[ros-users] Announcing SROS! Security enhancements for ROS

Ruffin White roxfoxpox at gmail.com
Tue Oct 4 21:00:58 UTC 2016


TL;DR:
Secure ROS (SROS) is a set of proposed enhancements to ROS, enabling secure
communications over networks, access control in the computation graph, and
policy profile templates for linux security modules.
To read more: http://wiki.ros.org/SROS

Hello everyone,

I'm happy to announce a set of proposed enhancements to Secure
ROS, duly named SROS [1].

You may remember me from last year, myself being that one Docker enthusiast
that wished to make ROS more repeatable, reproducible, and deployable using
linux containers [2]. Following my ambition to help make existing ROS code even
more reusable and relevant in the greater robotics community, I've again
worked with OSRF this summer to help found the beginning of SROS.

Obligatory Disclaimer:

>
> *SROS is currently highly experimental and under heavy development*At
> time of writing, this effort is highly experimental and must not be
> considered production-grade. Rather, it is currently an exploration of
> various strategies for mitigating some of the most obvious ways that ROS
> systems would be compromised by "bad actors" of various sorts


SROS is intended to secure ROS across three main fronts:

   - Transport Encryption
   Verify the identity of nodes, the integrity of the traffic, and the
   privacy of the connection.
      - Native TLS support for all socket level communication
      - X.509 PKI certificates for chains of trust, authenticity and
      integrity
      - Keyserver for key pair generation and certificate customisation
   - Access Control
   Restrict a node's scope of access within the ROS graph to only what is
   necessary.
      - Definable namespace globbing for node restrictions and actions
      - Audit graph network through security logs and events
      - User constructed and/or auto trained access control policies
   - Process Profiles
   Restrict a node's scope of access within the host machine to only what
   is necessary.
      - Harden node processes on using Linux Security Modules in kernel
      - Quarantine a node’s file, device, signal, and networking access
      - Reusable AppArmor profile component library for ROS

Now that we have a working prototype, we'd like to formalize a REP for SROS
to standardize some of the finer details [3].
If you happen to have an expertise in cybersecurity or an interest in
securing ROS, you are welcome to review and contribute to the developing
REP.
Visit the cross-post on discourse for discussion [6].

And as another plug for ROSCon 2016 [4], I'll also be giving a talk on this
subject:
​*{,S}ROS: Securing ROS over the wire, in the graph, and through the kernel*
So if you'd like to meet up and talk about securing ROS for robotic systems
out in the wild, I'll see you there.

Special thanks to OSRF for making this possible,
Ruffin White

[1] http://wiki.ros.org/SROS
[2] https://vimeo.com/142150815
[3] https://github.com/ros-infrastructure/rep/pull/121
[4] http://roscon.ros.org/2016/
[5] http://wiki.ros.org/SROS/Installation/Docker
[6]
http://discourse.ros.org/t/announcing-sros-security-enhancements-for-ros/536

P.S. If you'd like to play with SROS right away, be sure to try out the
SROS docker image available from OSRF [5]:

> $ docker run --rm -it \
>     osrf/sros \
>     bash -c "source /ros_entrypoint.sh && \
>         sroskeyserver & \
>         sleep 3 && \
>         sroslaunch rospy_tutorials talker_listener.launch"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ros.org/pipermail/ros-users/attachments/20161004/7f031bd2/attachment.html>


More information about the ros-users mailing list