[Aero]

As FRC's control system moves towards popular technologies, it seems inevitable that security vulnerabilities will be discovered in components of the FRC control system. If someone were to find a software vulnerability somewhere in the FRC control system, what's the procedure to responsibly disclose it to FIRST and allow ample time for patching before public disclosure? Previous exploits have been demonstrated against FMS publicly (you may recall the 2012 Einstein incident), and I think it would be a good idea if FIRST had some clear policy laid out so people don't resort to demonstrating exploits live.