R. Wheeler
Zetier, Virginia, United States
Keywords: Embedded, Forensics, Cyber
Embedded devices form the backbone of critical U.S. Government and private sector infrastructure, powering defense, industrial, and commercial systems. Yet these devices are often poorly maintained and lack the layered protections of modern platforms. Even when designed with security in mind, most embedded systems provide little to no forensic capability, limiting defenders’ ability to investigate compromise or detect persistent threats. Once breached, attackers can remain undetected for years, quietly undermining the security and reliability of the systems on which national security and economic stability depend. Zetier is addressing this gap by developing forensic capture and analysis techniques tailored to embedded systems. Our research spans software defensive agents deployable on a wide variety of embedded architectures; hardware agents that integrate directly onto circuit boards; and external capture kits performing forensic extraction over network, serial, or wireless interfaces. These approaches enable comprehensive snapshotting of live memory, persistent storage, and configuration data. Our research includes analysis techniques of these artifacts to establish baselines, detect malicious software, and identify unauthorized configuration changes. This adaptable framework provides unprecedented forensic insight into platforms historically opaque to defenders, empowering warfighters and civilians alike to uncover compromise and neutralize latent threats in their most critical systems.