Miles Jamison 
MITRE has launched the Embedded Systems Threat Matrix, or ESTM, a cybersecurity framework created in partnership with the U.S. Air Force’s Cyber Resiliency Office for Weapon Systems, or CROWS.
Save your seat for the Potomac Officers Club’s 2026 Cyber Summit on May 21 to gain insights into federal cybersecurity challenges and initiatives, as well as zero trust readiness ahead of the Department of War’s 2027 deadline.
What Is the Embedded Systems Threat Matrix?
ESTM is a framework designed to safeguard embedded systems supporting critical infrastructure and defense technologies, MITRE said Tuesday. It is modeled after the MITRE ATT&CK framework and grounded in the company’s proof-of-concept and theoretical research.
How Does the ESTM Framework Work?
The structured framework outlines tactics and techniques for attacking embedded systems. It equips researchers, vendors and security professionals with tools to identify and mitigate cyberthreats, address vulnerabilities and strengthen system security across healthcare, energy, robotics, industrial controls and transportation sectors.
“Embedded systems are the foundation of our critical infrastructure and defense capabilities, but they face complex and growing cyber risks. ESTM fills a key gap by giving defenders clear, actionable information to identify and stop cyber threats against these essential systems,” said Keoki Jackson, senior vice president of national security at MITRE.
