Hi Steven,
I think it has been evaluated at CERN some time ago:
http://www.aps.anl.gov/epics/tech-talk/1996/msg00179.php
and
https://itco.web.cern.ch/itco/Projects-Services/JCOP/CompleteProjects/EPICS/EPICS/memo1-1.html
From my experience, networks running EPICS should be shielded from the
lab's public networks (or at least the EPICS ports should be blocked
against those accesses). Once an 'internal' attacker knows that there is
EPICS running, he could try to figure out the PV names etc. etc.
Port scans and connection attempts are visible in the logs as protocol
errors of the iocsh.
With best regards
Hermann-Josef
On 09/17/2015 05:43 PM, Hartman, Steven M. wrote:
> We are currently in the middle of a cyber security audit of our accelerator control system. The auditors have asked if there has ever been a formal security assessment of EPICS / Channel Access.
>
> Any comments?
>
> thanks,
>
Attachment:
signature.asc
Description: OpenPGP digital signature
- References:
- "security audit" of EPICS / Channel Access? Hartman, Steven M.
- Navigate by Date:
- Prev:
"security audit" of EPICS / Channel Access? Hartman, Steven M.
- Next:
RE: Unable to build support modules on Windows, with base 3.15.2 Mark Rivers
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
<2015>
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
"security audit" of EPICS / Channel Access? Hartman, Steven M.
- Next:
Re: "security audit" of EPICS / Channel Access? J. Lewis Muir
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
<2015>
2016
2017
2018
2019
2020
2021
2022
2023
2024
|