As cyber-cars become more intelligent, government forces manufacturers to offer better protection from hackers, but is it enough?
We have all become used to smart vehicles slowly edging in on our everyday lives. From allowing us to access maps and traffic updates, to playing our favourite podcast, all from the comfort of the driving seat. They undoubtedly make our lives easier, but how safe are they? Despite car manufacturers recently putting a focus on protecting our beloved smart car systems against hackers, there are still ways for persistent attackers to trick even the most sophisticated self-driving, or cyber-cars. Embarrassingly for manufacturers, Security Researcher Yoshi Kohno and his team at the University of Washington (UW), have outsmarted the vehicles innovative computer vision systems (CVS) with little more than homemade stickers…
To understand the hack, we must first understand the tech. The CVS in cyber-cars works in two parts; one part is a detector, and the other is a classifier. The detector “sees” the world around it, detecting objects like other cars, signs, people, cats, sheep etc. The classifier then sorts these objects using an algorithm, and decides what they are and what they are communicating, filing everything neatly away in line with the parameters of its algorithms.
Kohno and his team started out their hacking endeavours by analysing the algorithm used by the CVS’s classifier. They took note of markers that the CVS used to identify and understand the messages relayed by signs. They then tried a variety of attacks designed to distort the road signs. Using specifically placed small stickers to confuse the machine learning models, they tricked them into misreading them as other signs.
Figure 1 A Stop Sign manipulated by UW to trick CVS
In one experiment, they printed out customised stickers that fooled cyber-cars into mistaking a ‘Stop’ sign for one reading ‘45 mph.’ Not ideal. Worryingly the stickers that the team created were so good that even though they only made the sign appear faded to the human eye, they still consistently duped the CVS at a failure rate of 73.3%
Kohno wrote, “We [think] that given the similar appearance of warning signs, small perturbations are enough to confuse the classifier. In future work, we plan to explore this hypothesis with targeted classification attacks on other warning signs.”
Admittedly the hacks that Kohno revealed work under the assumption that the attackers can at least get their hands on one of the self-driving cars classifiers, but still, the dangerous consequences of these types of attacks are clear. If these cyber-cars can be manipulated into ignoring signs, they can also potentially be tricked into following dangerous instructions. Think speeding through stop signs or veering off course on a motorway.
This isn’t the only way that cyber-cars have been targeted by hackers. Two years ago, in 2015, a Security Researcher at Security Innovation Inc., Jonathan Petit, presented a paper at the Black Hat Europe security conference in which he described a car hacking system that he managed to build with off-the-shelf components. His device could effectively hack cyber-cars LiDAR sensors from a range of up to 100m. Just to recap, self-driving vehicles that can cost upwards of £150,000 can be foiled by a device built from a laser pointer that costs under £40…
In his research paper, Petit revealed he could easily trick the LiDAR sensors on any self-driving car in several ways, just by targeting it with a laser pulse sent from a simple homemade electronics kit. He demonstrated his system by making a vehicle take evasive action, slow down and abruptly stop. Due to the low power of the laser he could fool the sensors into thinking they were detecting objects that they needed to avoid, such as cars, cyclists or walls.
Figure 2 LiDAR Sensors atop a Google cyber-car
An ever-present fear since smart cars first came into circulation has been the security of personal data. When asked if it was doing enough to protect drivers’ safety, the Society of Motor Manufacturers and Traders (SMMT) said, “vehicle manufacturers are investing billions of pounds to make cars safer and more intelligent. Data security is paramount to the automotive industry. Manufacturers are always striving to stay one step ahead of organised criminals and constantly monitor for potential breaches so that customers’ information is kept safe.” With billions of pounds in investment and constant security testing and updates, it’s safe to say data safety is a top priority for everyone in the automotive and travel industries.
In an interview Petit said “I can spoof thousands of objects and basically carry out a denial-of-service attack on the tracking system so it’s not able to track real objects. I don’t think any of the LiDAR manufacturers have thought about this or tried this.” Considering Google, Lexus, Mercedes, Audi and other car manufacturers all used LiDAR on their prototype driverless cars, this should probably be addressed.
One suggested method of thwarting hackers was to release a variety of CVS’s, ensuring that one type of attack couldn’t affect all of the types of software. However, Kohno dismissed this saying, “by probing the system, attackers can usually figure out a similar surrogate model based on feedback, even without access to the actual model itself,” essentially, even if the technology used in the classifiers is completely different for every manufacturer, determined attackers still may be able to crack them.
When asked about the possibility of cyber-car hacking, Tarek El-Gaaly, a senior research scientist at Voyage, admitted there was cause for concern, saying “attacks like this are definitely a cause for concern in the self-driving-vehicle community. Their impact on autonomous driving systems has yet to be ascertained, but over time and with advancements in technology, they could become easier to replicate and adapt for malicious use.”
With the advancements of technology, there is always a risk that there will be a greater chance of malicious attacks and breaches. Hacks like the ones tested at UW only highlight the lower end of the scale when it comes to aggressor potential. With self-driving cars on the cusp of offering to take over complete autonomy of the car, hackers could operate the controls of the vehicle, dictating the speed, direction and electronics devices of the car. As Kohno & Petit showed, it can be easier than expected to sidestep the complex algorithms of these cars.
A definite focus when trying to prevent these sign-centred attacks will be street and road sign maintenance. As cyber-cars become increasingly popular, we could start to see councils taking several measures to deter potential attackers including; investing more in the cleaning and upkeep of road signs, switching them all for anti-stick material, or even, as our road network continues to grow, discarding road signs completely in favour of Smart Roads.
Reassuringly, the government has swooped in with a set of new guidelines to protect potential purchasers. The Government Guidelines state that car manufacturers will have to step up their cyber protection to help in ending hacking. The measures put before Parliament include proposals saying that vehicle insurers will have to offer “protection for consumers if technologies fail.” This will protect all drivers of cyber-cars from liability for accidents caused by any CVS duped by hostile hoaxes. The protective order comes alongside new guidance for manufacturers that they must “design out” cyber security threats as part of their development work. Essentially, they must pre-empt and eliminate any areas of vulnerability before starting production of the vehicle.
Mike Hawes, Society of Motor Manufacturers and Traders Chief Executive, praised the government’s efforts to fight cybercrime in cars, saying, “We’re pleased that government is taking action now to ensure a seamless transition to fully connected and autonomous cars in the future and, given this shift will take place globally, that it is championing cyber security and shared best practice at an international level. These vehicles will transform our roads and society, dramatically reducing accidents and saving thousands of lives. A consistent set of guidelines is an important step towards ensuring the UK can be among the first – and safest – of international markets to grasp the benefits of this exciting new technology.”
Despite expressing that there was real cause for concern around the security of cyber-cars, Tarek El-Gaaly did offer some hope for futuristic fast car fans, suggesting that adding more contextual parameters to the algorithms could help to foil these attacks. He said “any of these attacks can be overcome using contextual information from maps and the perceived environment. For example, a “65 mph” sign on an urban road or a stop sign on a highway would not make sense. In addition, many self-driving vehicles today boast an array of sensors, so fail safes can be built in using multiple cameras and LiDAR sensors.”
By adding in “common sense” parameters like El-Gaaly suggested, the car would recognise that if, for example, it was in a suburban area close to a school, and a sign had been tampered with to try and trick the car into thinking it was a higher speed limit, the classifier would have the necessary restrictions and contextual knowledge to prevent it from following that hacked instruction. Instead it would consider the other signs and environment indicators offering differing advice. Utilising a range of technologies such as sensors working with cameras can also help to eradicate the possibility of lasers being used for hacking.
Waymo, Googles autonomous development company, is a great example of a business taking their cyber-car security seriously. They boast “Our vehicles have sensors and software that are designed to detect pedestrians, cyclists, vehicles, road work and more from a distance of up to two football fields away in all directions.” As shown in their cute graphics they’ve made huge strides in the capabilities of their CSV’s.
Another site raving about the safety features is The National Tyre Service who cover the Top Ten Safety Features of Googles cyber-car. Boasting everything from Laser Range Finders, to ultrasonic tyre sensors. This self-drive is surely going to make waves in the transport industry.
Figure 3 Waymo self-drive car safety features
So, by ensuring that manufacturers use an array of safety options such as sensors, LiDAR systems and cameras, and adopting some simple measures like regular sign cleaning and common-sense CSV parameters it would seem that we can stay safe from even the slipperiest of cyber-spies.
When asked if it was doing enough to protect drivers’ safety, the Society of Motor Manufacturers and Traders (SMMT) said, “vehicle manufacturers are investing billions of pounds to make cars safer and more intelligent. Data security is paramount to the automotive industry. Manufacturers are always striving to stay one step ahead of organised criminals and constantly monitor for potential breaches so that customers’ information is kept safe.”
Reiterating the importance of cyber security in cars not only in the future, but in the vehicles that we use now, Transport Minister Lord Callanan said, “Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low, but we must make sure the public is protected. Whether we’re turning vehicles into WI-FI connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.”
The new rules put Britain in the exciting position of being at the forefront of revolutionary travel. Along with the environmentally focussed plans to eradicate diesel cars in favour of electronic and clean energy, the UK is not only strengthening its place as a world leader in the field of researching and developing the next generation of vehicles, but also in consumer protection and safety.