Cheers for the launch @Katrin_Kellner! I see security plays an relevant role in this launch. I went through the material and found various security things in here that got me quite confused though. Your site says:
Fast DDS being the most secure open-source DDS implementation [1]
Based on what exactly do you claim this? Last security exercise we disclosed reviewing DDS implementations hinted that Fast DDS was one of the most flawed ones. There’re outstanding issues from that research that still haven’t been fully mitigated. For example, last month I checked with your master again and I could still exploit one of the reported issues in a recent announcement (see discussion).
Is Vulcanexus secure? [2]
Yes, it is. Vulcanexus is an extension of ROS 2 which includes some additional packages and tools. Vulcanexus’ middleware is eProsima’s Fast DDS, which implements the OMG DDS Security specification. Among the extended features available using Vulcanexus is PKCS#11 security support that is not yet available in ROS 2.
Security is an end-to-end characteristic, and I don’t see this fulfilled at all.
Besides the security issues with Fast DDS, from my reading of Vulcanexus, it seems to rely on various open source projects that need proper security assessments and/or do not provide security at all (eProsima DDS Router’s code or micro-ROS, among others). So, on what basis do you claim that Vulcanexus is secure? Can you facilitate a threat model that justifies the security measures available and security policies adopted?
Finally, you may want to run git-secrets (or similar) in your vulcanexus source. There’re some interesting 
findings there you may want to review 
.