►
From YouTube: ROS 2 Security Working Group (2021-01-26)
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
so
that
should
be
recording
just
wanted
to
start
with
just
a
few
very
brief
comments
before
we
get
into
the
demo.
Are
there
any
comments
on
the
meeting
minutes
from
our
last
meeting?
A
That
was
the
demo
from
movement
two,
since
there's
no
comments
we'll
go
ahead
and
approve
those
and
then
post
those
up
to
our
page
and
also
just
related
to
our
last
meeting
with
move
it
to.
Were
there
any
questions
about
follow-up?
I
know
there
were
a
few
things
that
we
wanted
to
continue
on.
I
don't
want
to
talk
too
much
about
it
today,
but
I
don't
know
if
anybody
had
any
questions
or
comments
or
wanted
to
have
a
breakout
to
do
some
more
work
with
move.
It.
A
All
right
not
hearing
anything,
I
guess
we'll
move
that
off
to
to
chat
if
we
have
anything
else
so
so
with
that
marco
I'm
gonna
hand
it
over
to
you,
if
you
can
introduce
us
to
rmf
and
let's
go
ahead
and
get
started
thanks
and
thanks
a
lot
for
presenting.
I
really
appreciate
it.
B
All
right
thanks,
let
me
see
if
I
can
add
my
presentation.
B
A
B
Got
it
all
right?
Okay,
so.
B
Just
for
those
of
you
that
don't
know
me,
my
name
is
marco
and
I'm
located
I'm
located
in
singapore.
I
I
work
for
open
robotics
and
one
of
the
main
projects
that
we're
working
here
is
called
the
robotics
middleware
framework
rmf
for
short,
and
mainly
I've,
been
involved
into
the
working
on
the
releases,
and
I
also
lately
started
working
looking
into
the
security
part.
B
That's
why
I
started
joining
the
working
group
and
that's
why
I'm
here
presenting
this,
so
we
can
have
probably
some
sort
of
discussion
on
on
the
challenges
that
this
this
system
might
present.
In
terms
of
of
security.
This
presentation
is
a
bit
it
might
be
a
bit.
It
might
go
a
bit
into
much
detail,
so
I'll
go
a
bit
fast,
maybe
through
some
parts
that
might
not
be
interested
interesting
for
from
the
security
standpoint,
but
feel
free
to
stop
me
at
any
point.
B
If
you
guys
want
me
to
explain
something
extra
or
or
at
the
end,
if
you,
if
you
want
me
to
go
over
something
else,
hopefully
I
can
answer
all
the
questions.
B
So
yeah
rmf
is
about
multi-robot
systems.
So,
let's
have
a
look
a
bit
out
of
to
the
to
the
problem,
so,
basically
just
very
fast
over
this,
as
as
robotics
evolve,
there's
and
delivers
are
very
common
in
many
places,
then
new
applications
are
coming,
new
companies
are
coming
and
and
facilities
will
have
to
adapt
to
all
these
robots
being
around.
B
At
this
point,
many
robots
will
have
to
stay
in
a
in
the
same
place
and
and
they
will
have
to
collaborate,
doing
different
types
of
flows,
and
these
flows
this
each
sub
stack,
sub
sub
task
of
this
flow
might
not
be
optimally
to
be
to
make
them
optimal
might
in.
You
might
have
to
involve
floats
from
different
vendors,
so
multivendor
integration
has
to
be
enabled,
and
that
is
the
one
of
the
main
problems
that
rmf
tries
to
solve.
B
There's
many
many
challenges
with
multivendors
integration,
and
one
of
them
is
the
lack
of
inter
interoperability.
So
robots
might
not
talk.
These
fleets
might
not
talk
the
same
language,
there's
infrastructure
constraints
because
they
need
to
share,
leaves
and
doors,
and
they
also
need
to
share
routes
around
the
place
it's
hard
to
do
realistic
tests.
B
B
All
right,
are
you
guys
able
to
see
yep
good,
all
right,
so
yeah,
there's
a
lot
of
challenges,
dynamic
environments,
people
around
and
trained
personal,
and
the
main
one
that
we're
here
to
discuss
is
several
security
concerns.
B
B
B
It
will
try
to
avoid
conflicts,
but
if
there's
conflicts
then
it
will
try
to
solve
them
in
an
optimal
way
and
it
also
provides
door
and
lift
integration
for
this
fleet
to
operate
in
the
environment
and
there's
also
interactions
with
voxels.
Voxels
can
be
dispensers
of
certain
items
or
they
can
also
be
consumers.
Basically,.
B
So
having
a
bit
of
a
look
on
on
how
it
works,
basically,
the
robotics
middleware
framework
is
a
collection
of
libraries
and
tools
that
facilitate
the
interoperability
between
these
robots,
the
infrastructure
and
all
the
automation
systems
like
dispensers
or
collectors,
what
we
called
work
cells
and
it
has
a
certain
level
of
intelligence
to
try
to
create
this
resource
allocation
in
an
optimal
way
by
preventing
conflicts
on
this
shared
resources.
B
So
if
you
have
a
look
at
the
drawing
on
the
right,
you
can
see
the
the
course
system,
which
are
the
dispatcher
planner,
which
is
the
one
dispatching
the
tasks,
traffic,
moniker
and
scheduling
of
this
traffic.
So
it
does
the
part
that
takes
care
of
the
of
the
task
allocation,
the
tax
traffic
management
and
and
solving
any
conflicts
that
might
happen,
and
then
we
we
all
around
that
rmf
has
different
adapters.
B
So
it
can
connect
to
infrastructure
managers
for
less
doors
gates.
Any
other
part
of
the
infrastructure,
work,
cells,
fleet
managers,
ui
websites
or
medical
devices
and
and
other
parts
of
the
infrastructure.
B
One
of
the
things
that
rmf
does
is
tries
to
simplify
and
standardize
the
messaging.
So
one
of
the
systems
that
was
created
is
the
system
of
system
synthesizer.
So
this
is
this
tries
to
solve
the
problem
of
different
systems
talking
in
different
languages,
so
protocols.
B
Basically,
so
it's
a
plugin
based
system
where
you
can
create
your
own
plugins
to
translate
between
different
protocols.
One
example
of
this
would
be
the
ros
2
translating
into
ros1.
So
that's
one
of
the
things
that
you
can
do
with,
and
then
we
also
provide
the
standardized
messages.
B
So
there's
a
certain
set
of
messages
that
can
be
used
to
interact
with
the
rmf
core,
so
task
input
adapters,
like
ui
portals,
will
have
task
messages.
Dispenser,
voxel
adapters
will
have
dispenser
messages,
lifts
and
so
on.
Right
fleet
adapters
will
also
have
fleet
messages,
so,
regarding
the
the
fleets
there's
different
levels
of
control
that
vendors
are
willing
to
give
us,
so
we
have
identified
for
the
four
levels
of
control,
which
are
mainly
basically
full
control
where
we
get
to
control
the
waypoints
of
the
robots
when
moving
around
the
traffic.
B
What
we
call
traffic
light,
which
is
like
the
robot,
can
pause
and
can
resume.
We
can
pause
and
resume
the
robot
read
only
robots,
which
is
basically
when
we
can
only
know
the
location
of
the
robot
and
the
ones
that
doesn't
give
us
anything
so
with
the
one
that
doesn't
give
us
anything,
there's
nothing
we
can
do
about
it.
So
rmf
will
basically
just
try
to
treat
them
as
moving
obstacles.
B
But
it
can
provide
can
create
some
certain
deadlocks,
great
only
robots.
We
can
try
to
navigate
around
them
and
plan
around
them,
but
more
than
one
fleet
of
red
only
robots
will
will
will
can
can
also
create
deadlocks
in
the
system.
B
And
then
we
get
traffic
lights
and
the
best
that
we
can
use
is
the
the
ones
that
we
can
control
the
waypoint,
which
is
the
ideal
one
and
the
one
that
will
the
api
that
will
allow
us
to
obtain
the
optimal
solutions
out
of
rmf.
B
B
So
these
fleet
adapters
basically
beat
for
the
task
and
then
the
best
one
is
selected
and
assigned
the
task,
and
then
these
fleet
adapters
will
propose
a
plan
through
the
schedule,
validator
and
there's
a
unified
schedule
for
all
the
robots
and
infrastructure
that
actually
has
to
validate
this
this
plan
and
it
also
monitors
the
the
traffic.
B
So
as
it's
monitoring
the
traffic
and
it's
accepting
new
plans
coming,
it
can
also
identify
conflicts.
So
once
a
conflict
is
identified,
the
smart
fleet
adapters
of
those
fleets
that
are
involved
in
the
conflict
will
be
notified
and
those
fleet
adapters
involved
in
that
conflict
will
have
to
participate
in
a
conflict
resolution.
B
B
This
helps
minimize
the
fleet
interactions
and
simplifies
adding
new
robots
to
the
current
traffic
flow
fleets.
Follow
low
traffic
management,
commands
and
fleet
share
the
mechanical
infrastructure
like
elevators
and
doors
through.
B
A
B
Go
got
him
thanks
all
right,
so
yeah
resolving
conflict
so
because
it
is
the
environment,
can
change
and
and
there's
many
aspects
of
the
environment
that
can
affect
your
robot
task.
Like
human
traffic
unknown
obstacles,
some
lifts
might
be
busy
can
be.
B
The
intention
can
be
changed,
tasks
can
be
canceled
alarms
can
happen,
then
that's
why
rmf
has
to
resolve
conflicts
that
can
be
unexpected.
This
is
how
traffic
negotiation
happens.
So
I
I'm
I'm
not
sure
how
interesting
this
is
for
us,
but
I'll
just
go
very
quickly
through
it.
There
are
certain
assumptions
on
this,
so
basically
is
that
each
fleet
does
not
know
what
the
other
fleet
is
capable
of.
Its
fleet
can
communicate
a
plan
that
is
visible
for
itself,
and
each
fleet
can
see
the
others
fleets
plans
and
try
to
plan
around
it.
B
So
in
this
case
we
have
three
fleet
fleet
adapters
that
are
involved
into
this
conflict
and
and
then
rmf
has
to
solve
the
conflict.
The
first
thing
that
happens
is
that
each
fleet
will
propose
their
ideal
proposal
there
and
after
that
they
will
try
to
accommodate
the
others
fleet's
ideal
proposal.
B
B
So
once
this
is
done,
then
they
will
use
that
information
to
create
best
attempt
to
accommodate
the
other.
Two
touch,
two
options
right,
so
the
fleet
adapter
a
will
create
a
best
attempt
to
accommodate
the
one
that
is
created
by
b,
accommodating
c
and
the
best
attempt
to
accommodate
the
one
created
by
c
accommodating,
b,
right
and
so
on.
So
this
way
we
create
best
attempt
from
everybody
to
accommodate.
A
B
Other
tasks
once
this
is
done,
and
we
have
this
plans,
there's
there's
a
measure
of
the
penalty
that
this
these
plans
cost
and
the
lowest
penalty
institution
that
is
basically
how
it
works.
This
penalty
is
basically
a
measurement
that
is
currently
being
tested
in
different
ways.
So
there's
this
this
one.
That
is
the
sum
of
the
the
whole
time
that
takes
to
complete
this.
These
tasks,
or
there's
also
can
be
weighted
with
the
importance
of
different
tasks.
Also.
B
So
now,
let's
have
a
look
at
the
toolbox.
There's
there's
a
bunch
of
tools
that
come
with
rmf
and
that
are
used
very
useful
for
deployment
of
this
software.
B
The
traffic
editor
is
one
of
the
most
important
ones.
This
allows
us
to
annotate
flow
plans
and
add
walls,
doors
lists
and
under
traffic
links,
and
it
also
allows
us
to
place
simulation
models
in
this
environment
can
also
create
statics
or
dynamic
models
like
humans
on
others,
and
then
these
traffic
lanes
can
be
exported
into
vendor-specific
fleet
adapters.
B
Needless
to
say,
that
testing
in
simulation
is
very
important,
so
I'll
just
go
through
this
one.
First,
the
assets
that
we've
been
using
for
our
simulations
are
all
in
available
in
fuel.
So
if
you
go
to
ignition
robotics
fuel,
you
can
use
them,
and
then
we
get
to
rmf
core,
which
is
the
brain
of
rmf.
Rmf4
is
the
collection
of
libraries
and
utilities
for
assisting
the
vendors
integrating
with
rmf,
so
there's
pure
c,
plus
plus
libraries
set
for
trajectory,
interpolation
path,
planning,
scheduled
database
management
and
conflict
detection
and
resolution.
B
We
also
provide
ui
signal
paths
so
for
streaming,
there's
we
use
the
websocket
with
the
ros2
bridge,
to
connect
to
the
ros2
core
system
and
for
redemptive
connection,
there's
an
http
through
rest
server
and
then
connecting
to
the
core
system
and
then
there's
an
operations
dashboard.
B
B
Yeah
so
the
last
port,
it's
so
the
users
can
can
monitor
the
robot
fleet,
doors,
lifts,
the
infrastructure,
the
schedule
and
the
that
are
happening
in
rms,
and
it
has
high
level
commands
to
control
the
different
assets
in
the
system.
B
B
If
you
install
the
rmf
version
that
is
packaged
for
foxy,
you
will
get
the
rvs
version,
but
if
you
build
from
source
there's
a
bit
of
a
weird,
it's
it's
a
it's
a
weird
transition.
Yet
so
you
will
see
different
that
you
will
still
see
the
harvest
panel
there,
but
you
will
also
get
the
the
dashboard
on
on
the
web
and
and
we'll
see
that
once
we
get
into
the
demo,
which
is
right
now
all
right.
So
let
me.
C
C
A
C
B
Yep
got
it
all
right,
so
I'm
gonna
launch
the
the
demos.
Basically,
this
is
all
contained
in
imf
demos.
This.
This
is
the
repository
that
contains
the
demos
that
we
have
there's
four
demos.
There's
a
demo
for
the
office,
there's
a
demo
for
an
airport,
there's
a
demo
for
a
clinic
and
there's
a
demo
for
a
hotel
and
yeah.
You
can
install
them
through
packages,
there's
a
there's,
a
book
that
is
called
the
multi-robot
book.
B
That
also
should
be
linked
in
these
rmf
demos
somewhere.
There's
instruction
on
how
to
install
from
source
and
in
the
book
there's
instruction
also
on
how
to
install
from
the
binaries
the
debian
packages
yeah.
So
once
everything
is
installed,
you
can
just
launch
there's.
B
B
Do
it
through
the
web?
So
if,
if
you're
using
the
source
version,
I
think
it's
five
thousand
yeah,
it
should
be
yeah.
So
there's
the
web,
the
web
panel,
which
allows
you
to
submit
the
tasks
and,
as
I
said
it's
a
bit
of
an
of
a
hybrid
right
now,
so
you
get
the
the
lanes
and
the
traffic
monitoring
is
still
in
the
harvest.
B
If
you
install
the
version
from
ross
foxy,
you
will
see
something
like
this
still
here,
the
rmf
panel,
but
it's
just
not
in
the
configuration
anymore.
So
you
can
also
submit
the
tasks
through
the
rmf
panel
here
yeah,
so
yeah,
let's
submit
a
task.
B
B
We
see
that
we
have
two
robots
in
one
fleet
and
we
can
also
see
the
battery
level
mod
being
monitored
here.
So
we
can
submit
a
request
and
then
the
loop
request
has
been
submitted
and
you
can
see
the
task
has
been
submitted
here
and
it's
bending
at
a
certain
point.
The
system
yeah
one
robot
got
assigned.
You
can
see
this
this
little
magnet
robot
is
moving
it
now
and
you
can
see
how
the
percentage
is
of
the
task
is
being
performed.
B
B
B
B
Get
allocated
you'll,
see
the
robot
moving
around
conflicts
happening
and
all
that
yeah.
So
that's
for
the
demo.
We
can
leave
it
running
in
the
meantime.
B
I
can
try
sewing
later
on,
maybe
one
of
the
other
ones,
but
it
will.
I
think
it's
going
very
slow.
Let
me
just
speed
it
up
a
bit.
C
B
All
right
now
it's
been
it's
going
a
bit
faster
yeah.
So
while
the
tax
task
is
happening
going
a
bit
back
to
the
security
challenges.
B
B
So
a
way
to
replicate
revoke
certificates
is
needed.
We
will
also
need
tools
for
detecting
intrusion
in
the
system,
so
maybe
we'll
have
to
perform
certain
monitoring.
B
We'll
also
have
to
have
some
sort
of
security
management
dashboard
to
maybe
revoke
permissions
in
from
systems
integrators
perspective,
we
also
have
to
identify
different
levels
of
access
for
humans
to
the
system.
B
The
network
security
is
also
a
problem,
mainly
because
part
of
the
scheduler
might
be
running
at
a
certain
point
in
the
cloud,
and
also
deployments
are
something
that
we
have
to
be
able
to
test
and
somehow
certify
that
they
have
been
enough
secure
enough
yeah.
B
So
I
think
this
are
important
points
that
we'll
have
to
look
into
in
terms
of
security
and
yeah.
Thank
you
very
much.
If
you
guys
have
questions,
I'm
ready
to
take
them.
A
So
thanks
a
bunch,
so
I'll
I'll
actually
get
a
story.
If
I
can
and
then
we'll
see
what
other
questions
folks
have,
but
one
quick
question
for
you,
I
know
you're
somewhat
new
to
the
the
security
working
group.
Do
you
have
questions
on
how
security
works
on
what
you
can
do
with
esros
2
and
just
how
that
would
fit
in
to
the
overall
picture
for
you
or
do
you
want
to
dig
into
that?
A
little
bit
more.
B
B
B
C
Yeah
thanks
for
thanks
for
speaking
marco,
could
you
maybe
expand
on
the
human
aspect
component
on
what
what
you
feel
the
security
requirements
are
particularly
for
the
human
interfacing.
B
So
for
human
interfacing,
I
think
that
there's
going
to
be
so
this
we're
going
to
have
to
have
different
levels
of
access.
One
of
the
key
questions
that
we
had
is
that
we
can.
We
can
have
different
access,
different
ros
nodes,
with
different
access
levels
to
the
system
and
do
should
we
have
one
one
rose,
node
per
user
or
should
we
have
one
rose
node
per
row?
B
Right
certainly,
will
there
will
be
like
managers
system,
integrators
and,
for
example,
one
guy
with
a
security
management
dashboard,
so
they
will
definitely
need
different
types
of
access.
C
You're
thinking
an
individual
staff
would
have
to
have
some
kind
of
representation
or
identity
in
the
ross
side
of
things
or
wouldn't
they
more
or
less
be
abstracted
away.
B
C
Like
the
back
end,
fleet
management
ui
like
any
kind
of
normal
web
app
where
they
have
a
login
credentials
and
that's
how
they
interface
to
the
robots,
you're
thinking,
there's
yeah,
there's
more
diverse
cases
or
like
mechanics
or
operators
that
are
directly
interfacing
with
the
hardware.
B
Yeah,
so
certainly
we
would
want
pretty
much
everybody
to
access
through
web
dashboards.
I
would
say
somehow
this
would
be
translated
into
some
raw
security.
B
B
I
would
say:
there's
that
there's
there
will
have
to
be
yeah
different
levels
of
access
likes
from
the
like,
for
example,
in
the
hospital,
which
is
where
we're
working
more
well,
you
get
the
nurse
the
nurses
that
will
be
just
asking
for
deliveries,
but
then
you
will
have
certain
levels
of
support
that
will
have
to
be
able
to
move
certain
robots
or
command
specific
robots,
and
then
you
might
also
need
some,
some
guy,
that
that
needs
to
monitor
logs
and
and
then
maybe,
if,
if
robots
are
doing,
different,
weird
things
replicate
whatever
permissions
those
robot
has
or
if
a
door
is
behaving
in
a
real
way,
also
yeah.
B
B
Yeah,
I
think
that's
and
it
did.
B
Yeah,
I
think
that
the
most
urgent
part
on
the
ros
side
would
be
a
way
to
remove
permissions
from
from
one
of
the
one
of
the
participants.
C
Yeah,
so
I
I
agree
that
using
sort
of
a
traditional
web
web-based
portal,
probably
the
easiest
way
to
manage
access
on
a
larger
scale
for
consumer
end
use
cases.
C
I
think
when
you
get
into
the
component,
where
you
do
have
to
start
reaching
into
the
raw
system
subsystem
directly
and
negotiating
the
access
control
and
permissions
they're
in
with
more
effect
like
use
cases
and
users.
I
think
I
think
it's
something
I
don't
think
you
quite
have
a
good
story
for
at
least
in
even
as
far
as
like
secured
eds,
you
imagine
like
the
hospital
use
case
for
like
secured
idea,
some
medical
networks,
where
you
have
like
doctors
that
have
portals
that
subscribe
to
patient
data.
C
Even
then,
I'm
not
sure
to
like
necessarily
assume
that
the
doctor's
identity
is
associated
with
the
the
portal
subscribing
to
the
data
directly.
It's
usually
like
at
some
broker
access
control
model.
There's
like
this
yeah,
it's
this
sort
of
middleman
broker.
That's
delegating
that,
and
that
makes
it
so
that
the
the
hardware
level
or
the
network
level
between
the
pure
systems
is
relatively
thick
and
not
so
dynamic.
But
maybe
there's
a
use
case
of
having
everything
even
down
to
the
low
level
be
flexible
and
tracking
permissions.
C
Yeah,
I
agree.
It
seems
that,
given
the
level
of
abstraction,
it
seems
that,
like
everything,
can
be
managed
at
the
like,
where
this
manager,
global
manager
is
running
and
india
and
everything
can
be
assumed
through
rules
and
web
authentication
and
then
like
the
actual
server
that
is
commanding
the
robots,
will
have
access
to
some
commands.
But
then
it's
just
like
a
matter
of
like
which
role
like
which
people
are
logged
in
which
ones
have
access
to
that
part
of
the
system.
C
C
Or,
are
you
seeing
multiple
instances
of
drmf
like
framework
running
to
manage
such
a
system.
B
So
the
thing
is
that
the
the
dashboard,
for
example,
will,
through
the
let
me
see
oh
yeah,
the
dashboard
will
have
a
connection
to
the
authentication
to
an
authentication
database
and
based
on
that
authentication,
we'll
use
a
different
ros
permissions
to
access
the
the
roster
network.
B
So
that
way
the
dashboard.
If,
if
the
user,
let's
say
a
user
is
not
allowed
to
submit
any
tasks,
then
the
when
that
user
gets
authenticated.
The
the
rows
two
parts
would
only
allow
the
permissions
to
to
subscribe
to
that.
C
What's
what's
the
conventional
deployment
networking
model,
it's
like
there's
there's
this
database,
that's
always
online
and
always
accessible,
or
are
things
like
decoupled
and
peer-to-peer
and
there's
partitions
and
like
there's
this
everything's
connected,
like
you
can
imagine,
there's
a
redundancy
where,
like
if
the
power
went
out
in
the
middle
you'd
want
means
of
telling
robots
what
to
do
and
where
to
go.
C
B
B
There's
an
authentication
server
that
doesn't
run
on
the
demos,
but
this
authentication
server
will
connect
to
the
database
for
users
to
be
authenticated.
B
And
yeah
there's
also
for
the
dashboard
there's
several
backends
that
interact
with
the
dashboard
for
different
things.
So
there's
a
back
end
to
to
do
the
following
the
schedule
following
the
to
to
to
check
the
nav
graph
and
and
and
publish
the
nav
graph
on
the
dashboard
and
all
that.
So
it's
it's
highly
decoupled.
B
A
Mark
I
have
a
question
for
you
on
how
you
define
the
boundaries
I
mean
when
I
think
about
estros
too
much.
That's
done
with
certificate
certificate
hierarchy,
and
I
don't
know
if
you've
played
with
that
at
all
or
thought
about
that,
because
it
sounds
like
it
sounds
like
you
have
a
robot
and
then
a
fleet
of
robots
and
then
the
whole
task
space,
if
you
will
that's
that's
governed
by
the
dashboard,
is
that
is
that
right?
Is
that
how
you
kind
of
envision
this
whole?
B
Yeah,
so
the
the
idea
is
that
we
sh
so
with
with
with
with
esros
we
we
were
able
to
to
provide
this
this
encryption
of
all
the
network.
Up
to
the
back
ends.
B
Point
right,
as
I
said,
the
main
my
main
concern
now
is
the
I
would
say
my
main
concern
are
the
third
parties,
because
that
is
something
that
we
don't
control
and
it's
going
to
be
very
hard
to
control
for
any
system
integrator
that
is
using
rmf.
B
So
I
feel
like
there
should
be
a
way
from
from
the
roadside
to
provide
this
systems
integrators
to.
Ideally
it
would.
It
would
be
ideal
to
have
like
certain
certain
way
to
verify
certain
levels
of
security
of
the
systems.
If
there's
a
set
of
tests
that
can
be
run
or
something
like
that
and
worst
case
scenario,
there's
there
should
be
a
way
for
them
to
to
replicate
us
the
permissions
that
these
these
systems
have.
B
If
something
happened,
because
the
problem
is
that
these
systems
that
they're
not
controlled
by
the
system's
integrators
or
they
might
not
be
controlled
by
the
system's
integrators
and
and
on
top
of
that
they,
the
scope
of
the
systems,
is
pretty
much
everywhere,
they're
they're
running
around.
So
it's
not.
B
It's
not
only
network,
a
network
problem,
it's
a
problem
of
like
physical
access
to
the
systems
and
to
be
honest,
as
as
we're
building
this
system,
we
have
to
we're
currently
asking
vendors
to
provide
us
with
apis
to
be
integrated
into
rmf,
and
I
I
have
a
feeling
that
these
apis
are
very
new
and
not
heavily
tested.
C
When,
when
you're
dealing
with
these
third
parties,
maybe
like
a
threat
model
might
be
to
consider
them
as
like
semi
or
untrusted
zones
like
on
the
higher
level
conceptual
thing
where
we're
we're
kind
of
concerned,
with
integrity
and
confidentiality
and
interfacing,
with
these
extremities
so
like
when,
when
you're
consuming
data
from
the
third
parties
you're
concerned,
maybe
about
the
integrity
of
the
information
that
hasn't
been
modified
or,
like
you
know,
when
the
elevator
shaft
says
it's
open,
you
know
you
want
to
you:
have
you
kind
of
have
to
take
its
word
for
it?
C
Because,
maybe
I
don't
know
if
you
have?
If,
if
the
third
parties
are
using,
you
know
authenticated
encryption
or
not
or
where
the
data
is
coming
from,
and
then
the
other
thing
is
confidentiality.
It's
like
when
you,
when
you
you,
when
you
delegate
any
kind
of
information
from
your
ross
framework
out
to
your
third
party
like
patient
room
numbers
or
something
like
that.
You'll
want
to
be
careful
on
what
kind
of
information
you're
you're
exposing
do.
C
B
B
I
would
say
that
yeah,
that's
a
good
question.
B
A
Hey
mark,
I
have
a
question
for
you
just
on
on
simulating
this
and
I
think
you've
already
covered
this,
but
if
we
want
to
do
some
more
work
with
just
exploring
different
scenarios,
you
know,
including
you
know,
securing
no
dl
and-
and
you
know
just
continue
working
on
stuff
you've
already
worked
on.
Is
that
start
with
the
simulator
start
with
the
the
the
github
repo?
B
No,
I
would
say
I
would
say
it's
kind
of
straightforward,
the
source
code.
You
can
just
download
there's
the
in
the
rmf
demos.
You
get
all
the
instructions
just
to
build
from
source,
and
you
can
also,
if
you,
if
you
go
to
the
book
in
the
introduction
part
you
can,
you
can
just
use
the
binaries
if
you
want
to
check
the
system
but
yeah.
Also
it's
it's
quite
straightforward
to
to
modify
the
environments,
especially
if
you
use
the
traffic
editor
that
we
provide
so.
A
B
This
is
the
book
great
thanks,
and
this
is
the
link
to
rmf
demos,
so
that
currently
is
the
place
where
pretty
much,
I
would
say,
like
the
instructions
for
installing
and
all
that
are
so.
I
would
say
that
the
best
way
to
start
is
to
run
these
demos.
B
I
didn't
run
the
the
clinic
one,
because
it's
very
heavy
but
yeah
if
you,
because
I'm
running
on
a
laptop,
but
if
you
guys
running
on
a
on
up
some
sort
of
powerful
workstation,
it's
very
nice
because
you
can
see
the
the
different
levels
and
you
can
see
the
lifts
going
up
and
down
and
all
that.
B
Yeah
everything
runs
in
the
ideally
that's
another
part.
That's
why
I
I
was
talking
about
network
security
because
at
some
point
the
the
part
of
the
core
you
might
want
to
run
it
in
the
cloud.
C
C
What
slide
are
you
looking
at?
Let
me.
B
B
Or
you
can
look
it
up
in
the
book
also,
I
think
yeah.
I
think
in
the
introduction,
the
first,
the
first,
the
first
drawing
that
you
get
in
the
introduction
on
how
on
what
is
rmf
core
system
will
definitely
go
into
the
cloud,
but
also
smart
fleet
adapters
and
all
these
adapters
can
can
go
into
the.
B
Yeah
well,
technically,
one
of
the
tests
that
we're
running
is
also
running
robots
with
with
internet
connection
and
then
just
running
everything
in
the
cloud.
C
B
The
same
time,
you
also
have
send
like
sensitive
deployments.
B
Like
could
be
hospitals
where
you
might
wanna
run
everything
inside
you,
don't
wanna
you,
you
don't
wanna
get
any
of
the
data
out
of
the
hospital
right.
B
Yeah,
so
they
they'll
be
like
there
can
be
a
specific
servers
in
in
the
intro.
A
B
I'm
not
sure
if
it's
part
of
the
compliance
regulation
or
if
it's
like
just
but
I'm
sure,
there's
this.
This
there's
places
where
there
are
scenarios
where
you
can
run
rmf
and
then
the
compliance
will
not
allow
you
to
get
certain
information
out
yeah.
B
C
I
I
have
a
couple
questions,
but
you
can
also
move
them
offline.
One
thing
that,
like
you
mentioned
several
times
here
all
is
that
something
you
played
with
when
you
did
your
secure
demo
of
rmf,
or
is
it
something
that
like
you,
because
that's
not
something
we
expose
explicitly
in
escrow
sub?
That's
something
that's
supported
by
at
least
five
dds
and
connects,
and
so
I
just
wanted
to
know
if
you
tried
to
revoke
certificate
and.
B
No,
no,
I
haven't
tried,
but
I
know
fast
rtps
is
it's
supporting
that
right,
yeah.
A
C
C
And
related
to
that,
do
you
have
so
you
said
you
have
a
secure
demo
working?
Can
you
could
you
provide
also
like
the
links
to
that
as
well?
It.
B
C
C
Awesome
yeah,
I
think
that's
like
that,
would
be
the
the
best
thing
for
us
to
like.
If
you
want
to
like
explore
this
is
so
your
recommended
way
of
testing
and
running
this
is
to
build
from
source
and
following
the
rms
demos,
instructions
and,
and
whatever
reasons
that
read
me
using
the
tmx.
B
Yeah,
so
the
the
first,
I
think,
is
the
first
line
that
you
can
see.
There's
a
bash
there's
a
bus
script
that,
if
you
run
in
in
tmux,
should
should
be
exporting
all
the
environment
variables
and
creating
all
the
certificates
that
you
need
to
run.
The
office
demo.
A
So
no,
we
are
only
scheduled
to
go
for
an
hour,
but
I
can
leave
the
room
open.
So
as
long
as
everybody
keeps
going
and
marco,
if
you're
still
still
good,
it
looks
like
ramon.
You
have
your
hand
raised.
I
guess
you
got
a
question.
B
Yeah
exactly
so
yeah
I.
C
Wrote
down
a
couple
of
questions,
I
don't
know
if
you
have
time
for
this,
marco
yeah
yeah
sure,
okay
cool,
so
so
so
what
what
is
like
the
the
short
term
plan
for
rmf
like
what?
What
time
do
you
think
it
will
be
deployed
at
customers
like?
We
are
also
a
customer
or
we
are
also
in
need
of
a
fleet
manager
like?
Is
it
too
early
or
what
do
you
think.
C
B
Oh
yeah,
so
we
provide,
we
also
provide
the
free
fleet,
so
there's
a
there's,
a
fleet
manager
that
is
provided
by
rmf.
Let
me
find.
B
B
I
would
expect
working
to
be
started
on
on
real
environments
towards
the
end
of
the
year,
probably,
but
I'm
not
sure
of
the,
because
it
depends
on
like
projects
and
and
and
other
third
parties.
So
I
can't
guarantee,
but
yeah
feel
free
to
to
have
a
look
at
the
reports
that
we
have
and
and
yeah.
Let
us
know
if
you
have
any
any
questions.
B
Is
it
you
mean
like
the
specific
adapter
for
for
certain
robots.
B
B
If
there's
this
specific
steps
and
there's
a
there's
a
in
the
integration
part,
you
will
see
this
free
fleet
section
where
you
can
have
a
look
on
on
how
to
use
this
free
fleet
and-
and
this
is
directly
integrated
into
rmf.
C
Okay,
cool
I'll.
If
you
look
at
the
examples
you
linked
in
the
chat
and
last
question
is
more
of
a
security
question
like
have
you
thought
about
fake
robots
connecting
to
fleet
managers,
preventing
that
or
the
other
way
around
robots
that
are
like
connecting
to
a
proxy
that
sniffs
traffic
from
the
robots
like
those.
B
Kind
of
well
the
the
idea
was
to
use
the
the
security
features
of
dds
through
the
ros
layer
right.
So
if
we
do
that,
ideally,
the
the
robot
will
need
to
steal
a
certificate
to
be
able
to.
C
B
The
robot,
I
would
say
the
robot,
doesn't
know
if
it's
connecting
to
the
right
server
right,
the
robot
just
and
the
robot
knows
that
the
messages
are
coming
from
the
right
server.
That
is,
that
is
what
it
is
right.
B
Yeah,
however,
as
I
said
some
of
these
robots,
the
someone
might
get
physical
access
and
and
and
steal
the
certificate.
So
that
is
the
I
think,
that's
that's
the
critical
part
in
the
whole
system
and
the
weakest
right
now.
A
So,
marco,
will
you
be
able
to
share
your
slides,
so
I
can
post
them
with
the
meeting
yeah.
I
will
that'd
be
great
thanks
thanks
yeah,
so
I
really
appreciate
it.
I'm
feeling
you'll
probably
get
some
some
follow-up
questions
as
well,
but
yeah
great
introduction
to
rmf.
A
I
did
didn't.
Have
one
question,
I
don't
know
if
let
me
see
looks
like
we
lost
most
of
our
folks,
so
just
from
security
working
group
we'll
follow
up
with
this
in
the
next
meeting
and
and
figure
out
where
we
want
to
go
between
movement
and
rmf
and
potentially
some
other
things,
and
you
know
demos
and
support
some
of
these
projects.
I
think
it's
some
really
neat
opportunities
here.
A
So
if
nobody
has
anything
else,
all
right,
then
thanks
a
bunch
thanks
again
marco
for
presenting
and
I'll
post
the
link
to
the
video
and
some
of
the
notes,
you'll
see
that
come
through
all
right.