Canonical takes leadership role in security for ROS

joemcmanus

on 26 February 2020

Canonical is committed to the future of robotics, as proven a short time ago when we joined the Technical Steering Committee of the second version of the Robot Operating System (ROS 2). We’re also dedicated to building a foundation of enterprise-grade, industry leading security practices within Ubuntu, so we’re excited to join both of these strengths with our own Joe McManus taking the helm of the ROS 2 Security Working Group.

We believe robots based on Linux are cheaper to develop, more flexible, faster to market, easier to manage, and more secure. While ROS began as an academic project over a decade ago, it has grown to become the most popular middleware for creating Linux-powered robots. It has harnessed the power of open source, allowing for many of the complex problems faced by robotics to be solved through collaboration. The ROS developer community has continued to grow, and ROS now enjoys an increasing amount of commercial use and supported robots. In response, the ROS community has completely overhauled the ROS codebase and started distributing ROS 2.

The promise of ROS 2

ROS 2 maintains the flexibility of ROS 1 while adding technology critical to enabling security at its very core, technology which is largely transparent to ROS developers. We detailed how this works in a previous post.

Some of the ROS security related work being spearheaded by Canonical includes:

  • Creating a Node Interface Definition Language which describes how each node is configured and how it communicates with other nodes. This definition language will allow ROS developers to define access controls at design-time, which can be enforced and monitored at run-time. Eventually, it will make enabling ROS 2 security features as simple as flipping a switch.
  • Scanning the ROS code repositories with Coverity to identify source code defects and vulnerabilities.
  • Drafting a vulnerability disclosure policy for ROS.
  • Building a Capture-the-Flag scenario as an engaging way to introduce security red-team players to robotics security while also conducting dynamic application security testing of the ROS code base.

Enabling the secure future of robotics

We’re continually excited by the ingenuity of this particular open-source community, and we look forward to continuing to mature the security features within ROS 2. We’re convinced it will develop into an ecosystem where security is as easy as a flip of a switch. Want to get involved? Visit https://discourse.ros.org/tag/wg-security to be notified of our monthly meetings. 

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Select topics you’re
interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Are you building a robot on top of Ubuntu and looking for a partner? Talk to us!

Contact Us

Related posts

The State of Robotics – July 2020

We know a lot of you are on vacation so we’ll keep this month’s State of Robotics edition short and sweet. Try out the Hello World of ROS Looking for an easy...

Simulate the TurtleBot3

Interested in getting started in robotics? There’s no need to purchase expensive hardware before you try some things out: simulate a TurtleBot3 instead! The...

ROS Security Benchmark open for public comment

We’re pleased to announce that the Center for Internet Security (CIS) has publicly released the ROS Security Benchmark for community discussion. When...