Taking a gander at this article on Science Node, something caught my eye.
A lot of the same concerns that apply in the private or corporate sector apply to us as well. Where it gets interesting for us is the standard security mantra of turn on the updates, run security software or antivirus software doesn’t work very well for us.
Automatically updated software can break the data-taking process, and anything that would take all of or part of the detector off-line can be a serious problem for us.
I acknowledge that integrity and availability are primary concerns in their environment, confidentiality less so. But in the real world, things change, and new vulnerabilities are found all the time. You can’t gain the benefits of software or firmware, without the responsibilities: providing an upgrade path.