Cybersecurity / Startups

ReFirm Labs goes deep in the supply chain to get ahead of IoT security issues

The Fulton, Md.-based company wants to help spot security vulnerabilities in connected devices before they reach the market.

A screenshot of ReFirm Labs' Centrifuge Platform. (Courtesy image)

This editorial article is a part of's Growing Industries month, when Baltimore is focusing extra reporting on the topic of cybersecurity.

As the number of connected devices grows, the potential also exists that they could fall victim to a cyber attack.

As a company that focuses on Internet of Things (IoT) security, that’s a reality that members of the team at ReFirm Labs confronted first working at the National Security Agency, and now developing the Fulton, Md.-based company’s commercial product, called Centrifuge Platform.

The company’s own lifecycle to date shows a path through Maryland’s cybersecurity community: Members of the team honed experience inside NSA. Then they formed a company called Tactical Network Solutions. From that company’s work on the platform, ReFirm Labs spun out and received backing from DataTribe, a Fulton-based startup studio looking to support technologists who worked inside government agencies that are now building startups.

For his part, CEO Derick Naef, a two-decade veteran of leading startups in the region, joined the company in January. Cofounder Terry Dunlap, who was previously CEO, remains chief strategy officer.

While cybersecurity threats are often considered being directed toward a network or individual phones and computers, connected devices expand that realm to other things that are used in every day life. Naef sees awareness of the potential issues growing; there’s more media attention, for one. Yet the company is looking to address the issues in the place that’s further away from public gaze — in the factories and supply chains that produce the components for these devices to be made.

Putting together devices involves complex supply chains, so there could be vulnerabilities in a part that came from a manufacturer or another company — and that’s led to “a growing awareness that you need to look at not only the stuff you’re building, but also things you’re getting from suppliers,” Naef said. Ultimately, a security issue could lead to problems for the whole product, no matter where it came from.

The Centrifuge Platform is designed to help identify potential vulnerabilities by looking at images of the firmware that controls the devices to find potential vulnerabilities before attackers do.

ReFirm Labs looks to take a proactive approach: The Centrifuge Platform is designed to help identify potential vulnerabilities by looking at images of the firmware that controls the devices to find potential vulnerabilities before attackers do. The company is releasing a series of updates this spring, and among the new features is a malware and known exploits detector.

“As we identify exploits in different devices, we’re going to add that to our registry of exploits, and that will be something we’ll scan other firmware against to see if that’s present in other devices, as well,” Naef said.

Based out of the DataTribe, Naef said the eight-member team has also been adding customers. They’ve seen particular interest in the communication service provider market, which includes telecommunications companies, internet service providers, as well as cable and wireless companies, as well as from other industries.

“We’re seeing good customer uptake with the product,” Naef said.

These communication service companies send lots of devices out to customers, who use them to get internet and cable services in their homes, But the devices themselves are made by other suppliers who make and put together the component parts. So the firms want to know whether their could be potential security issues with a device like a router before it ends up in someone’s home.

ReFirm is also paying particular attention to malware known as LoJax, creating a tool to analyze the firmware which helps computer hardware communicate with software when a computer boots up known as UEFI.

Another sign that the company has been a leader is evident in an open source tool that was released before Centrifuge.

In 2010, principal reverse engineer Craig Heffner created an open source tool called Binwalk that’s designed to help researchers. It was designed as a resource, and Naef said said the tool has tens of thousands of users who are working on research to reverse engineer firmware images. The company wants to continue to support that community, and sees it as an “entry level tool.” So it’s continuing development with a new version called Binwalk Pro that has additional capabilities.

“It’s something we’ve built up to support the community, and we’d like to continue doing that,” Naef said.

Series: Growing Industries Month 2019

Knowledge is power!

Subscribe for free today and stay up to date with news and tips you need to grow your career and connect with our vibrant tech community.

Technically Media