CIS ROS Melodic Benchmark 1.1.0 Checklist Details (Checklist Revisions)

Supporting Resources:


Target CPE Name
ROS Melodic cpe:/a:openrobotics:robot_operating_system:1:melodic (View CVEs)

Checklist Highlights

Checklist Name:
CIS ROS Melodic Benchmark
Checklist ID:
Review Status:
Third Party: Center for Internet Security (CIS)
Original Publication Date:

Checklist Summary:

This document provides prescriptive guidance for establishing a secure configuration posture for the Robot Operating System (ROS) Melodic running on Ubuntu Linux 18.04. Many lists are included including filesystem types, services, clients, and network protocols. Not all items in these lists are guaranteed to exist on all installations and additional similar items may exist which should be considered in addition to those explicitly mentioned. The guidance within broadly assumes that operations are being performed using sudo from a standard user account, and that ROS applications are running under a non-privileged user account. Operations performed using sudo instead of the root user may produce unexpected results, or fail to make the intended changes to the system, so all changes should be validated. The guidance in this document includes changes to the running system configuration. Failure to test system configuration changes in a test environment prior to implementation on a production system could lead to loss of services.

Checklist Role:

  • Client Operating System
  • Operating System

Known Issues:

Not provided.

Target Audience:

This benchmark is intended for roboticists building and testing robots before the robots are deployed in the field. It also targets system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate ROS running on Ubuntu Linux 18.04 LTS.

Target Operational Environment:

  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.


Not provided.


Product Support:

Point of Contact:


Not provided.


Change History:

updated status to FINAL - 11/5/2020


URL Description


Reference URL Description

NIST checklist record last modified on 11/05/2020