Researchers Hack Into Driverless Car System, Take Control of Vehicle
Perrone Robotics driverless car crashes after being hacked during testing.
A group of Virginia-based researchers funded by the Defense Department found that it is relatively easy to remotely hack into a driverless car’s control system, but said hardening against such an attack can be inexpensive.
Two Charlottesville-based companies teamed up with the University of Virginia and the Defense Department to find a solution to combat cyber attacks on critical functions such as braking and accelerating in driverless cars.
Mission Secure Inc. (MSi), a cyber defense solutions provider, and Perrone Robotics Inc., a software developer for autonomous vehicles, announced in March the successful completion of a pilot project testing the capability of MSi’s Secure Sentinel platform. The platform consists of two parts: a hardware embedded with the physical system and a cloud-based software.
“We successfully demonstrated [that], yes, you can easily attack braking and acceleration and other automated features added to cars, but you can also protect against them in real time,” said David Drescher, CEO of Mission Secure.
The team had similar testing success on unmanned aerial systems in December. Many of the lessons learned in the aerial study, especially in regard to GPS navigation, were applied to the tests on autonomous ground vehicles, said Drescher.
The product is patent-pending and available to early adopters in the U.S. military, energy and transportation industries, according to Mission Secure’s website.
“There’s a very strong interest in several of the branches of the military applying this to a variety of things from various autonomous air vehicles to ships and weapon systems,” said Drescher.
The project used an assessment methodology developed by the University of Virginia’s Department of Systems and Information Engineering in cooperation with the Defense Department. The system identifies cyber attacks that are easily executed and affect the car’s key functions.
“The protections [we developed] are real time,” said Dan Park, chief technology officer and co-founder of Mission Secure. “Where once there is a threat perceived, the system will engage, and it will be able to engage faster than a human.”
The University of Virginia began researching and developing ways to counter cyber attacks on autonomous vehicles in 2010. Its work is ongoing. The university’s research has opened the door to private partnerships and commercialization, said Drescher.
The test also addressed some of the concerns raised by Sen. Edward Markey, D-Mass., in a February report titled, “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk.”
The study identifies several vulnerabilities in cars with wireless technology including the inability of auto manufacturers to monitor previous hacking incidents, a lack of security procedures to prevent cyber attacks and compromised privacy due to data collection.
The university and the Commonwealth of Virginia are pressing the automobile industry to move faster to implement a solution to these problems because the technology is already on the road, said Drescher. “It’s not just going to be here in 2018 or 2020 … these things are on your car today.”
Some of the world’s largest automobile manufacturers have already shown interest in the Secure Sentinel platform, he said. “We are not out there directly calling on them. They are actually finding us here in Charlottesville so clearly there’s activity and awareness and, I would say, strong interest in what we’re doing.”
The target for the automobile market is to reduce the product to a $15 price point and potentially evolve it into something that can be installed as an application on a smartphone, he said. From a technology perspective the solution is there, but there is extensive testing and regulations that need to be passed before the product can be installed onto new vehicles, which is at least 18 months away, he added.
Photo Credit: Mission Secure Inc.