General Info
We analyze the three most widely used and maintained ROS2 versions, except ROS2 Rolling which is designed to test new features. They are: ROS2 Foxy, ROS2 Galactic and ROS2 Eloquent (end-of-life in Nov 2020).
Communication-related Function Changes
Shortly speaking, there is no major changes on communication-related functions across the versions. This is because their behaviors and designs are inherited from ROS1, which is stable and efficient on DDS. Below we list the major changes of the three versions. Note that for each version, we list its changes compared to its previous version.
ROS2 Eloquent (Ubuntu 18.04 compatible)
This version included major changes on logging. Specifically, (1) users can now log ROS2 terminal outputs to the node granularity, (2) users can use rqt_graph to visualize tf (transformation) messages, which is one of the most used packages migrated from ROS1 (though disabled by SROS2), (3) RMW supports FastRPTS 1.9.3 and CycloneDDS.
ROS2 Foxy (Ubuntu 20.04 compatible), the most widely used version
While lots of features are added in this version, we only highlight those related to our work.
(1) Detail the types of messages that can be taken from the DDS. Now it supports serialized messages and sequences.
(2) SROS2 has major performance overhead due to the previous design flaws. In this update, they change the one-to-one mapping of node and DDS participant to multiple nodes to one participant as long as they share the same security configuration, or called a security enclave. This minimizes the number of participants. We labeled this change in our manuscript, and it has no impact to the identified vulnerabilities.
ROS2 Galactic (Ubuntu 20.04 compatible)
This version is a feature-integration version, with many packages migrated from ROS1 to ROS2. Some updates related to our work:
(1) Default RMW version changed to CycloneDDS. Other DDS versions are still supported, including FastRTPS (also named as FastDDS), which was the previous default version and our main research target.
(2) Address an rclcpp format string attack. Note that this is a function-level attack, which is beyond the scope of our work.