DDS-Cerberus: Ticketing Performance Experiments and Analysis

Data Distribution Service (DDS) is a publish-subscribe middleware used to distribute data between real-time systems, production environments, and small embedded platforms. In DDS, Nodes have at least one Publisher or Subscriber. Publishers and Subscribers use unique Topics to send and receive messages. Each Subscriber has permission to read the Publisher's message if it references the same Topic sent from the Publisher. This capability supports real-time communication, sacrificing security, such as impersonation attacks. This paper details, tests, and evaluates DDS-Cerberus (DDS-C), a novel distributed communication protocol integrating Kerberos ticketing system with DDS. DDS-C integrates Kerberos authentication and Ticket retrieval with Publishers and Subscribers. Experiments have six parameters each with a 2:1 Publisher to Subscriber ratio. Performance tests modify the message byte size to emulate .txt and .mp3 files: 10 KB, 100 KB, 1 MB, 5 MB, 10 MB, and 20 MB. Experiment metrics for functionality and performance are the messages per second and latency in a wired environment. Experiments utilize ROS 2 (Robot Operating System) as a testbed. Initial tests for a baseline are conducted without DDS modifications and subsequent tests with DDS-C modifications. The results reveal that due to the ticketing component, DDS-C increases DDS security by preventing impersonation attacks while negligibly increasing average processing compared to baseline results.