Attacks and Vulnerabilities
Critical infrastructure
Malware, Phishing & Ransomware
News
Regulation, Standards and Compliance
System Design & Architecture
Technology & Solutions
Threat Landscape
Vulnerabilities

New MITRE EMB3D collaborative framework provides common understanding to mitigate cyber threats

December 14, 2023
New MITRE EMB3D collaborative framework provides common understanding to mitigate cyber threats

Not-for-profit organization MITRE announced on Wednesday its alignment with Niyo Little Thunder Pearson (ONEGas Inc.), Red Balloon Security, and Narf Industries to introduce EMB3D. This collaborative initiative aims to address the growing cyber threats faced by critical infrastructure-embedded devices. 

As sophisticated cyber adversaries continue to target these devices, as evidenced by the increasing number of CISA ICS  (industrial control systems) advisories, EMB3D provides a common framework to mitigate these threats. Its goal is to ensure a shared understanding and effective defense against potential risks to life- and safety-critical devices.

Currently, in a pre-release review period, the EMB3D threat model aligns with and expands on several existing models, including Common Weakness Enumeration, MITRE ATT&CK, and Common Vulnerabilities and Exposures, but with a specific embedded device focus. EMB3D provides a cultivated knowledge base of cyber threats to devices, including those observed in the field environment or demonstrated through proofs-of-concept and/or theoretic research. 

Additionally, these threats are mapped to device properties to help users develop and tailor accurate threat models for specific embedded devices. For each threat, suggested mitigations are exclusively focused on technical mechanisms that device vendors should implement to protect against the given threat to build security into the device. 

EMB3D is intended to offer a comprehensive framework for the security ecosystem, including device vendors, manufacturers, asset owners, security researchers, and testing organizations.

“The EMB3D framework stands as a perfect example of MITRE’s role as both an innovator and a connector, working hand-in-hand with industry leaders to develop cutting-edge tools,” Beth Meinert, senior vice president and general manager, of MITRE Public Sector, said in a media statement. “Together, we are committed to enhancing the cyber posture of critical infrastructure sectors that rely on Operational Technology (OT) technologies. This collaboration exemplifies the power of collective expertise and underscores MITRE’s dedication to advancing the resilience and security of vital systems in today’s interconnected world.”

“Utilities like mine have been forced to extreme measures to secure our infrastructures because of concerns about ICS device insecurities,” says Niyo Little Thunder Pearson, ONEGas, Inc., and sponsor of the research. “The EMB3D model will provide a means for ICS device manufacturers to understand the evolving threat landscape and potential available mitigations earlier in the design cycle, resulting in more inherently secure devices. This will eliminate or reduce the need to ‘bolt on’ security after the fact, resulting in more secure infrastructure and reduced security costs.”

EMB3D is intended to be a living framework, where new threats and mitigations are added and updated over time as new threat actors emerge and security researchers discover new categories of vulnerabilities, threats, and security defenses. Anticipated to be released in early 2024, EMB3D will be a public community resource, where all information is openly available, and the security community can submit additions and revisions.

“We encourage device vendors, asset owners, researchers, and academia to review the threat model and share feedback, ensuring our collective efforts remain at the forefront of safeguarding our interconnected world,” said Yosry Barsoum, vice president and director of the Center for Securing the Homeland at MITRE. “Insights, expertise, and a collaborative spirit are invaluable as we work together to strengthen the resilience of our digital infrastructure. Together, we can build a safer and more secure future.”

Last month, MITRE released ATT&CK v14 to include enhanced detection guidance for many techniques and expanded scope on Enterprise and Mobile, ICS assets, and mobile structured detections.

Ahead of that, MITRE announced in September that its MITRE Caldera team has announced the release of Caldera for OT, a collection of Caldera plugins that provide support for common industrial protocols. These initial Caldera for OT extensions were developed in partnership with the Homeland Security Systems Engineering and Development Institute (HSSEDI), a federally funded research and development center that is managed and operated by MITRE for the U.S. Department of Homeland Security (DHS), and the CISA to increase the resiliency of critical infrastructure.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings