Skip to content

Instantly share code, notes, and snippets.

@mikaelarguedas

mikaelarguedas/README.md

Last active April 17, 2018 02:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mikaelarguedas/2a4f34e91a92eb13e1ccce1969ed20d6 to your computer and use it in GitHub Desktop.
Save mikaelarguedas/2a4f34e91a92eb13e1ccce1969ed20d6 to your computer and use it in GitHub Desktop.
Download ZIP
mavros_messages_ros2
Raw
README.md

Gazebo 9 sitl drone demo

Install ROS kinetic desktop intructions

sudo rosdep init && rosdep update

Install gazebo9:

sudo sh -c 'echo "deb http://packages.osrfoundation.org/gazebo/ubuntu-stable `lsb_release -cs` main" > /etc/apt/sources.list.d/gazebo-stable.list'
wget http://packages.osrfoundation.org/gazebo.key -O - | sudo apt-key add -
sudo apt-get update
sudo apt-get install gazebo9 libgazebo9-dev

Install gazebo9 ros pkgs:

sudo apt install ros-kinetic-gazebo9-ros-pkgs

Install some more deps:

sudo apt install unzip python-toml python-vcstool

Install ROS 2 Ardent (from these instructions):

sudo apt update && sudo apt install curl
curl http://repo.ros2.org/repos.key | sudo apt-key add -
sudo sh -c 'echo "deb [arch=amd64,arm64] http://repo.ros2.org/ubuntu/main xenial main" > /etc/apt/sources.list.d/ros2-latest.list'
sudo apt update
sudo apt install `apt list "ros-ardent-*" 2> /dev/null | grep "/" | awk -F/ '{print $1}' | grep -v -e ros-ardent-ros1-bridge -e ros-ardent-turtlebot2- | tr "\n" " "`

Compile the drone demo:

mkdir -p ~/drone_demo/drone_demo_ws/src && cd ~/drone_demo/drone_demo_ws/src
git clone https://github.com/osrf/drone_demo
git clone --recursive https://github.com/tfoote/sitl_gazebo.git -b export_resources
cd ~/drone_demo/drone_demo_ws
source /opt/ros/kinetic/setup.bash
rosdep install --from-paths src --ignore-src --rosdistro kinetic -y
catkin_make_isolated --install

Download the geo information dataset for mavros:

sudo ~/drone_demo/ros2_overlay_ws/src/mavros/mavros/scripts/install_geographiclib_datasets.sh

Try the demo

Terminal A

source ~/drone_demo/drone_demo_ws/install_isolated/setup.bash
roslaunch sitl_launcher sitl.launch

Terminal B

source ~/drone_demo/drone_demo_ws/install_isolated/setup.bash
roslaunch sitl_launcher run_px4.launch

Make the drone take off:

In terminal B type: <SPACE> commander takeoff

The drone should take off, hover for a bit and then land automatically

Get the qground control app:

https://docs.qgroundcontrol.com/en/getting_started/download_and_install.html Start the app Configure communication link: Click the Q-looking icon top left Click “Comm Links” Setect Type: UDP Click OK

Open the communication with the simulated robot:

Click the Q-looking icon top left Click “Comm Links” Click “UDP Link on Port 14550” Click Connect

Now if you start the simulation again and send “commander takeoff” the drone should stay in the air instead of landing automatically after a few seconds

Build a ros2 workspace with all mavros messages:

mkdir -p ~/drone_demo/ros2_overlay_ws/src && cd ~/drone_demo/ros2_overlay_ws
wget https://gist.githubusercontent.com/mikaelarguedas/2a4f34e91a92eb13e1ccce1969ed20d6/raw/cc8b45f0eaad52f35dacde7918bf5b244b41187a/mavros_msgs_ros2.repos

vcs import src < mavros_msgs_ros2.repos
source /opt/ros/ardent/setup.bash
ament build --isolated --skip-p ros1_bridge

Build the bridge:

In a new terminal:

cd ~/drone_demo/ros2_overlay_ws
source /opt/ros/kinetic/setup.bash
source /opt/ros/ardent/setup.bash
source ~/drone_demo/ros2_overlay_ws/install_isolated/local_setup.bash
ament build --isolated --only ros1_bridge --force-cmake

Run the bridge:

. /opt/ros/kinetic/setup.bash
. /opt/ros/ardent/setup.bash
. install_isolated/local_setup.bash
export ROS_MASTER_URI=http://localhost:11311
ros2 run ros1_bridge dynamic_bridge

Command the drone via ROS topics/services:

What an attacker could do: Disarming the drone (ros1 side): rosservice call /mavros/cmd/arming "value: false" Disarming the drone (ros2 side): ros2 service call /mavros/cmd/arming mavros_msgs/CommandBool "value: false"

Create key/certs for the bridge:

. /opt/ros/ardent/setup.bash
. install_isolated/local_setup.bash
cd ~/drone_demo/ros2_overlay_ws/
ros2 security create_keystore demo_keys
ros2 security create_key demo_keys ros_bridge

Running the bridge with security:

. /opt/ros/kinetic/setup.bash
. /opt/ros/ardent/setup.bash
. install_isolated/local_setup.bash
export ROS_MASTER_URI=http://localhost:11311
export ROS_SECURITY_ROOT_DIRECTORY=~/drone_demo/ros2_overlay_ws/demo_keys
export ROS_SECURITY_ENABLE=true
export ROS_SECURITY_STRATEGY=Enforce
ros2 run ros1_bridge dynamic_bridge

Now if we try to send the same attack command as before:

$ ros2 service call /mavros/cmd/arming mavros_msgs/CommandBool "value: false" waiting for service to become available... The attacker cannot even detect the service as it it not authenticated to communicate with the bridge

Raw
mavros_msgs_ros2.repos
repositories:
geographic_info:
type: git
url: https://github.com/mikaelarguedas/geographic_info
version: ros2-msgs
mavros:
type: git
url: https://github.com/mikaelarguedas/mavros
version: ros2-msgs
unique_identifier:
type: git
url: https://github.com/mikaelarguedas/unique_identifier
version: ros2-msgs
ros1_bridge:
type: git
url: https://github.com/ros2/ros1_bridge.git
version: master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment