The National Risk Management Center spent the last four months determining the risks such software poses to national critical functions and developing tools to mitigate the threat.