Graduate Certificate in Hardware Security Evaluation and Certification

Equip yourself with in-demand cybersecurity knowledge with the Graduate Certificate in Hardware Security Evaluation and Certification offered by NTU in collaboration with the Cyber Security Agency of Singapore (CSA). Participants of this course will gain practical knowledge such as the purpose of security evaluation and certification, techniques for vulnerability assessment of hardware products, physical hardware attacks and their countermeasures, that will prepare you for roles in evaluation and certification, forensic investigation, vulnerability assessment etc.

Suitable for practicing cybersecurity professionals or fresh engineering graduates interested in a career of cybersecurity, specifically in the domain of hardware security evaluation, assurance and certification.

Download our brochure.

 

See what our graduates have to say.

Read more about our courses and tentative schedule

*Registrations opens 2-3 months before, and will be via PACE, NTU.

CET916 Security Evaluation and Certification Jan 2026
CET917 Applications and Reasons for SecurityMar 2026
CET918 Hardware Security Analysis via Chip AnalysisJan 2025
CET919 Design for TrustJun 2025
CET920 Fault-Injection Attacks & Hardware TrojanAug 2025
CET921 Side-Channel-Attacks & CountermeasuresOct 2025

 

Why take our courses?

  • Focused on application & technical content, with hands-on sessions
  • Registered with SkillsFuture Singapore
  • Instructors from NTU, CSA and invited international guest lecturers and industry trainers

Did you you know?
The above modules can be used to fulfil the Masters Course SE6017 Topics in Crypto and Cybersecurity; where you can transfer3 up to 2 x 3AUs to the requirement of Masters of Science in Cyber Security (MSCS). This programme is jointly offered by School of Computer Science and Engineering and School of Physical and Mathematical Sciences.

  • To find out more about the MSCS, click here.

Email [email protected] for more information


Quick Overview

Introduction

Product Evaluation and Certification is a key component in ensuring the resilience of critical infrastructure, by providing assurance that security is built into products at the design stage rather than included as an afterthought.  The Common Criteria (CC), de facto standard for product evaluation, defines a common set of security functions which product developers use to establish the security requirements of their IT products in a standardised language.

In collaboration with and conducted by Cyber Security Agency of Singapore, this course introduces the principles and methodologies for Security Evaluation, for hardware and embedded systems security. Through coursework and hands-on experience, researchers/engineers/product developers who want to understand or consider a future career in security evaluation and certification can benefit from taking this course.

Objectives

At the end of the course, learners are able to:

  • Understand security assurance requirements through case studies and;
  • Understand the scope and techniques for vulnerability assessment of hardware products.

    • Who should attend

    Specifically for learners who would like to understand security evaluation and interested in future career advancement or training related to security evaluation and certification.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.

     

    Introduction

    Emerging Cyber Physical Systems and Internet of Things systems are characterized by the interaction between the physical world and the cyber world. With the growing importance of communication, storage and sensor/actuators in such systems, hardware security is playing a major role in contrast with traditional IT security.

    In this course, we will learn about the basics for key management through hardware security module and discuss various aspects of hardware security (crypto accelerator, root-of-trust, secure storage, physical and side-channel attacks) in the backdrop of different applications and industries.

    Objectives

    At the end of the course, learners are able to:

  • Understand industrial and academic demands of emerging concepts of cyber security and;
  • Appreciate the increasing role of hardware security in the context of various cyber physical systems.

    • Who should attend

    Specifically for learners who would like to understand how emerging Cyber Physical Systems and Internet of Things systems will impact cybersecurity and how to manage them in various industries and applications.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.

     

    Introduction

    Integrated circuits (IC) are key parts of any electronics system, controlling the main functions of the system or storing critical information (e.g. IPs, encryption key, personal data).

    In this course, you will first learn about the basics of an integrated circuit (IC) layout and how data are stored in an IC chip. You will then learn of various IC hardware security analysis approaches, covering non-invasive/semi-invasive/invasive techniques in sample preparation, imaging, content extraction and data analysis. Lastly, there will be lab sessions for you to apply some of these techniques. 

    Course Introduction Video: https://youtu.be/qWcPg22Qvqw

    Objectives

    At the end of the course, learners would:

  • Have a basic understanding and some hands-on experience on hardware security analysis via chip analysis (PCB & IC) and;
  • Be able to design experiments or devise plans to tackle hardware security problems in ICs.

    • Who should attend

    Specifically for learners who would like to know hardware assurance through PCB/IC analysis, be trained in hardware assurance or considering a future career advancement in related domain.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.

     

    Introduction

    The course is related to the Design for Trust for integrated Circuits (IC). We will first give an overview on the hardware security risk and the roots of trust in ICs. Thereafter, we will cover the various Design for Trust issues, techniques and analyses at various levels, spanning from the manufacturing, chip, netlist, design, and layout levels. Particularly, the manufacturing security includes split manufacturing; the chip level security includes watermarking, fingering, and metering; the netlist security includes logic locking and trojan analysis; the design security includes security primitives (e.g. encryption, random number generators, physical unclonable functions, etc.); and the layout level includes camouflaging.

    Objectives

    At the end of the course, learners are able to:

  • Understand the security risks and protection techniques at different levels, spanning from firmware/algorithm, manufacturing, chip level, netlist level, design level, and layout level;
  • Understand the figures-of-merits and parameters to qualify and quantify the security levels at different levels and;
  • Understanding the trade-offs between security and the costs (in terms of performance, power, area, design efforts).

    • Who should attend

    Specifically for learners who would like to know ‘Design for Trust’ on Hardware, be trained in ‘Design for Trust’ to address Hardware Security Issues and/or considering future career advancement in related domain.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.

     

    Introduction

    An accomplished hacker can alter device behavior by injecting faults to extract encryption keys or bypass security checks. These faults can be injected through variety of techniques like glitching, high-energy impulses etc. Further the cost-effective practice of outsourcing can introduce untrusted parties in the long chain of supply, creating additional vulnerabilities in the end-product.  

    In this course, we will study two emerging threats to electronic systems namely fault injection attacks and Hardware trojan. The course will span over basics of fault-injection attacks, its injection and analysis techniques, countermeasures and implications. It will also shed light on Hardware trojan as a by product of untrusted supply chain, it taxonomy and detection methods.

    Objectives

    At the end of the course, learners are able to:

  • Compare different trojan detection mechanisms and describe their applicable scenarios and;
  • Describe tools and algorithms used for trojan detection and prevention.

    • Who should attend

    Specifically for learners who would like to understand fault attacks and gain practical experience in the field of attacks.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.

     

    Introduction

    Modern electronic devices may leak sensitive credentials like passwords, encryption keys etc unintentionally through various channels like timing information, power consumption, electromagnetic emanation etc. leading to vulnerabilities better known as side-channel attacks. A deep understanding of these vulnerabilities will lead to an eco-system of well-thought secure systems.

    In this course, we take a deep dive into side-channel attacks. We will learn the about side-channel attacks on modern cryptography, its various types, modus operandi, protection mechanisms, certifications and alternate applications. All key concepts will be complemented with extensive hands-on exercises for an advanced understanding of the topic. 

    Objectives

    At the end of the course, learners are able to:

  • Various SCA evaluation techniques and SCA countermeasures;
  • Practical hands-on experiences on various popular SCA methods (DPA and CPA) and;
  • Through the use of the Side-Channel Attack Toolkit from Async2Secure Pte Ltd, to gain in-sight understanding how to qualify or quantify SCA based on various parameters including the setup parameters (in software and hardware), design parameters (various implementations), attacking models, and attacking techniques.

    • Who should attend

    Specifically for learners who would like to know SCA and gain practical experience in the field of SCA.

    Such knowledge can be applicable in jobs related to hardware design, roles in certification or evaluation labs, forensic investigator, vulnerability assessment analyst etc.