DARTA
TA002 Resource Development · T002.004 — Technique

Develop Malicious Firmware or Software

Min. actor: L2 – Technical All

Creation of trojanized firmware images, malicious GCS plugins, or backdoored autopilot configurations intended for supply chain delivery.

Sub-techniques (4)

Applicable countermeasures

CM-009 UAS Supply Chain Risk Management
Component provenance verification, SBOM maintenance, vendor security assessments, and prohibition of high-risk source components.
NIST SP 800-161r1 · NIST SP 800-53 SR-3 · US NDAA Sec. 848 · EU Cyber Resilience Act
Open in the interactive matrix