Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

joemcmanus
on 26 February 2020

Canonical takes leadership role in security for ROS


Canonical is committed to the future of robotics, as proven a short time ago when we joined the Technical Steering Committee of the second version of the Robot Operating System (ROS 2). We’re also dedicated to building a foundation of enterprise-grade, industry leading security practices within Ubuntu, so we’re excited to join both of these strengths with our own Joe McManus taking the helm of the ROS 2 Security Working Group.

We believe robots based on Linux are cheaper to develop, more flexible, faster to market, easier to manage, and more secure. While ROS began as an academic project over a decade ago, it has grown to become the most popular middleware for creating Linux-powered robots. It has harnessed the power of open source, allowing for many of the complex problems faced by robotics to be solved through collaboration. The ROS developer community has continued to grow, and ROS now enjoys an increasing amount of commercial use and supported robots. In response, the ROS community has completely overhauled the ROS codebase and started distributing ROS 2.

The promise of ROS 2

ROS 2 maintains the flexibility of ROS 1 while adding technology critical to enabling security at its very core, technology which is largely transparent to ROS developers. We detailed how this works in a previous post.

Some of the ROS security related work being spearheaded by Canonical includes:

  • Creating a Node Interface Definition Language which describes how each node is configured and how it communicates with other nodes. This definition language will allow ROS developers to define access controls at design-time, which can be enforced and monitored at run-time. Eventually, it will make enabling ROS 2 security features as simple as flipping a switch.
  • Scanning the ROS code repositories with Coverity to identify source code defects and vulnerabilities.
  • Drafting a vulnerability disclosure policy for ROS.
  • Building a Capture-the-Flag scenario as an engaging way to introduce security red-team players to robotics security while also conducting dynamic application security testing of the ROS code base.

Enabling the secure future of robotics

We’re continually excited by the ingenuity of this particular open-source community, and we look forward to continuing to mature the security features within ROS 2. We’re convinced it will develop into an ecosystem where security is as easy as a flip of a switch. Want to get involved? Visit https://discourse.ros.org/tag/wg-security to be notified of our monthly meetings. 

Related posts


gbeuzeboc
11 April 2023

Optimise your ROS snap – Part 2

Robotics Article

Welcome to Part 2 of the “optimise your ROS snap” blog series. Make sure to check Part 1 before reading this blog post. This second part is going to present initial optimisations already used in the Gazebo snap. We will present the benefit that they could bring to our ROS snaps as well as the ...


gbeuzeboc
6 April 2023

Optimise your ROS snap – Part 1

Robotics Article

Do you want to optimise the performance of your ROS snap? We reduced the size of the installed Gazebo snap by 95%! This is how you can do it for your snap. Welcome to Part 1 of the “optimise your ROS snap” blog series. This series of 6 blogs will show the tools and methodologies ...


gbeuzeboc
22 September 2022

ROS orchestration with snaps

Robotics Article

Application orchestration is the process of integrating applications together to automate and synchronise processes. In robotics, this is essential, especially on complex systems that involve a lot of different processes working together. But, ROS applications are usually launched all at once from one top-level launch file. With orchestra ...