...section
Major updates:
- Binwalk v3 Rust rewrite notes and performance guidance
- EMBA SBOM generation capabilities (2024 update)
- Comprehensive SBOM methodology subsection
- C/C++ SAST tools (Cppcheck, Flawfinder, Clang-Tidy, CodeQL, Semgrep)
- Memory corruption & command injection vulnerability focus
- CVE examples spanning consumer SOHO routers to enterprise (Cisco IOS XE)
Policy compliance:
- Removed deprecated links (LGTM shut down 2022)
- Removed all commercial tool references (IDA Pro, Binary Ninja, etc.)
- Replaced with FOSS alternatives (Ghidra, Radare2, Rizin, Cutter)
Cleanup:
- Removed 5 unused screenshot files (0,1,2,5,6.png)
- Updated U-Boot URL to current documentation site
- Replaced commercial bug trackers with open platforms

Enhanced FSTM with OWASP IoT Security Verification Standard (ISVS) references to support requirements-driven firmware security assessments:
- Introduction: Added ISVS context alongside ISTG in methodology overview
- IoT Frameworks Section: Retitled from "Integrating FSTM with OWASP ISTG" to "Integrating FSTM with OWASP IoT Security Frameworks"
- ISVS Subsection: Added comprehensive guidance on using ISVS requirements to drive FSTM testing scope
 - Requirements → Testing → Verification workflow diagram
 - Mapping table: ISVS V3/V4 requirements to FSTM stages
 - Security levels (L1/L2/L3) to FSTM testing depth guidance
 - Example requirements-driven assessment workflow
 - Key ISVS requirements for firmware testing (V1.1.1, V3.2.2, V3.4.1, V4.1.1, V4.2.1)
- SBOM Section: Added ISVS V1.1.1 requirement reference for SBOM compliance verification
ISVS complements FSTM by defining WHAT security controls must be implemented (requirements), while FSTM defines HOW to test firmware components (methodology). This integration enables compliance-driven firmware assessments with clear success criteria.