Fooling laser sensors can lead to cars swerving to avoid imaginary obstacles, researchers warn
Worries surrounding the safety of self-driving cars may increased following claims that they can be tricked into taking potentially dangerous evasive manoeuvres.
Researchers at software security company Security Innovation say they are able to hack the radar scanner built in to the vehicles using a homemade tool made up of components costing less than £50, making it think that obstacles or pedestrians are in the road.
This can lead to the car to swerve without warning as it looks to try and avoid a collision, which could in fact lead to further accidents.
The hack affects the laser ranging systems, known as lidar, which self-driving vehicles such as Google’s eponymous cars use to build up an image of the world around them and allow their computer systems to identify and track objects.
Mounted on top of the vehicle, the lidar system spins continuously to ensure that it always has a clear picture of its surroundings.
But by using a low-power laser, hackers could trick the lidar into detecting echoes of fake objects, such as pedestrians, cyclists, other cars or walls, according to a paper by Security Innovation’s principal scientist Jonathan Petit, set to be presented at November’s Black Hat Europe security conference.
Petit says that he has built a system made up of off-the-shelf components including a Raspberry Pi or Arduino computer that can effectively target the car from up to 100m away.
The attack can be carried out from behind, in front or from the side of the car and without alerting the car’s passengers, according to a security researcher.
The self-driving cars can be brought to a stop, tricked into taking evasive action or into turning in a certain direction by placing the spoofed objects in their paths.
“I can spoof thousands of objects and basically carry out a denial-of-service attack on the tracking system so it’s not able to track real objects,” Petit told IEEE Spectrum.
“The only tricky part was to be synchronised, to fire the signal back at the Lidar at the right time – then the Lidar thought that there was clearly an object there.”
The report is the latest news that might raise eyebrows about the security precautions around self-driving vehicles, in an industry which is still very much in its infancy.
Yesterday, it was revealed that Fiat Chrysler has ordered another major recall of some of its vehicles in the United States after more were found to be affected by a serious software vulnerability which could lead to them being attacked by cybercriminals.
The car giant has announced that 7,810 Jeeps are being recalled to apply a software radios to vehicles containing certain radios.
Last February, BMW also confirmed it had patched a serious security flaw that could have allowed hackers to seize control of some of its cars’ systems. That flaw could have allowed hackers to the open doors of 2.2 million Rolls-Royce, Mini and BMW vehicles. The flaw could also have allowed the hackers to access the onboard vehicle computer system, which manages everything from engines and brakes to air conditioning.
In the driving seat about connected cars? Take our quiz!