The need for robust threat modeling frameworks in device and industrial control system (ICS) security is growing as cybersecurity threats evolve. Organizations and manufacturers are adopting advanced frameworks to anticipate and mitigate risks during the design phase, rather than reacting to security breaches after deployment.
Non-profit research organization MITRE has been at the forefront of this effort with its EMB3D framework, introduced in late 2023. Since then, MITRE has expanded EMB3D with detailed threat categories and mitigation recommendations, offering manufacturers, researchers, and cybersecurity vendors a unified approach to embedded security.
Comparing Leading Threat Modeling Frameworks
EMB3D is not the only framework gaining traction in the ICS and device security space. Microsoft’s STRIDE and MITRE ATT&CK for ICS also play key roles:
- STRIDE helps manufacturers categorize threats such as spoofing, tampering, repudiation, information disclosure, denial of service, and privilege escalation.
- ATT&CK for ICS focuses on documenting real-world attack techniques used against industrial systems, enabling security teams to map defenses to known adversary tactics.
While different frameworks serve different needs, adopting a standardized approach ensures organizations can analyze, communicate, and respond to threats effectively.
How EMB3D Integrates Security by Design
The latest EMB3D update focuses on mitigations that address specific threats. For instance:
- TID-201: Inadequate Bootloader Protection now includes a recommended countermeasure, MID-001: Software-Only Bootloader Authentication.
- This mitigation also helps prevent related threats such as TID-211: Unauthenticated Firmware Installation and TID-218: Rootkit Vulnerabilities.
These mitigations align with the Secure by Design principles promoted by CISA (Cybersecurity and Infrastructure Security Agency), which emphasize shifting security responsibility from end users to device manufacturers.
Organizations are already integrating EMB3D into their security workflows:
- MITRE uses EMB3D to study critical infrastructure threats in its CIDER Lab, modeling how different systems interconnect and create vulnerabilities.
- IriusRisk, a threat modeling firm, has incorporated EMB3D into its platform to help customers automate security risk assessments.
- Red Balloon Security applies EMB3D to product assessments, improving communication of risk mitigation strategies.
These use cases demonstrate how frameworks like EMB3D bridge the gap between research, manufacturing, and cybersecurity operations.
While MITRE’s EMB3D, Microsoft’s STRIDE, and ATT&CK for ICS each offer unique benefits, organizations must select a threat-driven, consequence-aware approach that best fits their security requirements.
“We curate intelligence to identify credible threats, assess key controls, and conduct targeted security hunts,” says Johnson from Dragos.
By aligning threat modeling with real-world risks, companies can prioritize security investments and enhance visibility into potential cyber threats before they become active exploits.
As cyber threats to ICS and embedded devices evolve, MITRE aims to expand EMB3D’s knowledge base to track the lifecycle of threat techniques—from proof-of-concept to active exploitation.
With broad adoption across manufacturers, cybersecurity vendors, and infrastructure operators, EMB3D and other threat modeling frameworks will play a crucial role in securing the next generation of industrial and embedded systems.
