Principles and Engineering of Secure Solutions | SGInnovate




Principles and Engineering of Secure Solutions

Presented by SGInnovate & Tegasus

Are you and your organisation ready to manage and respond to cyber attacks?

Together with Tegasus International, SGInnovate is proud to present a series of Cybersecurity workshops designed to prepare you and your organisation for impending security threats and vulnerabilities.

Designed for anyone who has little or no prior knowledge in Cybersecurity, this course will equip you and your organisation with defence mechanisms to mitigate the risks of cyber vulnerability; allowing you to react to present and future Cybersecurity challenges.

This three-day workshop aims to provide you with an overview of the Cybersecurity ecosystem and how to navigate through various Cybersecurity threats, vulnerabilities and risks.

You will learn to identify critical security risks and problems posed by new technologies and business practices. You will also be taught how to design secure systems and controls based on IT architectural guidelines and requirements.

You will also learn to incorporate controls into security system components to minimise security breaches or lapses in system designs.

There will be an emphasis on real-world use cases and examples, the applications and techniques to handle them. This will help raise your awareness on the fundamental Cybersecurity concepts, attack vectors and the best industry practices.

By the end of the course, you will learn how to apply what you have learnt to improve your organisational cybersecurity posture and formulate best practices to safeguard organisational interest and mitigate threats.

In this workshop, participants will learn about: 

  • An overview of the Cybersecurity ecosystem
  • Cyber risk analysis and management
  • Fundamentals of Cybersecurity
  • Security engineering and design
  • Security models and evaluation criteria
  • Introduction to Cryptography
  • Solution security and principles 

Recommended Prerequisites:

  • An interest in Cybersecurity

Pre-Workshop Instructions:

  • You MUST have a laptop and stable wifi connection to join this online workshop

Day 1 

An overview of the Cybersecurity ecosystem

  • Our digital ecosystem
  • Motivational factors for attacking – attacker goals, skillset and profiles
  • Cyber risk analysis and management 
  • Practice session: Risk analysis exercise
  • Pros and cons of Cybersecurity solutions
  • Concepts of confidentiality, integrity and availability

Identity and access management

  • Fundamentals of Cybersecurity
  • Introduction to identity and access management
  • Practice session: Type 1 vulnerability exposures exercise
  • Cyber threats facing authentication
  • Access control models (DAC, MAC, RAC and RuAC)
  • Access control administration

Security engineering and design (Part 1)

  • Principles of secure design
  • Security models (state machine, Bell-LaPadula, Biba and commercial models)
  • Security evaluation criteria
  • Introduction to Cryptography
  • Cryptography in history

Day 2

Revision of Day 1

Security engineering and design (Part 2)

  • Types and elements of Cryptography
  • Practice session: encryption and decryption exercise
  • Security models
  • Solution security and principles

Solution security and principles

  • Revision of Day 1
  • Understanding the solution design ecosystem

Day 3

Revision of Day 2

Discussion of real-world use cases 

Understanding the Cyber Kill Chain

  • Stages of attacks and defence

Assessment: Presentation by participants

Funding Support

This workshop was successfully endorsed for April 2019 – March 2021 and is in the process of CITREP+ funding application. Please register your interest and we will contact you when registration opens.

CITREP+ is a programme under the TechSkills Accelerator (TeSA) – an initiative of SkillsFuture, driven by Infocomm Media Development Authority (IMDA).

Link to CITREP+ Programme Support table guide:

Funding Amount: 

  • CITREP+ covers up to 90% of your nett payable course fee depending on eligibility for professionals

Please note: funding is capped at $3,000 per course application

Funding Eligibility: 

  • Singaporean / PR
  • Meets course admission criteria
  • Sponsoring organisation must be registered or incorporated in Singapore (only for individuals sponsored by organisations)

Please note: 

  • Employees of local government agencies and Institutes of Higher Learning (IHLs) will qualify for CITREP+ under the self-sponsored category
  • Sponsoring SMEs organisation who wish to apply for up to 90% funding support for course must meet SME status as defined here

Claim Conditions: 

  • Meet the minimum attendance (75%)
  • Complete and pass all assessments and / or projects

For more information on CITREP+ eligibility criteria and application procedure, please click here

In partnership with:Driven by:


For enquiries, please send an email to [email protected]

Trainer – Francisco Caetano Dos Remedios Furtado, Programme Lead, NSoE at iTrust, Centre for Research in Cyber Security, SUTD

Francisco is currently the Programme Lead at iTrust, Centre for Research in Cybersecurity at the Singapore University of Technology & Design (SUTD). He has more than four (4) years of experience in institutional settings and oversees the research office activities while supervising the students and staff assigned there. 

Francisco is a talent in guiding all functions relating to research studies, analysis and reporting. He also has a strong passion for improving the lives of others through technological advances.

Course Designer / Trainer – Ivan Lee, Co-founder, Tegasus International

Across the globe, Ivan works with various strategic partners such as the NATO Cooperative Cyber Defence Centre of Excellence, US Department of Homeland Security ICS-CERT Idaho National Laboratory and local government agencies on key initiatives and training programmes. 

He started his career with Accenture, global top IT consulting MNC company and has assumed various tech-management roles in the telecommunication, cGMP and Operational Technology sectors regionally. He is currently the Deputy Director of Cyber Security Technologies in iTrust — a Centre for Research in Cybersecurity that was established by Ministry of Defence and Singapore University of Technology and Design. 

He is also a SUTD Academy Fellow and a member of the Coordinating Committee for Cybersecurity (CCCY) Subcommittee for Critical Information Infrastructure (CII). 

He has attended various professional training and acquired certifications as listed below:

  • Certified Information Systems Security Professional (CISSP)
  • US Department of Homeland Security ICS-CERT Industrial Control Systems (ICS) Cybersecurity (301)
  • Advanced Penetration Testing, Exploit Writing, Ethical Hacking (SANS)
  • Advanced Course on Darknet and Crypto Currencies
  • Hands-on Hardware Hacking and Reverse Engineering (Blackhat 2015)
  • Cybersecurity: Technology, Application and Policy (MIT Digital Program)
  • FORENSICS: Reverse-Engineering Malware (SANS)
  • Managing Successful Programmes (MSP) Practitioner, 2014
  • Introduction to Business Process Reengineering Workshop
  • Live Hacking & Information Security Masterclass
  • Self-Discovery Leadership
  • EC-Council Certified Security Analyst (ECSA), 2013
  • Certified Ethical Hacker (CEH), 2013
  • Project Management Professional (PMP)

Topics: Cybersecurity