-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathindex.html
1 lines (1 loc) · 38.1 KB
/
index.html
1
<!doctype html><html lang="en" ><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="theme-color" media="(prefers-color-scheme: light)" content="#f7f7f7"><meta name="theme-color" media="(prefers-color-scheme: dark)" content="#1b1b1e"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="black-translucent"><meta name="viewport" content="width=device-width, user-scalable=no initial-scale=1, shrink-to-fit=no, viewport-fit=cover" > <script src=https://cmp.osano.com/AzyhULTdPkqmy4aDN/08e227bd-c988-4bca-b046-0984697d41a8/osano.js></script><meta name="generator" content="Jekyll v4.3.3" /><meta property="og:title" content="MITRE EMB3D™" /><meta property="og:locale" content="en" /><meta name="description" content="MITRE EMB3D™, a cultivated knowledge base of cyber threats and mitigations for embedded devices" /><meta property="og:description" content="MITRE EMB3D™, a cultivated knowledge base of cyber threats and mitigations for embedded devices" /><link rel="canonical" href="https://emb3d.mitre.org/" /><meta property="og:url" content="https://emb3d.mitre.org/" /><meta property="og:site_name" content="MITRE EMB3D™" /><meta property="og:type" content="website" /><meta name="twitter:card" content="summary" /><meta property="twitter:title" content="MITRE EMB3D™" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebSite","description":"MITRE EMB3D™, a cultivated knowledge base of cyber threats and mitigations for embedded devices","headline":"MITRE EMB3D™","name":"The MITRE Corporation","url":"https://emb3d.mitre.org/"}</script><style> .osano-cm-widget{display: none;}</style><title>MITRE EMB3D™</title><link rel="apple-touch-icon" sizes="180x180" href="/assets/img/favicons/apple-touch-icon.png"><link rel="icon" type="image/png" sizes="32x32" href="/assets/img/favicons/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/assets/img/favicons/favicon-16x16.png"><link rel="shortcut icon" href="/assets/img/favicons/favicon.ico"><meta name="apple-mobile-web-app-title" content="MITRE EMB3D™"><meta name="application-name" content="MITRE EMB3D™"><meta name="msapplication-TileColor" content="#da532c"><meta name="msapplication-config" content="/assets/img/favicons/browserconfig.xml"><meta name="theme-color" content="#ffffff"><link rel="preconnect" href="https://fonts.googleapis.com" ><link rel="dns-prefetch" href="https://fonts.googleapis.com" ><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin><link rel="dns-prefetch" href="https://fonts.gstatic.com" crossorigin><link rel="preconnect" href="https://fonts.googleapis.com" ><link rel="dns-prefetch" href="https://fonts.googleapis.com" ><link rel="preconnect" href="https://cdn.jsdelivr.net" ><link rel="dns-prefetch" href="https://cdn.jsdelivr.net" ><link rel="preconnect" href="https://cdnjs.cloudflare.com" ><link rel="dns-prefetch" href="https://cdnjs.cloudflare.com" ><link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lato:wght@300;400&family=Source+Sans+Pro:wght@400;600;700;900&display=swap"> <script async src="https://www.googletagmanager.com/gtag/js?id=G-3GFR38B7Y0"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-3GFR38B7Y0'); </script><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fortawesome/[email protected]/css/all.min.css"><link rel="stylesheet" href="/assets/css/jekyll-theme-chirpy.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/loading-attribute-polyfill.min.css"> <script type="text/javascript"> class ModeToggle { static get MODE_KEY() { return 'mode'; } static get MODE_ATTR() { return 'data-mode'; } static get DARK_MODE() { return 'dark'; } static get LIGHT_MODE() { return 'light'; } static get ID() { return 'mode-toggle'; } constructor() { if (this.hasMode) { if (this.isDarkMode) { if (!this.isSysDarkPrefer) { this.setDark(); } } else { if (this.isSysDarkPrefer) { this.setLight(); } } } let self = this; /* always follow the system prefers */ this.sysDarkPrefers.addEventListener('change', () => { if (self.hasMode) { if (self.isDarkMode) { if (!self.isSysDarkPrefer) { self.setDark(); } } else { if (self.isSysDarkPrefer) { self.setLight(); } } self.clearMode(); } self.notify(); }); } /* constructor() */ get sysDarkPrefers() { return window.matchMedia('(prefers-color-scheme: dark)'); } get isSysDarkPrefer() { return this.sysDarkPrefers.matches; } get isDarkMode() { return this.mode === ModeToggle.DARK_MODE; } get isLightMode() { return this.mode === ModeToggle.LIGHT_MODE; } get hasMode() { return this.mode != null; } get mode() { return sessionStorage.getItem(ModeToggle.MODE_KEY); } /* get the current mode on screen */ get modeStatus() { if (this.isDarkMode || (!this.hasMode && this.isSysDarkPrefer)) { return ModeToggle.DARK_MODE; } else { return ModeToggle.LIGHT_MODE; } } setDark() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.DARK_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.DARK_MODE); } setLight() { document.documentElement.setAttribute(ModeToggle.MODE_ATTR, ModeToggle.LIGHT_MODE); sessionStorage.setItem(ModeToggle.MODE_KEY, ModeToggle.LIGHT_MODE); } clearMode() { document.documentElement.removeAttribute(ModeToggle.MODE_ATTR); sessionStorage.removeItem(ModeToggle.MODE_KEY); } /* Notify another plugins that the theme mode has changed */ notify() { window.postMessage( { direction: ModeToggle.ID, message: this.modeStatus }, '*' ); } flipMode() { if (this.hasMode) { if (this.isSysDarkPrefer) { if (this.isLightMode) { this.clearMode(); } else { this.setLight(); } } else { if (this.isDarkMode) { this.clearMode(); } else { this.setDark(); } } } else { if (this.isSysDarkPrefer) { this.setLight(); } else { this.setDark(); } } this.notify(); } /* flipMode() */ } /* ModeToggle */ const modeToggle = new ModeToggle(); </script><body><aside aria-label="Sidebar" id="sidebar" class="d-flex flex-column align-items-end"><div class="sidebarImg"><header class="profile-wrapper"> <a href="/" id="avatar"><img src="/MITRE-brand_EMB3D_white.png" alt="avatar" onerror="this.style.display='none'"></a><h1 class="site-title"> <a href="/">MITRE EMB3D™</a></h1><p class="site-subtitle fst-italic mb-0">A knowledge base of cyber threats and associated mitigations for embedded devices</p></header></div><nav class="flex-column flex-grow-1 w-100 ps-0"><ul class="nav"><li class="nav-item active"> <a href="/" class="nav-link"> <i class="fa-fw fas fa-home"></i> <span>HOME</span> </a><li class="nav-item"> <a href="https://medium.com/mitre-emb3d" target="_blank" class="nav-link"> <i class="fa-fw fas fa-blog"></i> <span>BLOG <i class="fa-fw fas fa-external-link"></i></span> </a><li class="nav-item"> <a href="/background/" class="nav-link"> <i class="fa-fw fas fa-book"></i> <span>BACKGROUND</span> </a><li class="nav-item"> <a href="/getting-started/" class="nav-link"> <i class="fa-fw fas fa-play"></i> <span>GETTING STARTED</span> </a><li class="nav-item"> <a href="/properties-list/" class="nav-link"> <i class="fa-fw fas fa-gears"></i> <span>PROPERTIES LIST</span> </a><li class="nav-item"> <a href="/properties-mapper/" class="nav-link"> <i class="fa-fw fas fa-check-to-slot"></i> <span>PROPERTIES MAPPER</span> </a><li class="nav-item"> <a href="/threats/" class="nav-link"> <i class="fa-fw fas fa-folder-open"></i> <span>THREATS</span> </a><ul class="nav ul-sublist"><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/threats/hardware.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>HARDWARE</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-1" type="button"> <i id="arrow-down-1" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-1" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-1"><ul class="nav"><li id="nav-item-1-1" class="nav-item"> <a href="/threats/TID-101.html" class="nav-link">TID-101</a><li id="nav-item-2-1" class="nav-item"> <a href="/threats/TID-102.html" class="nav-link">TID-102</a><li id="nav-item-3-1" class="nav-item"> <a href="/threats/TID-103.html" class="nav-link">TID-103</a><li id="nav-item-4-1" class="nav-item"> <a href="/threats/TID-105.html" class="nav-link">TID-105</a><li id="nav-item-5-1" class="nav-item"> <a href="/threats/TID-106.html" class="nav-link">TID-106</a><li id="nav-item-6-1" class="nav-item"> <a href="/threats/TID-107.html" class="nav-link">TID-107</a><li id="nav-item-7-1" class="nav-item"> <a href="/threats/TID-108.html" class="nav-link">TID-108</a><li id="nav-item-8-1" class="nav-item"> <a href="/threats/TID-109.html" class="nav-link">TID-109</a><li id="nav-item-9-1" class="nav-item"> <a href="/threats/TID-110.html" class="nav-link">TID-110</a><li id="nav-item-10-1" class="nav-item"> <a href="/threats/TID-111.html" class="nav-link">TID-111</a><li id="nav-item-11-1" class="nav-item"> <a href="/threats/TID-113.html" class="nav-link">TID-113</a><li id="nav-item-12-1" class="nav-item"> <a href="/threats/TID-114.html" class="nav-link">TID-114</a><li id="nav-item-13-1" class="nav-item"> <a href="/threats/TID-115.html" class="nav-link">TID-115</a><li id="nav-item-14-1" class="nav-item"> <a href="/threats/TID-116.html" class="nav-link">TID-116</a><li id="nav-item-15-1" class="nav-item"> <a href="/threats/TID-118.html" class="nav-link">TID-118</a><li id="nav-item-16-1" class="nav-item"> <a href="/threats/TID-119.html" class="nav-link">TID-119</a></ul></div><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/threats/system-software.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>SYSTEM SOFTWARE</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-2" type="button"> <i id="arrow-down-2" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-2" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-2"><ul class="nav"><li id="nav-item-1-2" class="nav-item"> <a href="/threats/TID-201.html" class="nav-link">TID-201</a><li id="nav-item-2-2" class="nav-item"> <a href="/threats/TID-202.html" class="nav-link">TID-202</a><li id="nav-item-3-2" class="nav-item"> <a href="/threats/TID-203.html" class="nav-link">TID-203</a><li id="nav-item-4-2" class="nav-item"> <a href="/threats/TID-204.html" class="nav-link">TID-204</a><li id="nav-item-5-2" class="nav-item"> <a href="/threats/TID-205.html" class="nav-link">TID-205</a><li id="nav-item-6-2" class="nav-item"> <a href="/threats/TID-206.html" class="nav-link">TID-206</a><li id="nav-item-7-2" class="nav-item"> <a href="/threats/TID-207.html" class="nav-link">TID-207</a><li id="nav-item-8-2" class="nav-item"> <a href="/threats/TID-208.html" class="nav-link">TID-208</a><li id="nav-item-9-2" class="nav-item"> <a href="/threats/TID-209.html" class="nav-link">TID-209</a><li id="nav-item-10-2" class="nav-item"> <a href="/threats/TID-210.html" class="nav-link">TID-210</a><li id="nav-item-11-2" class="nav-item"> <a href="/threats/TID-211.html" class="nav-link">TID-211</a><li id="nav-item-12-2" class="nav-item"> <a href="/threats/TID-212.html" class="nav-link">TID-212</a><li id="nav-item-13-2" class="nav-item"> <a href="/threats/TID-213.html" class="nav-link">TID-213</a><li id="nav-item-14-2" class="nav-item"> <a href="/threats/TID-214.html" class="nav-link">TID-214</a><li id="nav-item-15-2" class="nav-item"> <a href="/threats/TID-215.html" class="nav-link">TID-215</a><li id="nav-item-16-2" class="nav-item"> <a href="/threats/TID-216.html" class="nav-link">TID-216</a><li id="nav-item-17-2" class="nav-item"> <a href="/threats/TID-217.html" class="nav-link">TID-217</a><li id="nav-item-18-2" class="nav-item"> <a href="/threats/TID-218.html" class="nav-link">TID-218</a><li id="nav-item-19-2" class="nav-item"> <a href="/threats/TID-219.html" class="nav-link">TID-219</a><li id="nav-item-20-2" class="nav-item"> <a href="/threats/TID-220.html" class="nav-link">TID-220</a><li id="nav-item-21-2" class="nav-item"> <a href="/threats/TID-221.html" class="nav-link">TID-221</a><li id="nav-item-22-2" class="nav-item"> <a href="/threats/TID-222.html" class="nav-link">TID-222</a><li id="nav-item-23-2" class="nav-item"> <a href="/threats/TID-223.html" class="nav-link">TID-223</a><li id="nav-item-24-2" class="nav-item"> <a href="/threats/TID-224.html" class="nav-link">TID-224</a></ul></div><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/threats/application-software.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>APPLICATION SOFTWARE</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-3" type="button"> <i id="arrow-down-3" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-3" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-3"><ul class="nav"><li id="nav-item-1-3" class="nav-item"> <a href="/threats/TID-301.html" class="nav-link">TID-301</a><li id="nav-item-2-3" class="nav-item"> <a href="/threats/TID-302.html" class="nav-link">TID-302</a><li id="nav-item-3-3" class="nav-item"> <a href="/threats/TID-303.html" class="nav-link">TID-303</a><li id="nav-item-4-3" class="nav-item"> <a href="/threats/TID-304.html" class="nav-link">TID-304</a><li id="nav-item-5-3" class="nav-item"> <a href="/threats/TID-305.html" class="nav-link">TID-305</a><li id="nav-item-6-3" class="nav-item"> <a href="/threats/TID-306.html" class="nav-link">TID-306</a><li id="nav-item-7-3" class="nav-item"> <a href="/threats/TID-307.html" class="nav-link">TID-307</a><li id="nav-item-8-3" class="nav-item"> <a href="/threats/TID-308.html" class="nav-link">TID-308</a><li id="nav-item-9-3" class="nav-item"> <a href="/threats/TID-309.html" class="nav-link">TID-309</a><li id="nav-item-10-3" class="nav-item"> <a href="/threats/TID-310.html" class="nav-link">TID-310</a><li id="nav-item-11-3" class="nav-item"> <a href="/threats/TID-311.html" class="nav-link">TID-311</a><li id="nav-item-12-3" class="nav-item"> <a href="/threats/TID-312.html" class="nav-link">TID-312</a><li id="nav-item-13-3" class="nav-item"> <a href="/threats/TID-313.html" class="nav-link">TID-313</a><li id="nav-item-14-3" class="nav-item"> <a href="/threats/TID-314.html" class="nav-link">TID-314</a><li id="nav-item-15-3" class="nav-item"> <a href="/threats/TID-315.html" class="nav-link">TID-315</a><li id="nav-item-16-3" class="nav-item"> <a href="/threats/TID-316.html" class="nav-link">TID-316</a><li id="nav-item-17-3" class="nav-item"> <a href="/threats/TID-317.html" class="nav-link">TID-317</a><li id="nav-item-18-3" class="nav-item"> <a href="/threats/TID-318.html" class="nav-link">TID-318</a><li id="nav-item-19-3" class="nav-item"> <a href="/threats/TID-319.html" class="nav-link">TID-319</a><li id="nav-item-20-3" class="nav-item"> <a href="/threats/TID-320.html" class="nav-link">TID-320</a><li id="nav-item-21-3" class="nav-item"> <a href="/threats/TID-321.html" class="nav-link">TID-321</a><li id="nav-item-22-3" class="nav-item"> <a href="/threats/TID-322.html" class="nav-link">TID-322</a><li id="nav-item-23-3" class="nav-item"> <a href="/threats/TID-323.html" class="nav-link">TID-323</a><li id="nav-item-24-3" class="nav-item"> <a href="/threats/TID-324.html" class="nav-link">TID-324</a><li id="nav-item-25-3" class="nav-item"> <a href="/threats/TID-325.html" class="nav-link">TID-325</a><li id="nav-item-26-3" class="nav-item"> <a href="/threats/TID-326.html" class="nav-link">TID-326</a><li id="nav-item-27-3" class="nav-item"> <a href="/threats/TID-327.html" class="nav-link">TID-327</a><li id="nav-item-28-3" class="nav-item"> <a href="/threats/TID-328.html" class="nav-link">TID-328</a><li id="nav-item-29-3" class="nav-item"> <a href="/threats/TID-329.html" class="nav-link">TID-329</a><li id="nav-item-30-3" class="nav-item"> <a href="/threats/TID-330.html" class="nav-link">TID-330</a></ul></div><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/threats/networking.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>NETWORKING</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-4" type="button"> <i id="arrow-down-4" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-4" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-4"><ul class="nav"><li id="nav-item-1-4" class="nav-item"> <a href="/threats/TID-401.html" class="nav-link">TID-401</a><li id="nav-item-2-4" class="nav-item"> <a href="/threats/TID-404.html" class="nav-link">TID-404</a><li id="nav-item-3-4" class="nav-item"> <a href="/threats/TID-405.html" class="nav-link">TID-405</a><li id="nav-item-4-4" class="nav-item"> <a href="/threats/TID-406.html" class="nav-link">TID-406</a><li id="nav-item-5-4" class="nav-item"> <a href="/threats/TID-407.html" class="nav-link">TID-407</a><li id="nav-item-6-4" class="nav-item"> <a href="/threats/TID-408.html" class="nav-link">TID-408</a><li id="nav-item-7-4" class="nav-item"> <a href="/threats/TID-410.html" class="nav-link">TID-410</a><li id="nav-item-8-4" class="nav-item"> <a href="/threats/TID-411.html" class="nav-link">TID-411</a><li id="nav-item-9-4" class="nav-item"> <a href="/threats/TID-412.html" class="nav-link">TID-412</a></ul></div></ul><li class="nav-item"> <a href="/mitigations/" class="nav-link"> <i class="fa-fw fas fa-briefcase"></i> <span>MITIGATIONS</span> </a><ul class="nav ul-sublist"><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/mitigations/foundational.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>FOUNDATIONAL</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-5" type="button"> <i id="arrow-down-5" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-5" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-5"><ul class="nav"><li id="nav-item-1-5" class="nav-item"> <a href="/mitigations/MID-001.html" class="nav-link">MID-001</a><li id="nav-item-2-5" class="nav-item"> <a href="/mitigations/MID-004.html" class="nav-link">MID-004</a><li id="nav-item-3-5" class="nav-item"> <a href="/mitigations/MID-010.html" class="nav-link">MID-010</a><li id="nav-item-4-5" class="nav-item"> <a href="/mitigations/MID-011.html" class="nav-link">MID-011</a><li id="nav-item-5-5" class="nav-item"> <a href="/mitigations/MID-012.html" class="nav-link">MID-012</a><li id="nav-item-6-5" class="nav-item"> <a href="/mitigations/MID-013.html" class="nav-link">MID-013</a><li id="nav-item-7-5" class="nav-item"> <a href="/mitigations/MID-016.html" class="nav-link">MID-016</a><li id="nav-item-8-5" class="nav-item"> <a href="/mitigations/MID-017.html" class="nav-link">MID-017</a><li id="nav-item-9-5" class="nav-item"> <a href="/mitigations/MID-018.html" class="nav-link">MID-018</a><li id="nav-item-10-5" class="nav-item"> <a href="/mitigations/MID-021.html" class="nav-link">MID-021</a><li id="nav-item-11-5" class="nav-item"> <a href="/mitigations/MID-026.html" class="nav-link">MID-026</a><li id="nav-item-12-5" class="nav-item"> <a href="/mitigations/MID-027.html" class="nav-link">MID-027</a><li id="nav-item-13-5" class="nav-item"> <a href="/mitigations/MID-030.html" class="nav-link">MID-030</a><li id="nav-item-14-5" class="nav-item"> <a href="/mitigations/MID-031.html" class="nav-link">MID-031</a><li id="nav-item-15-5" class="nav-item"> <a href="/mitigations/MID-032.html" class="nav-link">MID-032</a><li id="nav-item-16-5" class="nav-item"> <a href="/mitigations/MID-034.html" class="nav-link">MID-034</a><li id="nav-item-17-5" class="nav-item"> <a href="/mitigations/MID-035.html" class="nav-link">MID-035</a><li id="nav-item-18-5" class="nav-item"> <a href="/mitigations/MID-036.html" class="nav-link">MID-036</a><li id="nav-item-19-5" class="nav-item"> <a href="/mitigations/MID-037.html" class="nav-link">MID-037</a><li id="nav-item-20-5" class="nav-item"> <a href="/mitigations/MID-038.html" class="nav-link">MID-038</a><li id="nav-item-21-5" class="nav-item"> <a href="/mitigations/MID-039.html" class="nav-link">MID-039</a><li id="nav-item-22-5" class="nav-item"> <a href="/mitigations/MID-041.html" class="nav-link">MID-041</a><li id="nav-item-23-5" class="nav-item"> <a href="/mitigations/MID-042.html" class="nav-link">MID-042</a><li id="nav-item-24-5" class="nav-item"> <a href="/mitigations/MID-043.html" class="nav-link">MID-043</a><li id="nav-item-25-5" class="nav-item"> <a href="/mitigations/MID-044.html" class="nav-link">MID-044</a><li id="nav-item-26-5" class="nav-item"> <a href="/mitigations/MID-046.html" class="nav-link">MID-046</a><li id="nav-item-27-5" class="nav-item"> <a href="/mitigations/MID-047.html" class="nav-link">MID-047</a><li id="nav-item-28-5" class="nav-item"> <a href="/mitigations/MID-049.html" class="nav-link">MID-049</a><li id="nav-item-29-5" class="nav-item"> <a href="/mitigations/MID-050.html" class="nav-link">MID-050</a><li id="nav-item-30-5" class="nav-item"> <a href="/mitigations/MID-051.html" class="nav-link">MID-051</a><li id="nav-item-31-5" class="nav-item"> <a href="/mitigations/MID-052.html" class="nav-link">MID-052</a><li id="nav-item-32-5" class="nav-item"> <a href="/mitigations/MID-054.html" class="nav-link">MID-054</a><li id="nav-item-33-5" class="nav-item"> <a href="/mitigations/MID-056.html" class="nav-link">MID-056</a><li id="nav-item-34-5" class="nav-item"> <a href="/mitigations/MID-057.html" class="nav-link">MID-057</a><li id="nav-item-35-5" class="nav-item"> <a href="/mitigations/MID-058.html" class="nav-link">MID-058</a><li id="nav-item-36-5" class="nav-item"> <a href="/mitigations/MID-071.html" class="nav-link">MID-071</a><li id="nav-item-37-5" class="nav-item"> <a href="/mitigations/MID-072.html" class="nav-link">MID-072</a><li id="nav-item-38-5" class="nav-item"> <a href="/mitigations/MID-073.html" class="nav-link">MID-073</a><li id="nav-item-39-5" class="nav-item"> <a href="/mitigations/MID-074.html" class="nav-link">MID-074</a><li id="nav-item-40-5" class="nav-item"> <a href="/mitigations/MID-075.html" class="nav-link">MID-075</a><li id="nav-item-41-5" class="nav-item"> <a href="/mitigations/MID-076.html" class="nav-link">MID-076</a><li id="nav-item-42-5" class="nav-item"> <a href="/mitigations/MID-077.html" class="nav-link">MID-077</a><li id="nav-item-43-5" class="nav-item"> <a href="/mitigations/MID-078.html" class="nav-link">MID-078</a><li id="nav-item-44-5" class="nav-item"> <a href="/mitigations/MID-079.html" class="nav-link">MID-079</a><li id="nav-item-45-5" class="nav-item"> <a href="/mitigations/MID-080.html" class="nav-link">MID-080</a><li id="nav-item-46-5" class="nav-item"> <a href="/mitigations/MID-083.html" class="nav-link">MID-083</a></ul></div><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/mitigations/intermediate.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>INTERMEDIATE</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-6" type="button"> <i id="arrow-down-6" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-6" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-6"><ul class="nav"><li id="nav-item-1-6" class="nav-item"> <a href="/mitigations/MID-002.html" class="nav-link">MID-002</a><li id="nav-item-2-6" class="nav-item"> <a href="/mitigations/MID-005.html" class="nav-link">MID-005</a><li id="nav-item-3-6" class="nav-item"> <a href="/mitigations/MID-007.html" class="nav-link">MID-007</a><li id="nav-item-4-6" class="nav-item"> <a href="/mitigations/MID-008.html" class="nav-link">MID-008</a><li id="nav-item-5-6" class="nav-item"> <a href="/mitigations/MID-009.html" class="nav-link">MID-009</a><li id="nav-item-6-6" class="nav-item"> <a href="/mitigations/MID-014.html" class="nav-link">MID-014</a><li id="nav-item-7-6" class="nav-item"> <a href="/mitigations/MID-015.html" class="nav-link">MID-015</a><li id="nav-item-8-6" class="nav-item"> <a href="/mitigations/MID-019.html" class="nav-link">MID-019</a><li id="nav-item-9-6" class="nav-item"> <a href="/mitigations/MID-020.html" class="nav-link">MID-020</a><li id="nav-item-10-6" class="nav-item"> <a href="/mitigations/MID-022.html" class="nav-link">MID-022</a><li id="nav-item-11-6" class="nav-item"> <a href="/mitigations/MID-023.html" class="nav-link">MID-023</a><li id="nav-item-12-6" class="nav-item"> <a href="/mitigations/MID-028.html" class="nav-link">MID-028</a><li id="nav-item-13-6" class="nav-item"> <a href="/mitigations/MID-029.html" class="nav-link">MID-029</a><li id="nav-item-14-6" class="nav-item"> <a href="/mitigations/MID-033.html" class="nav-link">MID-033</a><li id="nav-item-15-6" class="nav-item"> <a href="/mitigations/MID-040.html" class="nav-link">MID-040</a><li id="nav-item-16-6" class="nav-item"> <a href="/mitigations/MID-045.html" class="nav-link">MID-045</a><li id="nav-item-17-6" class="nav-item"> <a href="/mitigations/MID-048.html" class="nav-link">MID-048</a><li id="nav-item-18-6" class="nav-item"> <a href="/mitigations/MID-053.html" class="nav-link">MID-053</a><li id="nav-item-19-6" class="nav-item"> <a href="/mitigations/MID-055.html" class="nav-link">MID-055</a><li id="nav-item-20-6" class="nav-item"> <a href="/mitigations/MID-059.html" class="nav-link">MID-059</a><li id="nav-item-21-6" class="nav-item"> <a href="/mitigations/MID-060.html" class="nav-link">MID-060</a><li id="nav-item-22-6" class="nav-item"> <a href="/mitigations/MID-061.html" class="nav-link">MID-061</a><li id="nav-item-23-6" class="nav-item"> <a href="/mitigations/MID-063.html" class="nav-link">MID-063</a><li id="nav-item-24-6" class="nav-item"> <a href="/mitigations/MID-064.html" class="nav-link">MID-064</a><li id="nav-item-25-6" class="nav-item"> <a href="/mitigations/MID-065.html" class="nav-link">MID-065</a><li id="nav-item-26-6" class="nav-item"> <a href="/mitigations/MID-066.html" class="nav-link">MID-066</a><li id="nav-item-27-6" class="nav-item"> <a href="/mitigations/MID-067.html" class="nav-link">MID-067</a><li id="nav-item-28-6" class="nav-item"> <a href="/mitigations/MID-068.html" class="nav-link">MID-068</a><li id="nav-item-29-6" class="nav-item"> <a href="/mitigations/MID-069.html" class="nav-link">MID-069</a><li id="nav-item-30-6" class="nav-item"> <a href="/mitigations/MID-081.html" class="nav-link">MID-081</a><li id="nav-item-31-6" class="nav-item"> <a href="/mitigations/MID-082.html" class="nav-link">MID-082</a></ul></div><li class="nav-item"><div class="row-dropdown"><div class="col-dropdown"> <a href="/mitigations/leading.html" class="nav-link nav-link-sub"> <i class="fa-fw fas fa-arrow-circle-right"></i> <span>LEADING</span> </a></div><div class="col-dropdown"> <button class="dropdown-btn" id="dropdown-btn-7" type="button"> <i id="arrow-down-7" class="fa-fw fas fa-circle-arrow-down"></i> <i id="arrow-up-7" class="fa-fw fas fa-circle-arrow-up"></i> </button></div></div><div class="dropdown-list" id="dropdown-list-7"><ul class="nav"><li id="nav-item-1-7" class="nav-item"> <a href="/mitigations/MID-003.html" class="nav-link">MID-003</a><li id="nav-item-2-7" class="nav-item"> <a href="/mitigations/MID-006.html" class="nav-link">MID-006</a><li id="nav-item-3-7" class="nav-item"> <a href="/mitigations/MID-024.html" class="nav-link">MID-024</a><li id="nav-item-4-7" class="nav-item"> <a href="/mitigations/MID-025.html" class="nav-link">MID-025</a><li id="nav-item-5-7" class="nav-item"> <a href="/mitigations/MID-062.html" class="nav-link">MID-062</a><li id="nav-item-6-7" class="nav-item"> <a href="/mitigations/MID-070.html" class="nav-link">MID-070</a></ul></div></ul><li class="nav-item"> <a href="/about/" class="nav-link"> <i class="fa-fw fas fa-info-circle"></i> <span>ABOUT</span> </a><li class="nav-item"> <a href="/terms-of-use/" class="nav-link"> <i class="fa-fw fas fa-file-contract"></i> <span>TERMS OF USE</span> </a></ul></nav><div class="sidebar-bottom d-flex flex-wrap align-items-center"> <button type="button" class="mode-toggle btn" aria-label="Switch Mode"> <i class="fas fa-adjust"></i> </button> <span class="icon-border"></span> <a href="javascript:location.href = 'mailto:' + ['emb3d','mitre.org'].join('@')" aria-label="email" > <i class="fas fa-envelope"></i> </a> <a href="https://github.com/mitre/emb3d" aria-label="github" target="_blank" rel="noopener noreferrer" > <i class="fab fa-github"></i> </a></div></aside><script src="/sidebarDropdown.js"></script><div id="main-wrapper" class="d-flex justify-content-center"><div class="container d-flex flex-column px-xxl-5"><header id="topbar-wrapper" aria-label="Top Bar"><div id="topbar" class="d-flex align-items-center justify-content-between px-lg-3 h-100" ><nav id="breadcrumb" aria-label="Breadcrumb"> <span>Home</span></nav><button type="button" id="sidebar-trigger" class="btn btn-link"> <i class="fas fa-bars fa-fw"></i> </button><div id="topbar-title"> MITRE EMB3D™</div><button type="button" id="search-trigger" class="btn btn-link"> <i class="fas fa-search fa-fw"></i> </button> <search class="align-items-center ms-3 ms-lg-0"> <i class="fas fa-search fa-fw"></i> <input class="form-control" id="search-input" type="search" aria-label="search" autocomplete="off" placeholder="Search..." > </search> <button type="button" class="btn btn-link text-decoration-none" id="search-cancel">Cancel</button></div></header><div class="row flex-grow-1"><main aria-label="Main Content" class="col-12 col-lg-11 col-xl-12 px-md-4" ><h1 class="page-heading">The MITRE EMB3D™ Threat Model</h1><p class="lead"> The EMB3D Threat Model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with security mechanisms to mitigate them.</p><h2 id="latest"><span class="me-2">What's New</span><a href="#latest" class="anchor text-muted"><i class="fas fa-hashtag"></i></a></h2><ul><li>Join MITRE and Red Balloon Security for a <a href="https://mitre.zoomgov.com/webinar/register/WN_HOITbYicRliVVbkZ30M3cg">MITRE EMB3D webinar</a> on <b>February 27th, 2025</b>. The webinar will introduce the EMB3D framework and provide case studies on how EMB3D can be used to evaluate device security by mapping its properties to potential threats. <a href="https://mitre.zoomgov.com/webinar/register/WN_HOITbYicRliVVbkZ30M3cg">Register here.</a><li><b>Jan. 17, 2025: </b>Learn how to <a href="https://medium.com/mitre-emb3d/enhancing-stride-threat-models-using-mitre-emb3d-ea15937dc5f8" target="_blank">use EMB3D with STRIDE for better threat modeling</a> over on our new <a href="https://medium.com/mitre-emb3d" target="_blank">blog.</a><li><b>Sept. 24, 2024: </b>The EMB3D Mitigations have been released! See the the new Mitigations tab on the left and the mappings added into each Threat page. The EMB3D <a href="/assets/EMB3D_Paper_09-23-24.pdf">Whitepaper</a> was also updated to include our methodology for choosing and categorizing mitigations.</ul><h2 id="what-is-emb3d"><span class="me-2">What is EMB3D™</span><a href="#what-is-emb3d" class="anchor text-muted"><i class="fas fa-hashtag"></i></a></h2><p> EMB3D is a threat model for embedded devices found in industries such as critical infrastructure, Internet of Things, automotive, healthcare, manufacturing, and many more. The threat model is intended to be a resource to help vendors, asset owners/operators, test organizations, and security researchers to improve the overall security of embedded devices' hardware and software. This threat model aims to serve as a central repository of information, defining known threats to embedded devices and their unique device features/properties that enable specific threat actions. By mapping the threats to the associated device features/properties, the user can easily enumerate threat exposure based on the known device features.</p><div class="text-center"><p><div class="preview-img shimmer"><img src="/assets/workflow-summary.png" alt="EMB3D Workflow: Identify device properties. Map properties to potential threats and weaknesses. Evaluate each threat to determine if the device is vulnerable or if the threat is mitigated."/ loading="lazy"></div></p></div><div class="row"><div class="col-lg-4"><h3>Device Properties</h3><p> Device properties describe a device's hardware and software components and capabilities of a device. These include physical hardware, network services and protocols, software, and firmware. Each category is further divided into sub-properties that are then mapped to a set of threats. By mapping properties, users can identify the threats associated with a given device property.</p></div><div class="col-lg-4"><h3>Threats</h3><p> EMB3D threats identify how a threat actor can achieve a specific objective or effect on a system or device. Each threat description includes (i) information about the technical features that are targeted by the threat; (ii) the actions that must be performed by the threat actor to cause the threat's effect, including the impact or effect the threat will have on the device; and (iii) the vulnerabilities or weaknesses within that mechanism that enable the threat actions.</p></div><div class="col-lg-4"><h3>Mitigations</h3><p> Mitigation strategies and techniques are described for each threat. These can be leveraged by device vendors to prevent and reduce the risk of a threat, and by end users to validate that devices are sufficiently protected against that threat. The mitigations define the mechanisms or technologies that protect against the threat while remaining flexible in how mitigations can be implemented within the device's unique constraints.</p></div></div><h2 id="use-cases"><span class="me-2">EMB3D Users</span><a href="#use-cases" class="anchor text-muted"><i class="fas fa-hashtag"></i></a></h2><div class="row"><div class="col-md-4"><h1 class="text-center"><i class="fa fa-screwdriver-wrench" aria-hidden="true"></i></h1><h3 class="text-center">Device Vendors</h3><p> Support device threat models and provide guidelines for mitigations requirements/designs. Develop device roadmaps for evaluating device risk and prioritizing mitigation efforts.</p></div><div class="col-md-4"><h1 class="text-center"><i class="fa fa-industry" aria-hidden="true"></i></h1><h3 class="text-center">Asset Owners & Operators</h3><p> Inform acquisition requirements and decisions about unmitigated threats/risks. Support acquisition efforts related to evaluating a device's security capabilities. Guide the development and deployment of compensating controls around unmitigated threats.</p></div><div class="col-md-4"><h1 class="text-center"><i class="fa fa-magnifying-glass" aria-hidden="true"></i></h1><h3 class="text-center">Security Researchers/Testers</h3><p> Scope assessment activities and outcomes. Help identify potential trouble spots for deeper investigation. Contribute to research efforts around novel threats and mitigations.</p></div></div><h2 id="more-info"><span class="me-2">More Information</span><a href="#more-info" class="anchor text-muted"><i class="fas fa-hashtag"></i></a></h2><p> <a class="btn btn-primary btn-lg btn-home" href="/background/" role="button">Background</a> <a class="btn btn-primary btn-lg btn-home" href="/getting-started/" role="button">Getting Started</a> <a class="btn btn-primary btn-lg btn-home" href="/assets/EMB3D_Paper_09-23-24.pdf" role="button">Whitepaper</a> <a class="btn btn-primary btn-lg btn-home" href="/about/#contact-us" role="button">Contact Us</a></p></main></div><div class="row"><div id="tail-wrapper" class="col-12 col-lg-11 col-xl-12 px-md-4"><footer aria-label="Site Info" class=" flex-column justify-content-center text-muted flex-lg-row justify-content-lg-between align-items-lg-center pb-lg-3 " ><p> <a href="#" onclick="Osano.cm.showDrawer('osano-cm-dom-info-dialog-open')">Cookie Preferences</a> <br><a href="https://www.mitre.org/privacy-policy">Privacy Policy</a></p><p>© <time>2023</time>-<time>2025</time> <em class="fst-normal">The MITRE Corporation</em>. <a href="/terms-of-use.html">Terms of Use</a>. <br>MITRE is a registered trademark of The MITRE Corporation.</p><p>Using the <a data-bs-toggle="tooltip" data-bs-placement="top" title="v6.5.3" href="https://github.com/cotes2020/jekyll-theme-chirpy" target="_blank" rel="noopener" >Chirpy</a> theme for <a href="https://jekyllrb.com" target="_blank" rel="noopener">Jekyll</a>.</p></footer></div></div><div id="search-result-wrapper" class="d-flex justify-content-center unloaded"><div class="col-11 content"><div id="search-hints"></div><div id="search-results" class="d-flex flex-wrap justify-content-center text-muted mt-3"></div></div></div></div><aside aria-label="Scroll to Top"> <button id="back-to-top" type="button" class="btn btn-lg btn-box-shadow" > <i class="fas fa-angle-up"></i> </button></aside></div><div id="mask"></div><script src="https://cdn.jsdelivr.net/combine/npm/[email protected]/dist/jquery.min.js,npm/[email protected]/dist/js/bootstrap.bundle.min.js,npm/[email protected]/dest/simple-jekyll-search.min.js,npm/[email protected]/dist/loading-attribute-polyfill.umd.min.js,npm/[email protected]/dayjs.min.js,npm/[email protected]/locale/en.min.js,npm/[email protected]/plugin/relativeTime.min.js,npm/[email protected]/plugin/localizedFormat.min.js,npm/[email protected]/dist/tocbot.min.js"></script> <script defer src="/assets/js/dist/home.min.js"></script> <script> /* Note: dependent library will be loaded in `js-selector.html` */ SimpleJekyllSearch({ searchInput: document.getElementById('search-input'), resultsContainer: document.getElementById('search-results'), json: '/assets/js/data/search.json', searchResultTemplate: '<article class="px-1 px-sm-2 px-lg-4 px-xl-0"><header><h2><a href="{url}">{title}</a></h2><div class="post-meta d-flex flex-column flex-sm-row text-muted mt-1 mb-1"> {categories} {tags}</div></header><p>{snippet}</p></article>', noResultsText: '<p class="mt-5">Oops! No results found.</p>', templateMiddleware: function(prop, value, template) { if (prop === 'categories') { if (value === '') { return `${value}`; } else { return `<div class="me-sm-4"><i class="far fa-folder fa-fw"></i>${value}</div>`; } } if (prop === 'tags') { if (value === '') { return `${value}`; } else { return `<div><i class="fa fa-tag fa-fw"></i>${value}</div>`; } } } }); </script>