What is Firmware?
Firmware is software that is permanently installed on hardware components and that drives the low-level functionality of a device. It sits between hardware and software and determines how a device behaves.
In OT environments, firmware governs the operation of critical systems such as PLCs, Sensors, HMIs, drives and communication modules.
🧠 Why is firmware important?
| Component | Firmware determines… |
|---|---|
| PLC | How logic is processed, cycle behaviour, communication |
| Sensor | Measurement ranges, protocols, update frequency |
| HMI | Interface behaviour, scripting, security settings |
| Network switch | VLAN configuration, routing functionality |
| Drives / actuators | Motion profiles, fail-safes, feedback methods |
Firmware often contains security- and performance-critical logic that is not visible to the user.
⚠️ Firmware in OT = risk
| Risk | Example in an OT context |
|---|---|
| Outdated firmware | Zero-day vulnerability in a communication protocol |
| Uncontrolled updates | Technician flashes the wrong version, system fails |
| Tampered firmware | Malware (e.g. Stuxnet) injects a backdoor into an industrial controller |
| No authentication | Firmware can be overwritten without Secure Boot or Code Signing |
🔧 Firmware management in OT environments
| Step | Action |
|---|---|
| Inventory | Use Asset Inventory to track firmware versions |
| Validation | Check checksums and the provenance of firmware |
| Update policy | Updates only via approved channels (patch management) |
| Signing & authentication | Use Firmware Signing and Secure Boot |
| Logging | Log and verify firmware changes via SIEM or SOC |
✅ Best practices
- Update firmware in line with a predefined process (test → acceptance → live)
- Block unencrypted firmware uploads via USB, SD, Ethernet
- Use suppliers that support SBOM (Software Bill of Materials) and Code Signing
- Document version numbers, vulnerabilities and update history per asset
- Regularly assess firmware in Vulnerability Management and Threat Intelligence
📌 In summary
Firmware is the invisible engine of industrial automation. Managing firmware versions, authentication and updates is crucial for safety, availability and Compliance.