Decentralized Information-Flow Control for ROS2

—ROS2 is a popular publish / subscribe based middleware that allows developers to build and deploy a wide-variety of distributed robotics applications. Unfortunately, ROS2 o ff ers applications poor control over how their data is consumed downstream by other applications. Although decentralized information-flow control (DIFC) o ff ers a solution to this problem, the decentralized and distributed architecture of ROS2 poses new challenges to building a practical DIFC system for ROS2. We present Picaros, a DIFC system tailored for ROS2. Picaros adopts a novel approach to DIFC that casts and solves DIFC’s access control problem in the framework of attribute-based encryption (ABE). Picaros’s design embraces the unique nature of the ROS2 platform and carefully avoids any centralized elements. This paper presents the design and implementation of Picaros and reports results from our experiments that use Picaros’s ABE-based approach for DIFC with ROS2 applications.