[Discourse.ros.org] [General] Announcing Secure ROS

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users



Hello:

I'd like to announce the Secure ROS project (http://secure-ros.csl.sri.com/). Secure ROS is a "fork" of core ROS packages to enable secure communication among ROS nodes. The main goal of Secure ROS is to enable secure communication for regular users of ROS.

Secure ROS uses IPSec in transport mode and modified versions of the ROS master, _rospy_ module and _roscpp_ library to ensure secure communication. At run time, the user can specify authorized subscribers and publishers to topics, setters and getters to parameters and providers (servers) and requesters (clients) of services in the form of a YAML configuration file for the ROS master. Secure ROS allows only authorized nodes to connect to topics, services and parameters listed in the configuration file.

The goal of Secure ROS is similar to SROS which was announced last year, but the approach is different. Secure ROS allows easy re-use of existing ROS nodes and packages.

You can find more detailed documentation, check out examples and download packages at http://secure-ros.csl.sri.com/.

* [Secure ROS on Github](https://github.com/SRI-CSL/secure_ros)
* [Secure ROS documentation](http://sri-csl.github.io/secure_ros)
* [Download Secure ROS](http://secure-ros.csl.sri.com/download/index.html)

Cheers,
Aravind.






---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/1) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users


@asundaresan Could u please share some information for the following questions:
what's the difference btw Secure ROS and SROS ?
will SROS and Secure ROS be developed in parallel or lean to one of them for ROS?
ROS2 is up and it's totally different infrastructure than ROS, so the security on ROS will be kept forever or obsolete when ROS2 is adopted/used widely in the future ?





---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/2) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users
In reply to this post by William Woodall via ros-users


Hi Roser:

I've been traveling and sorry for the delayed reply. Secure ROS has the same goals as SROS, but uses security at the IP address level. This means that you can have a config file which can list all the authorized accessors to various topics, services, parameters, etc. IP address spoofing is prevented using IPsec at the kernel level and is independent of ROS.

There is currently a PR for Secure ROS and it is conceivable for both Secure ROS and SROS to be present leaving the user to choose which he wants.

ROS2 is a different kettle of fish and is not within the scope of Secure ROS.

I hope this explains it. Let me know if you have any other questions.





---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/3) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users
In reply to this post by William Woodall via ros-users


Thanks for your sharing @asundaresan. It's more or less a P2P session with IPSec for secure ROS, what's your suggestion for multicast security with IPSec?





---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/4) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users
In reply to this post by William Woodall via ros-users


@Roser: I don't know if IPsec can be used for multicast security in transport mode. Is there such a use case in ROS? In any case, just to be clear, IPsec is external to and independent from Secure ROS - but Secure ROS relies on the features that IPsec provides.





---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/5) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>
Reply | Threaded
Open this post in threaded view
|

[Discourse.ros.org] [General] Announcing Secure ROS

William Woodall via ros-users
In reply to this post by William Woodall via ros-users


okay. thanks.what I am thinking is that the multicast will be more efficient while exchanging data with multi-nodes, anyway, it seems to reasonably consider that in ROS2 :slight_smile:





---
[Visit Topic](https://discourse.ros.org/t/announcing-secure-ros/1744/6) or reply to this email to respond.


If you do not want to receive messages from ros-users please use the unsubscribe link below. If you use the one above, you will stop all of ros-users from receiving updates.
______________________________________________________________________________
ros-users mailing list
[hidden email]
http://lists.ros.org/mailman/listinfo/ros-users
Unsubscribe: <http://lists.ros.org/mailman//options/ros-users>