What is ROS Extended Security Maintenance?

This article was last updated 3 years ago.


Developing robots is not like building apps or IoT devices. Robots balance complex features such as scene awareness, social intelligence, physical intelligence, communication, dialogue, learning from interaction, memory, long-term autonomy, safe failure… the list goes on and on. 

As a result, robotics startups can take years to get to a minimum viable product (MVP). As code develops and packages change, the Robot Operating System (ROS) needs to be continuously patched and updated. This is time consuming and detracts from your robotics development, but running unpatched and unmaintained versions of ROS exposes your robot, company and customers to serious risk. 

Once deployed, robots are expected to last years on-site, meaning robotics companies either need to factor in OS and software upgrade into their maintenance plans, or run on unsupported software. This also affects those developing services for robots such as fleet management solutions, navigation or computer vision systems. 

As a result, whether in production or deployment, robots will inevitably live beyond the standard support lifecycle of the software powering it. Whether that’s Ubuntu, ROS or other dependencies (such as Python 2), your system will reach its end-of-life, that is, the end of updates, patches and maintenance. As an example, ROS Kinetic and Ubuntu Xenial End-Of-Life are upon us. 

Canonical’s ROS Extended Security Maintenance (ESM) precisely addresses this issue. As part of Ubuntu Advantage subscription, and delivered in partnership with Open Robotics, ROS ESM gives you a hardened and long-term supported ROS system for robots and its applications. 

Even if your ROS distribution hasn’t reached its End-Of-Life (EOL), you can count on backports for critical security updates and common vulnerabilities and exposures (CVE) fixes for your ROS environment. In addition, by enabling Canonical’s ESM repositories you will get trusted and stable binaries for your ROS and Ubuntu base OS distribution. Finally, our Ubuntu Advantage Advanced and Standard subscribers can now access enterprise support to report ROS bugs to guarantee high quality and timely fixes.       

How does ROS ESM work? 

As part of Ubuntu Advantage, ROS ESM builds upon the world-class infrastructure used by Canonical to deliver security updates for the Ubuntu base OS and critical infrastructure components. 

At Canonical, we develop security and update personal package archives (PPAs) for a number of service packages in the Ubuntu Main Repository and the Ubuntu Universe Repository. This includes available high and critical CVE fixes and security updates. For instance, at the time of writing, we have more than 5,000 CVE fixes for Xenial alone. These fixes reside in our ESM repository and are available to any Ubuntu Advantage client through subscription tokens. 

With ROS ESM, we have also included security and updates PPAs for core ROS packages. We will continue to backport critical security updates and bug fixes for ROS, for EOL and non-EOL distributions starting with ROS 1 Kinetic. 

The three main benefits of ROS ESM 

A hardened ROS environment 

It’s not unusual for upstream ROS components to break backward compatibility – API breakages, much less ABI. To retain stability and provide users with a resilient workspace, we patch security flaws, but we also eliminate API/ABI breakage from updates while fixing high and critical fixes and bugs. With ROS ESM, developers get curated packages that meet Canonical’s high standards for stability and interoperability. 

A long-term secure system for your robot

Since its inception in 2004, Ubuntu has been built on a foundation of enterprise-grade, industry-leading security practices. Canonical never stops working to keep Ubuntu at the forefront of safety and reliability. We are now extending our security commitment to the robotics field. ROS ESM provides backported security fixes for ROS well after the distribution is no longer supported upstream. Get security updates for ROS and the Ubuntu base OS, ensuring your entire stack is up-to-date, protecting your robot and customer. 

ROS single point of contact for
enterprise support

As part of Ubuntu Advantage, ROS ESM provides a single point of contact for all the software in ESM, including ROS, as opposed to trying to figure out where to log a bug or propose a fix and hoping it might get eyes at some point. Save engineering time and effort by contacting Canonical and Open Robotics for all the support you and your robot deserve. All in one place!     

Get ROS ESM now

Whether your ROS distribution is reaching its End-Of-Life, or you are not receiving the updates and fixes your system requires, ROS ESM is here to make your work easier.  

Get ROS ESM

Talk to us today

Interested in running Ubuntu in your organisation?

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Are you building a robot on top of Ubuntu and looking for a partner? Talk to us!

Contact Us

Related posts

ROS 2 Foxy and ROS Melodic EOL – Keep your robots up and running

ROS Melodic EOL is around the corner. With more than 1,004 repositories in rosdistro, Melodic is among the top 3 ROS distributions (with Indigo and Kinetic)....

Deploying scalable AI and real-time robots at ROSCon 24

Another year, another ROSCon! This year we’re setting off to Odense, Denmark. At Canonical, we are excited to once again sponsor this event for a community...

TurtleBot3 OpenCR firmware update from a snap

The TurtleBot3 robot is a standard platform robot in the ROS community, and it’s a reference that Canonical knows well, since we’ve used it in our tutorials....