Security and Performance Considerations in ROS 2: A Balancing Act

TL;DR

This paper analyzes the trade-offs between security and performance in ROS 2's DDS communication, providing insights and measurements to help developers optimize system settings for balanced security and efficiency.

Contribution

It offers a comprehensive analysis of DDS security protocols, evaluates their impact on ROS 2 performance, and provides guidelines for balancing security and performance in robotic systems.

Findings

Security protocols increase latency and reduce throughput in ROS 2

Performance impact varies between wired and wireless networks

Static analysis reveals security implementation vulnerabilities

Abstract

Robot Operating System (ROS) 2 is a ground-up re-design of ROS 1 to support performance critical cyber-physical systems (CPSs) using the Data Distribution Service (DDS) middleware. Accordingly, the security of ROS 2 is highly reliant on the security of its DDS communication protocol. However, finding a balance between the performance and security is non-trivial task. Inappropriate security implementations may cause not only significant loss on performance of the system, but also security failures in the system. In this paper, we provide an analysis of the DDS security protocol as well as an overview on how to find the balance between performance and security. To accomplish this, we evaluate the latency and throughput of the communication protocols of ROS 2 in both wired and wireless networks, and measure the efficiency loss caused by the enabling of security protocols such as Virtual Private Network (VPN) and DDS security protocol in ROS 2 in both network setups. The result can be directly used by robotics developers to find the optimal and balanced settings of ROS 2 applications. Additionally, we analyzed the security specification of DDS using existing security standards and tested the implementation of the DDS protocol by performing static analysis. The results of this work can be used to enhance the security of ROS 2.