The cyber threat to critical infrastructure is increasing, prompting cyber government agencies to issue more warnings and advisories for industrial businesses.
Against this backdrop, MITRE has launched EMB3D, a new threat model framework for defenders tasked with protecting operational technology (OT) and industrial control systems (ICS).
EMB3D provides a knowledge base of cyber threats to embedded devices used in industrial environments. It allows the user to map those threats with vulnerabilities and flaws systems like the Common Weakness Enumeration (CWE) and the Common Vulnerabilities and Exposures (CVE) and MITRE’s own TTPs mapping framework, ATT&CK.
For each threat, suggested mitigations are focused on technical mechanisms that device vendors should implement to protect against the given threat.
EMB3D is designed to be used by the entire security ecosystem, from device vendors and manufacturers to asset owners, security researchers and testing organizations.
Currently in a pre-release review period, EMB3D will be publicly available in early 2024.
New threats and mitigations will be added and updated over time as new threat actors emerge and security researchers discover new categories of vulnerabilities, threats and security defenses.
Yosry Barsoum, VP and director of the Center for Securing the Homeland at MITRE, said: “We encourage device vendors, asset owners, researchers, and academia to review the threat model and share feedback, ensuring our collective efforts remain at the forefront of safeguarding our interconnected world.”
MITRE collaborated with security provider Red Balloon Security and Narf Industries, a group of security researchers, to develop EMB3D.
Niyo Pearson, one of EMB3D's sponsors and team lead for cybersecurity at ONE Gas, commented: “Utilities like mine have been forced to extreme measures to secure our infrastructures because of concerns about ICS device insecurities.”
“The EMB3D model will provide a means for ICS device manufacturers to understand the evolving threat landscape and potential available mitigations earlier in the design cycle, resulting in more inherently secure devices. This will eliminate or reduce the need to ‘bolt on’ security after the fact, resulting in more secure infrastructure and reduced security costs.”