[ros-users] [Discourse.ros.org] [Next Generation ROS] DDS Se…

Forside
Dette indlæg hører under følgende tråd:
MDet komplette tråd-træ sorteret efter dato
M\Steven Turner via ros-users den <-
MMJaime Martin Losa via ros-users den ->
Vedhæftede filer:
Indlæg som e-mail
+ (text/plain)
Slet denne besked
Besvar denne besked
Skribent: Morgan Quigley via ros-users
Dato:  
Til: ros-users
Emne: [ros-users] [Discourse.ros.org] [Next Generation ROS] DDS Security Specification



Hi Steve,

Thanks for the question! And yes! Security of great interest to many of us. We are actively iterating with some ideas for how to integrate ROS 2 with DDS-Security. Everything is very much under construction at the moment, of course, but there are a few "sros2" branches that are getting closer to being a usable prototype.

We have been trying to put all of the security-related stuff in the `rcl` or lower layers. The goal is that the higher layers (i.e. the vast majority of code) won't need any changes, since at least in theory, the security features are implemented by the middlewares and shouldn't clutter up the application code which is only dealing with highly abstracted views of middleware. At the moment, you can set an environment variable called `ROS_SECURITY_ROOT` before running ROS 2 nodes, to point to a path in your filesystem where it can find the necessary piles of keys and configuration files for DDS-Security to do its thing.

At the moment the prototype only works with RTI Connext Secure, but we are taking pains to implement this in `rcl` in a way that could (in theory) be applied to any middleware, DDS or not, and certainly any vendor of DDS-Security, since it's really just passing a path from the filesystem down, and the `rmw` implementation do whatever it wants, ideally following a simple set of conventions for how to contruct filenames from that path so that, for example, DDS-Security governance and permissions files can be used by more than one vendor.

We are assembling our prototype in the 'sros2' repo in the ROS 2 organization:

https://github.com/ros2/sros2

It includes a vcs repos file to check out of a bunch of sros2 branches. We're currently working on a few python scripts to make it easier to generate all of the certificates/keys and DDS-Security configuration files, and distribute them using ssh/scp. It's not polished yet, but I expect it will get there in a week or two.

I'll let the eProsima folks chime in, if they want to describe their plans for DDS-Security in FastRTPS.

Cheers!






---
[Visit Topic](https://discourse.ros.org/t/dds-security-specification/1015/2) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list

http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>

Dette indlæg blev indsendt til følgende postlister:
ros-users
Postlisteoplysninger | Naboindlæg		<-[ros-users] [Discourse.ros.org] [Next Generation ROS] DDS Security Specification[ros-users] [Discourse.ros.org] [Next Generation ROS] DDS Security Specification->
lists.ros.org list archives administreres af ros.orgLurker (version 2.3)