Sensor & Logic Attack Surface of Driverless Vehicles
2019-10-23, 09:00–09:45, Europe

Networked and connected vehicles have the same network attack surface as other IoT devices, but are also heavily reliant on sensor inputs and the need for split second decision making under uncertain conditions, making them suffer a unique set of vulnerabilities even when network attacks are discounted. In this session the state of automated vehicle technology will be presented with a focus on the attack surface presented by vehicles' sensor and control logic suites, and the potential failure modes that could be exploited by malicious hackers and criminals.

The talk will begin with an introduction to autonomous, unmanned and driverless systems, and the history thereof which most people are far from aware of. Many people, even the technically inclined, are not familiar with the history of even driverless cars, and think it is largely a new development. The talk will provide interesting history to correct this, then will briefly cover the current state of unmanned systems across the various domains (land/sea/air).

After this brief historical summary the talk will move into general failure modes, including some high profile incidents and lessons that can be learned from them. One major case study from each of the unmanned aviation and driverless car space.

This is followed by a systems engineering level overview of the various subsystems that make up an autonomous system, from low level control laws to high level autonomy, what hardware and software is responsible for each, and where designers are most likely to introduce bugs.

After this there will be a comprehensive overview of the sensors that are used in unmanned vehicles: the type, cost, manner of working and most importantly, how they can be deliberately caused to fail. This is backed up with real examples from the presenter's experience and from current published research efforts. I also intend to cover proposed "unhackable" sensor upgrades.

I will cover denial and spoofing attacks on:
- Vision cameras/Tesla autopilot
- Millimeter wave radar
- Ultrasonic transducers
- Digital compass
- Wheel encoders
- Ground-penetrating radar

Next are attacks on the high level autonomy modules and ways to produce unexpected and undefined behaviors from the overall system. This will give attendees a good idea of serious problems that have yet to be solved in the space. These are NOT unserious thought experiments like the trolley problem, these are real problems that the leaders in driverless car testing are struggling with.

If there is time, finally, because many of these fully driverless systems may take longer to roll out than some expect, the talk will cover driver assist and safety assist modes that are already showing up in production vehicles or planned to be rolled out at the regulatory level over the next few years. Most importantly, the US DOT specs for V2V and V2I communications that have been recently released, and placing them in the context of recent hacks on "smart infrastructure" components such as connected traffic systems. Most likely there will not be time for this though, I have enough sensor hack info alone to fill the 45 minutes.