced Network Traffic Analysis,
EE595 Cyber Threat and Attack Techniques.
Practical component The CyberX cyber exercise (via RMC course EE580, in the Winter Term) OR a tabletop exercise (in late Summer). You must have completed one of the CORE courses to participate in CyberX and must have completed one of the social science courses to participate in the tabletop exercise.
Professional development You must show that you have experienced professional development in the four areas: communication, presentation, leadership, and entrepreneurship; by taking courses offered by MITACS, or the Graduate Schools of the participating universities, or other mechanisms approved in advance.
Research in cybersecurity Supervised by one of the members of the CREATE team.
Internship With one of our government or industrial partners, Internships normally happen early in your program, and can be in any term.

PhD by Research Thesis at Queen's

The cybersecurity specialization PhD consists of the four steps outlined in the School of Computing's PhD program, augmented with a specialization in cybersecurity. The four steps are breadth, topic proposal, comprehensive examination, and thesis. See the School's graduate website for procedural and scheduling details and overall requirements.

Breadth: In the breadth step, students accumulate breadth "tokens" (graduate-level courses or equivalent experience) in the three core areas of computer science, Theory, Applications and Systems, (plus potentially an Interdisciplinary token). The School requires at total of ten tokens, with at least two in each of the three core areas. A previous MSc thesis normally counts as a token, as does industrial experience on a topic equivalent to a graduate course.

In the cybersecurity specialization, breadth tokens must include at least one course from CORE, one course from SS (interdisciplinary token), and two courses from CYBER. Professional development activities must also be taken.

The breadth step should be completed by the end of the third term (first year) in the program. See the School's graduate website for details.

Internship: Students should normally complete a 2-term internship with one of our industrial or government partners.

Topic Proposal: In the topic proposal step, a 6-page research topic proposal document is submitted for approval. The document gives a description of a proposed subject area and research topic to be pursued, including a brief outline of the key and most pertinent literature contributions for the proposed topic. The PhD supervisory committee provides feedback on the document, including expected weights of the literature survey and research plan components of the PhD comprehensive examination. This step is to be completed by the end of the third term after initial registration in the PhD program. See the School's graduate website for details.

Comprehensive Examination: In the comprehensive examination step, students must show that they are well-versed of the state of the art in the area in which they intend to pursue research, that they have a critical perspective of the area, and that they are able to formulate a research plan to explore open problems and research opportunities. A formal PhD research proposal paper is submitted, presented and defended at an oral examination. The research proposal paper is a 40-page maximum document to be submitted before the end of the sixth term after initial registration in the PhD program. It should normally cover background material (e.g., motivation and literature survey), the problem to be tackled, methods to be used (e.g., research plans and experimental design), results sought, evaluation metrics (i.e. how research success will be measured), and milestones (including progress to date). The proportions of text for the literature survey and for the research plans will have already been communicated to the student through the feedback received on their topic proposal step. See the School's graduate website for details.

Thesis: In the thesis step, the proposed research is conducted and completed, and a formal dissertation is written and formally defended at an oral thesis examination. See the School's graduate website for details.

All cybersecurity CREATE PhD students are eligible for financial support from the CREATE program for four years, subject to satisfactory progress (with internships paid by the host organisation).

PhD by Research Thesis at RMC

Under development

MSc by Research at Queen's

The research pattern MSc in cybersecurity adds extra requirements to the MSc program of the School of Computing. Students must meet both the requirements of the regular MSc and the requirements of the CREATE program.

Students must take: Either of the courses from CORE, one of the courses from SS, and at least one course from CYBER. The School of Computing permits at most two courses from outside the School which constrains your choices.

They must also participate in either the cyber exercise or the tabletop exercise.

Students should normally complete a 1-term internship with one of our industrial or government partners.

Students must complete professional development as described above.

All cybersecurity CREATE research MSc students are eligible for four terms of financial support from the CREATE program (plus an internship where students are paid by the host organisation).

We plan to make it possible to take this program part-time by offering some courses online or in short formats, so that proximity to Kingston is not essential.

MSc by research at RMC

The research pattern MASc in cybersecurity adds to the requirements of the MASc program of the Department of Electrical Engineering and Computer Engineering, combining six graduate courses with an MSc research thesis. The course selection must include: one course from SS, one course from CORE, and one course from CYBER.

Students must also participate in the cyber exercise.

Students should normally complete a 1-term internship with one of our industrial or government partners.

Students must complete professional development as described above.

All cybersecurity CREATE research MSc students are eligible for financial support from the CREATE program.

We plan to make it possible to take this program part-time by offering some courses online or in short formats, so that proximity to Kingston is not essential.

MSc by Courses and Project at Queen's

The project pattern MSc in cybersecurity is a specialization of the Project MSc program of the School of Computing, combining six graduate courses with a one-term research project. For the cybersecurity specialization, the course selection must include: professional development, one course from SS, one course from CORE, and two courses from CYBER.

Project MSc students are self-funded, and normally receive no financial support from the cybersecurity CREATE program.

MEng by Courses and Project at RMC

The project pattern MEng in cybersecurity is a specialization of the Project MEng program of the Department of Electrical Engineering and Computer Engineering, combining eight graduate courses with a project. The course selection must include: professional development, one course from SS, one course from CORE, and one course from CYBER.

Students should normally complete a 1-term internship with one of our industrial or government partners.

Project MSc students are self-funded, and normally receive no financial support from the cybersecurity CREATE program.

Master's of Public Administration at RMC

Either the Research Pattern or Project Patterns version may be taken, with a research topic on social, legal, or political aspects of cybersecurity.

The MPA specialization is a specialization of the MPA program offered by RMC. As well as the requirements for that program, for students taking the cybersecurity specialization, course selection must include: professional development, and two courses from SS.

Master’s of Public Administration at Queen’s

Students must take the MPA core courses and the two RMC courses, MPA535 The Cyber Challenge in the Winter semester and MPA 591 Cyber Statecraft and National Security in the Summer semester.

Students normally participate in a 1-term internship, and must participate in the tabletop exercise (usually in late Summer), and in professional development, as described above.

Students must complete the requirements of the MPA via one of the following choices:

  • A Master’s Research Project + MPA890 (Internship)
  • 2 MPA electives + MPA890 (Internship)

The Master’s Research Project must be supervised by one of the CREATE researcher team.

Have questions? Contact cyber-info@cs.queensu.ca for more information.