Infosec Watchtower Logo

MITRE Corporation Launches EMB3D

Charles M. Walls | May 13, 2024 | Views: 189

A detailed image showcasing a futuristic cybersecurity landscape for embedded devices in critical infrastructure.

The MITRE Corporation, a leading organization known for developing threat-modeling frameworks, has recently introduced EMB3D, a new tool designed specifically for embedded devices used in critical infrastructure environments.

MITRE, a non-profit organization, has a rich history of advancing cybersecurity through frameworks like ATT&CK, which helps track and communicate threats. EMB3D continues this tradition, offering a cultivated knowledge base of cyber threats to embedded devices. This framework aims to provide a unified understanding of these threats and the necessary security mechanisms to mitigate them.

The draft version of EMB3D was first released on December 13, 2023, developed in collaboration with experts like Niyo 'Little Thunder' Pearson, Red Balloon Security, and Narf Industries. EMB3D is designed to be a "living framework," continuously updated with new threats and mitigations as they emerge, with a focus on embedded devices.

The primary goal of EMB3D is to offer device vendors a comprehensive view of vulnerabilities in their technologies and the security measures required to address these vulnerabilities. Similar to how the ATT&CK framework standardizes threat tracking and communication, EMB3D aims to create a central knowledge base for threats targeting embedded devices.

"The EMB3D model will help ICS device manufacturers understand the evolving threat landscape and potential mitigations earlier in the design cycle, leading to more inherently secure devices," Pearson noted. "This approach minimizes the need to add security measures after deployment, resulting in more secure infrastructure and lower security costs."

By adopting the EMB3D framework, companies can embrace a secure-by-design philosophy, releasing products with fewer exploitable flaws and secure configurations enabled by default.

Research by Nozomi Networks, an operational technology (OT) cybersecurity company, highlighted that threat actors have increasingly targeted industrial environments by exploiting vulnerabilities, abusing credentials, phishing for initial access, and executing DDoS attacks and trojans. These attacks have significantly impacted sectors such as food and agriculture, chemical, water treatment, manufacturing, and energy.

EMB3D provides a comprehensive knowledge base of cyber threats to embedded devices, including those observed in real-world environments or demonstrated through research. These threats are mapped to device properties to help users develop accurate threat models. For each identified threat, EMB3D suggests technical mitigations that device vendors should implement to enhance security and protect against the given threat.

Source of Inspiration