Canonical takes leadership role in security for ROS

joemcmanus

on 26 February 2020

Tags: robotics , ROS , ROS2

This article is more than 4 years old.


Canonical is committed to the future of robotics, as proven a short time ago when we joined the Technical Steering Committee of the second version of the Robot Operating System (ROS 2). We’re also dedicated to building a foundation of enterprise-grade, industry leading security practices within Ubuntu, so we’re excited to join both of these strengths with our own Joe McManus taking the helm of the ROS 2 Security Working Group.

We believe robots based on Linux are cheaper to develop, more flexible, faster to market, easier to manage, and more secure. While ROS began as an academic project over a decade ago, it has grown to become the most popular middleware for creating Linux-powered robots. It has harnessed the power of open source, allowing for many of the complex problems faced by robotics to be solved through collaboration. The ROS developer community has continued to grow, and ROS now enjoys an increasing amount of commercial use and supported robots. In response, the ROS community has completely overhauled the ROS codebase and started distributing ROS 2.

The promise of ROS 2

ROS 2 maintains the flexibility of ROS 1 while adding technology critical to enabling security at its very core, technology which is largely transparent to ROS developers. We detailed how this works in a previous post.

Some of the ROS security related work being spearheaded by Canonical includes:

  • Creating a Node Interface Definition Language which describes how each node is configured and how it communicates with other nodes. This definition language will allow ROS developers to define access controls at design-time, which can be enforced and monitored at run-time. Eventually, it will make enabling ROS 2 security features as simple as flipping a switch.
  • Scanning the ROS code repositories with Coverity to identify source code defects and vulnerabilities.
  • Drafting a vulnerability disclosure policy for ROS.
  • Building a Capture-the-Flag scenario as an engaging way to introduce security red-team players to robotics security while also conducting dynamic application security testing of the ROS code base.

Enabling the secure future of robotics

We’re continually excited by the ingenuity of this particular open-source community, and we look forward to continuing to mature the security features within ROS 2. We’re convinced it will develop into an ecosystem where security is as easy as a flip of a switch. Want to get involved? Visit https://discourse.ros.org/tag/wg-security to be notified of our monthly meetings. 

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Are you building a robot on top of Ubuntu and looking for a partner? Talk to us!

Contact Us

Related posts

Optimise your ROS snap – Part 2

Welcome to Part 2 of the “optimise your ROS snap” blog series. Make sure to check Part 1 before reading this blog post. This second part is going to present...

Optimise your ROS snap – Part 1

Do you want to optimise the performance of your ROS snap? We reduced the size of the installed Gazebo snap by 95%! This is how you can do it for your snap....

ROS orchestration with snaps

Application orchestration is the process of integrating applications together to automate and synchronise processes. In robotics, this is essential,...