ROS Resources: Documentation | Support | Discussion Forum | Service Status | Q&A answers.ros.org

ROS2 Security Working Group Online Meeting - Nov 30th, 2018 @ 10:00 AM PST


#1

There’s been lots of updates since the last meeting including new security based CMake macros to ease developing secure systems. As always, I’m happy to take suggestions on an agenda, however I never run short of questions.

Please let me know if there’s something you would like to discuss, otherwise I will propose a subject.

You have been invited to an online meeting, powered by Amazon Chime.

  1. Click to join the meeting:

https://chime.aws/6170437479

Meeting ID: 6170 43 7479

  1. You can use your computer’s microphone and speakers, however, a headset is recommended. Or, call in using your phone:

United States Toll-Free: +1 855-552-4463
Meeting PIN: 6170 43 7479

One-click Mobile Dial-in (United States (1)): +1 206-462-5569,6170437479#

United States (1): +1 206-462-5569
International: https://chime.aws/dialinnumbers/

  1. To connect from an in-room video system, use one of the following Amazon Chime bridges:

SIP video system: meet.chime.in
or
H.323 system: 52.23.133.56

Meeting PIN: 6170437479#


#2

I’d like to suggest adding time for discussing Security for ROS2 Actions to the agenda. It seems the current proposal relies upon composing action interfaces from dedicated ROS2 topics and services. Should these dedicated topics and services for actions be namespaced into the same DDS topic mapping as ordinary ROS2 topics and services, I suspect this crossover of interfaces will make securing or compartmentalizing/isolating permissions to specific ROS2 interfaces difficult as middleware layer; i.e. the colliding of resource identifiers from supposably different ROS2 interfaces will hinder the fedelty at which users can construct policy permissions.

To cut to the chase, see my review comments starting here.

Perhaps some others involved in action proposal/implementation could also join this week’s meeting to help shed light on the challenges in rectifying this architecture concern. Ping: @wjwwood @gbiggs @davetcoleman @mikeferguson @jacobperron @paulbovbel @sservulo @mkhansen @sloretz


#3

Sounds good, I’ve reached out to a couple of the people on the list, hopefully they can help spread the word. In lieu of any other suggestions, I’ll plan on this being the topic of discussion.


#4

Hopefully some of the other people involved in the actions stuff will be able to join. The meeting is during the few hours of the night when I really do need to sleep.


#5

FYI: relevant PR to the Topic and Service name mapping to DDS design article addressing actions:


#6

Sorry gbiggs, I plan on recording the meeting and making it available in addition to my notes. I’ll try to vary the times in order to be able to get as many folks as possible.


#7

@coleray , as per the action item out of the today’s meeting, could you pm me with a draft a draft of community survey on security use cases for separating privilege between topics, parameters, actions, and services? I’d just like to iterate on that to make sure we are asking questions that would be informative.


#8

Feel free to loop me in on the draft if you want a review from outside the immediate security sphere.


#9

Link to the recording of the meeting: https://s3-us-west-2.amazonaws.com/coleray-public-ros-artifacts/ROS2_Security_Working_Group_Meetup_20181130.m4a

I’ll try to come up with something we can use as a starting point. I would prefer to just use the discussion on the ros2/design wiki unless there are objections. Having the discussion openly would given us the widest possible audience.

Does anyone have any guidance on the format of the survey? I haven’t been around for something like this in the past and don’t know what the community would be most likely to respond to.