Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS 2024); pages 1--18; San Diego, California, February 26-March 1, 2024.
ROS2 is a popular publish/subscribe based middleware that allows developers to build and deploy a wide variety of distributed robotics applications. Unfortunately, ROS2 offers applications poor control over how their data is consumed downstream by other applications. Although decentralized information-flow control (DIFC) offers a solution to this problem, the decentralized and distributed architecture of ROS2 poses new challenges to building a practical DIFC system for ROS2.
We present Picaros‡, a DIFC system tailored for ROS2. Picaros adopts a novel approach to DIFC that casts and solves DIFC's access control problem in the framework of attribute-based encryption (ABE). Picaros's design embraces the unique nature of the ROS2 platform and carefully avoids any centralized elements. This paper presents the design and implementation of Picaros and reports results from our experiments that use Picaros's ABE-based approach for DIFC with ROS2 applications.
Paper:
[
PDF
]
(© Internet Society)
Slides:
[
Powerpoint
]
DOI:
[
10.14722/ndss.2024.24101
]
Note: ‡Picaros is Information-flow Control via ABE for ROS2. And of course, the subject of a Tintin adventure!
