►
From YouTube: ROS 2 Security Working Group (17 May 2022)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
we're
recording
hi
everyone
good
good
to
see
you
all
here
again
this
week.
Let's
see,
let's
start
with
our
agenda
to
the
agenda
on
the
chat.
A
So
basically,
the
first
thing
and
right
now
the
main
thing
planned
agenda
was
approving
the
meeting
minutes
for
the
last
meeting.
This
already
pushed
us
a
merch
request
on
the
repo
for
the
security
working
group.
A
On
the
research
project
that
several
few
words
on
so
okay,
so
he'll
agree
approve
the
meeting
minutes.
Sure,
okay,
great,
we
didn't
have
anything
particular
to
propose
for
this
meeting
this
time,
but
I'm
opening
up
for,
if
you
guys
have
anything
you
want
to
discuss,
propose
talk
about
the
floor
is
yours.
B
And
would
you
like
to
inquire
if
there
is
any
update
about
the
discussion
we
had
last
time
on,
inviting
maybe
the
guys
from
the
harris
projects
and
if
the
inaudible
development
from
your
side
in
canonical
is
evolving
and
any
update
on
the
turtle
bot
4
implementation,
I've
seen
that
pre-order
are
now
available.
A
Yeah,
so
for
the
researchers
there
is
actually
one
thing
I
I
wanted
to
to
bring
back
up
with
you.
No,
we
have
not
yet
invited
the
rose
developers
to
the
group,
but
that's
actually
one
sort
of
initiative
that
would
be
really
interesting
to
invite
different
researchers
developers,
industry
also
working
with
ross,
especially
who
are
working
with
security
or
interested
in
getting
more
into
security,
and
that
would
be
a
really
interesting
series
that
we
could
have
we
on
our
side.
A
Absolutely
we
were
available
to
to
make
those
invitations
and
reach
out
to
to
guests,
but
if
you
think
that's
a
good
idea
and
that's
great
for
the
next
meeting
to
kind
of
bring
out.
A
So
if
I
remember
we
discussed
hey
ross
had
there
was
an
interesting
synergy
with
the
project
you
have
been
working
on
correct.
B
Kinda
the
harvest
project
is
about
the
static
analysis
of
raw
source
code.
We
were
discussing
it
as
part
of
the
devscopes
pipeline,
so
having
this
kind
of
tools
could
be
useful
when
you
are
developing
the
your
robots,
your
solution,
so
just
as
discussed
by
other
industrial
standards
like
the
164
for
free.
If
you
have
components
in
your
pipeline
for
security
analysis,
it's
more
than
welcome
and
yeah.
B
It
could
be
interesting
to
have
them
here
in
the
in
the
discussion
just
to
see
what
is
their
point
about
the
research
they're
doing
and
yeah
if
they
can
give
us
an
update,
also
on
their
site.
A
Yeah
definitely
so
we'll
reach
out
to
them
for
the
next
meeting
and
see
if
they
can
join
us
and
and
have
this
discussion.
B
B
A
Yeah,
we
have
not
been
focusing
on
the
documentation
this
past
weeks.
Actually
we
had
our
roadmap
meeting
about
10
days
ago
and
that
took
up
most
of
our
time
to
sort
of
plan
the
next
six
months.
That's
what
the
team
is
going
to
be
working
on,
so
don't
have
much
update
on
that.
It's
been
that's
basically
a
reason
we
pushed
the
meeting
by
one
week
last
time,
but
when
it
comes
to
no
deal,
for
example,
we
won't
be
developing
much
more
on
that
on
that
package.
A
B
Like
right
and
on
the
documentation
side
of
the
word,
you
think
some
more
could
be
guided
from
the
security
working
group.
A
Yeah,
that's
that's
a
great
project
for
us
to
work
on.
So
it's
a.
Can
you
elaborate
more
on
what
what
aspect
of
documentation
you
mean.
B
Well,
this
stage
the
documentation
of
the
security
of
ross.
It's
well,
it's
not
existence.
There
are
some
some
of
the
operations
and
api
and
comments
that
are
broken.
B
I
was
mentioning
a
couple
of
meetings
ago
that
also
the
token
listener
example,
as
it
is
sitting
right
now,
the
documentation
is,
is
broken,
so
jeremiah
was
suggesting
of
opening
an
issue
an
issue
ticket
for
that,
but
I
was
just
waiting
to
do
to
discuss
with
everyone
here,
as
we
may
evolve
in
that
direction.
D
Hey
late
to
the
party,
sorry
we're
talking
about
having
some
kind
of
live
documentation.
That's.
B
D
B
And
we
I
was
just
suggesting
and
asking-
if
maybe
it
would
be
more
interesting
to
have
something
like
doctor
images
to
have
tutorials
for
the
documentation
of
as
frost
capabilities
as
right
now,
some
of
it
is
scattered
around,
as
I
was
mentioning
before
across
different
sites
and
documents,
and
for
someone
that
is
trying
to
approach
for
the
first
time.
As
for
us
and
the
security
rules,
I
think
it's
a
little
bit
hard
to
to
grasp
also
the
basics
behind
it.
B
I
had
the
chance
to
to
introduce
some
new
students
to
to
ross
and
lesvos,
and
he
came
back
to
me
with
more
questions,
and
I
heard
that
what
I
was
expecting
so
maybe
it
could
be
an
interesting
project
for
the
security
working
group
to
start
to
keep
at
least
track
of
those
documentations
and
try
to
to
keep
track
and
yeah
develop
some
and
maintain
some
of
it
or
I
don't
know-
maybe
it's
not
relevant
for
the
working
group,
but
at
least
it's
a
problem
that
I
would
like
to
bring
to
the
table
so.
D
So
just
a
separation,
either
it's
broken
code
or
broken
documentation
are
the
unit
tests
that
we
have.
Are
they
presently
failing,
so
that
we,
like
our
the
the
code,
is
broken
than
that?
So.
B
What
is
working?
No,
so
what
I
found
broken
is,
for
example,
for
the
listen
talker
an
example.
The
the
policies
that
are
provided
to
the
user.
That
is
approaching
the
problems
are
wrong,
so
they
they
need
to
be
fixed.
But
as
you
as
you
may
know,
the
the
fact
that
the
policies
is
broken
is
it's
not
easily
demonstratable
from
someone
that
doesn't
have
capability
to
introspect
the
nodes.
B
C
D
I
think
the
I
think
the
unit
tests
don't
use
the
the
templates
yeah
they
use
the
star,
so
that's
probably
why
they,
the
unit
tests,
haven't
failed
so
far,
one
thing
to
try
and
bring
the
documentation
to
a
more
mono,
testable
state,
so
you
can
might
monitor
it
more
closely,
as
so
like
before.
Ross2
really
had
like
great
documentation.
D
And
so
we
could
try
and
make
one
of
the
tutorials
sort
of
a
live
invocation
of
the
demo
that
we
could
host
there
and
it'd
be
sort
of
as
an
augment
of
the
current
unit
test.
We
already
have
so
yeah.
It
sounds
like
plus.
D
These
are
fine
as
long
as
you're
using
star,
but
the
current
template
that
we
have
is
not
fully
compliant
or
exhaustive
in
terms
of
the
current
minimal
demo,
so
making
making
a
pull
request,
maybe
to
like
ross2
demos
with
a
something
that
invokes
the
same
kind
of
walkthrough
that
they
that
the
documentation
would
do
might
help
in
capture
more
eyes.
So
we
we
can
have
more
notice
of
when
these
things
break
downstream.
A
So
I
think
something
we
discussed
last
time
was
the
idea
of
creating
these
tutorials
sort
of
step-by-step
yeah
examples
of
of
how
to
apply
security,
the
kind
where
you're
trying
to
get
it.
D
Yeah,
the
the
but
the
as
a
more
specific
goal
is
maybe
making
a
pull
request
to
the
rost2
demos
repo,
because
that
is
actively
watched
by
all
the
roster
maintainers
and
those
run
through
the
build
farm.
D
D
I
suppose
it
doesn't
matter,
but
most
beginners
commonly
look
at
the
roster
demos,
repo
for
minimal
examples,
and
if
we
wanted
to
make
a
minimal
example
that
was
more
advanced
than
something
that
just
unit
tests
security
features
but
like
a
holistic
run
through
of
what
would
it
take
to
to
set
up
and
deploy
something,
though
that
might
just
re-implement
a
whole
bunch
of
like
cmake
on
a
logic
we
already
host
here.
So
maybe
that
doesn't
quite
make
sense
either
way.
D
I
think
we
probably
want
to
use
a
test
that
incorporates
the
template
policies
that
we've
we've
written
here,
because
it
sounds
like
that's
just
the
current
failure
mode
here.
A
Yeah,
no,
that
makes
a
lot
of
sense.
How
would
you
like
to
organize
this
this
project?
I
agree
that
this
is
something
that's
perfect
for
us
to
to
collaborate
on.
D
Do
we
have
a
ticket
open?
I
think
we
have
a
ticket
open
on
documentation.
D
Revocation
yeah.
C
C
D
I
just
wanted
to
check
and
see
what
you
guys
are
up
to
doesn't
have
to
be
particularly
on
sros
or
you
guys
are
doing
anything
interesting
around
ross
right
nowadays.
D
I'll
be
relocating
across
the
globe,
and
so
once
that's
done
I'll
be
a
little
more
active
right
now,
I'm
just
kind
of
moving.
A
Yeah,
so
please,
when
you
get
the
link,
we
can
share
it
on
the
matrix
chat
and
from
there
we
can
see
how
we
can
organize
this
documentation,
effort
which
I
think
keeps
coming
up,
that
we
absolutely
need
to
make
better
documentation
for
s
ross
and,
as
you
said,
for
beginners
it'd
be
great
if
it's
just
something.
That's
new
new
comers
to
ross
also
fee
from
the
get-go.
A
Today,
I'm
happy
to
hear
about
any
other
projects.
I
know
research
initiatives
or
whatever
you're
working
on
and
if
you
want
to
ask
the
collaboration
of
the
group.
D
Did
folks
catch
the
the
ross
ii
publication
on
science
that
was
recently
posted
this
course
that
was
pretty
cool.
Definitely
quite
a
few
highlights
mentioning
importance
of
security,
so
that's
kind
of
cool
that
they
draw
the
attention
to
them.
C
B
D
Yeah,
the
the
the
first
half
of
the
the
paper
is
sort
of
what
you're
familiar
with
if
you've
ever
read
through
the
the
design
articles
in
roster.
You
know
the
motivation,
the
approach
implementation,
but
then
the
latter
half
is
pretty
cool
case
studies.
You
know
you
know
from
from
several
robotic
manufacturers,
ground
or
aerial
or
aquatic-based
robots
and
describing
and
how
rost2
has
really
impacted
their
design
life
cycle.
D
A
Yeah,
definitely
we'll
take
a
look
at
that.
I
I
saw
it
and
I
didn't
get
to
to
read
the
whole
thing
so
yeah,
but
that
that's
pretty
cool,
but
it
happens.
C
A
How
do
you
guys
feel
about
the
idea
of
inviting
different
researchers
in
the
ross
to
sphere
to
discuss
their
research,
or,
I
don't
know
they
may
have
their
own
interest
to
to
talk
to
the
community
and
like
make
known
the
areas
of
research
and
have
ideas
of
their
own?
D
You
you
mean
coming
up
with
research
topics
that
you
want
the
group
to
pursue.
A
Well,
not
necessarily,
I
mean
it
could
be
just
discussing
their
research
and
possibly
bouncing
up
ideas,
for
maybe
it's
applied
research
that
they
can
be
integrated
into
roster
security,
for
example,.
D
Yeah,
that's
sort
of
like
a
mini
journal
club.
Some
other
working
groups
are
kind
of
doing
that.
Okay,
maybe
for
the
next
meeting,
we
could
all
come
with
papers
that
we
want
to
discuss.
C
D
All
right,
when's
when's,
the
next
meeting
two
weeks
from
now,
then.
A
C
So
we
actually
got
contacted
by
a
research
group
here
they
wanted
to
do
some
research
on
security
with
ross.
I
remember
I
point
I
I
I
told
them
about
the
the
meetings,
but
I
don't
know
what
happens.
Maybe
I
can
just
tell
them
again
and
invite
them
or
I
can
pass
it
to
you
florencia.
If
you
want
the
contact.
A
Yeah,
basically,
just
to
add,
I
don't
know
it
could
be
an
interesting
series
to
have
every
once
in
a
while,
maybe
not
every
month
and
we'll
just
discuss
the
latest
research
and
yeah
stay
updated
on
that
and
bounce
back
ideas.
A
Okay,
do
you
guys
have
anything
else.