Manufacturer Usage Description (MUDs) for ROS 2 (RFC 8520)?

This is just a “hey, this could be interesting” kind of post, but in a different context I came across RFC 8520: Manufacturer Usage Description Specification which reminded me of some of the goals that SROS2 has and has been working towards.

From the linked document:

This memo specifies a component-based architecture for Manufacturer Usage Descriptions (MUDs). The goal of MUD is to provide a means for end devices to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control. Later work can delve into other aspects.

The spec is specifically not about securing Things (internet connected/networking enabled IoT and other types of devices, as they are called in the document), but about providing a clear description of what types of traffic may be expected from a device, how it may be interacted with and what the intended usage patterns are:

[RFC7452] discusses design patterns for, and poses questions about, smart objects. Let us then posit a group of objects that are specifically not intended to be used for general purpose computing tasks. These devices, which this memo refers to as Things, have a specific purpose. By definition, therefore, all other uses are not intended. If a small number of communication patterns follows from those small number of uses, the combination of these two statements can be restated as a Manufacturer Usage Description (MUD) that can be applied at various points within a network. MUD primarily addresses threats to the device rather than the device as a threat. In some circumstances, however, MUD may offer some protection in the latter case, depending on how the MUD URL is communicated and how devices and their communications are authenticated.

Robots are (in my opinion) definitely not general purpose devices – even if they typically embed several general purpose computing platforms – and especially in commercial/factory settings have a clearly defined set of tasks. Ideally also with a clearly defined interface and, with SROS2, a clearly defined set of endpoints from which, and to, communication is allowed and expected.

RFC 8520 is relatively new, but it may make sense to see whether MUDs could be an asset when integrating ROS 2 robots into larger systems. The use of DDS may complicate things due to its liberal and dynamic use of network resources, but SROS2 seems to have that under control.

1 Like

Definitely seems interesting to me, as you say DDS’s arcane port mapping may complicate things, but honestly ROS 1’s use of random ports was equally frustrating from an IT perspective. I imagine this proposal needs to deal with scenarios like this though (I didn’t have time to read it yet).


P.S. Also, my first thought for MUD was (Multi-Use Dungeons), lol. get robot

I quite like this idea. I’ve liked the idea of data sheets for nodes for quite a long time, but never had the time to follow through with the idea and see if it’s actually feasible. The information model being developed by @vmayoral’s excellent colleagues is very similar.

Glad I’m not the only one. :smiley:

Unfortunately I won’t have any time to look into this myself, but I at least wanted to post a note here.

It’s not something that completely aligns with what the security WG is doing, hence my general hey-look-at-this post.

Perhaps adding support for MUDs is something that could be completely delegated to a single, optional node, without needing any specific support from ROS 2 infrastructure as a whole. In that case it could be the responsibility of whoever integrates a system to set this up.

Not sure whether the authors of the RFC were aware of this :slight_smile: