Your submission was sent successfully! Close

Canonical takes leadership role in security for ROS

joemcmanus

on 26 February 2020

Canonical is committed to the future of robotics, as proven a short time ago when we joined the Technical Steering Committee of the second version of the Robot Operating System (ROS 2). We’re also dedicated to building a foundation of enterprise-grade, industry leading security practices within Ubuntu, so we’re excited to join both of these strengths with our own Joe McManus taking the helm of the ROS 2 Security Working Group.

We believe robots based on Linux are cheaper to develop, more flexible, faster to market, easier to manage, and more secure. While ROS began as an academic project over a decade ago, it has grown to become the most popular middleware for creating Linux-powered robots. It has harnessed the power of open source, allowing for many of the complex problems faced by robotics to be solved through collaboration. The ROS developer community has continued to grow, and ROS now enjoys an increasing amount of commercial use and supported robots. In response, the ROS community has completely overhauled the ROS codebase and started distributing ROS 2.

The promise of ROS 2

ROS 2 maintains the flexibility of ROS 1 while adding technology critical to enabling security at its very core, technology which is largely transparent to ROS developers. We detailed how this works in a previous post.

Some of the ROS security related work being spearheaded by Canonical includes:

  • Creating a Node Interface Definition Language which describes how each node is configured and how it communicates with other nodes. This definition language will allow ROS developers to define access controls at design-time, which can be enforced and monitored at run-time. Eventually, it will make enabling ROS 2 security features as simple as flipping a switch.
  • Scanning the ROS code repositories with Coverity to identify source code defects and vulnerabilities.
  • Drafting a vulnerability disclosure policy for ROS.
  • Building a Capture-the-Flag scenario as an engaging way to introduce security red-team players to robotics security while also conducting dynamic application security testing of the ROS code base.

Enabling the secure future of robotics

We’re continually excited by the ingenuity of this particular open-source community, and we look forward to continuing to mature the security features within ROS 2. We’re convinced it will develop into an ecosystem where security is as easy as a flip of a switch. Want to get involved? Visit https://discourse.ros.org/tag/wg-security to be notified of our monthly meetings. 

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Are you building a robot on top of Ubuntu and looking for a partner? Talk to us!

Contact Us

Related posts

Hardened ROS with 10 year security from Open Robotics and Canonical

Canonical ROS ESM customers now can access a long-term supported ROS and Ubuntu environment by the Ubuntu and ROS experts. Learn more about ROS ESM. 6 April...

Getting started with micro-ROS on the Raspberry Pi Pico

In this post we will see how the Raspberry Pi Pico can natively speak to a ROS2 graph using micro-ROS. We will set up a project in VSCode, compile and upload...

The State of Robotics – November 2020

Goodbye Thanksgiving (well, for some of us), hello Christmas! The holiday season really is the best, and it always brings interesting robotics news, which we...