Visible to the public Biblio

Filters: Keyword is firmware  [Clear All Filters]
2021-10-26
Raymond Richards.  2021.  Vetting Commodity IT Software and Firmware (VET) .

Government agencies and the military rely upon many kinds of Commercial Off-the-Shelf (COTS) commodity Information Technology (IT) devices, including mobile phones, printers, computer workstations and many other everyday items. Each of these devices is the final product of long supply chains involving many vendors from many nations providing various components and subcomponents, including considerable amounts of software and firmware. Long supply chains provide adversaries with opportunities to insert hidden malicious functionality into this software and firmware that adversaries can exploit to accomplish harmful objectives, including exfiltration of sensitive data and sabotage of critical operations.

Mario Ayala, Rob Cantu, Richard Holder, Jeff Huegel, Niten Malik, Michalina M., Adrienne Raglin, Ashley Reichert, Ash Richter, Kimberley Sanders.  2019.  Industrial Internet of Things (IIoT) Interconnections.

IIoT devices are sourced in many different countries and contain many components including hardware, software, and firmware. Each of these devices and components have a supply chain that can be compromised at many points including by the manufacturer, the software libraries, the shippers, the distributors and more.