# SECURITY VERIFICATION IN ROS - *svROS*
Verification of security in robotic systems is one of the most difficult tasks from the standpoint of software development, as it might lead to a variety of loose ends. However, it has been shown how security hyperproperties, in particular Observational Determinism, can be verified by resorting to the use of formal methods.
Using formal frameworks for verification, such as Alloy, requires a significant level of expertise, which a common ROS developer does not possess. In addition, no state-of-art tool contemplates techniques to formally verify security in ROS2, which naturally motivates the study considered within the scope of this dissertation.
Therefore, a verification tool was developed, named Security Verification in ROS (svROS), which focuses on abstracting formal verification approaches, to provide a less-formal, easier to use, solution to verify OD in ROS2 system applications. To check the correctness of a ROS application behaviour in respect to OD, it is necessary to specify how the system behaves atomically in each node. For this, the tool incorporates a specification language that is more user-friendly than Alloy and, it enables the specification of intra-node operations, in respect to the publish-subscribe paradigm.
svROS supports the following capabilities:
* Source code fetching from ROS2 application packages.
* Reverse engineering methods to infer an architecture topology from the extracted code.
* Generation of configuration file templates, to allow a ROS developer to easily configure its application network.
* Methods to translate the system configuration into a model in Alloy, to later perform the verification of OD.
* A domain specific language to specify the intra-node behaviour of a ROS application, and methods to translate such specifications into Alloy.
You can find the full documentation [here](https://luis1ribeiro.github.io/svROS/).
### HAROS - The High-Assurance ROS Framework
A lot of work done here was based on using already existent procedures from [HAROS](https://github.com/git-afsantos/haros) to ROS2. HAROS is a notable framework for quality assurance of ROS-based code, mostly based on static analysis, which makes use of various plugins to extend its functionality.
---
## INSTALL AND USE
svROS functionalities was compacted into a single [python package](https://pypi.org/project/svROS/) and can be easily installed using the python package installer *pip*.
```
pip install svROS
```
After installing, see the [Quick Reference](./svROS/) to the see the tool's commands and usage instructions.
Enjoy! (ง ͡❛ ͜ʖ ͡❛)ง
Raw data
{
"_id": null,
"home_page": "https://github.com/luis1ribeiro/svROS",
"name": "svROS",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "python sros2 ros2 property-specification model-checking alloy haros",
"author": "Lu\u00eds Ribeiro",
"author_email": "lmmr@outlook.pt",
"download_url": "https://files.pythonhosted.org/packages/ab/9e/50f20323a802a3bda221515780b2de3436954cf2f935a499d6fd46f85f62/svROS-1.0.1.tar.gz",
"platform": null,
"description": "# SECURITY VERIFICATION IN ROS - *svROS*\n\nVerification of security in robotic systems is one of the most difficult tasks from the standpoint of software development, as it might lead to a variety of loose ends. However, it has been shown how security hyperproperties, in particular Observational Determinism, can be verified by resorting to the use of formal methods.\n\nUsing formal frameworks for verification, such as Alloy, requires a significant level of expertise, which a common ROS developer does not possess. In addition, no state-of-art tool contemplates techniques to formally verify security in ROS2, which naturally motivates the study considered within the scope of this dissertation.\n\nTherefore, a verification tool was developed, named Security Verification in ROS (svROS), which focuses on abstracting formal verification approaches, to provide a less-formal, easier to use, solution to verify OD in ROS2 system applications. To check the correctness of a ROS application behaviour in respect to OD, it is necessary to specify how the system behaves atomically in each node. For this, the tool incorporates a specification language that is more user-friendly than Alloy and, it enables the specification of intra-node operations, in respect to the publish-subscribe paradigm.\n\nsvROS supports the following capabilities:\n* Source code fetching from ROS2 application packages.\n* Reverse engineering methods to infer an architecture topology from the extracted code.\n* Generation of configuration file templates, to allow a ROS developer to easily configure its application network.\n* Methods to translate the system configuration into a model in Alloy, to later perform the verification of OD.\n* A domain specific language to specify the intra-node behaviour of a ROS application, and methods to translate such specifications into Alloy.\n\nYou can find the full documentation [here](https://luis1ribeiro.github.io/svROS/).\n\n### HAROS - The High-Assurance ROS Framework\n\nA lot of work done here was based on using already existent procedures from [HAROS](https://github.com/git-afsantos/haros) to ROS2. HAROS is a notable framework for quality assurance of ROS-based code, mostly based on static analysis, which makes use of various plugins to extend its functionality. \n\n---\n## INSTALL AND USE\n\nsvROS functionalities was compacted into a single [python package](https://pypi.org/project/svROS/) and can be easily installed using the python package installer *pip*.\n\n```\npip install svROS\n```\nAfter installing, see the [Quick Reference](./svROS/) to the see the tool's commands and usage instructions.\n\nEnjoy! (\u0e07 \u0361\u275b\u202f\u035c\u0296 \u0361\u275b)\u0e07\n",
"bugtrack_url": null,
"license": "MIT License",
"summary": "Security Verification in ROS",
"version": "1.0.1",
"split_keywords": [
"python",
"sros2",
"ros2",
"property-specification",
"model-checking",
"alloy",
"haros"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "a7fe975835ccc45249383fb622d28d46",
"sha256": "3272fdce152d8466d649d8b363178b5e64fea1366405604180f1a8c3a4d6eb74"
},
"downloads": -1,
"filename": "svROS-1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "a7fe975835ccc45249383fb622d28d46",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 79248281,
"upload_time": "2022-11-30T17:14:01",
"upload_time_iso_8601": "2022-11-30T17:14:01.165161Z",
"url": "https://files.pythonhosted.org/packages/01/7a/6064ea171ad89948b1b76ed9fb4a7965bb9b57aae121049519175758037d/svROS-1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "3b6f8124e98dd85078e4917fb56646f6",
"sha256": "8dd47a95b4d10463764a4a64a86c15ef7d4dd5abcfb96b4e4cc6ba46458d5d6c"
},
"downloads": -1,
"filename": "svROS-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "3b6f8124e98dd85078e4917fb56646f6",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 79230149,
"upload_time": "2022-11-30T17:14:14",
"upload_time_iso_8601": "2022-11-30T17:14:14.670477Z",
"url": "https://files.pythonhosted.org/packages/ab/9e/50f20323a802a3bda221515780b2de3436954cf2f935a499d6fd46f85f62/svROS-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-11-30 17:14:14",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "luis1ribeiro",
"github_project": "svROS",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [
{
"name": "argparse",
"specs": []
},
{
"name": "bonsai_code",
"specs": [
[
">=",
"0.6.7"
]
]
},
{
"name": "xmlschema",
"specs": []
},
{
"name": "hpl-specs",
"specs": []
},
{
"name": "lark",
"specs": [
[
"<=",
"0.12"
]
]
},
{
"name": "networkx",
"specs": []
},
{
"name": "simple_term_menu",
"specs": []
},
{
"name": "jinja2",
"specs": []
}
],
"lcname": "svros"
}
JSON
