CyberSecurityBoard
Sponsor Register Login

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure

Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous systems, and unmanned aircraft systems.
These devices often lack proper security controls and are insufficiently tested for vulnerabilities.
Cyber adversaries increasingly attempt to exploit these devices, as evidenced by a growing number of CISA ICS advisories identifying significant threats to many life- and safety-critical devices.
The EMB3D Threat Model, a collaborative effort by MITRE, Niyo Little Thunder Pearson, Red Balloon Security, and Narf Industries, provides a common understanding of the threats posed to embedded devices and the security mechanisms required to mitigate them.
EMB3D aligns with and expands on several existing models, including Common Weakness Enumeration, MITRE ATT&CK, and Common Vulnerabilities and Exposures, but with a specific embedded device focus.
EMB3D provides a cultivated knowledge base of cyber threats to devices, including those observed in the field environment or demonstrated through proofs-of-concept and/or theoretic research.
These threats are mapped to device properties to help users develop and tailor accurate threat models for specific embedded devices.
For each threat, suggested mitigations are exclusively focused on technical mechanisms that device vendors should implement to protect against the given threat with the goal of building security into the device.
EMB3D is intended to offer a comprehensive framework for the entire security ecosystem-device vendors, manufacturers, asset owners, security researchers, and testing organizations.
EMB3D is intended to be a living framework, where new threats and mitigations are added and updated over time as new threat actors emerge and security researchers discover new categories of vulnerabilities, threats, and security defenses.
Anticipated to be released in early 2024, EMB3D will be a public community resource, where all information is openly available, and the security community can submit additions and revisions.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 14 Dec 2023 09:13:04 +0000


Cyber News related to EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure

MITRE EMB3D improves security for embedded devices - MITRE released EMB3D, a cybersecurity threat model for embedded devices. The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to ...
1 year ago Helpnetsecurity.com
MITRE Debuts ICS Threat Threat Modeling for Embedded Systems - MITRE, in collaboration with researchers from three other organizations, this week released a draft of a new threat-modeling framework for makers of embedded devices used in critical infrastructure environments. The goal with the new EMB3D Threat ...
2 years ago Darkreading.com
EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure - Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous systems, and unmanned aircraft systems. These devices often lack proper security ...
2 years ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
5 months ago Cybersecuritynews.com
MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure - MITRE has teamed up with the cybersecurity community and the industrial sector to create EMB3D, a threat model specifically designed for embedded devices used in critical infrastructure. Its goal is to provide a collaborative framework that enables ...
2 years ago Securityweek.com
MITRE Launches Critical Infrastructure Threat Model Framework - The cyber threat to critical infrastructure is increasing, prompting cyber government agencies to issue more warnings and advisories for industrial businesses. Against this backdrop, MITRE has launched EMB3D, a new threat model framework for ...
2 years ago Infosecurity-magazine.com
How machine learning helps us hunt threats | Securelist - In this post, we will share our experience hunting for new threats by processing Kaspersky Security Network (KSN) global threat data with ML tools to identify subtle new Indicators of Compromise (IoCs). The model can process and learn from millions ...
1 year ago Securelist.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
1 year ago Cyberdefensemagazine.com Akira
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
1 year ago Securityboulevard.com
Best of 2023: Diamond Model of Intrusion Analysis: A Quick Guide - Any intrusion into a network calls for a thorough analysis to give security teams cyber intelligence about different threats and to help thwart similar future attacks. Effective incident analysis has long been held back by uncertainty and high false ...
1 year ago Securityboulevard.com Axiom
20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
8 months ago Cybersecuritynews.com
10 Best EDR Tools ( Endpoint Detection & Response) - 2025 - What is good?What Could Be Better ?Provides comprehensive endpoint monitoring.Some users might find the installation and configuration process of the solution tedious.Protect your entire security stack with in-depth threat intelligence.Some users ...
9 months ago Cybersecuritynews.com
The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
2 years ago Cyberdefensemagazine.com
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com
Using Passive DNS To Trace Command And Control Infrastructure - When a security team discovers a suspicious domain or IP address, passive DNS allows them to trace its historical connections and uncover the broader infrastructure used by the threat actor. Finally, security teams should combine passive DNS ...
8 months ago Cybersecuritynews.com Hunters
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
1 year ago Cisa.gov
Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats - In the world of emerging cybersecurity threats, understanding the significance of threat intelligence is crucial and can not be ignored. Threat intelligence involves the systematic collection, analysis, and application of data to understand potential ...
1 year ago Hackread.com
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky
Threat Intelligence Feeds Flood Analysts With Data, But Context Still Lacking - By combining external threat data with internal risk assessments, contextual threat intelligence helps organizations measure the risk level of alerts or vulnerabilities in relation to their business and technical assets, ensuring that the most ...
8 months ago Cybersecuritynews.com
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
10 Best Dark Web Monitoring Tools in 2025 - DarkOwl is a comprehensive dark web monitoring tool that provides organizations with real-time intelligence on emerging threats and data breaches. Recorded Future is a comprehensive dark web monitoring tool that leverages machine learning and ...
4 months ago Cybersecuritynews.com
Strategy, Harmony & Research: Triaging Priorities for OT Cybersecurity - The mission of the Cybersecurity and Infrastructure Security Agency is to lead the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every hour of every day. CISA is not responsible ...
2 years ago Darkreading.com
The Evolution of Cyber Threats: Past, Present, and Future - Cyber threats have evolved significantly over time, posing increasing risks to individuals, organizations, and governments in our interconnected world. Let's explore the past, present, and future of cyber threats to better understand how to protect ...
1 year ago Securityzap.com
Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
1 year ago Darkreading.com Volt Typhoon

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)