MITER's Innovative Initiative to Strengthen Cybersecurity in Critical Infrastructures

Sven Gusek / 21.11.2023

MITER's Innovative Initiative to Strengthen Cybersecurity in Critical Infrastructures

In light of the steadily growing cyber threats to critical infrastructures, MITRE has taken a significant step forward. They have introduced EMB3D, a new Threat Model Framework specifically designed to enhance the protection of operational technologies and industrial control systems.

EMB3D is an extensive knowledge database that captures cyber threats targeting embedded devices used in industrial environments. Users can use this tool to associate these threats with known vulnerabilities and flaws in systems, as documented in the Common Weakness Enumeration (CWE) and the Common Vulnerabilities and Exposures (CVE), as well as in MITRE's own TTPs mapping framework, ATT&CK.

One of EMB3D's main focuses is on proposed defense measures that concentrate on technical mechanisms that device manufacturers should implement to safeguard against the identified threats.

What makes EMB3D special is that it is designed for the entire security community. It targets device manufacturers, producers, facility owners, security researchers, and testing organizations.

Currently, EMB3D is still in a pre-release verification phase and will be made available to the public in early 2024. New threats and defense measures will be continuously added and updated to respond to the emergence of new threat actors and the discovery of new categories of vulnerabilities, threats, and security defenses by researchers.

Yosry Barsoum, Vice President and Director of the Homeland Security Center at MITRE, stated, "We encourage device manufacturers, facility operators, researchers, and the academic community to review the Threat Model Framework and provide feedback to ensure that our collective efforts continue to be at the forefront of protecting our interconnected world."

In developing EMB3D, MITRE collaborated with the security provider Red Balloon Security and Narf Industries, a group of security researchers.

Niyo Pearson, one of the sponsors of EMB3D and Team Leader for Cybersecurity at ONE Gas, expressed, "Utilities like ours have had to take extreme measures to secure our infrastructures due to concerns about the security of ICS devices."

"The EMB3D model will provide a way for manufacturers of ICS devices to understand the evolving threat landscape and potential countermeasures early in the design cycle, leading to fundamentally safer devices. This will reduce the need to add security retrospectively, resulting in more secure infrastructures and reduced security costs."

References and Sources:

A description of the EMB3D™ Threat Models as a collaborative project by MITRE, Niyo Little Thunder Pearson (ONEGas, Inc.), Red Balloon Security, and Narf Industries, providing a common understanding of threats to embedded devices and the required security mechanisms.

An article describing the introduction of the EMB3D Threat Models by MITRE and partners. This model has been specifically developed for embedded devices used in critical infrastructures.

A post highlighting the introduction of EMB3D as a new Threat Model Framework by MITRE, targeting the protection of operational technologies and industrial control systems. It provides a knowledge base about cyber threats to embedded devices used in industrial environments. Contact us for more information.