Self-Driving Tech Vulnerable to Attack, Study Finds

A new study has demonstrated the vulnerabilities of lidar technology when deployed in autonomous vehicles (AVs) to provide navigation capabilities.

The team of researchers from the University of California and Japan's Keio University demonstrated how lidar-based systems can be tricked into “seeing” objects that aren’t there, and missing those that are.

In tests, the team demonstrated these “spoofing attack” capabilities on nine popular lidar systems, in what they said is the first large-scale measurement study.

“This is to date the most extensive investigation of lidar vulnerabilities ever conducted,” said lead author Takami Sato. “Through a combination of real-world testing and computer modeling, we were able to come up with 15 new findings to inform the design and manufacture of future autonomous vehicle systems.”

The team demonstrated two kinds of attacks on the lidar systems. 

The first, “fake object injection” tricks sensors into falsely identifying a pedestrian or another vehicle when nothing is there. In response, the lidar system triggers an unsafe response, such as emergency braking. 

This attack was found to be effectively deterred by newer generation lidar models, which use timing randomization and pulse fingerprinting features to combat the attack.

Related:RoboSense Reveals New Lidar for Self-Driving Cars at CES 2024

The second attack form, which used lasers to conceal objects from the lidar systems, was,however, found to be effective on both first-generation and current lidar systems.

“We find that the new-gen lidar features previously expected to be capable of largely mitigating or even preventing spoofing…may not be as effective as expected,” the team wrote. 

In response, the team recommended implementing timing randomization and pulse fingerprinting features in all future AVs “as a highly cost-effective measure to improve their resiliency against lidar spoofing attacks.”

The team notes that object removal attacks do not currently have an effective defense mechanism, as it is a newly discovered vulnerability, though future research is planned into providing additional safeguards to AVs.

“We hope that our findings can inspire and facilitate future security research on lidar spoofing, especially those targeting safety-critical application domains such as autonomous driving,” the team said.