Speaker
Description
Secure PVAccess (SPVA) brings production-grade cybersecurity to the Experimental Physics and Industrial Control System (EPICS) framework by encapsulating the PVAccess protocol within Transport Layer Security (TLS). It integrates X.509 certificate-based authentication with common laboratory-wide services such as Kerberos and LDAP, and delivers a full certificate authority, management, and distribution solution. Leveraging this robust authentication layer, Secure PVAccess extends the existing EPICS Security model to enforce true Process Variable (PV) access control based on verified peer identities, attributes, and connection modes. We describe the overall architecture, key design decisions, software components, current status, envisioned future capabilities, and the collaborative effort driving this initiative.
