Developing robots is not like building apps or IoT devices. Robots balance complex features such as scene awareness, social intelligence, physical intelligence, communication, dialogue, learning from interaction, memory, long-term autonomy, safe failure… the list goes on and on. 

As a result, robotics startups can take years to get to a minimum viable product (MVP). As code develops and packages change, the Robot Operating System (ROS) needs to be continuously patched and updated. This is time consuming and detracts from your robotics development, but running unpatched and unmaintained versions of ROS exposes your robot, company, and customers to serious risk. 

Once deployed, robots are expected to operate for years. This compels robotics companies to either plan for complex OS and software upgrades or run on unsupported software, a significant risk under increasingly strict regulations like the EU’s CRA (Cyber Resilience Act). This also impacts vendors developing solutions for fleet management, navigation, or computer vision. 

As a result, whether in production or deployment, robots will inevitably live beyond the standard support lifecycle of the software powering it. Whether that’s Ubuntu, ROS or other dependencies (such as Python), your system will reach its end of support – that is, the end of updates, patches and maintenance. As an example, ROS Noetic reached End-Of-Life (EOL) in 2025, and Ubuntu 20.04 LTS also reached the end of standard support. 

Canonical’s Expanded Security Maintenance (ESM) for ROS precisely addresses this issue, expanding the duration and scope of security maintenance. As part of the Ubuntu Pro subscription, and delivered in partnership with Open Robotics, ESM for ROS gives you a hardened and long-term supported ROS system foundation for your robot applications. By enabling Canonical’s ESM repositories you will get trusted and stable binaries for your ROS and Ubuntu base OS distribution for up to 15 years – keeping your robots security maintained and compliant beyond standard software support lifecycles.

Even if your ROS distribution hasn’t reached its End-of-Life (EOL), with Ubuntu Pro you can count on backports for critical security updates and common vulnerabilities and exposures (CVE) fixes for your ROS environment. In addition, Ubuntu Pro subscribers can also access enterprise support to report ROS bugs to guarantee high quality and timely fixes.       

How does ESM for ROS work? 

As part of Ubuntu Pro, ESM for ROS builds upon the world-class infrastructure used by Canonical to deliver security updates for the Ubuntu base OS and critical infrastructure components. 

At Canonical, we support and maintain packages in the Ubuntu Main Repository and the Ubuntu Universe Repository. This includes available high and critical CVE fixes and security updates. For instance, at the time of writing, we have deployed more than 12,400 CVE fixes for Focal Fossa 20.04 LTS alone. These fixes reside in our ESM repository and are available to any Ubuntu Pro user. 

With ESM for ROS, we have also included security and updates PPAs for core ROS packages. We currently support over 600 packages across ROS 1 (Kinetic, Melodic, Noetic) and ROS 2 Foxy, with support for additional ROS 2 distributions continuously being added.

The three main benefits of ESM for ROS

A hardened ROS environment 

It’s not unusual for upstream ROS components to break backward compatibility – affecting both APIs and ABIs. To retain stability and provide a resilient workspace, Canonical patches security flaws through ESM. We eliminate API and ABI breakages from updates while addressing high and critical CVE and bugs. With ESM for ROS, developers receive curated packages meeting Canonical’s high standards for stability and interoperability. 

A long-term secure system for your robot

Since its inception in 2004, Canonical has never stopped working to keep Ubuntu at the forefront of safety and reliability. Since 2021, our security commitment has extended to the robotics field with ESM for ROS. Expand the length of security coverage to up to 15 years  for both ROS and the Ubuntu base OS to keep your entire stack up-to-date. Protect your robot fleet and ensure compliance with regulations like the EU’s CRA (Cyber Resilience Act) throughout the entire product lifecycle.

Your single point of contact for ROS enterprise support

As part of Ubuntu Pro, ESM for ROS provides a single point of contact for all the software in ESM, including ROS, as opposed to trying to figure out where to log a bug or propose a fix and hoping it might get eyes at some point. Save engineering time and effort by contacting Canonical for all the support you and your robot deserve. All in one place! 

Canonical has been supporting the security, management and upgrading of robot software for years. Learn more about how Ubuntu is powering robotics here

Get ESM for ROS now

Whether your ROS distribution is reaching its End-Of-Life, or you are not receiving the updates and fixes your system requires, ESM for ROS is here to make your work easier.   

Get ESM for ROS