Last year the Journal of Cyber Policy did a survey on firmware security:
Firmware is a cyberattack vector. While public attention focuses on cyberattacks and data breaches conducted over networks with software-borne malware, the risk of malicious code embedded in the firmware of millions of digital devices poses a potentially more serious threat to cybersecurity. This report reviews how security professionals view the firmware threat as well as their impression of the tech industry’s readiness to detect and prevent a firmware-based attack.
.
https://journalofcyberpolicy.com/2018/02/05/take-firmware-security-survey/
https://journalofcyberpolicy.com/2018/04/20/firmware-vulnerable-hacking-can-done/
https://journalofcyberpolicy.com/2018/10/12/the-firmware-risk/
https://journalofcyberpolicy.com/2018/01/29/understanding-the-firmware-threat/
https://journalofcyberpolicy.com/firmware-threat-report/
https://journalofcyberpolicy.com/?s=firmware
Firmware Security 