NARF Industries plc announce a collaboration effort with MITRE and Red Balloon Security to develop a new threat model for embedded software and hardware solutions that mitigate cyber threats to critical infrastructure. MITRE is a not-for-profit US corporation with over $2.2 billion in annual revenues, and which manages federally funded research and development centers supporting a variety of US government agencies. Red Balloon Security provides firmware-level solutions for manufacturers to secure devices that protect essential infrastructure.

The new framework will focus on the critical infrastructure sector, which depends on embedded devices that often lack proper security controls and are increasingly threatened. EMB3D? is intended to be broadly used by organizations in the security ecosystem - device vendors, manufacturers, asset owners, security researchers, and testing organizations- to better evaluate device risks.

EMB3D is intended to be a living framework, where new threats and mitigations are added and updated over time as new threat actors emerge and security researchers discover new categories of vulnerabilities, threats, and security defenses. Anticipated to be released in early 2024, EMB3D will be a public community resource, where all information is openly available, and the security community can submit additions and revisions.