Local Security Observability for Air-Gapped ROS 2 Deployments

Monk · January 15, 2026, 10:08pm

Hello ROS 2 Security Working Group,

I’ve developed a lightweight, air-gapped security observability module for

ROS 2 deployments in environments where cloud connectivity is undesirable

(edge robotics, humanitarian infrastructure, privacy-sensitive applications).

Technical Scope:

- Read-only DDS introspection (no publishers/services)

- Localhost-only dashboard (127.0.0.1)

- Docker containerized with non-root execution

- Zero external dependencies

- Real-time system monitoring (CPU, memory, network)

Target Platforms:

- Boston Dynamics Spot (payload compute)

- Humanoid platforms (Digit, Figure 02)

- Edge/lab environments

Current Status:

- Working prototype with backend monitoring

- Docker Compose integration with ROS 2 Humble

- Internal bridge network (air-gapped by default)

Repository: GitHub - coldnsteel/HackerWatchFortress-Sovereign: Sovereign Security Dashboard - No Government Ties

I’m seeking feedback on:

1. SROS 2 alignment best practices

2. Passive DDS monitoring patterns

3. Air-gapped security logging standards

Any guidance would be appreciated.

Best regards,

Monk Bartholomew

lexalytics@yahoo.com

Thanks,

chfritz · January 15, 2026, 10:51pm

What is this? I read the code, which is absolutely minimal, and doesn’t seem to be doing anything. It serves a minimal web page that establishes a websocket connection to the server which in turn does nothing more than acknowledging the request to start monitoring, but after that it seems neither client nor server are sending any messages. It also starts a second container (humble desktop) which seems unconnected to the first, and in particular the first container doesn’t seem to be “monitoring” anything about the second.

At first I thought this might be malware, but I couldn’t find anything fishy about it even though nothing about this seems overly trustworthy.

Monk: you say “Working prototype with backend monitoring” is part of the current status. What does that mean? What are you monitoring and why does your code not reflect that? Am I missing something?

Topic		Replies	Views
Ferronyx – Real-Time ROS2 Observability & Automated RCA ROS General fulltime , ros2 , ros	2	155	January 13, 2026
ROS2 Security Working Group Online Meeting - May 15th, 2019 between 9AM and 10AM PDT (UTC-7) ROS General ros2 , wg-security	5	812	May 15, 2019
Cybersecurity in the ROS 2 communication middleware, targeting the top 6 DDS implementations ROS General ros2 , dds , wg-security , security	1	4567	December 26, 2021
How do you monitor your robot diagnostics (topic rates)? ROS General ros2	25	2305	January 10, 2025
DDS Monitoring for ROS2 - ROS Developers OpenClass #187 Training & Education ros2 , dds	2	1804	May 11, 2024

Local Security Observability for Air-Gapped ROS 2 Deployments

Related topics