According to what I read, RPC, which stands for Remote Procedure Call, is a technique used to enable different procedures in different machines or systems call each other.
Not sure that is a proper definition of RPC. Wikipedia defines RPC as follows (from here):
In distributed computing, a remote procedure call (RPC) is when a computer program causes a procedure (subroutine) to execute in a different address space (commonly on another computer on a shared network), which is coded as if it were a normal (local) procedure call, without the programmer explicitly coding the details for the remote interaction. [..] RPCs are a form of inter-process communication (IPC), in that different processes have different address spaces: if on the same host machine, they have distinct virtual address spaces, even though the physical address space is the same; while if they are on different hosts, the physical address space is different.
I've highlighted the important part: "execute [a procedure] in a different address space (commonly on another computer [..])". Note the use of the word "commonly", meaning: often or in general, but it does not mean always.
Separate processes on the same machine / CPU also operate in different address spaces (as mentioned in the wikipedia article).
There is no absolute need for physically seperated address spaces (as there would be with multiple computers connected through a network), it is enough for one program's address space to be kept separate from another program's address space by means of process isolation.
If Remote Procedure Call is a technique used to construct an interaction between different systems, machines or computers, [..]
This is not actually true -- or at least only a partial justification for the use of RPC as a means of communication, as I explained above.
why does the master need to use an RPC mechanism to communicate with other nodes ?
As those nodes (ie: processes) run in different address spaces, and cannot cross that barrier without special support from some runtime infrastructure.
That special support could be an RPC system.
As far as I know, the master and other nodes are located in same system [..]
That's not always true: it's very much possible for the master (ie: roscore) to run on one system, and nodes on multiple others. There are even ways to run multiple masters, spread over multiple machines, or all on the same machine.
IoT is a platform to connect the things which have an internet. A connected device is a complex solution, with various potential entry doors for an attacker. A connected device pentest IoT includes tests on the entire object ecosystem. That is electronic layer, embedded softwares, communications protocol, servers, web and mobile interface. The pentest on the electrical side,embedded softwares, and communication protocol concern vulnerabilities more specifically the IoT. There are three types of attacks on connected objects and embedded systems. Software attack, non-invasive and invasive hardware attacks. The first take advantage of software vulnerabilities, the second recover information from the hardware without damaging it while the third involve opening the components and therefore destroying them in order to be able to extract secrets. While the first two types of attacks do not require many resources, this is not thecase for invasive attacks, for which very expensive equipment is