Virtualization Technology News and Information
ReFirm Labs Launches IoT Cybersecurity Education Program to Advance Cyber Skills and Tackle Emerging National Security Threats
ReFirm Labs, a provider of the industry's first proactive IoT and firmware security solutions, today launched the IoT Cybersecurity Education Program with the mission to advance cyber education around IoT devices while helping tackle the national security problem of emerging IoT threats. 

By providing free access to its Centrifuge automated firmware analysis platform, ReFirm Labs will put the latest technology into the hands of students and researchers at the nation's top universities to help them explore IoT device security, learn how to build secure products, and conduct their own research. 

As 5G communications take off, billions of devices will be connected to networks and critical infrastructure. This presents a major attack surface that has historically been vulnerable. In March the US Cyberspace Solarium Commission's report highlighted the threat to the nation from cyber attacks and provided recommendations, including improvements to cybersecurity education in order to address the cyber workforce gap of over half a million private and public sector jobs.

"Recently we have seen more universities incorporating firmware analysis and reverse engineering into their curriculum, to teach product security assessment techniques or to just educate students about the risks of network connected devices. We have also seen more students conducting and publishing their own vulnerability research," said Derick Naef, CEO of ReFirm Labs. "We are excited to help provide the hands-on education that is needed to build the next generation of cyber professionals and fill the cyber skills gap, and ultimately defend our society in cyberspace."

In the first phase of the program, ReFirm Labs will partner with 10 higher education institutions to provide access to the Centrifuge Platform. ReFirm will also create and foster a community to promote collaboration and sharing of curriculum, labs, and research ideas. Because Centrifuge is a cloud-based platform and requires no agents on the network or SDK implementation on the device, students and researchers can access it remotely for classes that have moved online. 

One early adopter of Centrifuge in the classroom, Dr. TJ O'Connor, Program Chair Cybersecurity for Computer Engineering and Sciences at Florida Tech, said "We used Centrifuge in an undergraduate class this spring, and it really opened the students' view of the abundance and severity of vulnerabilities in current firmware for a wide range of IoT devices. With the Centrifuge Code Analysis, students were able to uncover binaries with unsafe function calls and lacked memory protection. Further, with the Centrifuge Software BOM reports, our students uncovered current firmwares using legacy software components with known vulnerabilities. The ease of the platform provided students an opportunity to quickly dissect and discover the insecurity of several firmware samples."

Texas A&M will also adopt Centrifuge for undergraduate education, as well as to support research evaluating the cybersecurity of next generation equipment at the Internet2 Technology Evaluation Center (ITEC). Dr. Walt Magnussen, Director of ITEC said, "We work with more than 340 leading research universities in the nation to support the deployment of advanced communication and collaboration services such as Next Generation 9-1-1, Public Safety Voice Services and Public Safety Information Sharing. Information Assurance has to be a primary consideration in all of these areas. Providing access to IoT security tools such as Centrifuge supports our mission to collaborate with industry and make leading-edge technology accessible to graduate and undergraduate students."

ReFirm Labs is focused on building solutions to evaluate the security of IoT and embedded systems and is the creator of the binwalk open source tool, which is used by security researchers worldwide as a starting point in studying vulnerabilities in IoT devices. 

How to Participate in the IoT Cybersecurity Education Program 

Participation is open to higher education institutions with a cybersecurity curriculum that involves firmware analysis, penetration testing, reverse engineering, or building secure devices. Interested parties can reach out to ReFirm Labs by visiting the IoT Cybersecurity Education Program website:

Published Friday, July 24, 2020 11:27 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2020>