{"id":3295,"date":"2026-03-16T14:59:55","date_gmt":"2026-03-16T13:59:55","guid":{"rendered":"https:\/\/www.spacesecurity.info\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/"},"modified":"2026-03-16T19:17:15","modified_gmt":"2026-03-16T18:17:15","slug":"exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model","status":"publish","type":"post","link":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/","title":{"rendered":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model"},"content":{"rendered":"<p>Recently, MITRE released ESTM (Embedded Systems Threat Matrix), a new cybersecurity framework designed to protect embedded systems. Built on the proven ATT&amp;CK\u00ae methodology, ESTM organizes tactics and techniques (TTPs) tailored to embedded environments.<\/p>\n<p>In parallel, MITRE launched EMB3D in 2024, a threat model focused on secure-by-design embedded devices, while ESTM takes an offensive approach as an attack matrix.<\/p>\n<p>This article explores how ESTM and EMB3D can work together for comprehensive embedded system defense.<\/p>\n<h1>ESTM and EMB3D<\/h1>\n<p>ESTM and EMB3D are designed to be complementary: you can use EMB3D to drive secure\u2011by\u2011design requirements and mitigations at device level, and ESTM to map real attacker behaviors and operations against those devices throughout their lifecycle.<\/p>\n<h1>Mental model: what each brings<\/h1>\n<p><a href=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-3309\" src=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-1024x571.jpg\" alt=\"\" width=\"696\" height=\"388\" srcset=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-1024x571.jpg 1024w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-300x167.jpg 300w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-768x428.jpg 768w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-696x388.jpg 696w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D-1068x596.jpg 1068w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg 1280w\" sizes=\"auto, (max-width: 696px) 100vw, 696px\" \/><\/a><\/p>\n<ul>\n<li>EMB3D is a curated threat model for embedded devices that maps device properties to known threats and prescribes tiered mitigations (Foundational\/Intermediate\/Leading). We explore more in depth MITRE EMB3D in <a href=\"https:\/\/www.spacesecurity.info\/mitre-releases-emb3d-a-cybersecurity-threat-model-for-embedded-devices\/\">this article<\/a>.<\/li>\n<li>ESTM is an ATT&amp;CK\u2011style matrix of tactics and techniques tailored to embedded systems, focused on how adversaries actually operate (kill\u2011chain perspective).\u00a0We explore more in depth MITRE ESTM in <a href=\"https:\/\/www.spacesecurity.info\/introducing-the-new-mitre-embedded-systems-threat-matrix-estm\/\">this article<\/a>.<\/li>\n<li>MITRE explicitly states ESTM \u201cworks with\u201d EMB3D to provide a complete resource for secure system design and defense.<\/li>\n<\/ul>\n<h1>Typical workflow: EMB3D \u2192 ESTM \u2192 EMB3D<\/h1>\n<p><strong>1. Architecture &amp; design (EMB3D first)<\/strong><\/p>\n<ul>\n<li>Use EMB3D Properties to model your device (boot architecture, debug interfaces, comms stacks, safety features, etc.).<\/li>\n<li>From those Properties, enumerate relevant Threats and associated Mitigations, and derive security requirements (e.g. \u201cprotect firmware update mechanism\u201d, \u201charden debug ports\u201d).<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-2859\" src=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-1024x442.png\" alt=\"\" width=\"696\" height=\"300\" srcset=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-1024x442.png 1024w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-300x129.png 300w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-768x331.png 768w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-1536x663.png 1536w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-2048x883.png 2048w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-696x300.png 696w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-1068x461.png 1068w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/workflow-summary-1920x828.png 1920w\" sizes=\"auto, (max-width: 696px) 100vw, 696px\" \/><\/a><\/p>\n<p><strong>2. Adversary behavior mapping (ESTM)<\/strong><\/p>\n<ul>\n<li>For each EMB3D Threat, identify which ESTM tactics\/techniques an attacker would likely use (e.g. Initial Access via supply\u2011chain, Firmware Persistence via malicious bootloader, Lateral Movement over fieldbus).<\/li>\n<li>Use this to define detection use\u2011cases, test scenarios, and red\u2011team playbooks that are realistic for embedded environments (not generic IT ATT&amp;CK).<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1.jpeg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3266\" src=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1.jpeg\" alt=\"\" width=\"696\" height=\"522\" srcset=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1.jpeg 1024w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1-300x225.jpeg 300w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1-768x576.jpeg 768w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1-80x60.jpeg 80w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1-696x522.jpeg 696w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/ESTMnew-1-265x198.jpeg 265w\" sizes=\"auto, (max-width: 696px) 100vw, 696px\" \/><\/a><\/p>\n<p><strong>3. Refine mitigations and coverage (back to EMB3D)<\/strong><\/p>\n<ul>\n<li>Take the ESTM techniques you care about most (based on threat intel, safety impact, mission impact) and check whether EMB3D\u2019s mitigations and tiers give you enough depth for each mapped Threat.<\/li>\n<li>Where there is an ESTM technique with weak or missing mitigations in your design, prioritize closing those gaps using EMB3D\u2019s mitigation guidance, aligned where relevant with ISA\/IEC 62443\u20114\u20112.<\/li>\n<\/ul>\n<p><strong>A simple example:<\/strong><\/p>\n<ul>\n<li>EMB3D says: your MCU exposes unauthenticated debug\/UART (Property \u2192 Threat \u201cunauthorized debug access\u201d) and recommends mitigations like physical protection, debug lock, and authenticated debug unlock.<\/li>\n<li>ESTM lets you express how an attacker would use that in a campaign: Reconnaissance (locating interface), Initial Access (physical or proximity), Credential Access (dump secrets via debug), Persistence (modifying firmware), and Impact (tampering with control logic).<\/li>\n<li>You can now:\n<ul>\n<li>Turn those ESTM techniques into test cases for lab exploitation and purple\u2011team exercises.<\/li>\n<li>Use EMB3D\u2019s mitigation tiers to decide what level (Foundational vs Leading) you need based on your risk appetite and safety context.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Role split: secure\u2011by\u2011design vs operations<\/h2>\n<ul>\n<li><strong>Product \/ system engineers<\/strong>\n<ul>\n<li>Primary lens: EMB3D to capture device properties, threats, and mitigation roadmaps across product generations.<\/li>\n<li>ESTM used to ensure requirements consider concrete adversary workflows and to validate that design controls actually break likely attack chains.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Blue \/ red \/ purple teams &amp; OT SOC<\/strong>\n<ul>\n<li>Primary lens: ESTM to model attack paths, prioritize monitoring at firmware\/boot\/fieldbus levels, and build detection content.<\/li>\n<li>EMB3D used as the \u201cdefensive catalogue\u201d to validate that for each high\u2011value tactic\/technique they are trying to detect, the underlying device has the right mitigations or compensating controls.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Practical integration ideas<\/h1>\n<ul>\n<li><strong>Bidirectional mapping<\/strong>: maintain an internal mapping table: EMB3D Threat IDs \u2194 ESTM tactics\/techniques, plus links to ATT&amp;CK where relevant, so you can pivot between design, testing, and SOC views. (MITRE notes EMB3D already aligns with ATT&amp;CK\/CWE\/CVE, which helps here.)<\/li>\n<li><strong>Tooling and STIX<\/strong>: EMB3D 2.0 provides a STIX 2.1 JSON format, enabling ingestion into threat\/vuln tooling; you can extend that repo with fields for associated ESTM techniques to keep everything in one knowledge base.<\/li>\n<li><strong>Standards alignment<\/strong>: use EMB3D\u2019s 62443\u20114\u20112 alignment to show compliance of mitigations, while ESTM scenarios feed into security test plans and evidence for those same controls.<\/li>\n<\/ul>\n<h1>Exploring recent studies<\/h1>\n<p><a href=\"https:\/\/www.spacesecurity.info\/how-i-used-mitre-emb3d-threat-model-to-identify-siemens-plc-vulnerabilities-exploited-by-stuxnet-worm\/\">In this article<\/a>, I show how I used the MITRE EMB3D\u2122 Threat Model to identify vulnerabilities in SIEMENS PLCs that were exploited by the Stuxnet worm to sabotage the Iran\u2019s nuclear centrifuges.<\/p>\n<p><a href=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-large wp-image-2886\" src=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-1024x367.jpg\" alt=\"\" width=\"696\" height=\"249\" srcset=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-1024x367.jpg 1024w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-300x107.jpg 300w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-768x275.jpg 768w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-1536x550.jpg 1536w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-2048x734.jpg 2048w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-696x249.jpg 696w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-1068x383.jpg 1068w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2024\/05\/EMB3D-Threat-Heat-Map-for-Siemens-S7-PLCs-1920x688.jpg 1920w\" sizes=\"auto, (max-width: 696px) 100vw, 696px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/www.spacesecurity.info\/an-analysis-of-the-thales-satellite-hacking-demo-at-cysat-2023-with-the-mitre-emb3d-threat-model\/\">In this article<\/a>, I show how I used the MITRE EMB3D\u2122 Threat Model to break down the experiment of Thales satellite hacking demo at CYSAT 2023, identify key lessons learned, and record possible countermeasures.<\/p>\n<p><a href=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-3102\" src=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution.jpg\" alt=\"\" width=\"701\" height=\"402\" srcset=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution.jpg 942w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution-300x172.jpg 300w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution-768x440.jpg 768w, https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2025\/03\/THALES-OPS-SAT-Arbitrary-Code-Execution-696x399.jpg 696w\" sizes=\"auto, (max-width: 701px) 100vw, 701px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, MITRE released ESTM (Embedded Systems Threat Matrix), a new cybersecurity framework designed to protect embedded systems. Built on the proven ATT&amp;CK\u00ae methodology, ESTM organizes tactics and techniques (TTPs) tailored to embedded environments. In parallel, MITRE launched EMB3D in 2024, a threat model focused on secure-by-design embedded devices, while ESTM takes an offensive approach as [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3310,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38,28,19],"tags":[],"class_list":{"0":"post-3295","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-en","8":"category-satellite-en","9":"category-united-states"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info\" \/>\n<meta property=\"og:description\" content=\"Recently, MITRE released ESTM (Embedded Systems Threat Matrix), a new cybersecurity framework designed to protect embedded systems. Built on the proven ATT&amp;CK\u00ae methodology, ESTM organizes tactics and techniques (TTPs) tailored to embedded environments. In parallel, MITRE launched EMB3D in 2024, a threat model focused on secure-by-design embedded devices, while ESTM takes an offensive approach as [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/\" \/>\n<meta property=\"og:site_name\" content=\"Space &amp; Cybersecurity Info\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-16T13:59:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-16T18:17:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"714\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fran\u00e7ois Quiquet\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fran\u00e7ois Quiquet\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/\"},\"author\":{\"name\":\"Fran\u00e7ois Quiquet\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/person\\\/5e36ba49bf1d87a387c9ab60c233013c\"},\"headline\":\"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model\",\"datePublished\":\"2026-03-16T13:59:55+00:00\",\"dateModified\":\"2026-03-16T18:17:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/\"},\"wordCount\":806,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\",\"articleSection\":[\"Cyber\",\"Satellite\",\"United-States\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/\",\"name\":\"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\",\"datePublished\":\"2026-03-16T13:59:55+00:00\",\"dateModified\":\"2026-03-16T18:17:15+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\",\"contentUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/MITRE-ESTM-vs-MITRE-EMB3D.jpg\",\"width\":1280,\"height\":714},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\",\"name\":\"Space Cybersecurity Info\",\"description\":\"La cybers\u00e9curit\u00e9 appliqu\u00e9e au domaine de l&#039;espace\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#organization\",\"name\":\"Space Security Info\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/SSI-Logo-4.jpg\",\"contentUrl\":\"https:\\\/\\\/www.spacesecurity.info\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/SSI-Logo-4.jpg\",\"width\":594,\"height\":144,\"caption\":\"Space Security Info\"},\"image\":{\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/#\\\/schema\\\/person\\\/5e36ba49bf1d87a387c9ab60c233013c\",\"name\":\"Fran\u00e7ois Quiquet\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g\",\"caption\":\"Fran\u00e7ois Quiquet\"},\"description\":\"(EN) I'm a cybersecurity engineer in network, telecommunication and embedded\\\/integrated systems. Founder of the website spacesecurity.info. Passionate about cybersecurity and space, I share my two passions through this site. My goal is to federate a community around these two themes. Join my LinkedIn Group. (FR) Je suis ing\u00e9nieur cybers\u00e9curit\u00e9 en r\u00e9seau, t\u00e9l\u00e9communication et syst\u00e8mes embarqu\u00e9s et int\u00e9gr\u00e9s. Fondateur du site spacesecurity.info. Passionn\u00e9 de cybers\u00e9curit\u00e9 et du monde de l'espace, j'ai souhait\u00e9 partager mes deux passions \u00e0 travers ce site. Mon objectif est de f\u00e9d\u00e9rer une communaut\u00e9 autour de ces deux th\u00e8mes. Rejoindre mon groupe LinkedIn.\",\"sameAs\":[\"https:\\\/\\\/www.spacesecurity.info\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/francoisquiquet\\\/\"],\"url\":\"https:\\\/\\\/www.spacesecurity.info\\\/en\\\/author\\\/francois\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/","og_locale":"en_US","og_type":"article","og_title":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info","og_description":"Recently, MITRE released ESTM (Embedded Systems Threat Matrix), a new cybersecurity framework designed to protect embedded systems. Built on the proven ATT&amp;CK\u00ae methodology, ESTM organizes tactics and techniques (TTPs) tailored to embedded environments. In parallel, MITRE launched EMB3D in 2024, a threat model focused on secure-by-design embedded devices, while ESTM takes an offensive approach as [&hellip;]","og_url":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/","og_site_name":"Space &amp; Cybersecurity Info","article_published_time":"2026-03-16T13:59:55+00:00","article_modified_time":"2026-03-16T18:17:15+00:00","og_image":[{"width":1280,"height":714,"url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg","type":"image\/jpeg"}],"author":"Fran\u00e7ois Quiquet","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fran\u00e7ois Quiquet","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#article","isPartOf":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/"},"author":{"name":"Fran\u00e7ois Quiquet","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/person\/5e36ba49bf1d87a387c9ab60c233013c"},"headline":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model","datePublished":"2026-03-16T13:59:55+00:00","dateModified":"2026-03-16T18:17:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/"},"wordCount":806,"commentCount":0,"publisher":{"@id":"https:\/\/www.spacesecurity.info\/en\/#organization"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#primaryimage"},"thumbnailUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg","articleSection":["Cyber","Satellite","United-States"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/","url":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/","name":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model - Space &amp; Cybersecurity Info","isPartOf":{"@id":"https:\/\/www.spacesecurity.info\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#primaryimage"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#primaryimage"},"thumbnailUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg","datePublished":"2026-03-16T13:59:55+00:00","dateModified":"2026-03-16T18:17:15+00:00","breadcrumb":{"@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#primaryimage","url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg","contentUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2026\/03\/MITRE-ESTM-vs-MITRE-EMB3D.jpg","width":1280,"height":714},{"@type":"BreadcrumbList","@id":"https:\/\/www.spacesecurity.info\/en\/exploring-how-the-new-mitre-estm-embedded-systems-threat-matrix-can-work-in-conjunction-with-the-existing-mitre-emb3d-threat-model\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.spacesecurity.info\/en\/"},{"@type":"ListItem","position":2,"name":"Exploring how the new MITRE ESTM (Embedded Systems Threat Matrix) can work in conjunction with the existing MITRE EMB3D Threat Model"}]},{"@type":"WebSite","@id":"https:\/\/www.spacesecurity.info\/en\/#website","url":"https:\/\/www.spacesecurity.info\/en\/","name":"Space Cybersecurity Info","description":"La cybers\u00e9curit\u00e9 appliqu\u00e9e au domaine de l&#039;espace","publisher":{"@id":"https:\/\/www.spacesecurity.info\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.spacesecurity.info\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.spacesecurity.info\/en\/#organization","name":"Space Security Info","url":"https:\/\/www.spacesecurity.info\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2020\/05\/SSI-Logo-4.jpg","contentUrl":"https:\/\/www.spacesecurity.info\/wp-content\/uploads\/2020\/05\/SSI-Logo-4.jpg","width":594,"height":144,"caption":"Space Security Info"},"image":{"@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.spacesecurity.info\/en\/#\/schema\/person\/5e36ba49bf1d87a387c9ab60c233013c","name":"Fran\u00e7ois Quiquet","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e50e669b3dbfb22c278a01d57cebe52e5b3900d3301faa1c4fefe35cd22d2186?s=96&d=mm&r=g","caption":"Fran\u00e7ois Quiquet"},"description":"(EN) I'm a cybersecurity engineer in network, telecommunication and embedded\/integrated systems. Founder of the website spacesecurity.info. Passionate about cybersecurity and space, I share my two passions through this site. My goal is to federate a community around these two themes. Join my LinkedIn Group. (FR) Je suis ing\u00e9nieur cybers\u00e9curit\u00e9 en r\u00e9seau, t\u00e9l\u00e9communication et syst\u00e8mes embarqu\u00e9s et int\u00e9gr\u00e9s. Fondateur du site spacesecurity.info. Passionn\u00e9 de cybers\u00e9curit\u00e9 et du monde de l'espace, j'ai souhait\u00e9 partager mes deux passions \u00e0 travers ce site. Mon objectif est de f\u00e9d\u00e9rer une communaut\u00e9 autour de ces deux th\u00e8mes. Rejoindre mon groupe LinkedIn.","sameAs":["https:\/\/www.spacesecurity.info","https:\/\/www.linkedin.com\/in\/francoisquiquet\/"],"url":"https:\/\/www.spacesecurity.info\/en\/author\/francois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/3295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/comments?post=3295"}],"version-history":[{"count":6,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/3295\/revisions"}],"predecessor-version":[{"id":3313,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/posts\/3295\/revisions\/3313"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/media\/3310"}],"wp:attachment":[{"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/media?parent=3295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/categories?post=3295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spacesecurity.info\/en\/wp-json\/wp\/v2\/tags?post=3295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}