Singapore Launches Facility for Cybersecurity Evaluation, Certification

Image credit: iStockphoto/gorodenkoff

As cybersecurity threats continue to evolve, manufacturers and developers need to regularly test and certify their products. To help with this, the Cyber Security Agency of Singapore (CSA) and Nanyang Technological University (NTU) have jointly launched a new SG$19.5 million facility.

The center will facilitate vulnerability assessment of software and hardware products, physical hardware attacks, and security measures. This will allow manufacturers and developers to identify potential vulnerabilities in their products and take the necessary steps to mitigate them.

With the launch of this center, Singapore takes another step forward in its commitment to protecting its citizens and businesses from cybersecurity threats. It would be difficult and costly for manufacturers and developers to evaluate their products against the latest threats without such a facility. 

NTU Smart Campus will host the facility at the National Integrated Center for Evaluation (NICE). 

"The rising threat of cyberattacks makes it vital that institutions, companies, and agencies stay one step ahead of cyberthreats. Properly evaluating hardware to ensure they are designed with security in mind, rather than added on as an afterthought, is the first step in keeping our cyber-physical systems safe," said NTU's deputy president and provost professor Ling San.

David Koh, chief executive of CSA, added that the new facility would help ensure that Singapore's move towards a digital future is done securely. 

The Singapore Accreditation Council (SAC) is looking to partner with CSA and NTU to develop relevant accreditation programs to complement this effort. This includes SAC's IT testing program that will help accredited companies to assure that their test reports are accurate and consistent. 

One practice lauded by experts is the Cybersecurity Labelling Scheme (CLS), launched in 2020. 

The scheme is a voluntary initiative that allows manufacturers to label their products according to their cybersecurity features and performance. In January 2021, the scheme expanded to cover all consumer IoT devices such as smart lights, smart door locks, and IP cameras.  As of end-April, participants had submitted more than 200 products for labeling under this scheme. 

CSA also launched CLS-Ready, a new initiative that would enable security functionalities enabled by CLS-Ready hardware to bypass the need to be tested again at the end-device level. Those who wish to get a CLS-Ready label must submit an application with supporting evidence and an assessment report from a certified laboratory. The labels would be valid as long as the devices were kept up to date with security patches for five years.

Image credit: iStockphoto/gorodenkoff