Department of Computer Science: MSc Thesis Presentations

WebAssembly-Based Plugin Architecture for ROS 2 Distributed Systems

Student: Yerzhan Zhamashev
Advisor: Eero Keltikangas
Supervisor: Lachlan Gunn

Abstract: This thesis enhances the security of Robot Operating System 2 (ROS 2) dynamic plugin architectures by introducing a WebAssembly-based sandboxing framework. Traditional shared library plugins expose systems to memory corruption and unauthorized resource access, risks particularly severe in safety-critical robotics deployments.

The proposed framework integrates Wasmtime runtime with capability-based security controls, providing memory isolation for plugin execution. The architecture leverages WASI to bridge WebAssembly components with ROS 2's middleware abstraction layer (rmw), using WebAssembly Interface Types (WIT) for language-agnostic interface definitions. Remote plugin deployment is enabled through Zenoh transport, supporting distributed robotics environments. Implementation challenges include adapting C++ libraries to WebAssembly compilation targets, interface translation overhead, generating language bindings, and extending ROS 2's build system for WebAssembly cross-compilation.

Results demonstrate that WebAssembly components provide viable, secure alternatives to native plugins, achieving sandboxed execution with restricted host access and simplified verification. This work establishes a foundation for secure component architectures in distributed robotics with immediate applications in industrial environments requiring third-party integration, including automotive and collaborative manufacturing systems.