diff --git a/applications/keyword_detection/CMakeLists.txt b/applications/keyword_detection/CMakeLists.txt
index cae79214..eb68df81 100644
--- a/applications/keyword_detection/CMakeLists.txt
+++ b/applications/keyword_detection/CMakeLists.txt
@@ -133,11 +133,13 @@ target_link_libraries(keyword-detection
         coremqtt
         coremqtt-agent
         corepkcs11
+        coresntp
         freertos_kernel
         freertos-ota-pal-psa
         fri-bsp
         helpers-device-advisor
         helpers-events
+        helpers-sntp
         mbedtls
         mbedtls-threading-freertos
         ota-for-aws-iot-embedded-sdk
diff --git a/applications/keyword_detection/configs/aws_configs/core_pkcs11_config.h b/applications/keyword_detection/configs/aws_configs/core_pkcs11_config.h
index 93cf984e..a612cd22 100644
--- a/applications/keyword_detection/configs/aws_configs/core_pkcs11_config.h
+++ b/applications/keyword_detection/configs/aws_configs/core_pkcs11_config.h
@@ -1,7 +1,7 @@
 /*
  * Amazon FreeRTOS V1.1.4
  * Copyright (C) 2018 Amazon.com, Inc. or its affiliates.  All Rights Reserved.
- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2024, Arm Limited and Contributors. All rights reserved.
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy of
  * this software and associated documentation files (the "Software"), to deal in
@@ -157,4 +157,12 @@ extern void vPortFree( void * pv );
 
 /* #define pvPortMalloc             MPU_pvPortMalloc */
 /* #define vPortFree                MPU_vPortFree */
+
+/**
+ * @brief The PKCS #11 label for the object to be used for CMAC operations.
+ * It can be used by tasks during setting up the PKCS11 object for AES CMAC
+ * operations.
+ */
+#define pkcs11configLABEL_CMAC_KEY    "CMAC Key"
+
 #endif /* _AWS_PKCS11_CONFIG_H_ include guard. */
diff --git a/applications/keyword_detection/configs/mbedtls_config/aws_mbedtls_config.h b/applications/keyword_detection/configs/mbedtls_config/aws_mbedtls_config.h
index d5be8045..c221573f 100644
--- a/applications/keyword_detection/configs/mbedtls_config/aws_mbedtls_config.h
+++ b/applications/keyword_detection/configs/mbedtls_config/aws_mbedtls_config.h
@@ -25,6 +25,16 @@
  *  limitations under the License.
  */
 
+#include "app_config.h"
+
+/* AWS IoT Core Device Advisor validation is not supported on ARMClang because
+ * ARMClang compiler does not support gmtime() function which is needed when
+ * MBEDTLS_HAVE_TIME macro is defined. MBEDTLS_HAVE_TIME should be defined to
+ * pass TLS Expired Server Cert test which is part of AWS IoT Core Device Advisor validation tests. */
+#if ( ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 ) && ( defined( __ARMCC_VERSION ) ) )
+    #error "AWS IoT Core Device Advisor validation is not supported on Arm Compiler For Embedded (ARMClang)"
+#endif
+
 /**
  * This is an optional version symbol that enables compatibility handling of
  * config files.
@@ -132,7 +142,9 @@
  *
  * Comment if your system does not support time functions
  */
-/*#define MBEDTLS_HAVE_TIME */
+#if ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 )
+    #define MBEDTLS_HAVE_TIME
+#endif
 
 /**
  * \def MBEDTLS_HAVE_TIME_DATE
@@ -153,7 +165,9 @@
  * mbedtls_platform_gmtime_r() at compile-time by using the macro
  * MBEDTLS_PLATFORM_GMTIME_R_ALT.
  */
-/*#define MBEDTLS_HAVE_TIME_DATE */
+#if ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 )
+    #define MBEDTLS_HAVE_TIME_DATE
+#endif
 
 /**
  * \def MBEDTLS_PLATFORM_MEMORY
@@ -227,7 +241,10 @@ void mbedtls_platform_free( void * ptr );
  * platform function
  */
 /*#define MBEDTLS_PLATFORM_EXIT_ALT */
-/*#define MBEDTLS_PLATFORM_TIME_ALT */
+#if ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 )
+    #define MBEDTLS_PLATFORM_TIME_ALT
+    #define MBEDTLS_PLATFORM_MS_TIME_ALT
+#endif
 /*#define MBEDTLS_PLATFORM_FPRINTF_ALT */
 /*#define MBEDTLS_PLATFORM_PRINTF_ALT */
 /*#define MBEDTLS_PLATFORM_SNPRINTF_ALT */
diff --git a/applications/keyword_detection/main.c b/applications/keyword_detection/main.c
index 53f812d0..79e6feb6 100644
--- a/applications/keyword_detection/main.c
+++ b/applications/keyword_detection/main.c
@@ -34,6 +34,10 @@
     #include "Driver_SAI.h"
 #endif
 
+#if ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 )
+    #include "sntp_client_task.h"
+#endif
+
 /*
  * Semihosting is a mechanism that enables code running on an ARM target
  * to communicate and use the Input/Output facilities of a host computer
@@ -210,6 +214,18 @@ int main( void )
             return EXIT_FAILURE;
         }
 
+        #if ( appCONFIG_DEVICE_ADVISOR_TEST_ACTIVE == 1 )
+
+            /* This function call is application specific because it depends on
+             * MBEDTLS_PLATFORM_TIME_ALT and MBEDTLS_PLATFORM_MS_TIME_ALT MbedTLS
+             * configuration macros which are application specific. In case these macros
+             * are disabled then, there is no need to call this function. Also, the application
+             * is free to choose which function would be used for MbedTLS time query. */
+            mbedtls_platform_set_time( systemGetWallClockTime );
+
+            vStartSntpClientTask();
+        #endif
+
         vStartMqttAgentTask();
 
         vStartOtaTask();
diff --git a/docs/project_organisation.md b/docs/project_organisation.md
index 5c3410c7..710aac4d 100644
--- a/docs/project_organisation.md
+++ b/docs/project_organisation.md
@@ -244,11 +244,13 @@ target_link_libraries(keyword-detection
         coremqtt
         coremqtt-agent
         corepkcs11
+        coresntp
         freertos_kernel
         freertos-ota-pal-psa
         fri-bsp
         helpers-device-advisor
         helpers-events
+        helpers-sntp
         kws_api
         kws_model
         mbedtls
diff --git a/release_changes/202402221521.change b/release_changes/202402221521.change
new file mode 100644
index 00000000..dbfbe81d
--- /dev/null
+++ b/release_changes/202402221521.change
@@ -0,0 +1 @@
+keyword-detection: Add real clock time synchronisation to fix AWS TLS Expired Server Cert test.