U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS ROS Melodic Benchmark 1.1.0 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
ROS Melodic cpe:/a:openrobotics:robot_operating_system:1:melodic (View CVEs)

Checklist Highlights

Checklist Name:
CIS ROS Melodic Benchmark
Checklist ID:
966
Version:
1.1.0
Type:
Compliance
Review Status:
Final
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
09/24/2020

Checklist Summary:

This document provides prescriptive guidance for establishing a secure configuration posture for the Robot Operating System (ROS) Melodic running on Ubuntu Linux 18.04. Many lists are included including filesystem types, services, clients, and network protocols. Not all items in these lists are guaranteed to exist on all installations and additional similar items may exist which should be considered in addition to those explicitly mentioned. The guidance within broadly assumes that operations are being performed using sudo from a standard user account, and that ROS applications are running under a non-privileged user account. Operations performed using sudo instead of the root user may produce unexpected results, or fail to make the intended changes to the system, so all changes should be validated. The guidance in this document includes changes to the running system configuration. Failure to test system configuration changes in a test environment prior to implementation on a production system could lead to loss of services.

Checklist Role:

  • Client Operating System
  • Operating System

Known Issues:

Not provided.

Target Audience:

This benchmark is intended for roboticists building and testing robots before the robots are deployed in the field. It also targets system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate ROS running on Ubuntu Linux 18.04 LTS.

Target Operational Environment:

  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Product Support:

https://www.cisecurity.org/support/

Point of Contact:

benchmarkinfo@cisecurity.org

Sponsor:

Not provided.

Licensing:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Change History: 

updated status to FINAL - 11/5/2020

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 11/05/2020