Resources and Further Reading
Last reviewed: · Reviewed by the BRIGHTCYTE technical team
This page collects reputable primary sources on firmware security, hardware implants, and covert communication below the operating system, alongside BRIGHTCYTE topic pages that explain these concepts in plain language. The external references are grouped by type so you can move from frameworks and standards to government guidance and documented research.
Frameworks and Standards
MITRE ATT&CK
MITRE ATT&CK: Firmware Corruption (T1495)Describes how adversaries overwrite or corrupt firmware to disrupt or persist on a system.
MITRE ATT&CK
MITRE ATT&CK: Pre-OS Boot (T1542)Covers techniques that abuse firmware and the boot process to gain persistence below the operating system.
NIST · 2018
NIST SP 800-193: Platform Firmware Resiliency GuidelinesDefines protection, detection, and recovery principles for platform firmware integrity.
Government Guidance
CISA
Cybersecurity and Infrastructure Security AgencyPublishes guidance and advisories on supply chain and firmware-level risks.
BSI
Bundesamt für Sicherheit in der InformationstechnikThe German federal cyber security authority provides standards and guidance relevant to firmware and hardware security.
ENISA
ENISA Threat LandscapeThe EU cyber security agency documents evolving supply chain and hardware-related threats.
Vendor Research
Microsoft Security
Microsoft Security Blog: UEFI and Firmware ThreatsMicrosoft research and guidance on firmware-level attacks and platform protections.
