Lecture Description:

The concept of Cyber Resiliency is moving to a model of “dynamic trust” to secure firmware from unauthorized access. Within a rapidly evolving global supply chain, new technologies & capabilities will be required by standards bodies in all segments. 
Cyber resiliency comes via parallel & reactive responses to attacks in real-time. Firmware protection through a system’s lifecycle, beginning with manufacturing through the supply chain, to integration, and its overall operational lifetime will become mandatory to repel these growing attacks. 
The National Vulnerability Database reported between 2016 & 2019 firmware vulnerabilities grew 700+ percent, and Gartner reports by 2022 “70 percent of organizations that do not have a firmware upgrade plan in place will be breached due to a firmware vulnerability.” 
The U.S. Government recognized this with the NIST Platform Firmware Resiliency (PFR) Guidelines. Additionally, the Trusted Computing Group (TCG) has a working group called Cyber Resilient Technologies (CyRes) that is quickly taking these guidelines toward an industry standard. This paper discusses the implications of all of this to embedded system security.