SROS

SROS is currently highly experimental and under heavy development

At time of writing, this effort is highly experimental and must not be considered production-grade. Rather, it is an exploration of various strategies for mitigating some of the most obvious ways that ROS systems would be compromised by "bad actors" of various sorts.

Overview

SROS is a set of security enhancements for ROS, such as native TLS support for all socket transport within ROS, the use of x.509 certificates permitting chains of trust, definable namespace globbing for ROS node restrictions and permitted roles, as well as covenant user-space tooling to auto generate node key pairs, audit ROS networks, and construct/train access control policies. In addition, AppArmor profile library templates are also provided, allowing users to harden or quarantine ROS based processes running on a linux kernel.

Motivation

Cyber security is quickly becoming a pervasive issue for robotics, especially so as robots become more ubiquitous within society. With the advent of industrial automation, autonomous vehicles, commercial surveillance platforms, home service robots, and many more robotics domains, security of these subsystems should be considered vital, as they all provide a vector for cyber threats to manifest into real-world risks. Even without the hazards associated with industrial-strength robot arms or high-speed driverless semi trucks, personal robots promising to integrate with the internet of things could become targets for breaches in privacy and sources of identity theft, similar to smartphones and PCs.

Status

As SROS is under active development, experimental support for various client libraries, and transport layer is currently quite narrow in order to further focus on establishing secure protocols and standards.

TCPROS

UDPROS

rospy

x

roscpp

rosjava

Documentation

Installation

Tutorials

Concepts

Command-line tools

Environment variables

Wiki: SROS (last edited 2016-08-09 01:18:04 by ruffsl)