Firmware Command and Control will create an agile embedded response capability foundational with baselined firmware and behaviors with bi-directional sharing of threat to upstream energy security operations
Value Proposition
* Embedded devices control the most critical functions on the electric grid with little to no insight into the firmware or ability to mitigate from cyber attacks.
* The adversaries have ‘raced to the bottom’ hiding access in embedded devices
* Firmware will be baselined to detect changes with advanced ML similarity with constraints
* Embedded host agile response
* Structured threat sharing between the device and upstream security
* Firmware C2 will monitor and mitigate previously unmonitored devices controlling the most critical functions in the electric grid.
Project Objectives:
* Baselined embedded firmware with all constraints for setting changes
* Low-impact cyber operations protected/hidden from adversaries
* Structured Threat: Visual, Sharable, Actionable, and Implementable (IT/OT)
* Firmware C2 uses recent ML concepts to baseline firmware to detect unexplained changes, described in structured threat for bi-direction upstream energy security operations actions and awareness.
https://gmlc.doe.gov/projects/5.1.1
Firmware Security 