Challenges in Autonomous Vehicle Security

Autonomous vehicles (AVs) are undoubtedly a fascinating topic in computer science and especially data science currently. Coming from a data science standpoint, the technical challenges in AVs are incredibly interesting, however, security is a major concern. Malicious attackers taking over AVs could end in a tragedy.

Hence, in this short blog, I want to discuss current challenges and solutions for AV security. The following is primarily based on Gao et al. [1], if not marked otherwise.

pixabay.com

Sensor Security

Modern cars use a lot of different sensors, which could possibly be used for a malicious attack. Sensors are obviously incredibly important in AVs, however, the majority of attacks, are related to them.

Computer vision plays a central role in AVs and is mostly based on camera input. AV systems of at least level 3 usually require multiple cameras (a Tesla relies on eight cameras [2]), which are all possible attack spaces for hackers. Hackers could place additional traffic lights or pedestrians, to confuse the car and trigger breaking. Strong infrared lasers have been shown to prevent high quality camera images, if directly aimed at the cameras.

Location technology (GNSS + IMU) plays a big role as well, being able to localize a car on centimeter-level accuracy. Malicious attackers can, however, when placing a fake GPS signal close to the car, trick the system into believing it is somewhere else. By signal jamming and spoofing, the system can be deceived.

Moreover, for parking, ultrasonic sensors are often used. These can, again, be spammed and spoofed, in order to make the AV believe, that an object is nearer or further away than it actually is.

Beyond that, it is always possible, that a sensor fails without an attack. Sensor failure, as well as malicious sensor failure, can cause wrong decisions. Some attacks are designed to lead to sensor failure, and it is not necessarily straightforward to distinguish “true” sensor failure from one that is invoked by attackers.

Still, attacks typically aim at attacking the underlying algorithms, therefore, tampered data does not seem to be obviously wrong. In contrast, “true” sensor failure can lead to evidently wrong data, e.g., consistently too high or low measurements.

Tschürtz et al. [3] comment on sensor failure as well, pointing out that redundancy in AVs is necessary. Besides single sensors (e.g., one camera) not being able to capture all the necessary information, it is also inevitable to minimize single points of failure.

They discuss different approaches towards redundancy. Such include a second system to take over in case of unavailability of the first one. Other possibilities include two sensors, but shutting them down if one measures a discrepancy with the other one (which does unfortunately not guarantee availability). More elaborate approaches introduce three sensors and a voting system. This is the safest way, however, comes with higher costs.

Given the required redundancy and the corresponding additional costs, they continue to confirm the following hypothesis about AVs.

Autonomous vehicles will only be “commercially available in many areas by 2030”, that they will be “expensive and limited in performance” and that “for the foreseeable future most moderate- and low-income households will continue to use human-operated vehicles” — [3, p.56]

Connected Vehicles

Furthermore, vehicles are highly connected nowadays, leading to possible vulnerabilities in the connections in and between vehicles.

Vehicle to Everything (V2X)

V2X describes the connections on the Internet of Vehicles (IoV). The IoV is used to exchange information between vehicles on the road. In particular, it is, among others, used to predict the behavior of other agents on the street.

Gao et al. [1] classify attacks on the V2X Communication into the following four categories, with examples of possible attacks.

1. Authenticity/Identification: Key or Certificate Replication, GNSS Spoofing
2. Availability: DDoS, Spamming
3. Data Integrity: Replay, Message Alteration
4. Confidentiality: Traffic Analysis, Eavesdropping

In-Vehicle

Sun et al. [4] describe in-vehicle attacks, comprising a lot of attacks already described in the sensor security part. To get a better overview, I will quickly list them again. The following can be found in [4], please refer to the paper for more information.

1. Remote Sensor Attacks: including attacks on the cameras or the ultrasonic sensors.
2. GPS Spoofing: leading to the vehicle believing it is at a different place, at a different time. The vehicle can then lose track of the real trajectory.
3. Location Trailing: the malicious attacker tracks the driver’s habits based on the location and time.
4. Close Proximity Vulnerability: based on errors in short-range communication mechanisms such as Bluetooth or keyless entry.

It is obvious that security is a primary concern in AV design, given the potential consequences of a malicious attacker taking over a vehicle. The possible attack space in AVs is, however, very large, which is making it even more challenging to provide security. Still, AV technology is rapidly advancing. It will be fascinating to see what research and the industry is coming up with next and what will happen in the future.

I hope this short post gave you a quick overview on security challenges in the AV space. For further information, I would recommend reading the papers mentioned below.

[1] C. Gao, G. Wang, W. Shi, Z. Wang and Y. Chen. Autonomous Driving Security: State of the Art and Challenges. IEEE Internet of Things Journal 9/10: 7572–7595. 2022.

[2] https://www.tesla.com/autopilot

[3] H. Tschürtz and A. Gerstinger. The Safety Dilemmas of Autonomous Driving. Zooming Innovation in Consumer Technologies Conference (ZINC), 2021: 54–58. 2021.

[4] X. Sun, F. R. Yu and P. Zhang. A Survey on Cyber-Security of Connected and Autonomous Vehicles (CAVs). IEEE Transactions on Intelligent Transportation Systems 23/7: 6240–6259. 2022.