Robotics Security
SROS2
SROS2 (Secure Robot Operating System 2) is the security extension for ROS 2 that adds authentication, access control, and encryption to inter-node communication. Built on the DDS Security specification (OMG DDS-SECURITY 1.1), SROS2 provides the security plumbing that the base ROS 2 framework deliberately omits to keep core operation lightweight.
Definition
SROS2 (Secure Robot Operating System 2) is the security extension for ROS 2 that adds authentication, access control, and encryption to inter-node communication. Built on the DDS Security specification (OMG DDS-SECURITY 1.1), SROS2 provides the security plumbing that the base ROS 2 framework deliberately omits to keep core operation lightweight.
What it means
SROS2 introduces a certificate-based identity model: each ROS 2 node receives an X.509 certificate from a per-deployment Certificate Authority, plus signed governance and permission documents that define what topics, services, and actions the node may publish, subscribe, or invoke. Communication is then encrypted at the DDS layer.
The practical complication is that SROS2 is opt-in, and adoption in research and prototype robotics deployments is low. Production robotics systems built on ROS 2 that ship without SROS2 — or that ship with SROS2 in permissive mode — present trivial network-side attack surface: any process on the same network can publish to any topic, including motion-control topics.
For Melina robotics engagements, SROS2 status is a first-question item: is it enabled, are governance and permission files configured restrictively, are CA and key-management procedures documented, and what's the model for rotating compromised credentials.
Related terms
Authoritative sources
- SROS2 design (ROS 2 documentation) - OMG DDS-SECURITY 1.1 specification
---