NTU Singapore and CSA Singapore open security testing center

0

To meet the requirements of Singapore’s cybersecurity assessment needs, Nanyang Technological University, Singapore (NTU Singapore) and the Singapore Cybersecurity Agency (CSA) have officially launched the National Integrated Assessment Center (NiCE ).

The first of its kind in Southeast Asia, the joint center serves as a one-stop-shop for cybersecurity assessment and certification. NiCE is a unique initiative that brings together industry and research expertise to develop a sustainable university-industry-government ecosystem for product assessment and certification in Singapore.

The center also aims to help build a pool of local talent in product evaluation, which will maximize economic opportunities and boost Singapore’s brand image as a cybersecurity hub.

The collaboration leverages the strengths of NTU’s research expertise in software and hardware security assurance and CSA’s commitment to growing the domestic cybersecurity market by fostering innovations between the cybersecurity industry and academia to create world-class products and services, and developing a strong talent pipeline.

Located on the NTU Smart Campus, NiCE was officially launched today by the Minister of Communications and Information and Minister in charge of Smart Nation and Cybersecurity, Mrs. Josephine Teo.

NTU Vice President and Senior Professor Ling San said, “The growing threat of cyberattacks makes it essential for institutions, businesses and agencies to stay one step ahead of cyberthreats. Properly evaluating hardware to ensure it is designed with security in mind, rather than being added as an afterthought, is the first step in keeping our cyber-physical systems secure.

NTU’s collaboration with CSA to set up NiCE leverages the University’s strengths in areas such as computer science and engineering research and brings together industrial and research expertise in cybersecurity. The center will also provide training and education to graduate students and industry professionals, which will allow us to hone and develop a significant pool of talent in this growing industry. This partnership underscores NTU’s commitment as an academic anchor for industry partners.

Mr. David Koh, Cybersecurity Commissioner and Managing Director of CSA, said: “As we move into a digital future, it is important to ensure that new emerging technologies are designed securely. This collaboration between CSA and NTU underscores CSA’s continued commitment to working with higher education institutions and industry to build the cybersecurity workforce pipeline and facilitate a national cybersecurity ecosystem that will provide good opportunities. business and jobs.

The importance of cybersecurity assessment and testing

The emergence of the Internet of Things (IoT) and the increasing use of cyber-physical systems have led to an increase in hardware devices and components, such as communication points, storage, sensors and actuators of these devices. According to a forecast from Business Insider Intelligence, there will be an estimated 64 billion IoT devices worldwide by 2025.

These components present themselves as potential entry points for hackers and malicious actors. End users have little means to assess whether these components are secure and must rely on independent experts to perform such a security assessment.

NiCE supports the national push toward greater safety assessment by providing an all-in-one platform for manufacturers and developers to test and certify their products.

The $19.5 million center will provide support to industry in three areas: building a community of practice, developing a research ecosystem, and continuing education and training.

Create a community of practice

The barriers to entry for the security assessment industry are high due to the high cost of equipment and the in-depth expertise required to perform security assessment at the highest levels of assurance. .

To create a community of practice, NiCE will provide access to state-of-the-art equipment that evaluators and developers can use to perform evaluation at the highest assurance level. The center will also maintain a pool of researchers and technical staff with the expertise to use the equipment and share their knowledge with other users.

This will contribute to a sustainable industry ecosystem for product assessment and certification in Singapore.

Developing the testing, inspection and certification industry for cybersecurity

NiCE will support the growth of the nascent testing, inspection and certification (TIC) industry through its facilities for assessing the vulnerability of software and hardware products, physical hardware attacks and their countermeasures.

To enhance the industry ecosystem for cybersecurity testing and assessment, NiCE will facilitate the research and development of advanced security assessment techniques, covering topics such as software and hardware security protections.

This will in turn support capacity building and knowledge transfer to the ICT industry, so that ICT companies specializing in cybersecurity testing and certification can help CSA and NiCE deliver quality services to end users of the ‘industry.

The Singapore Accreditation Council (SAC) will work closely with CSA and NiCE to develop relevant accreditation programs and facilitate the development of local ICT capabilities to support the cybersecurity ecosystem. These include SAC’s IT testing programs that will enable accredited ICT companies to ensure the accuracy and consistency of their test reports and certificates that support CSA’s programs such as the cybersecurity (CLS).

NiCE Director, Professor Gan Chee Lip, Vice Provost (Undergraduate Education) of NTU’s School of Materials Science and Engineering, said, “At NiCE, research on advanced techniques is co-located with assessment facilities and training programs, allowing for closer alignment and synergy between these activities. The NiCE setup allows better access to cutting-edge academic research by industry. »

Build a pool of local talent in product evaluation

As the country’s cybersecurity assessment demands grow, so too will the demand for skilled security assessors and a sustained talent pool of these professionals.

To meet this demand, NiCE will provide training, development and certification to students and professionals to equip them with relevant safety assessment skills, as well as knowledge on certification processes and assessment methodologies. necessary for them to pass transparently through the industry.

For example, NTU and CSA launched a Graduate Certificate in Physical Security Assessment and Certification last year, which leverages NiCE’s state-of-the-art facilities to provide in-depth professional training in assessment techniques. The certificate aims to train and develop industry professionals as well as professionals looking to join the industry.

NiCE will also enhance the existing cybersecurity curriculum for students to include topics such as security assessment. Students can also apply for internships at NiCE to learn about the cybersecurity industry. Information on available courses, certification and internships can be found on the NiCE website.

Ensuring security through security by design

NiCE’s work is consistent with CSA’s goal of promoting safety by design through safety assessment. CSA initiated the process with the Singapore Common Criteria Scheme and the Cybersecurity Labeling Scheme (CLS) to certify infocomm products in 2019 and 2020 respectively.

CSA and the Singapore Standards Council have also developed the national standard, Technical Reference 91, on cybersecurity labeling for consumer IoT. This defines the guiding principles for designing and building safe and secure consumer IoT devices in accordance with CLS security requirements.

At the end of April 2022, the two systems enjoyed good support from manufacturers. Over 200 products were submitted for labeling under the four levels of CLS and 20 products submitted for assessment at higher assurance levels under the SCCS.

To make it easier for manufacturers to achieve the highest CLS safety rating, CSA has launched an initiative known as “CLS-Ready”. This new initiative was announced by Minister Joséphine Teo during the event. The security features provided by CLS-Ready hardware will no longer need to be retested at the end device level, saving developers and manufacturers time and money without compromising security.

Share.

About Author

Comments are closed.