DHS announces program to mitigate vulnerabilities below the operating system | SC Media
Hardware security

DHS announces program to mitigate vulnerabilities below the operating system

May 19, 2021
A technician removes existing control wires in a SCADA cabinet in preparation for relocation. Officials from CISA announced a new initiative to fight firmware vulnerabilities lying beneath the surface of the operating system. (MTA Capital Construction Mega Projects/CC BY 2.0/https://creativecommons.org/licenses/by/2.0/deed.en)
  • Promote software bills of materials (SBOMS) extending to the firmware level
  • Have vendors include the intent of the components of the system
  • Produce analysis of code
  • Provide public risk scoring
  • Reduce purchasing of products that shape up poorly
prestitial ad