It’s long past time to move reverse engineering of embedded devices for the OT community towards a more actionable and scalable direction.
Construction, engineering, and system integration firms; asset owners and operators; and even product vendors have struggled under the existing CVE focused regime. The regime of reporting yet another product vulnerability and coming out with the same old “patching and network segmentation” as the panacea to mitigating everything. We all know this has not worked.
At AIT we’re constantly looking at how we in the community do things today and what gaps we believe should be addressed to move the ball forward. That’s why we believe reverse engineering should move towards an actionable analysis and mapping of vulnerabilities and weaknesses to the specific related ATT&CK tactics and techniques that could be used to exploit them. That then should be directly mapped to which ISA/IEC 62443 part 4-2 component security requirements could be securely designed into the product. Doing these things, we could mitigate those specific ATT&CK tactics and techniques for the discovered weaknesses and/or vulnerabilities.
Join AIT as we begin to address the gap we see in the status quo.